Privacy Policy

Last updated: [22.01.2025]

By using aesthyskin.com, you agree to be bound by these Legal Notice as well as (Payment & refund terms   /Privacy policy / Terms of service / Shipping policy / Terms of sale / Legal notice)

AESTHYSKIN SAS

Type of site: website

The purpose of this Privacy Policy

This Privacy Policy informs users ("you" and "your" refer to you, the user of aesthyskin.com, the "Site") about how we (collectively, "we," "us," or "our Site") collect, use, and disclose your personal data. This applies whether you are a customer, website visitor, or anyone else whose information we collect under this Privacy Policy. In addition, this policy covers the following information, when relevant:

•              personal data we will collect

•              use of the data collected

•              who has access to the data collected

•              the rights of Site users

Please read this Privacy Policy carefully. This Policy complements our Terms of Service. By using our Services, you agree to the collection, use, and disclosure of your information as described herein. If you disagree, please refrain from using our Services.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the "Last updated" date and take any other steps required by applicable law.

Applicable laws

In accordance with the General Data Protection Regulation (GDPR), this Privacy Policy complies with the following regulations.

Personal data must be  :

•              processed in a lawful, fair and transparent manner with regard to the person concerned (lawfulness, loyalty, transparency);

•              collected for specific, explicit, and legitimate purposes and not further processed in a way that is incompatible with those purposes. Limited to the purposes for which it is collected. However, further processing for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes is not, according to Article 89(1), considered incompatible with the original purposes;

•              adequate, relevant and limited to what is necessary for the purposes for which they are processed (data minimization);

•              accurate and updated, whenever necessary; all reasonable measures must be taken to erase outdated data without delay  or rectify personal data which are inaccurate, having regard to the purposes for which they are processed (accuracy);

•              kept in a form allowing the identification of the persons concerned for the period required to achieve the purposes for which it was collected; There are limited exceptions, when personal data may be retained for longer periods such as when data is needed for archival purposes in the public interest, scientific or historical research purposes, or for statistical purposes, as permitted by Article 89(1) of the GDPR,  in such cases, we will take all necessary technical and organizational precautions to protect the rights and freedoms of the data subject. (retention limitation);

•              processed in a manner that ensures safeguarding the security of  personal data,  with implementation of appropriate technical and organizational measures to protect your data against unauthorized or unlawful processing, accidental loss, destruction, or damage (integrity and confidentiality).

Processing is only lawful if and to the extent that at least if one or more of the following applies:

•              the user has provided their consent to the processing of their personal data for one or more specific purposes;

•              the processing is necessary to carry out a contract we have with you  or to take steps before entering into a contract at your request;

•              the processing of your data to comply with legal requirements to which the controller is subject;

•              the processing is necessary to protect  the vital interest (your life, health) or the safety of others  or another natural person;

•              the processing is necessary to carry out important tasks for the public good,  or relating to the exercise of public authority vested in the controller;

•              the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party,  but only if it does not conflict with your privacy rights or fundamental rights and freedoms of the data subject which require protection of personal data, in particular  important when dealing with children's data.

This Privacy Policy applies to all users, but we've taken extra care to ensure it complies with the California Consumer Privacy Act (CCPA).  For residents of the State of California, if there's anything in this policy that differs from the CCPA, the CCPA will take precedence.  We'll also keep our policy up-to-date to reflect any changes in the law.

Consent

By using our Site, users agree and consent to:

1. the conditions described in this Privacy Policy and

2. the collection, use and retention of the data outlined in this Policy

PERSONAL DATA WE COLLECT

The information that we collect and use varies depending on how you interact with us.

Data collected automatically : visit or use of our website

During your visit or use of our website, this information might be collected and stored automatically:

1. IP address

2. Hardware and software details

3. The content you explore on our platform ( Shopping information including the items you view, put in your cart or add to your wishlist)

Data collected automatically :  from Third Parties

We may obtain data about you from third parties, including from vendors and service providers who may collect information on our behalf, such as:

1. Companies providing a support service to our Site and Services, such as squarespace.

2. Our trusted payment processors,  who collect payment information, such as bank account details, credit card information, or billing address. We only share this information with them to securely process your payments, to complete your transactions, fulfil your orders and deliver the Products or Services you requested.

3. When you visit our Site, open our emails, or use our Services, we or our trusted partners may use technologies like Cookies  ( pixels, web beacons, software developer kits or third-party libraries) to automatically collect data.    

If we receive any information about you from trusted partners, we'll handle it according to this Privacy Policy. However, we can't be responsible for how those third parties handle your data or their privacy policies or practices. See the 'Third Party Websites and Links' section for more information.

Non-automatically collected data

You may choose to share some information with us when you use certain features on our Site, such as:

1. Basic contact details including company name, your name and surname,  age, sex, job position, address, phone number, email

2. Order information including your company name, your name and surname,  job position, billing address, shipping address, payment confirmation, email address, phone number

3. Account information including your username, password, security questions

4. Payment Information

5.  Autofill data

6. Customer support information including the information you choose to include in communications with us, for example, when sending a message through the Services

 

You may elect not to provide this information, but doing so may prevent you from using or accessing these features

Here's how we might collect this information:

• Signing up for an account on our platform

• Making a purchase on our website

• Collecting your feedback and reviews on the Products you bought

• Taking part in contests we run on social media

• Signing up for our newsletter

Please note that we only collect information that directly helps us fulfil the promises made in this Privacy Policy. We won't collect anything extra without informing you first.

User generated content

The Site allows you to share and to post Product reviews and other user-generated content. If you choose to submit user generated content this content will be public and accessible by anyone, means anyone can see it, including people you don't know.  

You control what you share. We can't control who sees your the information that you choose to make available to others or how they use it. Privacy and security of any information that you make publicly available, are your responsibility. We encourage you to be thoughtful about what you post publicly.

How we use personal data

We only use personal data collected on our Site or on the specific pages where you give it to us for the reasons explained in this policy. We won't use your data beyond what we disclose.

We use automatically collected data for the following purposes:

1. Statistics

2. Security and Fraud Detection

3. Providing a better user experience and service

When the user performs certain features on our platform, we may collect information to:

1.            Understand your business needs to provide professional advice and recommendations

2.            Provide you our  Products and Services

3.            Process your secure payment to complete your orders

4.            Fulfil and deliver your orders 

5.            Send notifications (related to your account, purchases, returns, exchanges or other transactions and to enable you to post reviews)

6.            Create, maintain or manage your account

7.            Analyze statistics of website usage to improve your browsing experience

8.            Provide marketing and promotional communication ( sending marketing, advertising and promotional communications by email, text message or postal mail, and to suggest you adapted advertisements for Products or Services)

9.            Improve your user experience providing you with customer support and to maintain our business relationship

10.          Fight against fraud and maintain a safe and secure platform (if we detect any suspicious behavior, we may investigate and take appropriate action). We have advanced security features in place, nevertheless we highly recommend you to use a strong password and never share your login information. If you think your account might be compromised, contact us immediately by mail : contact@aesthyskin.com

WHO WE SHARE PERSONAL DATA WITH

Employees

We share your information within our company to complete tasks related to the reasons outlined in this policy.

Third parties

We may share some of your information, but only in the ways described in this policy, with the following third parties trusted companies :

•              Shipping providers and Fulfilment centers

•              Retail partners

•              Product suppliers and Brand collaborators

•              Business and marketing partners (including squarespace, to support personalized advertising with third-party services)

•              Other third parties who perform services on our behalf (IT management, payment processing, data analytics, cloud storage)

Our partners , third parties trusted companies , will use your information in accordance with their own privacy policies. We may only share your information with third parties trusted companies for the reasons explained in this policy, for the following purposes:

•              The information necessary for the preparation and shipping , delivery updates and track your  orders: complete address (full address, phone number, and email address to ensure tracking of the package), and content of the order.

Third parties trusted companies  access to user data will be restricted to the minimum necessary to accomplish the intended purpose.

Other disclosures

We never sell your data to third parties, except in the following exceptional situations when absolutely necessary:

1. if legally obligated by law

2. if legally required for ongoing legal proceedings

3. to defend ourselves or to protect our legal rights

4. in the event our company undergoes a change in ownership, such as a merger or acquisition, your information may be transferred to the new owners

Our website may contain links to other sites. These sites have separate privacy and data collection practices, and we are not responsible for and have no control over their privacy policies and practices. Be sure to check their privacy policies before using them.

How long we store personal data

We keep your information for 12 months after your last activity on our Site.

In some rare cases, we may need to keep it longer for legal or regulatory reasons.  We will always notify you if that's the case and explain why.

How we protect your personal data

We use industry-standard security measures, including HTTPS protocols encryption, to protect your data at all times.

Only authorized employees with a legitimate business need can access your information. We restrict access to your information to authorized employees who need it to fulfill their job duties. These employees are bound by strict confidentiality agreements, and any violation of these agreements will result in disciplinary action, up to and including termination.

We take data security very seriously and implement industry-standard security measures to protect your information. However, there always remains the risk of harm, and online security is a shared responsibility. To mitigate this risk and safeguard the confidentiality of sensitive or classified data, we strongly advise against transmitting such information through unsecured channels. We recommend using secure communication methods whenever such information needs to be disclosed. We are committed to doing everything we can to keep your information safe, but we cannot guarantee absolute security.

Third Party Websites and Links

Our Site may include links you might find interesting to other websites or other online platforms operated by third parties. These sites are run by other companies, so they have their own privacy policies and terms of use.  Should you choose to access a third-party website or platform through a link provided on our Site you are advised to carefully review the privacy policies, security practices, and other terms and conditions governing such websites or platforms. We are not responsible for the accuracy, completeness, reliability, or security of the content, information, or activities found on such external websites or platforms. Information you share publicly online, including on social media, can be seen by others and may be used beyond our control. The inclusion of such links on the Site should not, under any circumstances, be construed as an endorsement of the content material presented on those platforms, nor of the entities which own or operate them. These links are provided solely as potential resources that may be of interest to users.

Minors

Following GDPR guidelines, users under 15  considered as minors. The Site and it’s Services is not designed for, nor do we knowingly collect personal information from, minors under the age of 15. We take the privacy of children very seriously and prioritize the protection of their data.

Minors must have a parent or legal representative's consent for their data to be collected, processed and used, as well as authorization use our platform. In the event that you are the parent or legal representative of a minor under the aforementioned age restriction who has unknowingly provided personal information through the Site or Services, you have the right to request its deletion. Please contact us using the methods outlined below to initiate this process.

International Users

We strive to provide a global Service. Please note that this may involve transferring, storing, and processing your personal information outside of your home country, including the United States. We understand the importance of data privacy, and we take steps to safeguard your information wherever it resides.

Whenever we transfer your personal information outside the European Economic Area (EEA), we utilize recognized data transfer mechanisms to ensure adequate protection. These mechanisms may include the European Commission's Standard Contractual Clauses (SCCs) or other equivalent legal instruments approved by relevant authorities. In cases where the receiving country is deemed to offer a sufficient level of data protection according to applicable regulations, transfers may occur without the need for additional safeguards.

Your rights as a user

The Services of the Site are offered globally, and data privacy regulations vary by jurisdiction. Depending on your geographic location, you may possess certain rights in relation to your personal information held by us. However, it is important to understand that these rights may not be absolute. The applicability of these rights may be subject to specific circumstances, we will make every effort to fulfill your requests in a timely manner and in accordance with applicable legal requirements, nevertheless we reserve the right to decline requests where permitted by law, while providing a valid justification for such a decision.

In EEA, under the GDPR, users have the following rights regarding your data, including:

•              right of access

•              right of rectification

•              right to erasure

•              right to restrict processing

•              right to data portability

•              right to object

For more details about these rights in chapter 3 (art 12-23) of the GDPR, you can also visit the official GDPR website.

You may exercise any of these rights where applicable in relation to your personal information.  You may also submit requests by contacting using the contact details outlined below.

We will not treat you differently or discriminate against you based on your decision to exercise your data subject rights. To ensure the security and accuracy of your information, we may request verification of your identity (e.g., email address, account information) before processing your request. Applicable laws permit the designation of an authorized agent to act on your behalf when exercising your data subject rights.  In such cases, we will require proof of the agent's authorization and may additionally request direct verification from you to ensure alignment.

We are committed to responding to your requests within the timeframes mandated by applicable laws.

How to modify, delete or contest the data collected

If you would like to delete your information or make changes, please contact us:  contact@aesthyskin.com

COOKIE POLICY

We also automatically collect certain information about your interaction. To do this, we may use Cookies, pixels and similar technologies ("Cookies"). Cookies are tiny files websites store on your device. They help us to collect data relating your visit, how you access and use our Site and your account, including device information, browser information, information about your network connection, your IP address and other information regarding your interaction with the Site and your preferences, to make your experience smoother. 

 We use different types of Cookies. Here is a breakdown:

Functional Cookies

We use Cookies to remember your selections on our Site so you won't have to re-enter your preferences every time you visit, as Cookies are saved for future visits making your experience smoother.

Analytical Cookies

This helps us anonymously track how users navigate our Site, to improve its design and features as well as the overall experience for our users.

We can notify you whenever a cookie is placed, or you can disable them entirely in your browser settings. Keep in mind that disabling Cookies might affect some features of our website and may decrease the quality of your user experience.

Third-party Cookies

In some cases,  we allow trusted partners to use Cookies on our Site to tailor advertising to your interests.  While this helps you discover new things it helps us improve the Site, we understand you might prefer not to use them. If so, you can always control your cookie preferences in your browser settings.   

Control of your Cookies

Most browsers accept Cookies by default. You can adjust your browser settings through your browser controls to remove existing Cookies or block future Cookies. Disabling Cookies might affect your experience on our Site, some features, like remembering your preferences, might not work as smoothly. Additionally, blocking Cookies doesn't completely stop information sharing with third parties (like advertisers or service providers). We recommend keeping Cookies enabled for the best experience.

Changes

We keep our Privacy Policy up-to-date to reflect any changes in how we handle your information or legal requirements. You can always check here for the latest version. We may also send you an email notification if there are any significant updates.

Complaints

Should you have any concerns or complaints regarding our data processing practices, we encourage you to contact us directly using the contact details outlined below. Depending on your geographic location, you may possess the right to appeal our decisions related to your data subject rights. This appeal process can be initiated by contacting us through the aforementioned methods. Furthermore, you may also retain the right to lodge a complaint with your local data protection authority.

Contact

For the purpose of applicable data protection laws,  our representative in the EEA AesthySkin SAS company, situated 8 bis, rue Abel, 75012 Paris, France is the data controller of your personal information. If you have any questions about this Privacy Policy, our privacy practices or your data, don't hesitate to contact us: contact@aesthyskin.com