Last updated: March 28, 2019.
SECTION 1 - YOUR PERSONAL INFORMATION
We collect personal information from you when you browse our online store, when you send us an e-mail, when you register or subscribe for AG Hair’s newsletters or promotions, when you contact AG Hair’s Customer Care and when you purchase our products through AG Services.
Types of data we collect:
- Contact information including name, address, city, state, province/territory, Postal/ZIP code, email address and telephone number;
- Product preferences;
- Purchase history from our website;
- “Demographic Information” including age range, gender, date of birth, marital status and Postal/ZIP code;
- “Usage Information” such as IP address, device identifier, browser type, operating system, information about your use of AG Services, and data regarding network connected hardware; and
- Photographs and videos submitted by users.
How the data is used:
We collect, maintain and use your personal information so that we can:
- establish and verify the identity and eligibility of users;
- upload and display your postings and similar submitted content;
- open, maintain, administer and service your profile, account or membership;
- process, service or enforce transactions and send related communications;
- provide you and other users with products, services and support;
- conduct sweepstakes, surveys and contests;
- operate and improve the Service;
- provide users with product or service updates;
- send promotional notices, offers or other targeted marketing and other information;
- respond to your questions, inquiries, comments and instructions;
- maintainthe security and integrity of our systems;
- understand consumer preferences across multiple brands;
- maintain customer relationships;
- evaluate product performance and safety;
- To develop a confidential profile for you which will be used to provide services to you and facilitate your transactions with AG Hair;
- To create non-personal information that is aggregated or anonymized;
- comply with policies, procedures and legal requirements; and
- improve our products and services and our other business purposes.
SECTION 2 – COMMUNICATIONS, MAILING LIST AND CONTESTS
When you purchase items from our website, AG Hair will send you communications related to your transactions, security or the administration of our Service. From time to time, we may also wish to send you other messages or updates about AG Hair, including promotions and other activities. If you do not wish to receive non-transaction/security related communications from us, please send an email with your request to privacy@AGHair.com.
If you choose to join our mailing list, we will send you emails about our store, AG Hair’s newsletter, exclusive Stylist deals, new products and other updates. You can unsubscribe at any time by clicking on the “Unsubscribe” link in the footer of any AG Hair email and following the instructions.
If you enter a contest, sweepstakes or promotion via AG Services, your entered personal information may be disclosed to third parties in connection with the promotion, including without limitation for purposes of posting your entry with attribution or otherwise as permitted in the official rules for the promotion, fulfilling your prize or including your name on a winners list. Also, by entering a promotion, we may require you to consent to the use of your personal information or other information, such as name, voice or likeness, in advertising, promotional and marketing materials.
SECTION 3 – CONSENT
When you provide us with your personal information to purchase a product, arrange for a delivery, or return a purchase, it is implied that you have consented to AG Hair collecting this information and using it for that specific reason only.
We will not use your personal information for marketing unless you have consented expressly. This means that we will either ask you directly for your consent or you will be provided with an opportunity to say no.
You may withdraw your consent for AG Hair to contact you for the continued collection, use or disclosure of your information, at any time, by contacting AG Hair at privacy@AGHair.com or mailing us at:
Re: Privacy Inquiries
14 King Edward St
SECTION 4 – CHILDREN
AG Services are intended for a general audience and are not directed to children less than 13 years of age. We do not knowingly collect any personal information from anyone who we know to be under the age of 13. If we obtain knowledge that we have collected children’s personal information in a manner not permitted by the U.S. Children’s Online Privacy Protection Act (“COPPA”) or other applicable law, we will remove such data to the extent required by COPPA or the other applicable laws.
If you are under the age of majority in your state or province of residence, you should use AG Services only with the involvement of a parent or guardian and should not submit any personal information to us.
Any California residents under the age of eighteen who have registered to use AG Services and who posted content on AG Services, can request removal by contacting AG Hair at privacy@AGHair.com. AG Hair will make reasonable good faith efforts to remove the post from prospective public view or anonymize it so the minor cannot be individually identified to the extent required by applicable law. This removal process cannot ensure complete or comprehensive removal. For example, third parties may have republished or archived content by search engines and others that AG Hair does not control.
SECTION 5 – DISCLOSURE
For example, we may disclose information to law enforcement authorities or other businesses and organizations in connection with the detection, prevention and prosecution of activities that we reasonably believe to be unlawful or fraudulent (including activities at our retail stores or websites), and the disclosed information may include personal information of the individuals suspected of involvement in unlawful or fraudulent activities.
SECTION 6 – PAYMENT
For example, if you purchase an item using AG Services with your credit card, Shopify stores your credit card data. This data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as it is necessary to complete your purchase. After the purchase is completed, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort on brands like Mastercard, Visa, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
SECTION 7 – THIRD PARTIES
In general, the third party providers used by AG will collect, use and disclose your information only to the extent necessary for them to perform the services they provide to us.
However, certain third party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies for the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by them. Some providers may be located in or have facilities located in a different jurisdiction than you or AG. So if you choose to proceed with a transaction that involves the services of a third party service provider, then your information may become subject to the laws of the jurisdiction or jurisdictions in which that service provider or its facilities are located. For example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Certain functionalities of the Service allow you to interact between the Service and third party social networks (“Social Features”). Examples of Social Features include: enabling you to send content such as photos between the Service and a third party service; “liking” or “sharing” AG Hair’s content; logging in to the Service using your third party service account (e.g. using Facebook to sign-in to the Service); and to otherwise connect the Service to a third party service. If you use Social Features and potentially other third party services, information you post or provide access to may be publicly displayed on the Service or by the third party service that you use. If you post information on a third party service that references the Service (e.g., by using a hashtag associated with AG Hair in a status update), you agree that your post may be used on or in connection with the Service.
SECTION 8 – SECURITY
We take reasonable precautions and follow industry best practices to make sure your personal information is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, this information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. We also follow all PCI-DSS requirements and implement additional generally accepted industry standards.
We employ reasonable safeguards – including administrative, technical and physical measures – appropriate to the sensitivity of the personal information in its possession or under its control in order to protect that information from unauthorized access, collection, use, disclosure, disposal or similar risks.
While we are committed to protecting your information, data transmission over the Internet cannot be guaranteed to be 100% secure and we therefore cannot ensure or warrant the security of any information you may transmit.
SECTION 9 – TRACKING TECHNOLOGIES
Cookies are small amounts of data that are stored in separate files within your computer’s Internet browser. Cookies are accessed and recorded by the web-sites you visit and by the companies that show advertisements on these web sites so that they can recognize the same browser.
Web beacons (sometimes called transparent GIFs, clear GIFs, or web bugs) are small strings of code that provide a way for us to deliver a small graphic image (usually invisible) on a web page or in an email. Web beacons can recognize certain types of information on your computer such as cookies, the time and date a page is viewed and a description of the page where the web beacon is placed.
Do Not Track
Some Internet browsers include the ability to transmit “Do Not Track” signals. Since uniform standards for “Do Not Track” signals have not been adopted, AG Hair does not process or respond to “Do Not Track” signals. To learn more about “Do Not Track” please visit “All About Do Not Track”.
How We Use Tracking Technologies
- To help us recognize your browser as a previous visitor and to remember any preferences that may have been set while your browser was visiting AG Services;
- To help us customize the content and advertisements you are shown while visiting our website and potentially other websites online;
- To help measure and research the effectiveness of our online content, features, advertisements and other communications;
- AG Hair may also allow third parties to place their own cookies within your browser in order to serve you with relevant advertising online, to help us measure traffic, to provide you with access to social media networks, functionality and services and to allow us to conduct any surveys and research in which you agree to participate. For example, Facebook, Google and Twitter place their cookies on our website to support social networking integration and functionality and for use according to their respective privacy policies;
- Web beacons are used to improve your experience on our website, including helping provide you with content customized to your interests. They also help us to understand whether users read email messages and click on the links contained within those messages so that we can deliver relevant content and offers. Our web beacons may collect some contact information (e.g. the email address associated with an email message that contains a web beacon); and
How Third Parties Use Tracking Technologies
For example, we use Google advertising services which may collect information about you including device identifiers and location data in accordance with law to serve relevant advertising. Please see "How Google uses data when you use our partners' sites or apps" for how you can control the information sent to Google.
Other third parties that may collect information about your online activities when using AG Services include, but are not limited to: Klaviyo, Facebook, Instagram, Google Analytics, Reamaze and Product Reviews.
Managing Targeted Advertising
Whether cookies are placed on your computer or mobile device is something you can control.
The Digital Advertising Alliance ("DAA") is an industry self-regulatory program to provide consumers with greater control over ads that are customized based on their online behavior across different websites. To learn more and make choices about interest-based ads from participating third parties, please visit the DAA consumer opt out page, Canadian DAA online choice page, European DAA online choice page and Australian DAA online choice page..
If you opt out of having your information used to deliver advertisements tailored to your interests, you will continue to see advertisements on AG Services but they may not be as relevant to you.
Adjusting Your Browser Settings
You have the option to set your browser to accept all cookies, reject all cookies, notify you when a cookie is set and delete cookies periodically (including behaviorally targeted advertising cookies). Please visit All About Cookies for more information about how to manage cookies on your specific browser, or select the "Help" menu in your browser.
Web beacons are generally used in conjunction with cookies, so if your browser is set to reject cookies, or if you delete cookies, web beacons will not be able to track your activity as you navigate between web-sites.
Please note that if you block cookies, you may not be able to view or access some or all of AG Services or other websites.
SECTION 10 – VISITORS FROM AUSTRALIA
We maintain records of personal information we have collected. Except in some limited circumstances such as where the information is commercially sensitive, personal information held by AG Hair about you is available by contacting our Privacy Officer privacy@AGHair.com.
We will process a request for access or for changes to inaccurate information as quickly as possible. We reserve the right to impose a reasonable charge for processing and gathering personal information, as permitted under the Australian Privacy Act.
In Australia, the Australian Digital Advertising Alliance (“ADAA”) has developed the Australian Guideline for Third Party Online Behavioural Advertising. More information and an opt out page to manage online behavioural advertising preferences with ADAA member companies are available at www.youronlinechoices.com.au.
If you need further assistance, please contact us.
SECTION 11 – VISITORS FROM CALIFORNIA
AG Hair provides California residents with the option to opt-in or opt-out to sharing of “personal information” as defined by California’s “Shine the Light” law with third parties, other than AG Hair’s affiliates, for such third parties’ own direct marketing purposes. California residents may exercise that opt-out, and/or request information about AG Hair’s compliance with the Shine the Light law, and obtain disclosure of third parties AG Hair has shared information with in accordance with the law for their direct marketing purposes absent your choice and the categories of information shared, by contacting AG Hair at privacy@AGHair.com or by sending a letter to AG Hair at:
Re: Privacy Inquiries
14 King Edward St
Requests must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that AG Hair is only required to respond to one request per customer each year, and AG Hair is not required to respond to requests made by means other than through the provided e-mail address or mail address.
SECTION 12 – VISITORS FROM CANADA
If you have any questions, or complaints, regarding the collection or use of your personal information or the content of this policy, or if you wish to withdraw your consent to us using your data, please contact us. Back-up data of personal information will only be retained as long as it is necessary for data security purposes and will not be retained indefinitely.
If you are not satisfied with our response to your query or complaint, you may also contact the Office of the Information and Privacy Commissioner of Canada.
SECTION 13 – VISITORS FROM THE EUROPEAN UNION
Legal Basis for Data Processing
EU Data Subject Rights
The EU General Data Protection Regulation (GDPR) provides certain rights for EU data subjects. You may decline to share certain personal information with us, in which case we may not be able to provide some of the features and functionality of AG Services. These rights include, in accordance with applicable law, the right to object to or request the restriction of processing of your personal data and to request access to, rectification, erasure and portability of your own personal data.
We will make commercially reasonable efforts to provide you reasonable access to your personal information within 30 days of your access request to the contact address below. We provide this access so that you may review, make corrections or request deletion of your personal information. If we cannot honour your request within 30 days, we will inform you when we will be able to provide such access. If for some reason access is denied, we will provide an explanation as to why access is denied. When technically feasible, at your request, we will provide your personal data to you or transmit it directly to another controller.
If you have any unresolved privacy concern that we have not addressed satisfactorily after contacting us, you have the right to contact the appropriate EU Data Protection Authority and lodge a complaint.
Third Party Online Advertising
We allow certain third party advertising exchanges to place advertisements on our sites. With your consent, those advertising exchanges collect your IP address and/or a unique advertising ID that is used by the advertising exchange to identify you across the Internet.
The European Digital Advertising Alliance (EDAA) has developed a guide to online behavioural advertising and has developed an opt out page to manage online behavioural advertising preferences with EDAA member companies available at www.YourOnlineChoices.com.
Automated Decision Making
We use automated decision-making technologies, including profiling, to support our data processing activities. These include services designed to develop and provide advertising tailored to your interests.
For all EU Data Subject Rights requests, please contact us at privacy@AGHair.com.
Re: Privacy Inquiries
14 King Edward St
If our store is acquired or merges with another company, your information may be transferred to the new owners so that we may continue selling products to you.
Re: Privacy Inquiries
14 King Edward St
SECTION 15 – CONTACT US
If you would like to access, correct, amend or delete any personal information you have provided us with, contact our Chief Privacy Officer at firstname.lastname@example.org or by mail at:
Re: Privacy Inquiries
14 King Edward St
Subject to applicable exceptions and limitations prescribed by law, you will be given reasonable access to your personal information, and will be entitled to challenge the accuracy and completeness of the information and to have it amended as appropriate.