1. APPLICATION OF THIS PRIVACY POLICY
This Privacy Policy (“Privacy Policy”) applies to any user of our Website (aestheticpoints.com) (“Website”) or Mobile Application (“Mobile App”) and explains how we collect, use, share and otherwise process information relating to natural persons (“Personal Information”) that users provide on our Website or in our Mobile App (collectively, our “Platform”).
2. CONSENT
You acknowledge that by using our Platform, you indicate to us that you have read this Privacy Policy and consent to our Privacy Policy and agree to its terms.
3. INFORMATION WE COLLECT
We collect information, including Personal Information that users provide, only where we have a lawful basis to do so. Lawful bases on which we rely include your consent where you have given it, contract where processing is necessary for us to perform our obligations pursuant to a contract with you, and legitimate interests of our business such as operating and providing our Platform to you.
We collect, store, and use information we get from your use of our Platform, which may include the following categories of information (which, for clarity, includes Personal Information):
– Your name, email address, postal address, zip code, country, company name, telephone number, profile images, and any other information and/or attachments you may share with us when you register for an account on our Website or in our Mobile App.
– Details of how you use our Website or Mobile App.
– Data relating to your participation in our programs, services, and offerings, including information about products and treatments and health conditions that are of interest to you or that you may have received.
– Data relating to your activity on our Platforms, including information about how you interact with other users of our Website or Mobile App.
– Health-related information that may be considered sensitive personal data, such as information about a physical or mental health condition, treatments you may have received, safety and health information in relation to any of our products or services, or health insurance information; medical, allergy, biometric, or other health and aesthetic related information (e.g. treatment history, rewards program history, treatment date, treatment type, treating healthcare professional).
– Your internet protocol address (i.e., IP address) and, if you access the Website from our Mobile App, mobile device identifiers and non-email authentication.
– Details of financial transactions you participate in on our Platform, including your order history, the amount, currency, and method of payment, and payment card information.
– Browser and device information, including information about your hardware and software, such as the hardware model, operating system version, device memory, advertising identifiers, unique application identifiers, apps installed, unique device identifiers, device usage data, browser type, keyboards installed, language, battery level, time zone and information collected through Tracking Technologies (as defined below), such as cookies, pixel tags, and other technologies.
4. HOW WE USE THE INFORMATION WE COLLECT
We use the information we collect for a variety of purposes, including to: (i) develop, provide, operate, and maintain our Platform (ii) improve, personalize, and expand our Platform (iii) understand and analyze how you use our Platform (iv) develop new products, services, features and functionality (v) enhance the safety and security of our Platform (vi) communicate with users, either directly or through one of our partners or advertisers, including for customer service or to provide you with updates and other information relating to our Platform (vii) provide, personalize, and improve advertising, marketing and promotions on our Platform (viii) provide the Aesthetic Points Rewards Program and other products or services (ix) investigate and enforce conduct violating our Terms and Conditions (x) to comply with a legal obligation, process, or demand and (x) verify your identify and prevent fraud or other unauthorized or illegal activity.
5. INFORMATION WE SHARE WITH OTHERS
We may share your Personal Information with the following:
Vendors We may share your information with vendors that provide business, professional, or technical support functions for us, help us operate our business and our Platform, or administer activities on our behalf.
Healthcare Professionals
To administer the Aesthetic Points Rewards Program, we may share your information (including your aesthetic information) with your healthcare professional.
Business Partners and Affiliates
We may share your information with our select partners, affiliates, your healthcare professional(s) and other parties for their business, operational, promotional, and marketing purposes. These entities’ use of such information is subject to their respective privacy policies.
Legal Matters; Safety
If you contact us regarding your experience using our products or services, we may use the information you provide to us to submit reports to the U.S. Food and Drug Administration or other similar health and medicine government agencies, and as otherwise required of us by law. We also may use the information to contact your prescribing physician to follow up regarding an unexpected event involving the use of our products or services. In certain limited circumstances, we may need to disclose Personal Information to comply with a legal obligation, process, or demand and for reasons of public interest, such as to comply with reporting obligations to our governing regulatory authorities regarding the safety of our products or services, in response to a subpoena, or to meet national security or law enforcement requirements. In addition, we may disclose Personal Information to our external auditors, attorneys, accountants, and similar professionals based on our legitimate interest in the operation of our business and our obligations to comply with applicable laws and regulations.
Sale or Transfer of Business or Assets
We may sell or purchase assets during the normal course of our business. If another entity acquires or intends to acquire us or any of our assets, information we have collected about you may be transferred to such entity. In addition, if any bankruptcy or reorganization proceeding is brought by or against us, such information may be considered an asset of ours and may be sold or transferred to other parties.
6. USE OF TRACKING TECHNOLOGIES
We, or third parties we do business with, may use certain technologies such as web beacons, web storage, and unique advertising identifiers to automatically log files and other information about your usage of, and the devices you use to access, our Platform (“Tracking Technologies”). These Tracking Technologies log visitors when they visit websites or use mobile applications and collect information, including: internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), access times, pages viewed, referring/exit pages, and number of clicks. Information derived from the Tracking Technologies are not linked to any information that is personally identifiable, and the purpose of the information is for analyzing trends, administering our Platform, tracking users’ movement on our Platform, and gathering demographic information.
7. COOKIES AND WEB BEACONS
Like most other websites and mobile applications, our Website and Mobile App use cookies and other technologies. These cookies are used to store information including visitors’ preferences, and the pages on the Website that the visitor accessed or visited. The information is used to optimize the users’ experience by customizing our web page content based on visitors’ browser type and/or other information. You can choose to disable cookies through your individual browser options. For more detailed information about cookie management with specific web browsers, please visit the browsers’ respective websites.
8. ADVERTISING PARTNERS’ AND THIRD-PARTY PRIVACY POLICIES
Third-party ad servers or ad networks may use technologies like cookies, JavaScript, or web beacons that are used in their respective advertisements and links that appear on the Website or Mobile Application, which are sent directly to users’ browser. The third-party ad servers or ad networks automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.
Our Platform may contain third-party content and integrations. Through these integrations, you may be providing information to the third party as well as to us. We are not responsible for how those third parties collect or use your information. We encourage you to review the privacy policies of every third-party service that you visit or use, including those third parties you interact with through our Platform.
THIS PRIVACY POLICY DOES NOT APPLY TO OTHER ADVERTISERS, THIRD-PARTIES, OR WEBSITES. We have no control over these websites and they are subject to their own terms of use and privacy policies. As such, we do not endorse and are not responsible for the availability of, or for any content, advertising, products, or other materials on or available from these third-party websites.
9. CALIFORNIA CONSUMER PRIVACY ACT (“CCPA”) PRIVACY RIGHTS
If you are a California resident, you have the right to request information from us regarding the manner in which we share certain categories of your Personal Information with third parties for the third parties’ direct marketing purposes. California law provides that you have the right to submit a request to us and receive the following information: (a) the categories of information we disclosed to third parties for the third parties’ direct marketing purposes during the preceding calendar year; and (b) the names and addresses of the third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed. You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. To make a request, please contact us. If you make a request, we will respond within one (1) month of receipt of any such request.
10. GENERAL DATA PROTECTION REGULATION (“GDPR”) DATA PROTECTION RIGHTS
We would like to make sure you are fully aware of your data protection rights. Every user is entitled to the following:
Right to Access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
Right to Rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
Right to Erasure – You have the right to request that we erase your personal data, under certain conditions.
Right to Restrict Processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
Right to Object to Processing – You have the right to object to our processing of your personal data, under certain conditions.
Right to Data Portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we will respond within one (1) month of receipt of any such request. If you would like to exercise any of these rights, please contact us.
11. HEALTH DATA & COMPLIANCE
Through your use of our Platform or participation in the Aesthetic Points Rewards Program, we may receive, and may further share as described in this Privacy Policy, health data subject to the Health Insurance Portability and Accountability Act of 1996, as amended, and implementing regulations (collectively, “HIPAA”). The health data we receive is deidentified based on either HIPAA’s “safe harbor” method, which means that certain direct identifiers are removed from the health data, or HIPAA’s expert determination method, which means that a qualified statistician reviewed the health data shared with us and confirmed that there is a very small risk that an individual could be identified from the remaining health data. When data is deidentified in accordance with either HIPAA’s expert determination or safe harbor method, there is a very small, but not zero, chance that the deidentified health data could be linked back to a specific individual. Deidentified data is not protected by HIPAA.
12. CHILDREN’S INFORMATION
Our Platform is not directed to individuals who are under the age of sixteen (16) and we do not solicit nor knowingly collect Personal Information from children under the age of sixteen (16). We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity. If you believe that we have unknowingly collected any Personal Information from someone under the age of sixteen (16), we strongly encourage you to contact us immediately and we will use our best efforts to promptly remove such information from our records.
13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our privacy practices. We advise you to review this page periodically for any updates, and we will notify you of any changes by posting the new Privacy Policy on this page. Any updates to the Privacy Policy are effective upon publication on this page.
Contact Us
If you have questions or require more information about our Privacy Policy, please do not hesitate to contact us.