CCPA Disclaimer
California Consumer Privacy Act Notice
Effective Date: May 1, 2024
Last Updated: May 1, 2024
This California Consumer Privacy Act notice (“CCPA Notice”) supplements the information contained in our Privacy Policy and applies solely to all visitors, users, and others who reside in the State of California (“consumer” or “you”). We adopt this Privacy Policy to comply with the California Consumer Privacy Act of 2018 and the California Privacy Rights Act of 2020 (collectively the “CCPA”) and any terms defined in the CCPA have the same meaning when used in this notice. This Privacy Notice covers all personal information processed by our website (https://subtlbeauty.com/) and services (“Services”).
If you have a disability, please contact us here for additional support. If this California Privacy Notice is provided offline, please ask us to provide the Privacy Notice in an alternative format to accommodate your disability.
Categories of Information We Collect
We may collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from consumers within the last twelve (12) months:
Category | Examples | Collected |
---|---|---|
A. Identifiers | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other contact information. | YES |
B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | A name, address, telephone number, credit card number, or debit card number, username and password for online accounts. | YES |
C. Protected classification characteristics under California or federal law | Race, ethnicity, religious or philosophical beliefs, age, or sex (including gender). | NO |
D. Commercial information | Records products, services or services purchased, obtained, or other purchasing or consuming histories or tendencies. | YES |
E. Biometric information | Genetic, physiological, behavioral, and biological characteristics or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO |
F. Internet or other similar network activity | Browsing history, search history, information on a consumer's interaction with a website, operating system and web browser information. | YES |
G. Geolocation data | Physical location or movements. | YES |
H. Sensory data | Audio, electronic, visual, thermal, olfactory, or similar information. | YES |
I. Professional or employment-related information | Current job history or job title. | NO |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO |
K. Inferences drawn from other Personal Information | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | YES |
L. Sensitive Personal Information | Race, ethnic background, social security numbers, driver’s license, state identification card, passport number, or precise geolocation. | NO |
Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
How We Collect Personal Information
We use different methods and sources to collect personal information about you, including:
- Directly from you. For example, from forms you complete, communications you send to us, or information you provide in your interactions with us.
- Third parties. For example, from third-party companies that provide services that are used in conjunction with our Services.
Aggregated Information:
We may also collect, use and share aggregated data such as statistical or demographic data for any purpose (“Aggregated Information”). Aggregated Information could be derived from your personal information but is not considered personal information as this information will not directly or indirectly reveal your identity. For example, we may aggregate your website usage data to calculate the percentage of users accessing our websites and Services. However, if we combine or connect Aggregated Information with your personal information so that it can directly or indirectly identify you, we treat the combined information as personal information which will be used in accordance with this Privacy Policy.
Using of Your Personal Information
We may use your information for the purpose of conducting our business operations, including for the following purposes:
- Communicate with you. This may include: (i) informing you of our new products and promotional activities that may be of interest to you; (ii) providing information about our products, including communication regarding your purchases, delivery time, your account profile and payment processing; (iii) responding to your feedback about our website and products, including, for example, technical support and service improvements to our website and Products and Services; (iv) responding to your questions or inquiries, including technical questions and troubleshooting using our Products and Services; (v) responding to your general inquiries; (vi) responding to your privacy inquiries; and (vii) allowing you to write reviews on our products; and (viii) sending you newsletters.
- Develop and manage our relationships with you and our business partners. This may include: (i) to process payments and refunds; (ii) delivering products or carrying out transactions you or our business partners have requested; (iii) providing information about our products that may be of interest to you; (iv) providing you with a more consistent experience in interacting with us, including by learning more about you and how you use and interact with our website and Products and Services to personalize the website; and (v) planning, managing, and performing our contractual relationships (product sales and product delivery) with you and our partners and service providers.
- Improve our website and Products and Services. This may include: (i) customizing our website to your preferences or interests, (ii) making the website more compatible with your devices and browsers, or otherwise making our website and Products and Services easier to use; (iii) maintaining the security of our website and otherwise protecting them; (iv) improving our website and Products and Services; and (v) developing new products, services and platforms.
- Address legal issues. This may include: (i) complying with our obligations to retain certain business records for minimum retention periods; (ii) establishing, exercising, or defending legal claims; (iii) identifying potential fraud in the purchases (iv) complying with laws, regulations, court orders, or other legal processes; (v) detecting, preventing, fraud or intellectual property infringement claims, violations of our contracts or agreements, violations of law, or other misuse of our website or Services; and (vi) protecting our rights or property, or yours or other health, safety, welfare, rights, or property. In the preceding twelve (12) months, we have used your personal information from the following categories for business purposes:
Disclosing of Personal Information
- Category A: Identifiers.
- Category B: California Customer Records personal information categories. Category D: Commercial information.
- Category F: Internet or other similar network activity.
- Category H: Sensory data.
- Category K: Inferences drawn from other Personal Information
- Service Providers: Contractors, service providers, and other third parties (“Service Providers”) we use to support our business. This includes IT infrastructure providers, payment processors, data analytics providers (such as Google analytics), logistics service providers, HR management platforms, and employee benefits providers, vendors, attorneys and consultants. These Service Providers are bound by contractual obligations to keep personal information in accordance with our Privacy Policy and applicable privacy laws.
- Government, Agencies, Courts, or Litigants: We may share your personal information with third parties when we have a good faith belief that disclosure is necessary to comply with a law, regulation, court order, or other legal processes or to detect, prevent, investigate and respond to fraud or intellectual property infringement claims, violations of our contracts or agreements, violations of law, or other misuse of our Services.
Sale of Personal Information
Sharing of Personal Information for Targeted Advertising Purposes
- Category A: Identifiers.
- Category D: Commercial information.
- Category F: Internet or other similar network activity.
- Category K: Inferences drawn from other Personal Information
Sensitive Personal Information
Your Rights and Choices
Access to Specific Information and Data Portability Rights
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you. The business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request).
- If we disclosed your personal information for a business purpose, a list identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights
Correction Requests
Your Right to Opt-Out of Sale or Sharing Your Information
Opt-out Preference Signals
Retention Criteria
- The volume, nature, and sensitivity of your information;
- The potential risk of unauthorized access, use or disclosure, or misappropriation;
- The purposes for which we process your personal information; and
- The retention obligations under applicable legal requirements.
Exercising Access, Data Portability, Deletion, and Correction Rights
- Emailing us at: support@subtlbeauty.com
- Use the following link to submit your request: https://subtlbeauty.com/pages/contact-us
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Response Timing and Format
Non-Discrimination
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you with a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Notice of Financial Incentives
Contact Information
Subtl Beauty Inc.
100 S Commons #102, Pittsburgh, PA 15212
Email: support@subtlbeauty.com
Consumer Access Request
Alternatively, please click cookie settings to manage cookies.