Last Update: May 2021
Allure and its affiliates respect your privacy and we are committed to protect the personal information of the users of the Services (“Users”). We believe that you have a right to know our practices regarding the information we collect when you visit and/or use the Services. The Policy explains our privacy practices regarding the Services. By accessing and/or using the Services, including registering for an account, you agree to the terms and conditions of the Policy, including our collection, use, disclosure, processing and retention of your personal information pursuant to the Policy. In the Policy, you will also learn how to limit the sharing of information.
Information We Collect
When you use the Services, you may provide us with certain information, such as your name, address, phone number, email address, personal preferences, payment card number, purchase and ordering information, demographic information, responses to survey questions, sizing information, details about other social networks linked accounts, and other information you may provide. We also collect information about your communications with us.
In addition, we collect information while you access, browse, view or otherwise use the Services. In other words, when you access the Services, we are aware of your usage of the Services, and gather, collect and record the information relating to such usage, including geo-location information, IP address, device and connection information, browser information and web-log information, and all communications recorded by Users through the Services. We use that information to enhance user experience, personalize your browsing experience as well as monitor the Services for preventing fraud and inappropriate content or behavior. We also collect supplemental information obtained from third parties such as demographic and navigation data, if applicable.
How We Collect Information
You directly provide us with most of the information we collect. You do this when you fill out your registration details for the Services, when you check out your online order, subscribe to marketing materials or email offers, participate in surveys, or interact with contests or special event programs.
We may also collect information from third party vendors, partners and other commercially available sources such as data aggregators and public databases, who provide us data to supplement the information we collect about you, in accordance with applicable laws. For example, we may receive fraud warnings from service providers for our fraud prevention and risk assessment efforts.
If you link, connect, or login to your account through a third party service (e.g. Google, Facebook, LinkedIn), we may receive certain information, such as your registration and profile information from that service. This information varies and is controlled by that service or as authorized by you via your privacy settings at that service.
How We Use the Information Collected
Where relevant under applicable laws, in order to process your personal information, we will be required to fulfill a “justified condition” for processing. In the majority of cases, the justified condition will be that:
- you have provided your consent for us to use your personal information for a specific purpose;
- our use of your personal information is necessary to offer you the Services;
- the processing is necessary to comply with a relevant legal obligation or regulatory obligation that we have (e.g. fraud prevention); or
- the processing is necessary to support our legitimate interests as a business (e.g. to improve the Services), according to your interests and fundamental rights and provided it is conducted at all times in a way that is proportionate.
We will use your personal information for the following purposes:
- to provide you with quality service and security, to operate the Services and to perform our obligations to you. For example, we use the information collected from you to verify your identity. We also use this information to establish and set up your account, verify or re-issue a password, log your activity, enable your communications with us, provide customer support, arrange for delivery of ordered products and contact you from time to time. The information helps us develop and improve Services to you and customize and personalize your experience.
- to contact you, as requested or otherwise approved by you.
- to promote and advertise the Services. For example, we use the information collected from you for the purpose of sending direct marketing messages (as detailed below), including our newsletter, to show you information that may be of interest to you, to organize and facilitate promotional activities or events.
- to maintain appropriate business records, to comply with lawful requests by public authorities and to comply with applicable laws and regulations or as otherwise required by law.
We will ask for your consent before using information for a purpose other than those set out in the Policy.
- We use your personal information to send you direct marketing communications about the Services including promotions that may be of interest to you and our newsletter. This may be via email, post, SMS, telephone or targeted online advertisements.
- In most cases our processing of your personal information for marketing purposes is based on our legitimate interest, although some cases (such as where required by law) will be based on your consent. You have a right to prevent direct marketing of any form at any time – this can be exercised by sending an email to firstname.lastname@example.org.
- We take steps to limit direct marketing to a reasonable and proportionate level, and to send you communications which we believe may be of interest or relevance to you, based on the information we have about you.
How Long We Keep Your Information
We apply a general rule of keeping personal information only for as long as is required to fulfil the purpose for which it was collected. However, in some circumstances we may retain your personal information for longer periods of time. We may retain your information for the following purposes:
- as long as it is necessary and relevant for our operations, e.g. so that we have an accurate record of your dealings with us in the event of any complaints or challenge; and
- in relation to personal information from closed accounts to comply with applicable laws, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Services terms and take other actions as permitted by law.
Children Under the Age of 13
The Services are not intended for children under 13 years of age. No one under age 13 should provide any personal information to us or in relation the Services. We do not knowingly collect personal information from children under 13. Parents and guardians should at all times supervise their children’s activities. If we learn we have collected or received personal information from a child under 13, we will delete that personal information. If you believe we might have any information from or about a child under 13, please contact us at email@example.com.
Sharing Personal Information with Third Parties
We do not sell or rent your personal information to third parties for their marketing purposes without your explicit consent.
We combine your personal information with information we collect automatically or obtain from other companies and use it to improve and personalize the Services, content and advertising and/or to prevent fraud. If you do not wish to receive marketing communications from us, you can opt-out by sending an email to firstname.lastname@example.org.
We provide your personal details to third parties, only in order to provide the Services, fulfil obligations imposed on us by applicable laws and regulations, and prevent fraud, infringements and illegal activities, as detailed below:
- We share your information with service providers that provide us with services for the purpose of providing the Services, opening and operating your account as well as providing ancillary services (example – payment vendors, delivery vendors, IT services, mailing systems or technical consultants). Our contracts with these service providers do not permit use of your information for their own (marketing) purposes. Consistent with applicable legal requirements, we take commercially reasonable steps to require third parties to adequately safeguard your personal information and only process it in accordance with our instructions;
- We will share your information with law enforcement agencies, public authorities or other parties in order to respond to a subpoena or court order, judicial process or to regulatory authorities, if we believe we are required to do so by law, or that doing so is reasonably necessary to comply with legal processes; when we believe it necessary or appropriate to disclose personal information to law enforcement authorities, such as to investigate actual or suspected fraud or violations of law, breaches of security, or breaches of the Policy; to respond to claims against us; and to protect the rights, property, or personal safety of Lee Petra Grebenau, Allure, our affiliates, our customers, and the public;
- We share your information with payment processors, fraud detection agencies and similar third parties for the purpose of securing payments made in relation to the Services and protecting against fraud, unauthorized transactions (such as money laundering), claims or other liabilities;
- Your personal information will also be disclosed if we go through a business transition such as a merger, sale, transfer of all or a portion of Lee Petra Grebenau’s or its affiliates’ assets, acquisition, bankruptcy or similar event. In the event that we sell any business or assets, we will disclose your data to the prospective buyer. If we or substantially all of our assets are acquired by a third party, information held by us about our users will be one of the transferred assets.
Please note, any information you voluntarily share with other users, such as reviews or other content you post may be visible to all other users of the Services. When you publish content and/or share your information with other users, you do so at your own risk.
Place Where Your Personal Information is Stored
Some of the personal information you provide to us will be stored or processed on our behalf by third party suppliers and data processors and may be located in other jurisdictions, such as the United States or Israel, whose laws may differ from the jurisdiction in which you live. Whether to third parties or internally, any transfers of personal information from the European Economic Area (“EEA”) to countries not deemed to provide an adequate level of data protection are governed by European Union (EU) standard contractual clauses, or in the case of the United States, the EU – US Privacy Shield, and/or equivalent data transfer regulations to protect the security and confidentiality of personal information. We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with the Policy.
When you visit the Services, we use “cookies” (or similar technologies), which store certain information on your computer, to allow us, among other things, to enable automatic sign-in to the Services, making your browsing more convenient and which allow us to test user experience and offer you personalized browsing or promotions. By continuing to use the Services, you agree to our placing cookies on your computer or device in accordance with the terms of the Policy.
If you prevent these cookies, we cannot guarantee how the Services will perform for you.
Blocking or Deleting Cookies
We store a cookie on your computer or device to remember this for next time, so that we can store your preferences and save you time on subsequent visits by eliminating the need to repeatedly enter the same data. You may set your browser to block all cookies, including cookies associated with the Services, or to indicate when a cookie is being set by us. You should do this through the browser settings for each browser you use. Please be aware that some of the Services may not function if your browser does not accept cookies. However, you can allow cookies from specific websites by making them “trusted websites” in your internet browser.
We take great care in maintaining the security of the Services and your information and in preventing unauthorized access, loss, misuse, alteration, destruction or damage to it through industry standard technologies and internal procedures. In addition, we contractually ensure that any third party processing your personal information equally provide for confidentiality and integrity of your data in a secure way. However, the transmission of data via the internet is not completely secure, and although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted; any transmission is at your own risk. Once we have received your data, we will use strict procedures and security features to try to prevent unauthorized access.
Users who have registered for the Services agree to keep their password in strict confidence and not disclose such password to any third party.
Further information about our data security practices can be provided on request.
Rights of EU Users and Data Subjects
As exceptions, we rely on your consent with respect to cookies and direct marketing emails per Article 6.1(a) EU GDPR, and legitimate interests under Article 6.1(f) EU GDPR, especially with respect to situations where we must process your personal data to comply with applicable laws.
Recipients or categories of recipients of your personal data are employees of our company and affiliated and non-affiliated services providers who have a need to know.
When you access our Services, you may be transferring your personal data to a country for which the European Union Commission has not yet issued an unlimited adequacy decision
We will process and keep your personal information for as long as is necessary for the purposes set out in this Policy, for our legitimate business needs, and for compliance with the law.
You have a right to request from us these EU GDPR rights concerning your personal data: access to data; rectification of data; erasure of data; restriction on processing; objection to data processing; and data portability.
If you have provided consent for direct marketing emails or other data processing, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to lodge a complaint with a supervisory authority.
We do not use automated decision-making, including profiling, as referred to in Article 22(1) EU GDPR, that is, in a way that produces legal effects concerning you or significantly affects you. Our Services’ customization technologies and e-commerce processes are automated, but do not produce legal effects or affect you significantly as contemplated by Article 22(1) or (2) EU GDPR.
You can contact us with any questions, or to exercise your rights by calling us at +972523000007.
Your California Privacy Rights
This section describes the rights of California residents that are users of our Services under the California Consumer Privacy Act of 2018 (“CCPA”). If you are a California resident, as of January 2020, you have certain rights regarding your personal information. In particular, you have a right to request that we provide you with the following information:
- The categories or specific pieces of personal information that we collect about you.
- The categories of sources from which the personal information is collected.
- The purposes for collecting, using, or selling that personal information.
- The categories of third parties with whom we share that personal information.
- If we disclosed your personal information for a business purpose, the categories of personal information we have disclosed in the prior twelve months.
- If we sold your personal information, the categories of personal information we have sold in the prior twelve months.
To make such requests, we kindly ask that you contact us at email@example.com.
We may verify your request using the information associated with your account, including email address. Government identification may also be required. Users can also designate an authorized agent to exercise these rights on their behalf.
You have a right to request that we delete your personal information under certain circumstances and exceptions. You also have a right not to be discriminated against for exercising your rights under the CCPA.
Updating Your Information
We take steps to ensure that the personal information we collect is accurate and up to date, and we provide you with the opportunity to update your information through your account profile settings. In the event that you believe your information is in any way incorrect or inaccurate, please let us know immediately. We will make sure we investigate the matter and correct any inaccuracies as quickly as possible where necessary or give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. When updating your personal information, we will ask you to verify your identity before we can act on your request. If for any reason you have a problem with deleting your personal information, please contact our Customer Support and we will make reasonable efforts to delete any such information pursuant to any applicable privacy laws.
You can review and change your personal information by logging into the Services and visiting your account profile page.
If you delete your information from the Services, copies may remain viewable in cached and archived pages.
To exercise any of your rights in connection with your personal information, we kindly ask that you contact us at firstname.lastname@example.org.
If you have any questions (or comments) concerning the Policy, please email our team email@example.com , and we will make an effort to reply within a reasonable timeframe.