PRIVACY POLICY

Privacy Policy 

Updated June, 2022 

Introduction 

This is the Privacy Policy of Sunday Riley Modern Skincare, LLC and its subsidiary companies (collectively “SRMS,” “we,” or “us”), which applies to the websites located atwww.sundayriley.com,edit.sundayriley.com and its affiliate sites, subdomains, mobile versions, our social media accounts, any associated applications, tools or programs (collectively, the “Site”). 

In conjunction with the Terms and Conditions, this Privacy Policy sets out the basis on which any Personal data you provide will be collected, processed, used and stored by us. Please read it carefully.  

If you do not agree with our policies and practices, your choice is not to use our Site. By accessing or using our Site or if you agreed to our Terms of Use Agreement, you agreetothis privacy policy. This policy may change from time to time (see Changes to Our Notice).Yourcontinued use of our Site after we make changes is deemed to be acceptance of those changes, so please check this policy periodically for updates.  

Personal Information We Collect About You 

We collect several types of information from and about users of our Site, including information: 

  • By which you may be personally identified, such as name, dates of birth, postal address, email address, cell and work telephone numbers, passport details, travel details including flight manifests, locations details, creditcardnumber, debit card number, or any other financial information and any other identifier by which you may be contacted online or offline ("personal information");  

  • Regarding your commercial transactions, including records of or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies; and 

  • About your internet connection, IP address, the equipment you use to access our Site, your history on the Site, location information, telemetry data, user history and usage details.  

For example, we collect the following information:  

  • When you register with us, we ask for information such as your name, postal address, zip code, email address, and telephone number. We also acquire your Internet protocol address and/or mobile device identification, whichcertainjurisdictions consider to be personal data because it could be used to identify an individual or device if it were combined with other identifying information. 

  • We may also obtain your personal data with your express consent when you visit our spa and register for our treatment, information requested could include your name and date of birth and some health-related questions whichhelpdetermine if a treatment is right for you.  

  • We may capture user information when users send us questions or comments via email. Information collected in this manner will only be used to contact the user and/or respond to the user’s inquiry/issue. Sending us an email will notenrollyou on our email list unless you specifically request it. 

  • For purchases made on the Site, a third-party payment processor such as Authorize.net, Amazon Pay or Apple Pay may collect your name, email address, postal address, contact details and credit or debit card information. This record willbestored and processed in the United States and other countries (see further below under “How we use information about you” and “How we store and process information about you”). By making a purchase, you grant to us and to all otherpersonsand entities involved in the operation of the Site, the right to use, store, monitor, retrieve and transmit your account information in connection with the operation of the Site and as otherwise provided herein. You also agree thatsuchaccess and use of your Personal data is governed by their privacy policies. We are not responsible or liable for the content, activities or privacy policies of any third-party sites. Accordingly, please refer totheirrespective privacy policies. 

  • We generally do not request on or through the Site other information that is often considered “highly sensitive,” such as other financial account information (e.g., credit report information, bank account numbers), personalhealthinformation, or government issued identification numbers (e.g., social security number, drivers’ license number, or passport number), although we reserve the right to do so when such information is necessary to offer youcertainservices. 

  • We take reasonable precautions to protect the confidentiality and security of your personally identifiable information by using industry recognized security safeguards such as site monitoring, secured networks and servers, firewallsand/orencryption. When we ask for sensitive information, we protect it using encryption during transmission, such as SSL (Secure Socket Layer). Unfortunately, no method of transmission over the Internet is completely secure.Therefore,while we strive to protect your personally identifiable information within industry standards, we cannot guarantee its absolute security. 

  • We may also obtain your Personal data through your use of social media and/or other websites such as Facebook, Twitter, Instagram, YouTube or Amazon, depending on your settings or the privacy policies of these websites. Tochangeyour settings on these services, please refer to their respective privacy notices. 

Lawful Basis for Processing Your Information  

The lawful basis to process your personal data can be further explained below:  

1.    Performance of a Contract 

This applies when you have provided your personal data so we can provide a product or service to you (e.g., creating a customer account when purchasing one of our products)  

In order to use your personal data, we are required to have a lawful basis to do so.  

When you buy a product from our website or use one of our beauty services, you have given us your consent, we are fulfilling a contract to provide a product to you, or we have a legitimate interest in using your Personal data.  

2.    Legal Obligation  

We are legally required to keep certain pieces of your personal data for various legal or regulation reasons (records of your transaction information must be kept for tax and financial reporting purposes)  

3.    Consent  

This applies where you ask us to provide a specific service to you and subsequently provide your consent as a result of that request:  

  1. Cookies: We may place cookies that target you with personalized adverts, this way we can tailor how you interact with us on our website.  

    Advertising cookies are different from analytical/performance cookies which measure and record your interaction with our website for site improvements. When you visit our website, we give you the option to set what your preferencesareso we can respect it. 

  2. Marketing Communications from us: if you opt in and later opt out of these communications and ask us to stop sending you communications, we will do that although we would need to keep some ofyour Personal data inour database so that we know not to contact you again.  

4.    Legitimate Interests 

We may use your personal data that you have provided to us in the following scenarios legitimately  

  1. Fraud prevention: Carry out fraud checks on transactions involving your personal data to ensure that your payment is free from any fraudulent or suspicious activities.  

  2. Securing our systems: Making sure our (websites/internal systems) are safe and secure, working properly and that your personal data is secure. 

  3. Products and Services Improvement: How you interact with our products and services can also help us understand and meet your expectations, we can run market research or surveys using aggregatedinformation to see whichof our products or services you like and to get better insights into your needs. 

How We Collect Personal Information About You 

We collect personal information about you: 

  • Directly from you when you voluntarily provide it to us. 

  • Automatically as you navigate through the Site and from your browser or device. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, andothertracking technologies used by SRMS. 

  • Records and copies of your correspondence (including email addresses), if you contact us or submit an online request. 

  • Through an account profile, if you create one with us.  

  • When you contact us for assistance using our online chatbot 

  • Through user history on our Site.  

A.    Information You Provide to Us  

The information that you provide to us through our Site may include: 

  • Information that you provide by filling in forms on our Site. This includes information provided at the time of using our service, posting material, or requesting further services. We may also ask you for information when requestanassessment, purchase our products or services, talk with our employees, or when you report a problem with our Site. 

  • Records and copies of your correspondence (including email addresses), if you contact us. 

  • Details of transactions and reservations you carry out through our Site. You may be required to provide personal and financial information before using our Services and Site. 

  • Through creation of accounts through our Site.  

B.    Information We Collect About You Automatically   

As you navigate through and interact with our Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including: 

  •  Details of your visits to our Site, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Site. 

  • Information about your computer and internet connection, including your IP address, operating system, and browser type. 

We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Contact information on how you can opt out of behavioraltrackingon this Site and how we respond to web browser signals and other mechanisms that enable consumers to exercise choice about behavioral tracking. 

The information we collect automatically includes statistical and analytical data and, in some instances, personal information. We collect such data automatically because it helps us to improve our Site and to deliverabetter and more personalized Service, including by enabling us to: 

  • Estimate our audience size and usage patterns. 

  • Store information about your preferences, allowing us to customize our Site Interface according to your individual interests. 

  • Speed up your searches. 

  • Recognize you when you return to our Site. 

The technologies we use for this automatic data collection may include: 

  • Cookies (or browser cookies) [Link to Cookie Notice]. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookiesbyactivating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Site. Unless you have adjusted your browser setting so that it will refuse cookies,oursystem will issue cookies when you direct your browser to our Site.  

C.    Third-Party Use of Cookies and Other Tracking Technologies 

We do not use third parties to collect personal information. 

How we use your Information 

This section explains what we use your Personal data for, the business purposes or processes that require us to collect and use this data. 


Personal data   collection scenario 

Personal data used 

Why we collect such personal data   

Lawful basis for processing personal data   

Order management and fulfilment 

  • First name and surname 

  • Address  

  • Email address 

  • Telephone number  

  • Payment information  

  • Purchase  

  • Social media profile (where you login via your social media to our shop 

  • To process your order and to deliver it to your chosen address 

  • Ensure your transaction is secure and safe to prevent fraud. We may use a third-party provider to complete these transactions  

  • Run analytics on orders and transactions  

  • Manage any contact relating to your order  

  • Manage payments (credit card details/bank account) details are not collected by us, these are captured by our payment providers secure payment portals 

  • Remind you to finalize your products saved in the shopping cart or completing the checkout process  

  • Legal Obligation – means we must keep certain records of financial transactions  

  • Performance of a contract – we must fulfil the contract we agreed with you to sell and fulfil the order  

  • Legitimate interests – we must ensure our sites are secure from fraud and criminal activities  

  • Improve our products and services  

Events and Promotions  

Where your Personal data are collected during a promo tour, promotional offer, game, etc. 

  • Email address 

  • Phone number  

  • First name and surname  

  • Gender  

  • Address  

  • Social media profile (where you use your social media details, and you share with us)  

  • User generated content  

Run analytics and statistics  

Manage your participation in the event and promotion 

  • Legitimate Interest - Improve our products and services 

  • Performance of a contract – Provide any of the services or products that you may request from us during this event or promo 

Client Services 

Where you call, text or contact us using our chatbot for assistance with an order 

Email address 

First name and surname  

Address 

To assist in resolving issues regarding your order of our product or service  

Performance of a Contract – In order to assist in fulfilling our contract with you  

User Generated Content 

When you post your user generated content to the public and tag us in the post 

Social Media details  

First name and surname  

User Generated Content  

Product/services analysis and improvement  

Legitimate Interest – When you tag us in a user generated post that is public, we are interested in viewing that content  

a)    Profiling  

When we send or display personalized communications or content, we use a technique known as “profiling”. We process this personal data using an automated process toanalyze key criteria aboutindividuals such as (interests, location, shopping behavior etc.). Using the result of this analysis we may send or display personalized contents tailored toyour interests and/or needs. We make sureto have a valid legal basis to process your personal data when conducting such profiling activities (e.g., consent). You may have the right to withdraw this consentor to object to the processing of your data in sucha manner at any time during your engagement with us. Please see the “Privacy Rights” section below.  

b)    Automated Decision Making  

We use automated decision-making techniques for fraud prevention purposes when it comes to transactions placed on our websites/apps and/or devices. In addition, we may also usea third-party solutionproviders’ technology or tool to protect our systems, assets etc. against fraud. The fraud detection methods can be fully automated or have certain aspects of itcontrolled by human intervention,in all instances, we take care to ensure access to your personal data is limited.  

As a result of this automatic fraud detection techniques, you may be (i) asked to reconfirm a transaction via a different means, (ii) experience a delay in the processing of your order/request while we reviewatransaction and/or (iii) be asked to provide more evidence before a transaction or service can be allowed if a risk of fraud is detected. You have the right to request the information we have used to makethis decision andwhere we are allowed to, we will provide it. Please see the “Privacy Rights” section below. 

Data Controller and Joint Controller  

There are times we act as the Data Controller related to your personal information There are cases when we partner with our trusted partners and this responsibility is shared with such partners  

Our commitments with regards to your data are as follows:  

  • We will provide an opportunity for you to be able to exercise your legal rights. 

  • We will work with our partners to define roles and responsibilities for each partner with regards to your personal data. 

  • We will ensure transparency when it comes to what are the joint purposes that we use or have when it comes to processing your personal data.  

Who we share your personal data with 

In certain instances, we may share your personal information with other companies both in the United States and in other countries around the world. We may disclose aggregated information about our users, and information that does notidentifyany individual, without restriction. Where we share your personal information with third parties, we will put in place contractual measures to require them to take reasonable precautions to safeguard your personal information, asrequiredby applicable laws. 

We may disclose personal information that we collect, or you provide as described in this privacy policy: 

  • To our subsidiaries and affiliates. 

  • To contractors, service providers, and other third parties we use to support our business. 

  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all SRMS’s assets, whether as a going concern or as part ofbankruptcy,liquidation, or similar proceeding, in which personal information held by SRMS about our Site users is among the assets transferred. 

  • To third parties to market their products or services to you if you have consented to and/or not opted out of these disclosures.  

  • To fulfill the purpose for which you provided it.  

  • For any other purpose disclosed by us when you provide the information. 

  • With your consent. 

We may also disclose your personal information: 

  • To comply with an appropriate UK or EU court order, law, or legal process, including to respond to any appropriate government or regulatory request. 

  • To enforce or apply our Terms of Use and other agreements including for billing and collection purposes. 

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of SRMS, our customers, or others. This includes exchanging information with other companies and organizations for the purposes offraudprotection and credit risk reduction. 

For example: 

  • Service Providers. We may share information about you with companies we have chosen to handle our order dispatch service, any delivery company that we may use from time to time and with other companies that provide supportservicesto us, including website hosting companies, IT service providers and fraud management solution providers. We may also share your information with other companies who sell or promote our products and services, (including social mediaandinternet search platforms who you independently subscribe to), in order to provide you with an enhanced customer experience. In addition, we may also share certain limited information with companies who assist use with other services,forexample, in analyzing our customer data in order to better understand, profile and monitor customer patterns so we can consistently improve our products and services and understand what may be of interest to you and other customers.Ineach case, we will only provide these companies with the information which they need to carry out their services and they will not be permitted to use the information for other purposes. They will only be allowed to use your informationinthe way in which we instruct them and as permitted by applicable laws. 

  • Order Dispatch and Delivery Partners. Where your order is delivered by one of our third-party delivery or order dispatch service providers (e.g. FedEx and UPS), only that information necessary for theirdeliverypurposes is provided. The privacy policy of that third party delivery or order dispatch service provider may also apply where that service provider also processes your personal data in their capacity as a data controller underapplicabledata protection laws. For more information, please visit the privacy policy on the website(s) of the applicable delivery or order dispatch service provider which delivers your order. 

  • Financial Institutions, Payment Processing Partners and Fraud Management Solution Providers. Payments using our Site are made through our payment solutions providers. In such a case, you will be providing creditordebit card information direct to our providers who process payment details further. When you make a payment we may share your information, including details of your transaction, with service providers who provide fraud detectionandmanagement solutions related to your transaction.  

  • Legal Disclosures. In certain circumstances (where required or permitted under applicable laws or with your consent (if so required by applicable laws), we may disclose personal information relating to you to thirdparties(including in other jurisdictions) in order to conform to any requirements of law, to comply with any legal or regulatory process, for the purposes of obtaining legal advice, for the purposes of credit risk reduction, to prevent anddetectfraud, At all times where we disclose your information for the purposes of credit risk reduction, fraud prevention and/or sanctions screening, we will take all steps reasonably necessary to help ensure that it remains secure. 

Additionally, in the following situations, we may share personal data with outside parties: 

  • In connection with their content and advertisements, our Affiliates may collect personally identifiable information. For example: 

  • SRMS is an Amazon Associate. In connection with the Amazon Affiliate Program, Amazon may monitor, record, use and disclose personal data about you obtained in connection with SRMS’ display of special links and programcontent(please review the applicable terms and policies, including the privacy and data gathering practices of Amazon for more information); and  

  • SRMS has teamed up with Commission Junction LLC, a Conversant company (“CJ Affiliate”), to spread the word out about SRMS! CJ Affiliate may collect and share Personal data about you, such as your full name, home address,telephonenumber or email address, to help us provide digital advertising on browsers, mobile applications and televisions, in a variety of ways, from banner and video ads to coupon codes. For more information about CJ Affiliateor toopt-out, please review their applicable terms and policies. 

  • Subsidiaries and Site Consultants and Service Providers. We may disclose personal data to our subsidiaries, third party consultants and service providers (such as providers of hosting, support, maintenance; thirdpartypayment processing agencies; and remedial and repair services) to the extent that they require access to our databases, or the information contained in our databases, to service us and the Site. 

  • Reorganization or Sale. If we merge with or become a part of another organization, or if we are sold, we sell all or substantially all our assets, or we are otherwise reorganized, the information you provide willbeone of the transferred assets to the acquiring or reorganized entity. 

  • Aggregated Information. We may aggregate information that you provide with information provided by other individuals in such a manner that the information is not personally identifiable to you, and we may transfer thataggregatedinformation to third parties. 

  • We may make available services such as blogs, message boards and chat functionality to which you are able to post information and materials. Please note that any information you disclose through such services or otherwise on theSitebecomes public information and may be available to visitors to the Site and to the general public. In addition, when you choose to make a posting on such services certain Personal data will be available for otherusersto view. We urge you to exercise discretion and caution when deciding to disclose Personal data about you, or any other information, on the Site. WE ARE NOT RESPONSIBLE FOR THE USE BY ANY THIRD PARTY OFANY PERSONALDATA YOU VOLUNTARILY DISCLOSE THROUGH ANY SUCH SERVICES OR OTHERWISE ON THE SITE; and 

  • With your express consent. 

Personal data received from third parties  

Your information may be shared with us by independent organizations, for example, organizations that Sunday Riley works with to run partnerships, competitions and events or companies that provideservicesto us. 

These organizations will only share your information when there is a lawful basis for them to do so. You should check their Privacy Policies when you provide your information to them, it shouldhelpyou understand how they process and safeguard your data. Some of these organizations include:  

Social media and messaging services – Depending on your settings or the privacy policies for social media and messaging services like Facebook Inc, WhatsApp, Twitter, or Google incyoumay give us permission to access information from those accounts or services. 

Third party organizations – we may combine information you have given to us with additional information made available from/shared with us by external sources. We will only be able to do this wherewehave a lawful basis to do so. 

Cross-border data transfer 

This Site is hosted in the United States. In order to communicate with you about products, local events, offers and opportunities, the information that we collect from you may be transferred to, stored, used and processed by SRMS intheUnited States or one of our service providers based in the United States or outside of the United States. Such entities may be engaged in, among other things: (I) preparing and sending newsletters to which you subscribe; (ii) the processingofpayment details; and (iii) the provision of support services.  

If you are visiting from the European Union or other regions with laws governing information collection and use that may differ from United States law, please note that you are transferring your personal data to the United States.  

The laws of some countries may not provide the same levels of protection of personal data as your home country, particularly if you are resident in the European Union. For example, personal information stored in another jurisdiction, suchasthe United States, may be subject to access requests from governments, courts, or law enforcement in that jurisdiction according to its laws. Whether the personal information you provide to us is processed by us or services providers withintheUnited States, U.K. or EEA or outside of it, we will take reasonable steps to ensure that information about you is treated securely in accordance with this Privacy Policy, and that all information you provide to us is stored onoursecure servers or those of our service providers.  

By submitting information, you agree to the collection, transfer, storage, use and processing of information about you for the purposes described in this Privacy Policy. When you provide personal data to us or our service providers orvendors,you consent to the processing of your information in the United States as the Site is operated in the United States.   

Cookies and other tracking technologies  

We may use cookies, log files, clear gifs, and/or similar devices to identify you, to keep track of the user’s interactions with the Site, and to and enhance certain activities available on the Site. These devices are small text orotherelectronic files that are used for user-identification purposes, record-keeping purposes, and to increase the ease of use of the websites. We may use persistent or not-persistent cookies. Users can remove or reject persistent cookies byfollowingthe directions provided in their Internet browser’s “help” file. If a user removes a persistent cookie or rejects persistent cookies, the functionality of the Site, or any part thereof, may be impaired or unavailable. 

Third-party advertisers on the Site may place or recognize cookies and other technologies on your browsers in connection with their advertisements for statistical purposes; we have no control over cookies placed on the Site bythirdparties. 

Personal data over the Internet and other Sites  

The Internet is a global network and, therefore, there are times when information about you travels globally and may not always be completely secure. If you provide us with information over the Internet, this will be at your own risk. Byusingthe Site, you agree and authorize us to process information in this way. However, please be assured that we use commercially reasonable procedures and security features to prevent unauthorized access to information about you. 

To provide you with increased value, the Site may contain links to third party sites. These linked websites have separate and independent privacy policies or may have no privacy policy at all. We are not responsible or liable forthecontent, activities or privacy policies of such linked sites. Nonetheless, we seek to protect the integrity of the Site, and welcome any feedback about a linked site (including if a specific link does not work). 

Social Media and User Generated Content  

Our social media accounts and apps may allow users to submit contents generated by them. Please note that such contents generated and shared on our social media platforms is public and can therefore be viewed by anyone, pleasebecareful and avoid including certain details such as address details or financial information in these posts. We are not responsible for malicious use of personal data that has been posted on our social media platforms. 

Your Rights in Relation to Your personal Information 

You may have the following rights under applicable data protection laws: 


Your rights  

What does this mean? 

The right to be informed 

You have the right to be provided with clear, transparent and easily understandable information regarding how we use your Personal data, this also includes your rights. The details of how we use your information is providedinthis Privacy Policy.  

The right of access 

You have the right to access any personal data we hold about you (subject to certain restrictions). In exceptional circumstances we may charge a reasonable fee for providing this access although this would have tobepermitted by the law (e.g. Where your request is manifestly unfounded or excessive).  

The right to rectification  

You have the right to have your personal data rectified if it is incorrect or outdated and/or completed if it is incomplete. If you have an account, it may be easier to correct your own personal data usingthe“My Account” function. 

The right to erasure/right to be forgotten  

In some cases, you have the right to have your personal data erased or deleted. Although this is not an absolute right, there may be legal or legitimate reasons for retainingyour personaldata.    

The right to withdraw consent at any time for and personal data processing based on consent  

You can withdraw your consent to our processing of your personal data when such processing is based on consent. Where you withdraw your consent, this will not affect the lawfulness of our processing before yourwithdrawal.Please see the table in section “what personal data do we collect from you and how do we use it” specifically the section “What is our lawful basis for processing your personaldata?” to seewhere/when our processing is based on consent. 

The right to object to direct marketing, including profiling  

You can unsubscribe or opt out of our direct marketing communication at any time. The easiest way to do this is by clicking the “unsubscribe” link in the email or communication we send you or you can also follow otheropt-outinstructions we may communicate to you. In circumstances where you have the right to object to profiling you should contact us using the method listed below. 

The right not to be subject to a decision based solely on automated decision-making which produces legal effects or similarly significant effects 

You may have the right not to be subject to such types of automated decisions-making about you, except in circumstances where (I) you gave us your explicit consent to use your personal data to make our decision; (ii)weare allowed by law to make our decision; or (iii) our automated decisions were necessary to enable us to enter a contract with you.  

The right to lodge a complaint with a supervisory authority 

You have the right to contact the data protection authority of your country to lodge a complaint against our data protection and privacy practices. Do not hesitate to contact us at the details below prior to lodging suchcomplaintswith the relevant data protection authority as we will always seek to resolve your complaint in the first instance.  

The right to data portability  

You have the right to move, copy or transfer personal data from our database to another. This only applies to personal data that you have provided, where processing is based on a contract or your consent, andtheprocessing is carried out by automated means. See the table in the section “What information we collect about you and why” to see where/when our processing is based on consent or the performance of a contract. 

The right to restriction  

This right means that our processing of your personal data is restricted, so we can store it, but not use nor process it further. 

They apply in the following limited circumstances set out below: 

  • The accuracy of the personal data is contested by you, for a period to allow Sunday Riley Modern Skincare to verify the accuracy of the personal data.  

  • Sunday Riley Modern Skincare no longer needs your personal data for the purposes of its processing, but you require the personal data for the establishment, exercise or defenseoflegal claims. 

  • You object to Sunday Riley Modern Skincare’s processing of your personal data based on our legitimate interests, pending verification whether the Sunday Riley Modern Skincare’s legitimate grounds override yourrightsand freedoms.  

How can I exercise these rights?  

For more information on how to requests any of the rights listed above, please contact us using the email address listed in the “How to contact us” section of this page.  

a)    Marketing/Promotional Communications and opt-out  

At any time, you can add your name to a SRMS marketing and/or promotional list by contacting us at hello@sundayriley.com. If at any time you would like to stop receiving marketing and/orpromotionalinformation from SRMS, you can opt-out by (1) emailing us at hello@sundayriley.com or(2) byclicking on the unsubscribe link in the bottom of SRMS promotional emails or text messages sent to you. We will endeavor to comply with your request as soon as reasonably practicable. Please keep in mind that if youopt-out ofreceiving promotional messages from this Site, we will continue to send you transactional messages and important account-related information on products or services offered through this Site. 

Retention and deletion of personal data    

We retain your personal data according to our retention policy and only if it is required for the purposes, we have stated in this Privacy Policy. There are instances where we arerequiredby law to hold on to this data for longer periods if required in connection with a legal claim or proceeding, or to comply with other legal obligations. In the case that you wish to cancel your registration as a memberof theSite once an account is deleted, we will not use the personal data about you other than for administrative purposes. Where you contribute to the Site, we will generally only keep your content for as long as is reasonably required forthepurpose(s) for which it was submitted. Where we no longer have a lawful basis to process your data, we will dispose it using the required standards such as deletion or anonymization.  

Children  

Our websites, online services and products are not directed at children. We do not knowingly solicit or knowingly collect personal data from children under the age of 16. If you are under 16, you may not useourSite.  

 

If we become aware that you are under this age and are attempting to or have submitted Personal data via the Site, we will not accept such information and we will take steps to remove such information from our records. This may involveushaving to access and verify your age and other relevant details. 

Changes to this Notice  

We reserve the right to amend our privacy policy at our discretion and at any time. When we make changes to this Privacy Policy, we will post the updated notice on the Site and update theNotice’seffective date. Your continued use of the Site following the posting of changes constitutes your acceptance of such changes.   

How to Contact Us 

If you have any questions or comments about this notice, the ways in which SRMS collects and uses your information described here, your choices and rights regarding such use, please do not hesitate to contact our DataProtectionOfficer: 

 

Sunday Riley Modern Skincare, LLC 

Attn:  

4444 Westheimer Rd, Ste G305 

Houston, TX 77027  

Phone: 346 220 1719 

 

“If you are located in the EEA or the United Kingdom and have questions about your personal data or would like to request to access, update or delete it, you may contact our representative at:

Bird & bird GDPR Representative Services SRL

Avenue Louise 235

1050 Bruxelles

Belgium

Key contact: Vincent Rezzouk-Hammachi

 

Bird & Bird GDPR Representative Services UK

12 New fetter Lane

London

EC4A 1JP

United Kingdom

Key contact: Vincent Rezzouk-Hammachi

 

If you need access to this Notice in an alternative format due to having a disability, please contact us by email at hello@sundayriley.com or via phone at 346 220 1719.