Effective: January 30, 2020
SECTION 1 - PERSONAL INFORMATION WE COLLECT
Personal information you provide to us.
- Contact data, such as your first and last name, email and mailing addresses, postal code, phone number and social media alias.
- Profile data, such as your username and password that you set to establish an online account with us, and other information you include in your account profile.
- Haircare preferences, such as your hair type, hair concerns and the products you have received from us.
- Communications that we exchange when you communicate with us, such as when you request support, contact us with questions or feedback.
- Content, such as comments, text, images, audio, video, or other content you post to or provide.
- Payment and transactional data, such as the information needed to complete your orders (including name, credit card information, billing and shipping information), information about your payment transactions, and your order history.
- Marketing data, such as your preferences for receiving communications about our products, activities, events, and publications; details about how you engage with our communications; and information you provide when you participate in an event, contest or promotion.
Other sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as:
- Data providers, such as information services and data licensors.
- Public sources, such as public social media platforms.
- Business partners, such as joint marketing partners, licensors/licensees, joint venture partners and event co-sponsors.
Automatic collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your activity over time on the Services and other online services, including:
- Device data, such as your computer or mobile device operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, internet service provider, the website you visited before browsing to our website, and general location information such as city, state or geographic area.
- Online activity data, such as what pages you visit, what products or files you view, referring/exit pages and the third-party sites that led you to our site.
- Precise geolocation data, such as when you authorize our website to access your location.
Cookies and similar technologies. Some of our automatic data collection on the Services is facilitated by:
- Cookies, which are text files that websites store a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of tracking user activity and patterns, helping you navigate between pages efficiently, remembering your preferences and generally improving your browsing experience.
- Flash cookies, or locally stored objects, which are used for purposes similar to cookies but allow storage of a larger amount of data.
- Web beacons, also known as pixel tags or clear GIFs, typically used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked, typically to compile statistics about usage of websites and the success of marketing campaigns.
- Software development kits, or SDKs, which are used to incorporate third party computer code into our App that allows the third party service providers or advertising partners to collect data directly from it for a variety of purposes, including to provide us with analytics regarding the use of the Drybar mobile application, to integrate with social media, add features or functionality to our app, or to facilitate online advertising.
Information about others. You may have the opportunity to share personal information about others with us, such as when you book an appointment for them through the Services, purchase a gift card for a third party, or refer friends or other contacts to us. When you share the personal information of others with us, you are responsible for ensuring you have their permission to do so.
SECTION 2 – HOW WE USE YOUR PERSONAL INFORMATION
We may use your personal information to:
- provide, operate and improve your experience, such as when we use your personal information to mail you the products or gift cards you order from us;
- verify identity;
- prevent fraud and abuse;
- identify your shopping preferences and your shopping;
- open and manage an account;
- deliver requested products or to respond to questions;
- enroll you in a program;
- send you our newsletters, coupons, updates, reminders, related email marketing, and other information;
- ensure a high standard of service to you;
- meet regulatory requirements;
- send SMS updates and special marketing promotions;
- respond to your queries and communicate with you about our products, including by sending announcements, updates, security alerts, and support and administrative messages;
- keep track of customer feedback, understand your needs and interests, and personalize your experience and our communications; and
- improve our service to customers and to provide support and maintenance.
Research and development. We may use your personal information for research and development purposes, including to customize, improve the online experience, and analyze and improve the experience and our business. As part of these activities, we may create aggregated, de-identified or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, including to analyze and improve the experience and promote our business.
Marketing and advertising. We and our third-party advertising partners may collect and use your personal information for marketing and advertising purposes:
- Direct marketing. We may send you Drybar-related or other direct marketing communications as permitted by law. You may opt-out of our marketing communications as described below
Compliance and Operations. We may use your personal information in the following circumstances:
- When the collection, use or disclosure of personal information is permitted or required by law;
- In an emergency that threatens your life, health, or personal security;
- When the personal information is available from a public source (e.g., a telephone directory);
- When we require legal advice from a lawyer;
- For the purposes of collecting a debt or to protect ourselves from fraud;
- To investigate an anticipated breach of an agreement or a contravention of law;
- If our company is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to service or sell products to you.
SECTION 3 – HOW WE SHARE YOUR PERSONAL INFORMATION
- Other users and the public. If at any time our Services offer any chat rooms, comments, notice board facilities, reviews, social media, newsgroups etc. information that you post or make available may be collected by other users or the public. Please note that we cannot be responsible for other parties’ use of the personal information, which you may make available to such third parties through any chat room, comments, notice board, newsgroup etc. on the Services. Please be careful about what personal information you disclose in this way.
- Service providers. We may share your personal information with unrelated companies and individuals that provide services on our behalf or help us operate the Services or our business (such as customer support, hosting, payment processing, appointment booking, analytics, email delivery, marketing, and database management services). These third parties may use your personal information only as authorized under our contracts with them.
- Business partners. We may share your personal information with our business partners, such as joint marketing partners, licensors/licensees, joint venture partners and event co-sponsors.
- Advertising partners. We may sometimes share your personal information with our advertising partners, and may enable such partners to collect information directly via our Services for the purposes described in the Marketing and advertising section, above.
- Professional advisors. We may share your personal information with professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
- Authorities and others. We may share your personal information with law enforcement, government authorities, and private parties, when we believe in good faith it is necessary or appropriate for the compliance and operations purposes described above.
- Business transferees. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, with relevant participants in business transactions (or potential transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Drybar or our affiliates (including, in connection with a bankruptcy or similar proceedings).
SECTION 4 – YOUR CHOICES
In this section, we describe the rights and choices available to all users.
- Opt out of marketing emails. If you no longer wish to receive marketing-related emails from us, you may opt out by clicking the "unsubscribe" option in the email message, informing us at email@example.com, or mailing us at: Drybar Privacy Officer / 125 Technology Drive, Suite #100 / Irvine, CA 92618. You may continue to receive service-related and other non-marketing emails.
- Text Messages. If you consent to receive text messages, Drybar offers its customers mobile alerts regarding marketing messages, sales, events, membership updates, and product releases by SMS message. You may receive SMS or MMS messages. Message and data rates may apply, check with your cellular or data carrier for information. Up to 6 autodialed promotional messages per month. Consent to get text messages is not required/not a condition for purchase of goods or services. You can opt out of receiving text messages. To stop receiving text messages, text the word STOP to 78656 any time or reply STOP to any of the text messages you have received from Drybar. This is the exclusive method for opting out. For Services operated through a different number, text STOP to that number to opt out. Your opt-out request may generate either a confirmation text or a texted request to clarify the text message program to which it applies (if you have more than one). More details at Mobile Terms and Conditions.
- Choosing not to share your personal information. Subject to certain exceptions (e.g., the personal information is necessary to provide the service or product, or where we must use your personal information to perform a legal obligation), you can choose not to share your personal information with us. If you do not provide this personal information when requested, it may restrict our ability to provide a particular service or product. If so, we will explain the situation to assist you making the decision by telling you what information you must provide to receive the Service by designating it as required at the time of collection or through other appropriate means.
- Location data. Users of our mobile application also the choice whether to allow us to access your precise location data. Your device settings may provide the ability for you to revoke our ability to access location data.
- Advertising choices. Some of the business partners that collect information about users’ activities on or through the Services may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.
- Targeted advertising. Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. Users of our mobile applications may opt out of receiving targeted advertising in mobile apps through participating members of the Digital Advertising Alliance by installing the AppChoices mobile app, available here, and selecting the user’s choices. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above. In addition, your mobile device settings may provide functionality to limit our, or our partners’, ability to engage in ad tracking or targeted advertising using the Google Advertising ID or Apple ID for Advertising associated with your mobile device. If you choose to opt-out of targeted advertisements, you will still see advertisements online, but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioral advertising are included in this list, so you may still receive some cookies and tailored advertisements from companies that are not listed.
- Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
SECTION 5 – SECURITY
The security of your personal information is important to us. We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
SECTION 6 – OTHER SITES, MOBILE APPLICATIONS AND SERVICES
The services may contain links to other websites, mobile applications, and other online services operated by third parties. These links are not an endorsement of, or representation that we are affiliated with, any third party. In addition, our content may be included on web pages or in mobile applications or online services that are not associated with us. We do not control third party websites, mobile applications, or online services, and we are not responsible for their actions. Other websites, mobile applications and services follow different rules regarding the collection, use and sharing of your personal information. We encourage you to read the privacy policies of the other websites, mobile applications, and online services you use.
SECTION 7 – CHILDREN
The Services are not intended for use by children under 16 years of age, and we do not intentionally collect personal information from children under 16. If we learn that we have collected personal information from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it.
SECTION 9 – HOW TO CONTACT US
Please direct any questions or comments to:
- Privacy Officer, 125 Technology Drive Suite #100 Irvine CA 92618
- or firstname.lastname@example.org
SECTION 10 – IMPORTANT INFORMATION FOR CALIFORNIA RESIDENTS
Section effective: January 1, 2020
This section applies only to California residents and is effective as of January 1, 2020. For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA.
Personal Information that we collect, use and share. We have created a table below which summarizes how we collect, use and share Personal Information by reference to the categories specified in the CCPA, and describes how we have collected, used and shared Personal Information during the preceding 12 months.
Category of Personal Information (PI) as specified in the CCPA
Details of PI we collect, if any
Business/commercial purpose of collection
Categories of third parties with whom we share PI for a business purpose
Internet or Network Information
May be derived from your:
Protected Classification Characteristics
We do not intentionally collect this information, but it may be revealed in other information we collect, such as profile data, haircare preferences and your content.
The categories of third parties to whom we disclose this Personal Information include business partners (for marketing and advertising purposes) and advertising partners (to facilitate online advertising). For more details, see the How We Share Your Personal Information section above.
Your California privacy rights. If you are a California resident, you can request to exercise your privacy rights as detailed within CCPA and listed below.
- Opt-out of sales. If we “sell” your Personal Information, you can opt-out. In addition, if you direct us not to sell your Personal Information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes.
- Deletion. You can ask Drybar to delete the Personal Information that we have collected about you.
- Access. You can ask Drybar for a copy of the Personal Information that we have collected about you.
- Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
- The categories of Personal Information that we have collected.
- The categories of sources from which we collected Personal Information.
- The business or commercial purpose for collecting and/or selling Personal Information.
- The categories of third parties with whom we share Personal Information.
- Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third-party recipient.
- Whether we’ve sold your Personal Information, and if so, the categories of Personal Information received by each category of third-party recipient.
You are entitled to exercise your CCPA privacy rights described above free from discrimination in the form of legally prohibited increases in the price or decreases in the quality of our Services.
How to exercise your rights. You may request to exercise your California privacy rights described above as follows:
- Right to information, access, and deletion. For Requests about your personal data or to opt-out, you can click here
- Right to opt-out of the “sale” of your Personal Information. You can request to opt-out of the “sale” of your Personal Information by clicking here.
Drybar is happy to process your privacy enactment request, once we have confirmed your identity and validated that you reside in California. As part of this process, government identification may be required. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
If you are somehow affiliated to Drybar, in that perhaps you are an employee, vendor, contractor, or hold any other position for or within the company, and you reside in California, feel free to enact your CCPA rights using the methods detailed in this section. Unfortunately, we won’t be able to send you any human resource related information or other information in accordance with applicable law (examples may be; payroll, PTO, benefits, contract information), but we will process your privacy enactment request in the same manner that we would for any other California Resident. Requesting to exercise your CCPA privacy rights will not change the affiliation you have with Drybar in any way.
Your California privacy rights are not absolute, and in certain cases we may decline your request as permitted by law. For example, Drybar may reject privacy enactment requests if there is any suspected malice, including any which may be deceptive, fraudulent, illegal or pose a security threat. Drybar may also reject requests related to legal or criminal matters, or if they are related to any in-progress transactions or purchases.
Last updated May 7, 2020