3. Privacy Statement. Venus by Maria Tash, Inc. operates this Website. All references to "we", "us" shall refer to Venus by Maria Tash, Inc. We regard the privacy and security of user information as a critical component of the services that we offer to our users. The following information explains our information gathering and dissemination practices.
4. Registration Data. We reserve the right to require you to register to receive certain benefits, Products or services and to provide certain registration data including your name, country, zip code or postal code (as appropriate) and email address ("Registration Data").
5c. Information We Use. We may use the Personally Identifiable Information collected through our website primarily for such purposes as:
- helping to establish and verify the identity of users;
- opening, maintaining, administering and servicing users' accounts or memberships;
- processing postings and sending related communications;
- providing services and support to users;
- improving our website, including tailoring it to users' preferences;
- responding to users' questions, inquiries, comments and instructions;
- maintaining the security and integrity of our systems; and
- fulfilling user's Product orders.
In general, we use the Personally Identifiable Information collected on our website to help us understand who uses our website and how it is used, to personalize your experience, to assist you in using our website and to improve our website.
If you become a registered member of our website, we may use your information to send you a welcoming email that may confirm your user name and password. If you decide to 'opt-in' we may send you electronic newsletters, contact you about online products, related information and news items that may be of interest to you, and provide you with targeted feedback. If you decide you no longer want to receive these communications from us, we will provide you with an option to opt-out and change your preferences.
We also use the Non-Personally Identifiable Information collected automatically by our servers primarily to help us administer and improve our website.
7. IP Addresses. IP addresses are used by your computer every time you are connected to the Internet. Your IP address is a number that is used by computers on the network to identify your computer. IP addresses are automatically collected by our web server as part of demographic and profile data known as "traffic data" so that data (such as the web pages you request) can be sent to you. We will not use your IP address to attempt to identify your personal information.
8. Referrers. A Referrer is the information passed along by a web browser that references the Web URL you linked from, and is automatically collected by our web server as "traffic data". We reserve the right to use this information to identify broad demographic trends that may be used to provide information tailored to your interests. You will not be personally identified from this information.
9. System Information. System information that we collect as part of "traffic data" includes time, the type of web browser being used, the operating system/platform, and CPU speed. Your web browser sends this information automatically when you are connected to a web site. We reserve the right to use this information for purposes of identifying broad demographic trends and may be used to provide information appropriate for your computer system. You will not be personally identified from this information.
11. Other Web Sites, Links, And Advertisers. This website contains links to other web sites. We reserve this right to have advertisers or other third parties on this website who may also have links on this website and may link to this website. The privacy practices of advertisers or web sites linked to this website are not covered by this privacy statement, and we are not responsible for the privacy practices or the content of such web sites. Additionally, if you make a purchase from a store or merchant listed on or linked to this website, any information that you give, such as your credit card number and contact information, is provided to those merchants. These merchants have separate privacy and data collection practices, and we have no responsibility or liability for these independent policies. You should be careful to review any privacy policies posted on any of these sites before signing up with and using them.
12. Security. Information collected by this website is stored in secure operating environments that are not available to the public. Our employees are required by us to maintain and uphold your privacy and security and are aware of our privacy and security policies. Unfortunately, no data transmission over the Internet can be guaranteed 100% secure. As a result, while we strive to protect your personal information, WE CANNOT ENSURE OR WARRANT THE SECURITY OF ANY INFORMATION YOU TRANSMIT TO US, AND YOU DO SO AT YOUR OWN RISK.
13. No Liability for Acts of Third Parties. Although we will use reasonable efforts to safeguard the confidentiality of your personally identifiable information (including credit card information), transmissions made by means of the Internet cannot be made absolutely secure. We will have no liability for disclosure of information due to errors in transmission or unauthorized acts of third parties. In addition, we will release specific information about you to comply with any valid legal process such as a search warrant, subpoena, statute or court order. We will also release specific information in special cases, such as if there is an attempted breach of security or a physical threat to you or others.
Please note that if you give out personal identification information online -- that information can be collected and used by third parties. Although we strive to protect our users' privacy, we cannot guarantee the security of information you post in these forums. You disclose such information at your own risk. 14. Transfer of Your Information. As we continue to develop our business, we might acquire or buy other businesses or assets. In such transactions, customer information generally is one of the transferred business assets. Also, in the event that all or substantially all of our business or assets are acquired, both personally identifiable and non-personally identifiable user and customer information will be one of the transferred assets.
15. Minors. This website is directed toward and designed for use by persons aged 18 or the age of majority in the jurisdiction in which you reside. We will not approve applications of, or establish or maintain accounts or memberships for, any child that we knows to be under the age of 18. We do not solicit or knowingly collect Personally Identifiable Information from children under the age of 18. If we nevertheless discover that we have received Personally Identifiable Information from an individual who indicates that he or she is, or that we otherwise have reason to believe is, under the age of 18, we will promptly delete such information from our systems. Additionally, a child's parent or legal guardian may request that the child's information be corrected or promptly deleted from our files by contacting our Privacy Coordinator at the telephone number or address set out below.
16. Contact Us. If you have submitted personally identifiable information through this site, or if someone else has submitted your personally identifiable information, and you would like to review, request changes or have that information deleted from our databases, please contact us via e-mail or send a letter to our Privacy Compliance Coordinator at the address indicated below. We will then use reasonable efforts to change or remove your personally identifiable information from our files, unless we are entitled or required to retain it pursuant to other agreements or by law. You may also contact us through either of the above methods to request or review the personally identifiable information that we have collected about you. We will use reasonable efforts to supply you with this information and correct any factual inaccuracies in this information. Our contact information is as follows:
Venus By Maria Tash, Inc.
Contact: Privacy Coordinator - email@example.com
Telephone: 212 253 0921 653 Broadway, New York NY 10012
Effective date: January 10, 2016
Venus by Maria Tash Inc. (“VMT”) respects your concerns about privacy. VMT abides by the principles set out by Directive 95/46/EC of the European Parliament and the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (“the Data Protection Directive”), as transposed by national laws of EU Member States and as such laws may from time to time be amended, the Swiss Federal Data Protection Act and any US Federal privacy laws, regulations and principles regarding the collection, storage, use, transfer and other processing of Personal Data (as defined below) transferred from the European Economic Area (“EEA”) or Switzerland to the United States.
For purposes of this policy:
“Customer” means any natural or legal person using the website of VMT to conduct an online transaction or with the intention to conduct a transaction and providing her personal data (as defined below) to create an online account, sign up for receiving newsletters or any how contact VTM in this regard.
“Employee” means any current, former or prospective employee, temporary worker, intern or other non-permanent employee of VMT or any current or prospective subsidiary or affiliate of VMT.
European Economic Area (“EEA”) means the following countries: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Republic of Ireland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, The Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, the UK.
“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity and includes information, that (i) relates to an identified or identifiable Customer, Employee or Supplier’s representative , (ii) can be linked to that Customer, Employee or Supplier’s representative , (iii) is transferred to VMT in the U.S. from the EEA or Switzerland, and (iv) is recorded in any form.
“Sensitive Personal Data” means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership or concerning health or sex, and the commission or alleged commission of any offense, any proceedings for any offense committed or alleged to have been committed by the individual or the disposal of such proceedings, or the sentence of any court in such proceedings.
“Supplier” means any supplier, vendor or other third party located in the USA and/or the EEA or Switzerland that provides services or products to VMT.
How VMT Obtains Personal Data
A) Customer Personal Data
VMT may obtain and process certain Personal Data about Customers in connection with their use of the website to conduct online purchases or otherwise contact. This Personal Data is provided only with the explicit and unequivocal consent of the concerned data subject and may include information such as:
•Credit Card Information
VMT processes this Customer Personal Data when carrying out and supporting online purchases and other customer related activities in this regard, including:
•Conducting online sale of its products via a credit card or other means of payment
•Submitting newsletters and other marketing material to customers
•Conducting targeted marketing based on Customers' previously expressed preferences
•Providing all types of customer support.
•Communicating with credit institutions in resolving payment issues with customers' credit cards or otherwise
• Complying with applicable legal requirements, including government reporting and specific local law requirements.
VMT may also obtain Personal Data about Employees in connection with their employment or other working relationship with VMT. This Personal Data is provided only with the explicit and unequivocal consent of the concerned data subject and may include information such as:
- Contact information
- Credit Card Information
- Date of birth
- Email address
- Internal payroll identification numbers
- Government-issued identification information, passport or visa information
- Educational history
- Employment history
- Information about job performance and compensation, and
- Financial account information.
VMT processes this Employee Personal Data when carrying out and supporting HR functions and activities, including:
- Recruiting and hiring job applicants
- Managing Employee communications and relations
- Providing compensation and benefits
- Administering payroll
- Processing corporate expenses and reimbursements
- Managing Employee participation in human resources plans and programs
- Carrying out obligations under employment contracts
- Managing Employee performance
- Conducting training and talent development
- Facilitating Employee relocations and international assignments
- Managing Employee headcount and office allocation
- Managing the Employee termination process
- Managing information technology and communications systems, such as the corporate email system and company directory
- Conducting ethics and disciplinary investigations
- Administering Employee grievances and claims
- Managing audit and compliance matters
- Conducting system maintenance and similar tasks.
- Complying with applicable legal obligations, including government reporting and specific local law requirements, and
- For other general human resources purposes.
VMT also may obtain and process Personal Data about Employees’ emergency contacts and other individuals (such as spouse, family members, dependents and beneficiaries) to the extent our Employees provide the information to us. We process this information to comply with our legal obligations and for benefits administration and other internal administrative purposes.
In addition, VMT may obtain Personal Data associated with its Suppliers’ representatives. This information may include contact information and financial account information of the Suppliers’ representatives. VMT uses this information to manage its relationships with its Suppliers, process payments, expenses and reimbursements, and carry out VMT’s obligations under its contracts with the Suppliers.
VMT’s practices regarding the collection, storage, use, transfer, and other processing of Personal Data comply, as appropriate under the laws of Member States transposing the EU Data protection Directive, comply with the principles of notice, choice, onward transfer, access, security, data integrity, and enforcement and oversight.
Relevant information may also be found in privacy notices, manuals and policies pertaining to specific data processing activities.
VMT may disclose Personal Data without offering an opportunity to opt out (i) to service providers the company has retained to perform services on its behalf, (ii) if it is required to do so by law or legal process, (iii) to law enforcement or other government authorities, or (iv) when VMT believes disclosure is necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity. VMT also reserves the right to transfer Personal Data in the event it sells or transfers all or a portion of its business or assets (including in the event of a reorganization, dissolution or liquidation). VMT uses Personal Data only for the purposes indicated in this Policy. To the extent required by applicable law, VMT obtains prior opt-in consent at the time of collection from Employees for the processing of Sensitive Personal Data.
Onward Transfer of Personal Data
VMT may share Personal Data with third parties as indicated in the “Choice” section above. Except as permitted or required by applicable law, VMT requires third parties to whom it discloses Personal Data and who are not subject to the EU Data Protection Directive to contractually agree to provide at least the same level of protection for Personal Data as is required by the relevant national legislation of the EU Member State where any such party is established or is operating from.
Overall, VTM requires third parties who are subject to the EU Data Protection Directive, its transposing laws and the jurisdiction of any EU Member State Data Protection Authority to ensure compliance with any such applicable laws and completion of any mandatory registration or other compliance requirements.
Employees and Suppliers and their representatives will, if requested, be provided with access to their Personal Data to correct, amend that information where it is invalid or inaccurate and/or delete as appropriate. VMT may limit or deny access to Personal Data where permitted by the or otherwise provided by applicable law.
VMT takes reasonable precautions, using up to date systems and procedures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. The relevant systems and procedures, which provide for system security and protect Personal Data from breaches, are described in the Technology Resources, Use, and Security Policy, available to all VMT employees, and the IT Operations Manual which is applied by competent VMT personnel who manage and support the VMT information technology systems and processes.
VMT takes reasonable steps to ensure that the Personal Data the company processes is (i) relevant for the purposes for which the Personal Data is to be used, (ii) reliable for its intended use, and (iii) accurate, complete and current. In this regard, VMT depends on Employees and Suppliers’ representatives to update and correct their Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorized by the individuals.
Enforcement and Oversight
VMT has established procedures for periodically verifying implementation of and compliance with the national data protection laws in transposition of the EU Data protection Directive and any other applicable law. VMT conducts an annual self-assessment of its Personal Data practices to verify that the attestations and assertions the company makes about its privacy practices are true and that the company’s privacy practices have been implemented as represented.
Employees and Suppliers’ representatives may file a complaint concerning VMT’s processing of their Personal Data with the competent corporate officers and company's representatives, whose contact information is below. VMT will take steps to remedy any issues arising out of a failure to comply with applicable law.
If an Employee’s complaint cannot be resolved through VMT’s internal processes, VMT will cooperate with the relevant EEA or Swiss data protection authority, as appropriate.
VMT undertakes to comply with national legislation of EEA Member States in transposition of the EU Data Protection Directive and conduct any registration or notification to the competent EEA or Swiss data protection authorities, including but not limited to the filing of Standard Contractual Clauses, when required, to secure the lawful character of personal data transfers from the EEA to the United States.
VMT intends to have the EU DPAs and Swiss FDPIC serve as the Independent Recourse Mechanism for all categories of personal data covered by the self-certification or merely for ‘organization human resources data’.
How to Contact VMT
To report a personal data breach or to ask questions or express concerns about personal data collection, management and processing, please contact the following officers and representatives of VMT in the USA and the EEA respectively:
Contact: Privacy Coordinator - firstname.lastname@example.org
Telephone: 212 253 0921 653 Broadway, New York NY 10012
In the EEA:
Rue de la Régence 58
1000 Brussels, Belgium