Privacy Policy

Introduction

At SkinDiv (skindiv.com), we take your privacy seriously and are committed to protecting your personal information. This Privacy Policy outlines how we collect, use, disclose, and protect your data when you use our website and services. We are dedicated to ensuring your personal information is handled with the utmost respect and care, in line with applicable data protection regulations including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Scope of Policy and Data Controller Role

This Privacy Policy applies to all personal data processed in connection with your use of skindiv.com and associated services. The data controller responsible for your information for the purpose of GDPR and other relevant privacy laws is:

SkinDiv
Email: [email protected]

By using our website, you consent to the terms outlined in this Policy.

Categories of Data Processed

We collect and process various categories of personal data to provide and improve our services, fulfill legal obligations, and ensure a secure and personalized experience.

1. Usage Data
Includes information collected automatically about how you interact with the website, such as IP address, browser type, browsing actions, pages visited, session duration, and referral sources.

2. Account Data
Includes details you provide when creating an account or placing an order, such as your full name, billing and shipping address, email address, and phone number.

3. Profile Data
Includes your preferences, purchase history, wishlists, reviews, and behavioral data such as shopping habits and feedback.

4. Communication Data
Includes correspondence exchanged with our team, including support tickets, contact form submissions, email communications, and any other customer service interactions.

5. Technical Data
Comprises the type of device you use, operating system, hardware version, browser, and system configuration, as well as diagnostic data and performance logs.

6. Transaction Data
Includes purchase and payment details, itemized transactions, order statuses, delivery information, and billing records.

7. Preference Data
Refers to your preferences relating to marketing communications, product categories of interest, consent settings, and language or currency selections.

Legal Bases for Processing

We rely on the following lawful bases under GDPR to process your personal data:

– Consent: Where you have given us clear permission to process your data for specific purposes (e.g. marketing emails).
– Contractual Necessity: Where processing is necessary to fulfill a contract, such as completing an order or user registration.
– Legal Obligation: Where processing is mandated by applicable laws or regulations.
– Legitimate Interests: For purposes such as improving our website, ensuring security, preventing fraud, and communicating with you, provided such interests are not overridden by your fundamental rights.

Your Rights

As a data subject under the GDPR or a consumer under the CCPA, you have the right to:

– Access: Request confirmation and a copy of the personal data we hold about you.
– Rectification: Request correction of inaccurate or incomplete data.
– Erasure: Request deletion of personal data under certain conditions (“right to be forgotten”).
– Restriction: Request temporary suspension of data processing.
– Portability: Request your data in a structured, machine-readable format, which you may transmit to another controller.
– Objection: Under certain circumstances, object to our processing of your data.
– Opt-Out: Under the CCPA, request that we do not sell your personal information (note: we do not sell personal information).

To exercise any of your rights, please contact us at [email protected]. We may require verification of your identity for security reasons.

Security Measures

We implement rigorous technical and organizational safeguards to protect your personal data, including but not limited to:

– Industry-standard encryption protocols for data at rest and in transit
– Role-based access control to minimize internal access
– Regular data backups and integrity verification
– Internal training and awareness programs for data handling best practices
– Secure server infrastructure with intrusion detection and firewalls

Despite our efforts, no system is completely secure; we cannot guarantee absolute data security.

International Transfers

Personal data may be transferred to and processed in jurisdictions outside your own, which may not provide the same level of data protection. Where applicable, such transfers are governed by standard contractual clauses approved by the European Commission or rely upon other permitted derogations to ensure adequacy.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes it was collected for, including satisfying legal, accounting, and reporting requirements. Retention periods vary by data category:

– Account and Transaction Data: Up to 7 years for tax and compliance purposes
– Communication and Support Data: 2 years after last interaction
– Marketing Preference Data: Indefinitely unless consent is withdrawn
– Technical and Usage Data: Retained for up to 24 months for analytics and performance monitoring

Cookie Policy

Our website uses cookies and similar technologies to enhance your browsing experience and collect specific information:

– Essential Cookies: Necessary for website functionality (e.g., login, shopping cart).
– Functional Cookies: Enable enhanced features such as saved preferences or region settings.
– Analytics Cookies: Used to understand user interaction and improve performance (e.g., Google Analytics).
– Performance Cookies: Monitor and improve website speed and usability.

These cookies may collect pseudonymous data related to your browsing behavior and device characteristics.

Cookie Management and Compliance

Upon your first visit to skindiv.com, you are presented with a clear cookie consent banner with options to accept, reject, or customize your preferences. You may update your consent settings at any time within your browser settings or by managing consent banners provided on our site.

Under the GDPR and CCPA, we uphold your right to informed control over cookies and tracking technologies. We do not sell personal information as defined under the CCPA.

Children’s Privacy

Our website is not intended for children under the age of 13, and we do not knowingly collect or solicit personal data from minors. In the event we discover that we have collected data from a child without appropriate parental consent, we will delete such information promptly. If you believe we may have collected data from a child, please contact us at [email protected].

Policy Updates

We may modify or update this Privacy Policy to reflect changes in legal requirements, our data practices, or website functionality. Any material changes will be communicated prominently via our website or by direct communication when necessary. We encourage you to review this policy periodically to stay informed.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us at:

Email: [email protected]
Website: https://skindiv.com

We are committed to full compliance with all applicable data protection laws and encourage you to reach out should you have any privacy-related questions or concerns.