Privacy Policy

Exa Beauty Privacy Policy

Effective Date: April 1, 2024


    1. Introduction
    2. Information We Collect About You and How We Collect It
    3. Information We Collect Through Automatic Data Collection Technologies
    4. Third-Party Use of Cookies and Other Tracking Technologies
    5. How We Use Your Information
    6. Disclosure of Your Information
    7. Choices About How We Use and Disclose Your Information
    8. Children’s Privacy
    9. Your California Privacy Rights
    10. Your Privacy Rights
    11. Exercising Your Privacy Rights
    12. Visitors From Outside The United States—Cross-Border Transfer
    13. Data Security
    14. Other Websites
    15. Changes to Our Privacy Policy
    16. Contact Information

 

1.     Introduction
At Eco-Chic, LLC d/b/a Exa Beauty (“Exa,” “we,” our,” or “us”), we respect your privacy and are committed to protecting it through our compliance with this Privacy Policy (“Policy”).

This Policy describes the types of information we may collect from you or that you may provide when you visit the website www.Exabeauty.com and any subdomains or portals (our "Website") and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This Policy applies to Personal Information we collect:

  • On this Website.
  • In email, text, and other electronic messages between you and this Website.
  • Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website.
  • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this Policy.

    Personal Information” means any information that identifies, relates to or can reasonably be linked to an identified or identifiable individual, as defined by applicable legislation.

    It does not apply to information collected by:

    • Us offline or through any other means, including on any other website operated by us or any third party (including our affiliates and subsidiaries); or
    • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on the Website.
      2

      Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. By using our Website, you agree to this Policy and our Terms of Service (“Terms”). If you do not agree with our policies and practices, your choice is not to use our Website. This Policy may change from time to time (see Changes to Our Privacy Policy section below). Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

       

      2.     Information We Collect About You and How We Collect It

      As a rule, we limit the Personal Information we collect to that which is adequate, relevant and reasonably necessary for us to provide our Services to you.

      We collect this information:

      • Directly from you when you choose to participate in our offers and programs or when you otherwise provide information directly to us, including when you register with us, purchase products, review products, participate in our interactive features or otherwise interact with us on the Website.
      • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
      • From third parties, for example, our business partners.

       

        Information You Provide to Us
        We collect several types of Personal Information from and about users of our Website, including:

        • Contact information such as name, postal address, e-mail address, telephone number, credit card number, user name, date of birth, or any other identifier by which you may be contacted online or offline;
        • Account login and password that you create; and/or
        • Financial information such as your credit card or debit card number, bank account information and your payment, service and purchase history.
        • Information that you provide by filling in forms on our Website. This includes information provided at the time of registering to use our Website, subscribing to our service, posting material, or requesting further services. We may also ask you for information when you enter a contest or promotion sponsored by us, and when you report a problem with our Website.
        • Records and copies of your correspondence (including email addresses), if you contact us.
        • Your responses to surveys that we might ask you to complete for research purposes.
        • Your search queries on the Website.

          In connection with our product review system, you might provide other voluntary Personal Information including your:

          • Age range
          • Skin tone
          • Skin color

            You also may provide information to be published or displayed (hereinafter, "posted") on public areas of the Website, or transmitted to other users of the Website or third parties (collectively, "User Contributions"). Your User Contributions are posted on and transmitted to others at your own risk. Although we limit access to certain pages, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

             

            Non-Personal Information
            In addition, we may also collect non-personally identifiable information, such as IP addresses (which identify your device), pages viewed, computer type, screen resolution, operating system version, Internet browser type and version, information collected through cookies, pixel tags, web beacons, and other technologies, and other data (“Non-Personal Information”). Because Non-Personal Information does not personally identify you, we may collect, use and disclose Non-Personal Information for any purpose. Non-Personal Information will be retained only for so long as to fulfill a legitimate business need.

             

            Aggregate Information
            We may aggregate Personal Information so that the aggregated information does not personally identify you or anyone else, such as by using Personal Information to calculate the percentage of our customers who live in a particular area (“Aggregate Information”). In some instances, we may combine Non-Personal Information with Personal Information (such as combining your name with your geographical location). If we combine any Non-Personal Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is combined, and may aggregate any information collected in a manner which does not identify any individual.

             

            Information Collected from Third Parties
            The Website includes functionality that allows certain kinds of interactions between the Website and your account on a third-party website or application. The use of this functionality may involve the third-party site providing information to us. For example, we might obtain Personal Information from third party providers that tie together multiple data points to gain additional information to create a unified customer view. We might also provide links to make it easier to send a communication from the Website, or we may use third parties to make it easier to send emails or post to social media (like a “Share” or “Forward” button). These third parties also use cookies and other tracking technologies to capture information about your interactions with us.

            3

            We encourage you to review the privacy statements of these third parties to understand their privacy practices.

             

             

            3.     Information We Collect Through Automatic Data Collection Technologies
            As you interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

            • Details of your visits to our Website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.
            • Information about your computer and internet connection, including your IP address, operating system, and browser type.

              The information we collect automatically is only statistical data and does not include Personal Information, but we may associate it with Personal Information that you provide to us. It helps us to improve our Website and to deliver a better and more personalized service, including by enabling us to:

              • Estimate our audience size and usage patterns.
              • Store information about your preferences, allowing us to customize our Website according to your individual interests.
              • Speed up your searches.
              • Recognize you when you return to our Website.

                The technologies we use for this automatic data collection may include cookies.Cookies” are pieces of information that may be placed on your computer by a Website for the purpose of facilitating and enhancing your communication and interaction with that Website. We may use cookies to customize your visit to the Website and for other purposes to make your visit more convenient or to enable us to enhance our service. For example, cookies allow us to select which ads or offers are most likely to appeal to you, based on your interests, preferences, location, or demographic information. Cookies also allow us to keep track of items you add to your shopping cart. Many websites use cookies for these purposes.

                There are several types of cookies, including, for example, browser cookies, session cookies, and persistent cookies. We use different types of cookies on our Website. We use cookies that allow customers and members to remain logged in to our Website, and that recognize your Website preferences and user attributes. The Website also uses cookies to help keep track of items you put into your shopping cart including when you have abandoned your cart and this information is used to determine when to send cart reminder messages via SMS.

                You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

                • As you use the Internet, a trail of electronic information is left at each website you visit. This information, which is sometimes referred to as "clickstream data," can be collected and stored by a website's server. Clickstream data can tell us the type of computer and browsing software you use and the address of the website from which you linked to the website. We may collect and use clickstream data as a form of Aggregate Information to anonymously determine how much time visitors spend on each page of our Website, how visitors navigate throughout the Website, and how we may tailor our web pages to better meet the needs of visitors. This information will be used to improve our Website and our services. Any collection or use of clickstream data will be anonymous and aggregate, and will not intentionally contain any Personal Information.
                • Site Analytics. We may work with third-party service providers who use the technologies described in this section to conduct website analytics to help us track and understand how visitors use our Website.
                • Social Network and Interactive Tools. Certain features on our Website may give you an opportunity to interact with us and others. These may include blogs, message boards, messaging functionality, chat functionality, and creating community profiles. When you use these features, you should be aware that any information you submit, including your name, location and e-mail address, may be publicly available to others. We are not responsible for any information you choose to submit through these interactive features and we strongly discourage you from disclosing any sensitive Personal Information (such as health or credit card information) through these features. If you use these features, your Personal Information may remain on the Website even after you cease use of the Website.4

                  Exa Beauty uses cookies to collect information around abandoned shopping carts. A cart is considered abandoned within one hour of inactivity/lack of purchase. Once the cart is considered abandoned, an SMS message will be sent as a reminder.

                   

                    4.     Third-Party Use of Cookies and Other Tracking Technologies
                    Some content or applications, including advertisements, on the Website are served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about you when you use our website. The information they collect may be associated with your Personal Information or they may collect information, including Personal Information, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

                    We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see the Choices About How We Use and Disclose Your Information section above.

                    5

                     

                    5.     How We Use Your Information
                    We use information that we collect about you or that you provide to us, including any Personal Information:

                    • To present our Website and its contents to you.
                    • To provide you with information, products, or services that you request from us.
                    • To fulfill any other purpose for which you provide it.
                    • To provide you with notices about your account, including expiration and renewal notices.
                    • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
                    • To notify you about changes to our Website or any products or services we offer or provide though it.
                    • To allow you to participate in interactive features on our Website.
                    • In any other way we may describe when you provide the information.
                    • For any other purpose with your consent.
                      6

                      We may also use your information to contact you about our goods and services that may be of interest to you. If you do not want us to use your information in this way, please email us at hello@exabeauty.com. For more information, see the Choices About How We Use and Disclose Your Information section above.

                       

                      6.     Disclosure of Your Information
                      We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

                      We may disclose Personal Information that we collect or you provide as described in this Policy:

                      • To our subsidiaries and affiliates.
                      • To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them.
                      • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Eco-Chic, LLC d/b/a Exa's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Eco-Chic, LLC d/b/a Exa about our Website users is among the assets transferred.
                      • To fulfill the purpose for which you provide it. For example, if you give us an email address to use the "email a friend" feature of our Website, we will transmit the contents of that email and your email address to the recipients.
                      • With Oracle Advertising (Oracle Data Cloud), which allows us to access data compiled by Oracle so as to improved our interest-based advertising.
                      • For any other purpose disclosed by us when you provide the information.
                      • With your consent.

                        We may also disclose your Personal Information:

                        • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
                        • To enforce or apply our Terms of Use and other agreements, including for billing and collection purposes.
                        • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Eco-Chic, LLC d/b/a Exa, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
                        7

                          The above excludes text messaging originator opt-in data and consent; this information will not be shared with any third parties.

                           

                          7.     Choices About How We Use and Disclose Your Information
                          We strive to provide you with choices regarding the Personal Information you provide to us. We have created mechanisms to provide you with the following control over your information:

                          • Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this Website may then be inaccessible or not function properly.
                          • Global Privacy Control. Some browsers and browser extensions support opt-out preference signals such as the Global Privacy Control (“GPC”) that can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data sales. GPC is a web browser-level setting, maintained by either a browser or a browser extension, that a user or privacy-focused technology can set. In certain regions, when we detect such a signal, we will make reasonable efforts to respect your choices as required by applicable law.
                          • Do Not Track. Do Not Track (“DNT”) is a web browser setting that requests that a web application disable its tracking of an individual user. When you choose to turn on the DNT setting in your browser, your browser sends a special signal to websites, analytics companies, ad networks, plug in providers, and other web services you encounter while browsing to stop tracking your activity. Various third parties are developing or have developed signals or other mechanisms for the expression of consumer choice regarding the collection of information about an individual consumer’s online activities over time and across third-party websites or online services (e.g., browser do not track signals), but there is no universally agreed upon standard for what an organization should do when it detects a DNT signal. Currently, we do not monitor or take any action with respect to these signals or other mechanisms. You can learn more about Do Not Track here.
                          • Change your information on our Website. Log in to Exabeauty.com using your username and password. Go to Exabeauty.com/account where you will see the email address we have on file as well as all the address you have shipped to. You can update and delete the addresses through your account. To change your email address, please email: hello@exabeauty.com. You cannot change the email address on your account as it is how you log in to your account. To disable your account and remove your email address, email hello@exabeauty.com, and we will assist you.
                          • Opt Out of Our Email Marketing Campaigns. By providing your email address to Exa, you expressly consent to receive emails from us. We may use email to communicate with you, to send information that you have requested or to send information about other products or services developed or provided by us or by other third party manufacturers, services and/or distributors that Exa believes will be of interest to its audience. If you receive an unwanted email from us, though, you can simply reply and ask not to receive future emails. We also give you the option to remove your Personal Information from our list of active users completely. All unsubscribe or opt-out requests should be sent to us at hello@exabeauty.com, and we will process your request within a reasonable time after receipt. This opt out does not apply to information provided to us as a result of a product purchase, warranty registration, product service experience, or other transactions.
                          • Opt Out of Our Mailing List. Email hello@exabeauty.com and we will make a request for your data to be erased from our mailing list. It may take up to 90 days to remove your information from our mailing list.
                          • Opt Out of Text/SMS Messages. You may opt-out of text/SMS messages from us at any time. Text the single keyword command STOP to 90658 or click the unsubscribe link (where available) in any text message to cancel. This is the exclusive method for opting out. You will receive a one-time opt-out confirmation text message. No further messages will be sent to your mobile device, unless initiated by you. If you have subscribed to other Exa mobile message programs and wish to cancel, except where applicable law requires otherwise, you will need to opt out separately from those programs by following the instructions provided in their respective mobile terms.
                          • Disclosure of Your Information for Third-Party Advertising.
                            8

                            California residents may have additional Personal Information rights and choices. Please see Your California Privacy Rights below for more information.

                            Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to us using the information in the Contact Us section below. However, please know we do not currently sell data, as defined by that statute, triggering the statute's opt-out requirements.

                             

                            8.     Children’s Privacy
                            Our Website is not intended for persons under 16 years of age. No one under age 16 may provide any information to or on the Website. We do not knowingly collect Personal Information from children under 16. If you are under 16, do not use or provide any information on this Website or on or through any of its features. If we learn we have collected or received Personal Information from anyone under 16 without verification of parental consent, we will make reasonable efforts to delete that information from our records.

                            If you are the parent or guardian of a person between the ages of 13 and 15, please inform us at hello@exabeauty.com so that we may discuss with you whether you wish to provide affirmative authorization (the "right to opt-in") for us to sell information based on your child’s use of the Website and its features. We also recommend that parents monitor their children’s Internet activities and learn and employ software or other tools that can help their children enjoy their online experience without compromising their personal safety or allowing them to use the Internet in a manner inconsistent with their parent/guardian’s preferences.

                            9

                            If you believe we might have any information from or about a child under 16, please contact us using the information in the Contact Us section below.

                             

                            9.     Your California Privacy Rights
                            If you are a California resident, California law may provide you with additional rights regarding our use of your Personal Information. To learn more about your California privacy rights, visit our California Privacy Notice.

                            10

                             

                            10.Your Privacy Rights
                            Certain U.S. states provide data subject rights (“Privacy Rights”) to individuals resident in them. Depending on where you reside, you may have the following rights:

                            • To know whether we process your personal information;
                            • To know the categories of Personal Information we collect about you, the purposes for the collection, how long we retain your Personal Information, and whether that information is sold or shared or disclosed and to whom;
                            • To request access to your Personal Information, request a copy of your Personal Information or have your Personal information transferred to another controller;
                            • To request deletion of your Personal Information;
                            • To request rectification of your Personal Information;
                            • To opt out of the sale or sharing of your Personal Information;
                            • To limit the use of your Sensitive Personal Information;
                            • To opt out of some types of Automated Decision-Making (ADM), including profiling, or to request human intervention or information about how ADM is conducted;
                            • Not to be discriminated against for exercising your privacy rights; and
                            • To withhold or withdraw consent for the processing your personal information

                             

                              Right to access and portability
                              Some individuals have the right to request access to their Personal Information and to obtain a copy of their personal information.

                               

                              Right to deletion
                              You may have the right to request that we delete some or all of the information that we hold about you. Depending on the applicable laws, the type of information and the method of collection, there are exceptions to the right to deletion. For example, we may have a legal obligation to retain your personal information for tax or other reasons.

                               

                              Right to rectification
                              You may have the right to request that we correct the information we hold about you (rectification). We encourage you to regularly review your information, as we aspire to have only accurate, relevant and up-to-date information. If you feel that the personal information we hold about you is inaccurate or incomplete you may change it by logging into your account or submitting a request using the methods below.

                               

                              Right to opt out of sale, sharing, targeted advertising and other processing
                              You may have the right to opt out of certain uses of your Personal Information, for example, selling, sharing, direct marketing or targeted advertising. You can see what information we sell or share in the section on “Disclosures of Personal Information” above.

                              We do not sell Personal Information, but we recognize that some privacy laws define “Personal Information” in such a way that making available identifiers linked to you for a benefit may be considered a “sale.” To opt-out of the sale, sharing or processing of Personal Information for targeted advertising, please contact us using the information in the Contact Us section below.

                               

                              Sensitive Personal Information
                              You may have the right to limit the use of Sensitive Personal Information. Currently, we do not collect any Sensitive Personal Information.

                               

                              Right Not to Be Discriminated Against
                              We will not discriminate against you for exercising any of your privacy rights. For example, unless the difference is reasonably related to the value of your Personal Information to us, we will not

                                • Deny you goods or services.
                                • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
                                • Provide you a different level or quality of goods or services.
                              11
                              • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

                               

                                11.Exercising Your Privacy Rights
                                You or your authorized agent may make a request to exercise your rights over your Personal Information by contacting us using the information in the Contact Us section below.

                                You may use an authorized agent to submit your privacy rights request; however, we are obligated to ensure you have properly authorized the agent to act on your behalf and we may require proof of the written authorization.

                                In order to honor your rights requests, we may require you to confirm your identity and your residency or location. If we are unable to verify your identity, we may not honor your request. Where we deny a privacy rights request, we will notify you of the reason for the denial within 45 days of receiving the request.

                                12

                                If you disagree with our decision not to honor your privacy rights request, you may appeal the decision using the information in the Contact Us section below or submit a complaint to your local privacy or data protection regulator.

                                 

                                12.Visitors From Outside The United States—Cross-Border Transfer
                                The Website is hosted in the United States. If you are visiting our Website from outside the United States, your information may be transferred to, stored in, and processed in, the United States or any other country where we or our affiliates, subsidiaries, or third-party service providers maintain facilities.

                                By providing us with Personal Information, you consent to the storage or processing of your Personal Information in the United States and acknowledge that the Personal Information will be subject to the laws of the United States, including the ability of governments, courts or law enforcement or regulatory agencies of the United States to obtain disclosure of your Personal Information. By using the Website and/or providing personal data to us, you also consent to transfer, storage, and processing of your information as described in this Privacy Policy. We will protect the privacy and security of Personal Information according to this Privacy Policy, regardless of where it is processed or stored.

                                13

                                We do not knowingly collect or process Personal Information from individuals residing within the European Union, nor do we ship to countries within the European Union.

                                 

                                13.Data Security
                                We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions will be encrypted using TLS or similar technology.

                                The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.

                                14

                                Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to our Website. Any transmission of Personal Information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

                                 

                                15

                                14.Other Websites
                                Our Website may contain links to other websites not maintained by Exa. Other websites may also reference or link to our Website. The inclusion of a link on the Website does not imply endorsement of the linked site by us. We are not responsible for the privacy practices of websites operated by third parties that are linked to or integrated with our Website, or for the privacy practices of third-party Internet advertising companies. We encourage you to be aware when you leave our Website, or surf the Internet, and to read the privacy statements of each and every Website that you visit.

                                 

                                16

                                15.Changes to Our Privacy Policy
                                It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our users' Personal Information, we will notify you via email. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this Policy to check for any changes.

                                 

                                16.Contact Information
                                To ask questions or comment about this Policy and our privacy practices, contact us.

                                By mail:
                                Eco-Chic, LLC
                                Attn: Customer Experience
                                5214F Diamond Heights Blvd., Unit 1558
                                San Francisco, CA 94131

                                By email: hello@exabeauty.com
                                By our toll-free number: (844) 692-7336

                                To register a complaint or concern, please see the dispute resolution procedures in our Terms of Use. If you need to access this Policy in an alternative format due to having a disability, please contact hello@exabeauty.com and/or 1-844-692-7336.