1. INFORMATION COLLECTION
This Site collects information about you to provide and improve our services, communicate offers that we believe will interest you, and to administer our business.
Information You Provide to Us
We collect personal information from you when you submit that information to us voluntarily. For example, we collect information from you when you:
• place an order on the Site;
• create an account on the Site;
• participate in our rewards program;
• communicate with our customer service team online;
• participate in an Your Derma Care promotion, such as a sweepstakes or contest;
• post a tagged photo or other content on a third party social network in response to our request; or
• post a product review, question, answer, or other information on the Site;
The personal information we collect may include the following: email address, mailing/billing address, phone number, payment card number, and other payment information. Collecting this information allows us to complete your order efficiently, to notify you of your order status, and provide personalized interactions. If we ask for such information from you, we will either tell you how we will use the information or we will use it in conformity with this Privacy Policy.
We may use the personal information you provide to allow you to send message to your friends via this Site. When you use these features on our Site, you represent to us that you are entitled to use and give us your friend’s name and contact information, including email address.
Information from Third Party Sources
We may collect information about you from third parties. Such information may include demographic data (like the number of members of your household, age, and gender) and purchase preference information. We may use this information to supplement or update our records, improve the quality or personalization of our communications to you, and help prevent or detect fraud.
Automated Information Collection
We automatically receive and store certain types of information when you interact with our Site, our emails, and/or our online advertisements. This information helps us to make our Site work more efficiently, evaluate use of our Site, and support our website analytics and marketing campaigns. Here are some of the types of information we may automatically receive:
• Technical information like your internet protocol (IP) address, your device operating system and browser type, your referring website’s address, and your clickstream through our Site
• Cookies that recognize you as you use or return to our Site. The cookies allow the Site to provide you a more continuous and personalized shopping experience. Cookies are small text files that a website or email saves to your browser and stores on your hard drive.
• Web beacons that allow us to know what pages on our Site have been visited, what emails have been opened, and if our banner ads have been effective.
Cookies
Our Site uses cookies. Cookies are pieces of information that a website transfers to your computer’s hard drive for record-keeping purposes. We use cookies to track your preferences and purchases as you navigate through our Site and to save you from having to re-enter information every time you visit our Site. By using cookies to track your visits, we can make your next shopping experience on our Site better. To search our Site and/or place an order, you need to have the cookies feature of your web browser turned on. We may also use technologies, such as our own cookies, to provide you with personalized online display advertising tailored to your interests. Most web browsers allow you to exercise control over cookies by deleting them, blocking them, or alerting you when a cookie file is stored. Please review your browser’s instructions on these functions. If you choose to disable the cookies feature of your web browser, you may not be able to place an order or otherwise use some or all of the features provided on our Site. If you disable, block, or delete cookies, not all of the tracking described in this Privacy Policy will stop.
Interest-Based Advertising
We collect personal information about users over time and across different websites when you use this Site. We also have third parties that collect personal information this way. For example, we may use one or more third-party online advertising networks to serve ads on our behalf on third party websites. The third-party ad network may collect information about your visits to our Site and your interaction with our online ads. For example, it may keep track of how many of our ads you saw before visiting our Site. This is primarily accomplished using technology such as cookies, action tags, web beacons, and/or GIF tags which are placed in various places within our Site and our online ads.
We may share information with third-party ad networks in an aggregate form to help us analyze and improve our Site and our online ads. The third-party ad networks may use information about your visit to our Site and other websites in order to provide you with ads about goods and services that may be of interest to you. For example, if you browse for information about mascara products on our Site or on third party websites, we or the online ad network may show you ads for mascara products. If you would like more information about this practice or the process of opting out of online ad networks, please visit http://www.networkadvertising.org/managing/opt_out.asp. If you opt-out of interest-based ads, you will still see ads on websites you visit, but those ads will not be based on your browsing behavior.
Some browsers have a ‘do not track’ feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so our Site is not currently designed to respond to those signals.
Website, Wi-Fi Service, internet service, and Mobile Application
When you access, download, or use our Site (defined above), we may receive information about the device you are using. This information may include, but is not limited to, the type of device you use, the temporary or persistent unique device identifier (UDID) placed by us or our service providers, the unique identifier assigned by Your Derma Care to your device, the IP address of your device, your operating system, the type of browser you use, and data from the way you use our Site.
Our Site may also collect information about the location of your device. For example, the IP address of your device may reveal information about your approximate location. Your device should require you to provide permission before our Site obtains precise geolocation information from a browser’s geolocation API or from technologies like GPS, Wi-Fi, and/or cell towers. We and our service providers may use this approximate location and/or precise geolocation information, along with other information submitted by you, to provide you with location-based services like local store information, search results, special offers, and other personalized content.
Most browsers and mobile devices allow users to enable or disable precise geolocation using pop-ups or controls located in the settings menu. If you have questions about how to disable your device’s precise geolocation services, please contact your browser developer, mobile service carrier, or device manufacturer. You may also stop collection of precise geolocation information by our mobile application by uninstalling the mobile application using the standard uninstall process available as part of your mobile device.
If you uninstall our mobile application from your device, the unique Your Derma Care identifier associated with your device may continue to be stored. If you re-install our mobile application on the same device, Your Derma Care may be able to re-associate this identifier to your previous transactions.
Social Media Widgets and Single Sign-On Services
This Site uses third party social media widgets such as buttons or similar mechanisms from Facebook,Twitter, Instagram, Pinterest, YouTube, and/or FourSquare. Such third party features may collect information about you, like your IP address and the page(s) you visit on the Site. They may also place cookies on your device. These social media widgets are either hosted by a third party or by our Site. Your interactions with those features are governed by the privacy policies of the third party social media networks that provide them.
Children Under 13 Years of Age
This Site is directed to adults, and does not knowingly collect personal information online from children under the age of 13 without prior parental consent. If you are the parent or guardian of a child under the age of 13, and you believe your child has provided personal information to our Site that you would like us to delete, please Contact Us
Virtual Beauty Information
The collection of “Virtual Beauty Information” is governed by the Virtual Beauty Try-On Additional Terms and Conditions in the Site Terms & Conditions.
2. INFORMATION USE, DISCLOSURE, AND SHARING
The information we collect on this Site may be used to fulfill your requests (such as product orders and responses to email questions), to support our core business functions (such as order fulfillment, internal business process management, authentication, loss and fraud prevention, and public safety functions), and to communicate with you about our product offers and promotions. When you create an account with us, we offer the opportunity to become a member of Your Derma Care’s Loyalty Program, so you may receive future discounts, gifts and Your Derma Care e-mail. You can also sign up for our e-mail list by providing your e-mail address through our Site services or our affiliated retail stores.
To accomplish these purposes, we may combine information about you that we collect online, in our stores, via mobile applications, and from third party sources. We may also transfer or disclose your information within our corporate family of companies for these purposes.
We may make third party services, including third party applications, available to you on this Site. You may choose to allow us to share your information with those third party services. We require such third party services to give you notice of their privacy policy so you can review it before authorizing them to access your information.
We may disclose your personal information to identify you to anyone to whom you send messages via the Site. You may also disclose your own personal information on interactive services such as message boards, product reviews, question-and-answer pages, profile pages, and social network features offered by us or by third parties. Information you post or disclose through such interactive services may be available to the general public. Please exercise caution when deciding whether to disclose your personal information, location, or similar information via this Site.
We may disclose the information we collect about you (including personally identifiable information) to third parties to comply with applicable laws, regulations, and/or governmental requests. We may also disclose such information to verify or enforce compliance with our Terms & Conditions and this Privacy Policy, to process and fill your order, reduce credit risk, protect against fraud, protect against misuse or unauthorized use of our Site, or when we believe in good faith that the law requires such disclosure. We may also disclose such information to a successor entity in connection with a merger, consolidation, sale of assets or other corporate change affecting the Site.
We may share personal information in connection with financial products or services related to our business such as private label credit cards. We may also share personal information in connection with co-branded product or service offerings. For example, when you apply for an Your Derma Care credit card (co-branded or private label), we may share your personal information with our banking partners that issue the card.
We may share the information collected on our Site with agents or contractors who provide support for our internal operations. Such entities may receive personally identifiable information to allow them to perform their duties, but they may not use that information for any other purpose. In some instances, we may share non-identifying and aggregate information collected on our Site with third parties, such as our merchandise vendors and service providers.
3. SECURING YOUR INFORMATION
Your Derma Care works to protect your personal information and credit card detail when you shop with us online. We use Transport Layer Security (TLS) technology – the industry standard – to encrypt the personal information and credit card detail you provide during the order process.
To ensure the security of your personal information, you should always provide that information over a secure connection. You can check the existence of a secure connection in one of two ways:
(1) Look at the URL in your web browser. Whenever you are connected to a secure server, that connection will be represented in the URL as “https,” rather than “http.”
(2) Look at your web browser. You have an SSL connection if you see a closed lock or a solid key. If you click on this image, a small pop-up window displaying website security information will appear.
We urge you to protect your own privacy. We recommend that you do not share your Site password(s) with anyone or in any unsolicited phone call or e-mail.
While our Site strives to ensure the integrity and security of our network and systems, Your Derma Care cannot guarantee that our security measures will prevent third-party hackers from illegally obtaining this information.
4. PUBLIC FORUMS
Please remember that any information you may disclose in public areas of our Site or the Internet becomes public information. You should exercise caution when deciding to disclose personal information in these public areas.
5. CONTACTING US
If you have any questions, please Contact Us by clicking the link or by calling 800-208-5074 to reach Your Derma Care Guest Services.
6. OPTING OUT
If you would like to stop receiving promotions, updates and/or special offers at any time, you may e-mail us at info@yourdermacare.com with a statement requesting that you wish to cancel your Loyalty Club membership or that you would like to opt out of Your Derma Care e-mail promotions, updates and special offers. Please allow sufficient time for your request to be processed. It may take up to 10 days to process an email opt-out request, and 4-6 weeks for other requests.
7. LINKS TO THIRD PARTY SITES
Our Site may include links to websites/applications that are owned or operated by third parties. Please note that this Privacy Policy does not cover the practices of those websites/applications. We encourage you to review the privacy policies on those websites/applications to see how they collect and use information.
8. HOW TO UPDATE YOUR INFORMATION
You can access or update your personal information in the following ways:
(1) If you have created an account on our Site, you may enter and update your contact information after logging in to your account on our Site.
(2) You may also contact us by using the ‘Contact Us’ link above. Please include your current contact information, the information you are interested in accessing, and your requested changes.
9. YOUR PRIVACY RIGHTS UNDER U.S. STATE LAWS
California
If you reside in the State of California, this Privacy Notice for California Residents supplements the information above regarding the collection, use, disclosure, and sale of your personal information and your rights regarding that information.
We adopt this notice to comply with California law, including the California Consumer Privacy Act of 2018 (Cal. Civ. Code 1798.100 et seq.) (“CCPA”) and the regulations enacted by the Office of the Attorney General of California in connection with the CCPA. The CCPA gives California Residents the right to know what personally identifiable information is collected about them, and how it will be used, disclosed, and sold. The CCPA also gives California Residents the right to request access to and deletion of their personal information and the right to request that their personal information not be sold.
We collect information from you when you interact with us online (such as through our Site, as defined above) or offline (such as through our retail locations or over the phone). The information we collect from you will depend on the nature of our interaction, but may include the following categories that we have collected from consumers and disclosed in the preceding twelve (12) months:
CCPA Category CCPA Disclosures
Identifiers: Contact information (such as your name, address, and telephone number); unique identifiers (such as a device identifier and a government-issued ID number); financial information (such as a credit or debit card number); and online identifiers (such as an internet protocol address and a social media channel ID). Sources From Which Collected We collect this category of information from you or your device(s) when you provide it to us or interact with us online (such as through our Site, as defined above or our social media) or offline (such as through a retail location or over the phone). We also collect this information from third parties such as financial institutions, payment processors, and social networks.
Purpose of Collection We collect this category of information to identify, better understand, and communicate with you; to create and administer accounts; to process orders, payments, and refunds; to provide, improve, market, and personalize our products and services (including this Site, as defined above) and third-party products and services; for physical security, cybersecurity, incident response, and risk reduction purposes; for legal, recordkeeping, and compliance purposes; and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control; to Service Providers that provide customer experience management, marketing, fraud prevention and security, financial, product fulfillment, and payment processing services; to third parties who set cookies and tags for third-party marketing and advertising (subject to your right to opt out, as defined below); and to other third parties (such as law enforcement) as required by law.
Legally Protected Demographics: Such as your race, ethnicity, or gender identity. Sources From Which Collected We collect this category of information from you when you provide it to us or interact with us online (such as through our Site, as defined above, or our social media) or offline (such as through a retail location or over the phone). We also collect this information from third parties, such as social networks.
Purpose of Collection We collect this category information to improve, market, and personalize our products and services (including this Site, as defined above); for physical security and incident response; for legal, recordkeeping, and compliance purposes; and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control; to Service Providers that provide fraud prevention and security services; and to other third parties (such as law enforcement) as required by law.
Commercial information: Such as records of the products or services you purchased or considered purchasing. Sources From Which Collected We collect this category of information from you or your device(s) when you provide it to us or interact with us online (such as through our Site, as defined above, or our social media) or offline (such as through a retail location or over the phone).
Purpose of Collection We collect this category of information to better understand and communicate with you; to create and administer accounts; to process orders, payments, and refunds; to provide, improve, market, and personalize our products and services (including this Site, as defined above); for physical security, cybersecurity, incident response, and risk reduction purposes; for legal, recordkeeping, and compliance purposes; and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control; to Service Providers that provide customer experience management, product fulfilment, marketing, and fraud prevention and security services; and to other third parties (such as law enforcement) as required by law.
Biometric information: Such as the geometry of your face. Sources From Which Collected We collect this category of information from you or your device(s) when you provide it to us or interact with us online (such as through our Site, as defined above, or our social media).
Purpose of Collection We collect this category of information to provide, improve, market, and personalize our products and services (including this Site, as defined above) and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control and to other third parties (such as law enforcement) as required by law.
Internet or other electronic network activity information: Such as your browsing history, search history, and interactions with the Site (as defined above). Sources From Which Collected We collect this category of information from you or your device(s) when you provide it to us or interact with us online (such as through our Site, as defined above, or our social media). We also collect this information from third parties such as online advertising networks, online data aggregators, and social networks.
Purpose of Collection We collect this category of information to identify, better understand, and communicate with you; to administer accounts; to process orders, payments, and refunds; to provide, improve, market, and personalize our products and services (including this Site, as defined above) and third-party products and services; for physical security, cybersecurity, incident response, and risk reduction purposes; for legal, recordkeeping, and compliance purposes; and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control; to Service Providers that provide customer experience management, marketing, fraud prevention and security; to third parties who set cookies and tags for third-party marketing and advertising (subject to your right to opt out, as defined below); and to other third parties (such as law enforcement) as required by law.
Geolocation information: Your physical location. Sources From Which Collected We collect this category of information from you or your device(s) when you provide it to us or interact with us online (such as through our Site, as defined above, or our social media).
Purpose of Collection We collect this category of information to identify, better understand, and communicate with you; to administer accounts; to provide, improve, market, and personalize our products and services (including this Site, as defined above); for physical security, cybersecurity, incident response, and risk reduction purposes; for legal, recordkeeping, and compliance purposes; and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control; to Service Providers that provide customer experience management, marketing, fraud prevention and security; and to other third parties (such as law enforcement) as required by law.
Sensory information: Audio, electronic, visual, thermal, olfactory, or similar information related to you. Sources From Which Collected We collect this category of information from you or your device(s) when you provide it to us or interact with us online (such as through our Site, as defined above, or our social media) or offline (such as through a retail location or over the phone).
Purpose of Collection We collect this category of information to identify, better understand, and communicate with you; to provide, improve, and market our products and services (including this Site, as defined above); for physical security, cybersecurity, incident response, and risk reduction purposes; for legal, recordkeeping, and compliance purposes; and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control; to Service Providers that provide customer experience management and fraud prevention and security; and to other third parties (such as law enforcement) as required by law.
Inferences: Inferences drawn from any of the information identified above. Sources From Which Collected We draw inferences about you from the information we collect from you or your device(s) when you provide it to us or interact with us online (such as through our Site, as defined above, or our social media) or offline (such as through a retail location or over the phone). We also draw inferences about you from the information we collect from third parties such as financial institutions, payment processors, and social networks.
Purpose of Collection We draw these inferences to better understand, and communicate with you; to provide, improve, market, and personalize our products and services (including this Site, as defined above); and for other purposes communicated to you at the time of collection.
Parties With Whom Shared We disclose this category of information to related or affiliated companies under our control and to third parties (such as law enforcement) as required by law.
Your Rights Under the CCPA
The CCPA provides you (as a California resident) with specific rights subject to certain limited exceptions:
• The Right to Know. You have a right under the CCPA to request that we disclose what personal information we collect, use, disclose, and sell. The process for exercising this right is described below under Exercising Your Right to Know and Right to Deletion.
• The Right to Deletion. You have a right under the CCPA to request deletion of any personal information about you that we have collected from you. The process for exercising this right is described below under Exercising Your Right to Know and Right to Deletion.
• The Right to Opt Out. You have a right under the CCPA to opt-out of the sale of your personal information. The process for exercising this right is described below under Sale of Information and Your Right to Opt Out.
• The Right to Non-Discrimination. You have a right under the CCPA not to be discriminated against for the exercise of your other rights. This includes the right not to be denied goods or services, not to be charged different rates for goods or services, and not to receive a different level or quality of goods or services from us for your exercise of your privacy rights under the CCPA.
As noted above, Right to Know and Right to Deletion are subject to certain limited exceptions: we may not be required to provide you access to the specific pieces of information we have collected about you or delete information if we have not been able to verify your identity, and we may not be required to delete information under certain circumstances. For example, we are not required to delete information that is necessary to complete a transaction, to detect security incidents, or for certain other internal purposes.
Exercising Your Right to Know and Right to Deletion
To process your request for access or deletion, we must be able to verify your identity. In order to do so, you must provide the information we request as part of the verification process, such as your contact information and an additional identifier based on your relationship with us. Before we process your request, we will match these data points with data points we currently maintain to verify your identity and your relationship with us.
You can designate an authorized agent to make a request to access or delete your information on your behalf. When you use an authorized agent to submit a request for access or deletion, you must provide the authorized agent with written permission to do so, and, in certain circumstances, we may ask you to verify your own identity directly with us. We may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf.
Sale of Information and Your Right to Opt Out
The CCPA requires us to inform you whether we currently use your personal information (or used your personal information during the past twelve (12) months) in a way that would be considered a “sale” (as defined under the CCPA). We engage (and have engaged for the past twelve (12) months) in activity, including the use of third-party cookies and tags, that could be considered the “sale” (as defined in the CCPA) of (a) online identifiers and (b) internet or other electronic network activity information (each as defined in the table above) to marketing companies that support our online marketing efforts as well as to third parties that may have a secondary use of this information.
You may exercise your Right to Opt Out (of the sale of personal information) by following the instructions at the end of this paragraph. By doing so, you acknowledge that you will be redirected to a site hosted by OneTrust, which processes data requests for us. OneTrust has different terms of service and a different privacy policy than Ulta.com. To submit a request pursuant to your right to opt out of sale under the CCPA, please follow the instructions listed below (or alternatively, you may call Your Derma Care Guest Services at 800-208-5074):
(1) To exercise your Right to Opt Out using ulta.com: Click on the “Do Not Sell My Personal Information” link located in the footer, under the “Guest Services” heading.
(2) To exercise your Right to Opt Out using the Your Derma Care mobile application for iOS: Navigate to the footer section and tap on “More”, then tap “Terms & Privacy”, and then tap “Do Not Sell My Personal Information”.
(3) To exercise your Right to Opt Out using the Your Derma Care mobile application for Android: Tap the navigation menu at the top left portion of your screen, then tap “Terms & Privacy”, and then tap “Do Not Sell My Personal Information”.
Disclosure of Information
The CCPA requires us to inform you whether we disclose your personal information to other parties. We do disclose your information in certain circumstances to Service Providers and other third parties, as described above, and we have disclosed this information as permitted in the preceding twelve (12) months.
Personal Information Collected From Employees, Contractors, and Applicants
• Your Derma Care Associates. If you are an Your Derma Care employee and would like information about the categories of personal information Your Derma Care collects from you as an employee and the purposes for which the personal information will be used, please visit the HR page on the Your Derma Care company intranet or call Your Derma Care’s HR Service Center at 407-543-6726.
• Contractors. If you are a contractor performing services for Your Derma Care and would like information about the categories of personal information Your Derma Care collects from you as a contractor and the purposes for which the personal information will be used, please call Your Derma Care’s HR Service Center at 407-543-6726.
• Job Applicants. If you are applying for a position with Your Derma Care and would like information about the categories of personal information Your Derma Care collects from you as a job applicant and the purposes for which the personal information will be used, please refer to your job application.
California’s “Shine the Light” Law
If you are a California resident and an Your Derma Care customer, you have the right to request information from us once per calendar year regarding the customer information we share with third parties for the third parties’ direct marketing purposes. To request this information, please send an email to info@yourdermacare.com with ‘Request for California Privacy Information’ in the subject line and in the body of your message. We will provide the requested information to you via an email response.
California’s “Eraser Button” Law
If you are a California resident under 18 years old and a registered user of the Site (as defined above), you can request that we remove content or information that you have posted to our website or other online services. Fulfillment of the request may not ensure complete or comprehensive removal (e.g., if the content or information has been reposted by another user). To request removal of content or information, please Contact Us or call customer service at 800-208-5074.
Nevada
If you are a Nevada resident, you have the right to submit a request directing us not to make any sale of your personal information. Your Derma Care does not sell your personal information. However, to request email confirmation that we do not sell your personal information, please send an email to info@yourdermacare.com with ‘Request for Nevada Privacy Information’ in the subject line and in the body of your message. We will provide the requested information to you via an email response.