Business Identity: A Vancouver-based beauty business specializing in personalized skincare treatments and products.
Contact Information: [Provide physical/registered address, company registration number, and any additional legally required contact details]
What Personal Data We Collect and Why
Personal Data Types: Including but not limited to name, email address, skin health information, purchase history, and account preferences.
Collection Purpose: To provide personalized skincare treatments and services, process transactions, and improve user experience. Data is collected based on legal requirements or active user consent.
Technical Data Collection: Via website interactions such as contact forms, comments, cookies, analytics, and third-party embeds.
Comments
Data Collection: When visitors leave comments, we collect the data shown in the comments form, along with the visitor’s IP address and browser user agent string to help spam detection.
Media
Uploading Media: Users who upload images to the website should avoid uploading images with embedded location data (EXIF GPS) included.
Contact Forms
Data Retention: Contact form submissions are kept for customer service purposes for a period of [specify duration], but are not used for marketing purposes.
Cookies
Cookie Usage: Our website uses cookies for site functionality, user preferences, and analytics. [Provide a detailed list of cookies used, including those set by WordPress, WooCommerce, and any third-party services.]
Analytics
Analytics Tool: We use [specify analytics tool] for understanding website traffic and user interactions. Users can opt out of analytics tracking. [Include link to analytics provider’s privacy policy]
Who We Share Your Data With
Third-Party Sharing: Data may be shared with third-party providers, including payment processors and cloud-based services, strictly for business operations. [List all third parties and link to their privacy policies]
How Long We Retain Your Data
Retention Schedule: Contact form entries are retained for [specify duration], analytics records for [specify duration], and customer purchase records for [specify duration].
Your Data Rights
User Rights: Users have the right to access, correct, delete, or restrict the use of their personal data. [Provide instructions or a contact method for users to exercise these rights]
Where Your Data is Sent
International Data Transfers: Data transfers outside the EU are safeguarded to European data protection standards. [Detail any measures or agreements in place]
Contact Information for Privacy Concerns
Contact Details: For any privacy-specific concerns, please contact [provide contact details or Data Protection Officer’s information].
Additional Information
How We Protect Your Data
Security Measures: We employ measures like encryption and two-factor authentication to protect user data. Staff are trained in data protection practices.
Data Breach Procedures
Breach Handling: We have internal procedures to manage data breaches, including reporting systems and contact mechanisms.
Data from Third Parties
Third-Party Data: Any data received from third-party sources will be clearly disclosed in this policy.
Automated Decision Making and Profiling
Automated Systems Usage: [Detail any automated decision-making processes, their purposes, and user rights in relation to these processes]
Industry Regulatory Disclosure Requirements
Regulatory Compliance: We adhere to industry-specific privacy regulations and requirements.
