Effective Date: July 1, 2019
By using the Site or placing any order, you agree on behalf of yourself and any organization that you represent (together, “you”) that you have read and understand this Policy. We may modify this Policy at any time. All changes will be effective immediately upon posting to the Site. Material changes will be conspicuously posted on the Site or otherwise communicated to you. By using the Site after changes are posted, you agree to those changes.
We Collect Data You Provide
Personal Information. You can visit the Site without submitting personal information. If you elect to provide information that personally identifies you (“Personal Information”) such as your name, email, mailing address, zip code, phone number, or payment data, we will collect, use, and share it pursuant to this Policy and applicable law.
Personal Information is required to use certain Site features, for example, to create online accounts, purchase products or services, contact us via email, phone, or our Contact Us form (where we may retain your message’s content and our response), submit job application materials, receive or request data from us (e.g., catalogs, newsletters, order status), and respond to communications from us (e.g., surveys and promotional offers).
MNC Accounts. To create an online account, you must submit your name and email address, and create a password. This data is used to populate a profile within your account.
Order & Payment Data. To make purchases through the Site, you must submit your name, credit or debit card type, number, expiration date, security code, and billing address. All credit and debit card data is provided directly to our PCI-compliant third-party payment processor, which may include Apple Pay, Google Pay, BAMS, PayPal and Avalara. If you elect to use third party payment platforms for your purchase, you understand that your payment and purchase information is provided to such third party platform, which we do not control. We encourage you to review the terms and privacy policies of third party payment platforms that you may elect to use. We do not directly access, handle, or store your credit or debit card data. We may keep a record of your purchases. We store your payment card’s last four digits to facilitate future orders.
Job Application Materials. To submit job application materials, you may send an email to MNC or submit your information via the form on the Site. All data related to job applications is submitted directly to us. If you submit job application materials, we may use the contents to evaluate your qualifications and respond to you. Submission of materials does not require us to review them or consider you for employment.
Marketing Communications; Opt Out. If you opt in to receive marketing communications from us, you must submit your name, email, mailing address, and phone number. We use this data to send you promotional and other electronic and hardcopy communications. We may use third-party providers to deliver communications to you. You may opt out of such emails by using the unsubscribe link in the email or contacting us at firstname.lastname@example.org with “Unsubscribe” in the subject line. To opt out of other communications (e.g., postal marketing and telemarketing), please contact us. Opting out of marketing communications does not opt you out of communications about your account or purchases.
Sweepstakes & Contests. We may offer sweepstakes or contests. To participate you must submit certain data, which may include your name, email, organization name and type, phone number, physical address, and other Personal Information. Data collected via sweepstakes and contests will be (i) used to contact you with promotional and related communications, (ii) shared with third-party vendors, and (iii) subject to additional terms provided to you at such time. We sometimes may offer contests, promotions, editorial features, or other activities or offerings that are sponsored or co-sponsored by or presented with identified third parties. By virtue of your participation in such activities or offerings, your Personal Information and other Collected Information that you voluntarily submit may be provided to such third parties.
Live Chat Conversations. If you use a Site chat feature, we will collect all text and other data that you submit via that chat feature. If you use a chat feature while signed into your MNC account, we may link the submitted data to your account.
Data Automatically Collected
Account Activity. We will collect data about how you use (i) your online account, and (ii) the Site when you are logged into your account.
IP Addresses, Cookies, & Similar Tracking Technologies. When you use the Site, we and our Site vendors use technologies such as cookies (i.e., small pieces of data stored on your device’s hard drive by your browser), web beacons, pixel tags, and similar technologies to automatically collect internet protocol addresses assigned to the computers and other devices you use, your internet service provider, device ID number, approximate geographic location, browser type, Site pages visited, websites you access before and after visiting the Site, and data related to how and when you use the Site (e.g., date and time stamps, clickstream data, and data about search terms and websites that direct you to the Site). We may combine this Collected Data with other Collected Data (including Personal Information) and data obtained from third parties.
The Site may use session, persistent, and flash cookies (local stored objects) to collect and store data about your preferences and navigation to, from, and on our Site. Session cookies are used to complete transactions and for other purposes such as counting visits to certain webpages. Session cookies are eliminated when you exit your browser. Persistent cookies may be stored on your computer by your browser. When you log in, persistent cookies tell us if you have visited the Site before or if you are a new visitor.
Flash cookies differ from browser cookies regarding the amount and types of data collected and how the data is stored. Cookie management tools provided by your browser will not remove and cannot manage Flash cookies. To learn about managing your Flash cookie settings, visit the Flash player settings page on Adobe’s website here.
Most browsers automatically accept cookies. You can disable this function, but disabling cookies may impact your use and enjoyment of the Site.
Do Not Track Requests. Due to the automatic collection of data using cookies, we do not honor “do not track” requests.
Analytics. We may occasionally enable and implement various analytics tools, such as Google Analytics, which is an analytics tool provided by Google to collect and process Collected Data consisting of certain telematics about your use of the Site. Google sets and reads cookies to collect such Collected Data and your web browser will automatically send such Collected Data to Google. Google uses this data to provide us with reports that we use to improve the Site’s structure and content.
Online Behavioral Advertising. We may occasionally use advertising networks and services provided by third-party vendors. These services collect data about your interactions with the Site and other websites across the internet and use such data to target personal content and advertisements for goods and services. The data collected may be associated with your Personal Information. The targeted content and advertisements may appear on the Site and on other websites and may be sent to you via email. Advertising networks often gather data about consumers who view advertisements to make inferences about a consumer’s interests and preferences, which enables the delivery of advertisements directly targeted to the consumer’s specific interests. This practice is often referred to as “online behavioral advertising.”
To change your preferences with respect to certain online ads and to obtain more information about third-party ad networks and online behavioral advertising, visit the National Advertising Initiative Consumer opt-out page or the Digital Advertising Alliance Self-Regulatory Program. Changing your settings with individual browsers or ad networks will not necessarily carry over to other browsers or ad networks. As a result, depending on the opt-outs you request, you may occasionally still see our ads.
Social Media. We are active on social media, including Facebook, Twitter, YouTube, Pinterest, and Instagram (“Social Media”). You may comment on Social Media regarding MNC and our products and services.
Anything you post on Social Media is public information and will not be treated confidentially. We may post (or re-post) on the Site and our Social Media pages any comments or content that you post on our Social Media pages. You agree to hold MNC and its affiliates harmless and without liability for the results of any and all content you post on MNC’s Social Media.
Your use of Social Media is governed by the privacy policies and terms of the third parties that own and operate those websites and not by this Policy. We encourage you to review those policies and terms.
The Site may use advertising networks and services offered by Social Media to deliver advertising content. Use of these services requires Social Media to implement cookies or pixel tags to deliver ads to you while you access the Site.
Videos; Embedded Content. The Site may contain videos and embedded content provided by MNC or third parties, including visible content and/or feeds scripts embedded in the Site’s code. MNC and such third parties may collect data about how you interact with such content (e.g., YouTube may collect usage data on videos embedded on the Site as described in YouTube’s Policy). By watching the videos and interacting with such content, you agree to the collection and use of such data.
Data from Other Sources. We obtain data about individuals from various third-party companies and public sources, which data may be Personal Information, and we may combine that data with Collected Data. This enhances our existing data about our users and customers (e.g., adding address data) and improves our marketing efforts.
How We Use & Share Collected Data
Beyond the uses and sharing described above, MNC and its vendors may use and share Collected Data (including Personal Information) as described below. We do not sell or rent Collected Data except as stated in this Policy and as permitted by applicable law.
Franchisees. During checkout, you will be asked if you want your Personal Information shared with an independently owned Merle Norman® Cosmetics Studio. If you select a Merle Norman® Cosmetics Studio to receive your Personal Information, we will share that Personal Information with that selected location.
Affiliates, Vendors, & Other Partners. We may share Collected Data with our affiliates, third-party vendors, service providers, suppliers, consultants, agents, distributors, sales representatives, resellers, and other partners (including Site management and hosting, payment processing, online storefronts, webinars, marketing and public relations, third party shipping companies, inventory management and post-purchase processing companies, and email service providers) that provide services to us (e.g., to support the delivery of, provide functionality on, or help to enhance the security of the Site or our products and services) or otherwise process Collected Data for purposes described in this Policy or communicated to you when we collect such data. The parties described in this paragraph are authorized and may use and disclose Collected Data as needed to provide the applicable services to us and as provided by their own privacy policies.
Aggregation. We may use Collected Data to create anonymous aggregate data. We may use and share such aggregate data with our affiliates, vendors, and other third parties to: (1) analyze, develop, and improve the content, products, and services that we make available, (2) inform business strategies, (3) understand the Site’s demographics and user preferences, (4) customize promotional emails and users’ Site experience, and (5) for other lawful purposes.
Law Enforcement, Security & Protection of Rights. We may use Collected Data and share it with third parties, including law enforcement and government officials, if we believe it is needed to operate the Site or to protect our rights or the rights of others, including sharing data needed to identify, contact, or bring legal action if our contracts, terms, or policies are violated or if required by law.
Business Transactions. All Collected Data is exclusively our property, unless otherwise expressly prohibited by law. If we undergo a change or contemplated change in control, acquisition, merger, reorganization, or asset sale, all Collected Data may be transferred, sold, shared, or otherwise shared with potential and actual successors, which will be bound by this Policy as it applies to Collected Data.
With Your Consent. With your consent, we may use or share Collected Data in ways not specifically described in this Policy.
Data We Do Not Intend to Collect
“Special Data” is any data that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that involves genetic or biometric data or data concerning health or sexual orientation. We do not intend to collect any Special Data from you. Please do not provide Special Data to us.
We are committed to protecting children’s privacy. The Site is not directed at children under 13 years of age. We do not knowingly collect, use, or share data from children under 13. If a parent or legal guardian learns their child provided us with Personal Information without his or her consent, please contact us.
We use commercially reasonable technical and organizational measures to help secure all Collected Data against loss, misuse, and alteration. While we cannot guarantee it, we use industry-standard protections to help safeguard against such occurrences. If a breach of our systems occurs, we will notify you of the breach only if and as required under applicable law.
You understand that no data transmission over the internet or a mobile device can be guaranteed to be 100% secure. While we strive to protect your Personal Information, we do not guarantee the security of Personal Information and you provide Personal Information at your own risk.
Access from Outside the United States
This Site is operated and maintained by MNC from the United States and is intended solely for a United States audience. If you access the Site from outside the United States, please be aware that Collected Data will be transferred to, stored in, and processed in the United States. U.S. data protection and related laws may not be as comprehensive as those from where you access the Site.
Retention of Personal Information
We will retain your Personal Information while you have an account with us and thereafter for as long as we need it for purposes not prohibited by applicable laws. Thereafter, we will either delete your Personal Information or de-identify it so that it is anonymous and not attributed to your identity. Your rights to request that we correct or delete your Personal Information are set forth in the next section.
Accessing, Correcting, and Deleting Your Personal Information
While we take reasonable steps to accurately record the Personal Information that you provide to us, we encourage you to review, update, and correct the Personal Information that we maintain about you.
You may request access to the categories and specific pieces of Personal Information about you that we have collected and the categories of third parties to whom we have disclosed it for business purposes. You may also request that we delete or modify your Personal Information that we have that is inaccurate, incomplete, or irrelevant for legitimate purposes, or are being processed in a way which infringes any applicable legal requirements, by contacting us as set out in the “Contact Us” section below. We may ask you to verify your identity and to provide other details before we are able to provide you with any information, correct any inaccuracies, or delete any information. If you are unable to verify your identity, we have no obligation to comply with your request. Your submission of any of these requests will not impact your ability to use the Site or purchase products from us.
Your right to review, update, correct, and delete your Personal Information may be limited, subject to the law or your jurisdiction: (i) if your requests are abusive or unreasonably excessive, (ii) where the rights or safety of another person or persons would be encroached upon, or (iii) if the information or material you request relates to existing or anticipated legal proceedings between you and us, or providing access to you would prejudice negotiations between us or an investigation of possible unlawful activity. Your right to review, update, correct and delete your information is subject to our records retention policies and applicable law, including any statutory retention requirements. At our election, instead of deleting such information, we may retain it with your comment or correction noted in our records.
If you have questions or concerns regarding this Policy, Contact Us online, or by mail at:
Merle Norman Cosmetics, Inc.
9130 Bellanca Avenue
Los Angeles, California 90045