Privacy Policy

  1. Privacy Policy

    Contents

    1. Our Privacy Policy
    2. Our details
    3. Law applicable
    4. Changes to our Privacy Policy
    5. What personal information and data we collect
    6. How and where we may collect data
    7. Third-party sites
    8. Purpose and legitimation of data collection, storage, manage, disclose, and transfer
    9. Who may we share personal information and data with?
    10. Transfer of data. International data transfer
    11. For how long can we keep your personal information and data?
    12. How we store the data.
    13. Recommendations
    14. Data Controller
    15. Data Protection Officer
    16. Your Rights

     

    1. Our Privacy Policy

    FaceToned is one of the trade names of Studio Carme Ltd. (“SC,” “we,” or “us“) that owns and operates the website www.facetoned.com and App “FaceToned” (jointly referred to also as “Site”, or “Website”) whereby we will offer programs of facial fitness to train facial muscles, and offer recipes focused on healthy nutrition for facial tone (“Services”), and sale of Products like gua sha stones, facial rollers, serums, oils and cotton gloves (“Products”).

    SC Privacy Policy herein contained covers the collection of personal data via the SC App “FaceToned” (“App”) and the website (www.facetone.com) (the “Website” , “Site”), and from our pages on third party social media channels such as Facebook, Twitter, Pinterest, Instagram, YouTube and so on, as applicable from time to time, (henceforth, collectively referred to as “Site”).

    We respect the privacy of our users and the importance of the information they entrust to us.

    We are firmly committed to comply with the laws and regulations as regards protection and security of your personal information and data (jointly referred to as “data”) that we may collect, receive and/or have access to from you or your devices as user and/or customer.

    As part of our commitment in this Privacy Policy and Cookies notice we inform you on what data we can collect or access to, what we do with them -how we may store, use, disclose share with, or transfer such data-, and important rights to correct and update the data information, it all for the purposes of our services and products and your relations with us as user and/or customer.

    By providing personal information to us, you consent to our reception, access to, collection, storage, use and disclosure your personal data in accordance with this Privacy Policy and any other arrangements that apply between us.

    You should read carefully and regularly our Privacy Policy notice in order for you to be informed of the Privacy Policy in force any time, as you will provide the data or allow access to them.

    1. Our details

    Our details are:

    Studio Carme Ltd. 3rd Floor 12 Gough Square, London, England, EC4A 3DW, company registration no. 8375250. T +44 (207) 221 6427 in working days (Monday – Friday, 08:00-22:00); @ support@facetoned.com

    1. Law applicable

    If you submit personal data to us it will be kept and maintained in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679) (“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK, until such time as the GDPR is no longer directly applicable to the UK, and then in accordance with the provisions of any successor legislation to the GDPR or the Data Protection Act 1998 (together, “the Data Protection Legislation”).

    1. Changes to our Privacy Policy

    We may change our Privacy Policy from time to time, according to law, which will be made available to you by posting the new version on our App / Website, and/or by way of an email to you.   Please check them occasionally to ensure you are happy with any changes.

    1. What personal information and data we collect

    Personal information and data means information relating to you which allows us, with your permission, to identify you and your profile, such as:

    1. Name and given name, id card, social security and passport numbers, nationality, place and date of birth or age, gender, marital status; education, profession, or job.
    2. Postal address and code, email address; phone number, social media name or ‘handle’;
    3. Personal fitness profile, weight, sizes, photographs, habits, preferences, interests;
    4. Medical conditions, requirements, dietary preferences.
    5. Personal details on physical or mental health: they are considered “sensitive” personal data under applicable data protection laws. We will process any such data only if you have given your explicit consent, or it is necessary (for instance if you request special assistance), or you have deliberately made it public;
    6. Information you provide about yourself and any preferences in your account;
    7. Details of products and services you have purchased, enquired about, ordered and/or received and obtained from us and/or our partners and referred providers as applicable, and related information received, payment details and information about your access to our website, preferences and interests, comments, photographs, video submissions or likeness when you provide it to us when using the Site (e.g., by creating a user login on our site), or in any other way e.g., by posting or submitting it to the Site, to Facebook using our Site, or to our Facebook / social media page, if any.
    8. Information on your device, IP address, ID, device type, location, geo-location information and connection information, inclusive in real time, e.g. through GPS, Bluetooth, location-specific content, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information; along with crowd-sourced Wi-Fi hotspot and cell-tower locations, but only if you use location-based features and turn on the location services settings on your device or computer.
    9. Information about your use of our App or website;
    10. Information that you provide to us (i) directly through our App, website or other media or channels, or (ii) indirectly through your use of our App, website or other media or channels or online presence or through other websites or accounts from which you permit us to collect information, information you provide to us through customer surveys; assist in complaints and queries, investigate possible breaches of our terms and conditions including fraud and illegal activities with the use of your personal data, and any other personal information that may be required in order to facilitate your dealings with us.
    11. Information from your Facebook/Instagram/twitter friends when they reply to Facebook comments you upload to our site (e.g., their name, comment and photo) may be also automatically collected.
    12. Communications with us or directed to us by letter, email, chat service, phone calls and messages, social media, etc.

    We may combine the personal information that we receive from different sources.

    1. How and where we may collect data

    We may also collect personal data from you (either directly or indirectly, your devices, and through our third-party partners or providers) in a number of ways:

    1. Information you provide about yourself and any preferences in your account or operating in our App or website; when you register and provide details in our App or website; when you
    2. Communicate with us by letter, email, chat service, phone calls and messages, social media, or when sharing information with us from other social media, applications, services, apps or websites;
    3. interact with our sites, services, content and advertising; or
    • Apply for a job position in our company (ies) providing working history, education, professional career, and records checks, previous employers and other parties which is not subject to these regulations, or request information and/or invest in our business or enquire as to a potential purchase in our business.

    If you post information about yourself or others, or communicate with others using the Site, please note that we cannot control who reads your postings or what they do with the information you provide. We encourage you to use caution in posting personal information.

    1. Information that our App or website may access to in your devices and social media accounts and other channels and sources of information and data.
    2. We also may collect other types of information in the following ways when you operate the App or visit the Site or interact in certain internet sites, apps, tools, etc.:
    3. Our server logs automatically collect information, such as your IP address, your browser type and language, and the date and time of your visit, which helps us track users’ movements around the Site and understand trends;
    4. We may assign your computer one or more cookies which may collect information to facilitate access to the Site and to personalize your online experience;
    • We may use standard Internet tools, such web beacons, which collect information that tracks your use of the Site and enables us to customize the Service and advertisements;
    1. We use third party analytics tools, such as Google Analytics, to collect and analyze certain user information and behavior. This information may include demographic and interest information, such as age, gender and users interests. We use this information for internal business purposes on an aggregated, anonymous basis. To opt-out of Google Analytics data collection, you can visit the following site and follow the opt-out procedures: https://tools.google.com/dlpage/gaoptout/; and
    2. We may also collect certain information, such as the URL of the last web page you visited before coming to our Site, your preferences and settings (e.g., time zone), the ads you clicked on or viewed on our Site (if any), how long you stayed on our Site and what services and features you used.
    3. When you interact with us through our social media accounts, such as Facebook, Twitter, Pinterest, Instagram, YouTube and so on, we may collect information about you which could include personal data. For example, when you “Like” a post on our Facebook page, or “Follow” us on Twitter. Such social media sites will also have their own privacy policies on how they use and share your personal data. You should carefully review those privacy policies before you use those social media sites, to make sure that you are happy with them.
    4. Information that others may collect.

    We may allow third-party advertising companies and ad networks, including content recommendation engines, to display advertisements on the App or Site or related applications, and to track user activity on our Site for the purpose of determining what ads to display. These companies may also use information collected on our Site in order to better serve ads (ad retargeting).

    • We do not provide any personal information to these companies.
    • These companies may use tracking tools, such as cookies, to collect information about computers and browsing activity to determine which advertisements to display to users.
    • Some of these companies may be members of the Network Advertising Initiative, which offers consumers the ability to opt out of ad targeting by all member companies (www.networkadvertising.org).

    These advertisers, advertising networks, and behavioral targeting companies sometimes collect information that tracks your use of our Site in order to measure ad performance, track which ads you clicked on and display ads targeted specifically to you, including displaying ads after your leave our Site on other third party sites that are within their ad network.

    If you post information about yourself or others, or communicate with others using the Site, please note that we cannot control who reads your postings or what they do with the information you provide. We encourage you to use caution in posting personal information.

    1. Third-party sites

    Our Site may contain links to other Apps / websites and social media sites operated by third parties. Please note that we have no control over how those third parties collect and use your personal data. Those third party sites may have their own privacy policies. You should always read the privacy policy of each website you visit carefully.

    1. Purpose and legitimation of data collection, storage, manage, disclose, and transfer

    We may collect, receive, access to personal information and data, store, manage, disclose and transfer them in order for a better provision of our Services and Products and in the framework of your relations with us, which includes:

    1. To enable you to access and use our App and website, services and products;
    2. To operate, protect, improve and optimize our website, services, products, and app, business and our users’ experience, perform analytics, conduct research and for advertising and marketing;
    3. To allow fluent communications with users and customers: we use your data to manage our relationship with you as our customer, to improve our services and enhance your experience with us; to offer products and services; to send service, support and administrative messages, reminders, notices, updates, security alerts, and information requested by you or to your interest; to send you marketing and promotional messages, special offers, newsletters, and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;
    4. To design and provide tailored services: we use your data to provide information we believe is of interest to you, prior to, during, and after your interactions with us, and to personalize the services and products we offer to you, such as special offers; facilitate the use of Site. Customize advertising and contents that can be seen on the Site.
    5. To administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
    6. To publicly display feedback and comments posted by you on our properties (e.g., use your name, photograph, video submissions and comments when you post feedback on the Site or to Facebook);
    7. To display information about your friends and contacts (e.g., their name, photograph and comments) that is automatically uploaded when they comment on Facebook messages that you post to our site;
    8. To manage your account and your preferences;
    9. To process payments, credit or other payment card verification/screening; and payment information for accounting, billing and audit purposes and to detect or prevent any fraudulent activities;
    10. To fulfil administrative tasks: we use your data for internal record keeping, statistical and marketing analysis, systems testing, customer surveys, maintenance and development, or in order to deal with a dispute or claim. We may perform data profiling based on the data we collect from you for statistical and marketing analysis purposes, but only with your prior consent, and by making best endeavors to ensure that all data it is based on is accurate. By providing any personal data you explicitly agree that we may use it to perform profiling activities in accordance with this privacy policy;
    11. To comply with our legal obligations, resolve any disputes that we may have with any of our users and customers, enforce our lawful rights, terms and conditions and agreements; Security, health, administrative, crime prevention/detection: we may pass your information to government authorities or enforcement bodies, or court, for compliance with legal requirements; to identify and protect against fraudulent transactions and other misuses of the App or website;
    12. To consider your employment application.
    13. To protect your vital interests or those of another person (e.g. in case of a medical emergency);
    14. If it is in our legitimate interests to do so (e.g. for administrative purposes).

    We will only process your personal data where we have a legal basis to do so, for the purposes and in form, terms and conditions as set out herein.

    In most cases we will need to process your personal data so that we can enter into our contract and fulfil the provision or delivery of goods or services to you according to the explanations and examples herein contained.

    The data processing required in fulfilment of the aforementioned purposes that require the user’s consent cannot be undertaken without said consent.

    Only children above certain age (generally 16 years or older, but varying from country to country) can provide their own consent. For under aged children the knowledge and consent of the parents or legal guardians is required.

    By the same token, in those cases in which it is necessary to process the user’s data for the fulfilment of a legal obligation or for the execution of the existing contractual relationship between our users or customers, and us or any of our subsidiaries, affiliates or entities of the same Group, the processing would be legitimized as it is necessary for compliance with said purposes.

    If the user or customer concerned withdraws his/her consent to any of the processing, this will not affect the legality of the processing carried out previously.

    If we do ask for your personal information for a secondary purpose such as marketing and you are an individual in the European Economic Area (EEA), we will either ask you directly for your express consent, or provide you with an opportunity to say no. If after you opt-in, you change your mind, you may withdraw your consent for us to contact you for the continued collection, use or disclosure of your information, at any time, by contacting us or by using the unsubscribe link within any of our emails. If you are outside of the European Economic Area (EEA), you may withdraw your consent for us to contact you for the continued collection, use or disclosure of your information, at any time, by contacting us or by using the unsubscribe link within any of our emails.

    Your personal information will not be shared, sold, rented or disclosed other than as described in this privacy policy.

    1. Who may we share personal information and data with?

    We may share personal information and data with:

    1. Other companies within our Group and franchisees, distributors, agents, and similar business partners, and
    2. The following third parties for the purposes described herein:
    3. Service providers, such as credit-card payment processors, performing services on our behalf;
    4. Other businesses with which we partner or which we carefully select to offer you products, services, and promotions through the Site or offline; and
      1. Other companies, contractors or agents to provide services to you including delivery, marketing, marketing platform providers, communications, legal services, debt collection, administration services, customer services, information technology providers, credit card or other payment methods to conduct transactions;
      2. The host of our online store -if any- that may provide us with the online e-commerce platform that allows us to sell our products and services to you.
      3. Stripe payments platform, similar secure payment service providers, banks, credit and debit card companies which facilitate your payments to us, and for anti-fraud and anti-money laundering and terrorism combat screening, which may need information about your method of payment to process payment or ensure the security of your payment transaction. Before entering your personal details we suggest that you read and become familiar with the privacy policy for any such third-party providers;
      4. Government authorities, law enforcement bodies and regulators for compliance with legal requirements, fraud prevention, enforcement of terms and conditions and protection of the safety of users and consumers, and enforce our legal rights in relation to our contracts with you;
      5. Social media: You may be able to access third party social media services through our App or website, or before coming to either of them. When you are registered with your social media account, we will obtain the personal data you choose to share with us through these social media services pursuant to their privacy settings in order to improve and personalize your use of our website or app. We may also use social media plugins on our website or app. As a result your information will be shared with your social media provider and possibly presented on your social media profile to be shared with others in your network. Please refer to the privacy policy of those third-party social media providers to find out more about these practices.
    • Investors: If we decide to sell or buy any parts of our business or shares of our companies, we may also need to share your personal data with the buyer of those parts of the business. In those circumstances, we will make sure that any new buyer will promptly give you details of how they will use your personal data, and your options for changing that.
    1. Our trusted third party ancillary partners (identified on our App and/or website as applicable), who many offer products and services on or through our App or website. If you choose to purchase products or services offered on App or website by third parties, you may be a customer of both us and our Group and these third parties, and we and our partners may collect and share information about you, such as your contact details and your billing information. We are not responsible for third parties’ use of your personal data where such use is permitted for their own purposes. You should check their privacy policies for further information.

    We may share aggregated, anonymous information in any of the above situations and also with service providers, advertisers and others for our own marketing purposes and for purposes of improving the manner in which, and to whom, we offer our services.

    We will not share your personal information with others except as indicated above, or except when we inform you in advance and give you the opportunity to opt out.

    1. Transfer of data. International data transfer

    Your personal data will only be transferred out of the EEA where:

    • We have obtained your informed consent;
    • The transfer is necessary for the performance of a contract between you and us or for pre-contractual steps taken at your request; or
    • The transfer is necessary for the performance of a contract made in your interests between us and another person.

    We operate businesses in multiple jurisdictions, some of which are not located in the European Union (“EU”) or European Economic Area (“EEA”). While countries outside the EEA do not always have strong data protection laws, we require all services providers to process your information in a secure manner and in accordance with EU and other applicable laws on privacy and data protection.

    Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

    1. For how long can we keep your personal information and data?

    We will not retain your data for longer than is necessary to fulfil the purpose for which it is being processed. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the purposes for which we process it, and whether we can achieve those purposes through other means.

    We also consider the periods for which we might need to retain personal data in order to meet our legal obligations, or to deal with complaints and queries, and to protect our legal rights in the event of a claim being made.

    When we no longer need your personal data, we will securely delete or destroy it. We will also consider if and how we can minimize over time the personal data that we use, and if we can anonymize your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.

    1. How we store the data.

    We take appropriate commercially reasonable physical, electronic, managerial and other security measures to help safeguard personal information from unauthorized access, alteration, or disclosure.

    When you access the Site, either SC or PayPal protect, without limitation, your private information in each of the following ways:

    • The data is stored on secure servers at a high security location;
    • The data at these servers is encrypted;
    • Customer accounts are password protected; and
    • All sensitive data we handle is sent via SSL.
    1. Recommendations

    SC endeavors to protect your personal details and guarantee a high level of security. It is user’s and buyer’s sole responsibility to keep and safeguard the codes for user, name, password, signature, etc. to avoid unauthorized use or disposal of the same, contents, accounts, etc. This notwithstanding we just remind and recommend that visitor, customer, user and/or buyer keep a high security standard for the transactions, for example abstain sharing his/her username (email address) and/or his/her password and frequently change the same. Within this framework, SC cannot be held liable for any communication or dissemination, copy or misuse of the buyer’s details, when his/her username (email address) and/or his/her password are used by third parties.

    We will take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information. However, please note that the transmission of personal data via the internet is not completely secure. Although we will do our best to protect your personal data we cannot guarantee the security of your personal data on transmission via the internet.

    We ask you not to share your passwords with anyone.

    1. Data Controller

    SC exercises management control, being the “Data Controller” of all personal data that is collected and used about FaceToned App and website users and customers for the purposes of privacy and data protection laws, principles and regulations which may apply in your country.

    1. Data Protection Officer

    We have appointed a Data Protection Officer (“DPO”) to oversee compliance with this policy. You have the right to make a complaint at any time to a supervisory authority. The data protection supervisory authority for you depends upon the country or geographical area in which you are located.

    1. Your rights

    Without prejudice to the rights granted to our users and customers by law or under this Privacy Policy notice, provided that the required circumstances and requisites and conditions are met, you may:

    1. Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
    2. Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
    3. Refuse to provide personal information although this may imply your inability to obtain certain services or use certain features;
    4. Stop receiving promotional emails or newsletters from us, by sending an email to the contact address herein provided.
    5. Delete or decline cookies by changing your browser settings, although if you do so, some of the features or services of the Site may not function properly;
    6. Review and update your personal information by contacting us at the email address we provider, if you have an online account on the Site, by logging into that account;
    7. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
    8. Request erasure or deletion of your personal information. In some circumstances you may ask us to delete or remove personal information where there is no good reason for us continuing to process it. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.

    You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.

    1. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
    2. Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
    3. Request the restriction of processing of your personal information in certain circumstances. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

    Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection.

    Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

    1. Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
    2. Withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes to which you originally agreed, unless we have another proper and legitimate basis for doing so.
    3. To get human intervention, to express your point of view and to challenge the automated decisions adopted by SC;
    4. You may opt-out of any Google Analytics-related collection by visiting the following site and following the opt-out procedures: https://tools.google.com/dlpage/gaoptout/.

    We may need specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

    You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, if your request for access is clearly completely unfounded or excessive we may charge a reasonable fee, or alternatively, refuse to comply with the request in such circumstances.

    If you want to exercise any of these rights, then please contact our DPO by email at support@facetoned.com  .

    You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

     

    This Privacy Policy notice is updated on September 16 2019.