Privacy Policy – Hair and Skin Lab

Privacy Policy

Who We Are

Our website address is: https://hairandskinlab.com.

Hair and Skin Lab is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines our practices concerning the collection, use, and sharing of your data when you visit our website or use our services.

What Personal Data We Collect and Why We Collect It

Comments

When visitors leave comments on our site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help with spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact Forms

When you submit information through our contact forms, we collect your name, email address, and any other information you provide in the message field. This information is used solely for the purpose of responding to your inquiries and is retained for 6 months for customer service purposes. We do not use the information submitted through contact forms for marketing purposes unless you explicitly consent to this.

Cookies

If you leave a comment on our site, you may opt-in to saving your name, email address, and website in cookies. These cookies are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Additionally, our store uses cookies to keep track of cart contents while you’re browsing our site.

Analytics

We use anonymized analytics to track and monitor usage of our website. This helps us improve our services and user experience. You can opt out of analytics tracking by using browser plugins designed for this purpose or by enabling “Do Not Track” settings in your browser.

Embedded Content From Other Websites

Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if you have visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

E-commerce Data Collection

What We Collect and Store

While you visit our site, we’ll track:

  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address, and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!

When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details, and optional account information like username and password. We’ll use this information for purposes such as:

  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them

If you create an account, we will store your name, address, email, and phone number, which will be used to populate the checkout for future orders.

We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 7 years for tax and accounting purposes. This includes your name, email address, and billing and shipping addresses.

We will also store comments or reviews, if you choose to leave them.

Who We Share Your Data With

If you request a password reset, your IP address will be included in the reset email.

Team Access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:

  • Order information like what was purchased, when it was purchased, and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.

Our team members have access to this information to help fulfill orders, process refunds, and support you.

Third-Party Sharing

We share information with third parties who help us provide our orders and store services to you, including:

Payments

We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.

Please see the PayPal Privacy Policy for more details.

Spam Protection

We use Akismet Anti-spam service to protect our comments section. The information we collect depends on how Akismet is set up for the site, but typically includes the commenter’s IP address, user agent, referrer, and Site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).

Please see the Akismet Privacy Policy for more details.

Caching

This site utilizes caching (via LiteSpeed Cache) in order to facilitate a faster response time and better user experience. Caching potentially stores a duplicate copy of every web page that is on display on this site. All cache files are temporary and are never accessed by any third party, except as necessary to obtain technical support from the cache plugin vendor. Cache files expire on a schedule set by the site administrator but may easily be purged by the admin before their natural expiration if necessary. We may use QUIC.cloud services to process & cache your data temporarily.

Please see QUIC.cloud Privacy Policy for more details.

How Long We Retain Your Data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What Rights You Have Over Your Data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

For European Economic Area (EEA) residents, you have the following rights under the General Data Protection Regulation (GDPR):

  • The right to access your personal data
  • The right to rectification if the data is inaccurate or incomplete
  • The right to erasure (right to be forgotten)
  • The right to restrict processing
  • The right to data portability
  • The right to object to processing
  • Rights relating to automated decision-making and profiling

Where Your Data Is Sent

Visitor comments may be checked through an automated spam detection service.

International Data Transfers

For visitors from the European Economic Area (EEA), please note that your personal data may be transferred outside of the EEA, including to countries that may not have been deemed to provide an adequate level of protection for personal data by the European Commission. We ensure appropriate safeguards are in place to protect your privacy and rights through:

  • Use of standard contractual clauses approved by the European Commission
  • Implementation of appropriate technical and organizational measures
  • Adherence to the Privacy Shield framework (where applicable)

How We Protect Your Data

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. We use secure server architecture, encryption for sensitive data transmission, regular malware scanning, two-factor authentication for administrator access, and regular security audits.

Data Breach Procedures

In the case of a data breach, we will notify affected users and relevant authorities within 72 hours of becoming aware of the breach, where feasible. Our notification will include the scope of the breach, the types of information affected, and steps we are taking to address the situation.

Contact Information

For privacy-specific concerns or to exercise your data rights, please contact us at:

Email: privacy@hairandskinlab.com Phone: [Insert Phone Number] Address: [Insert Physical Address]

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the effective date at the top. You are advised to review this Privacy Policy periodically for any changes.

Effective Date: May 17, 2025

Privacy Preference Center

Privacy Preferences

When you visit any website, it may store and retrieve information through your browser, usually in the form of cookies. Since we respect your right to privacy you can choose not to permit data collection for certain types of services. However, not allowing these services may effect your experience

Privacy Policy

Required
You read and agreed to our Privacy Policy.

CDN

Required
Required For performance and security reasons, we use Cloudflare and MaxCDN as our CDN networks.

You Tube

We use the YouTube service to enable video content streaming on this site.

Vimeo

We use the Vimeo service to enable video content streaming on this site.