EXTENDED PRIVACY POLICY

Data collected

We receive, collect and store the following data. IP (Internet Protocol) address, used to connect your computer to the internet. Email address for sending out order information and updates. We use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile. Both PayPal and Stripe are compliant with GDPR 2018. You can find their Privacy Policy information here: PayPal and Stripe.

 

How the data is collected

When conducting a purchase through our company, as part of the process, we collect specific personal information you provide. This information includes name, address, email address and (when applicable) PayPal information. This data will only be used to communicate with you about your order, to fulfill your order and for legal reasons (such as paying taxes).

Reasons for Collecting Data

We collect non-person and personal information for the following reasons.

1. To provide and operate services pertaining to our company.

2. To provide our users with ongoing customer assistance and satisfaction with our products.

3. To contact our visitors and users with general/personalized notices and promotional messages.

4. To create aggregated statistical data and other non-personal information. This information may be used to provide and improve our services.

5. To comply with any local, state, federal and international Laws and Regulations.

How data and personal information gets stored

Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Communication

We may contact you regarding your order, subscription or to send you promotional/marketing information upon your request. By subscribing to our newsletter you agree to our privacy policy/terms and conditions. We may also contact you to resolve any issues with an order, such as processing returns or dealing with incorrect personal information. We will contact you via email or phone call upon request.

Cookies

The following cookies and their durations may be used during your session.

svSession - Permanent - Creates activities and BI

hs - Session - Security

incap_ses_${Proxy-ID}_${Site-ID} - Session - Security

incap_visid_${Proxy-ID}_${Site-ID} - Session - Security

nlbi_{ID} - Persistent cookie - Security

XSRF-TOKEN - Persistent - cookieSecurity

smSession - Two weeks - Identify logged in site members

All third-party apps such as Google Analytics are GDPR Compliant.

Consent

By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purpose identified above. Consent is required for The Cosmetic Archive LLC to process both types of personal data, but it must be explicitly given. Where we are asking you for sensitive personal data we will always tell you why and how the information will be used. You may withdraw consent at any time by contacting us via email through our contact page.

Discloser

The Cosmetic Archive LLC will not pass on your personal data to third parties without receiving prior consent.

Privacy Policy Updates

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.