In this Privacy Policy, we detail how we collect, use, and disclose your information when you use the Service. It informs you about your privacy rights and how the law protects your information. We use your Personal Data to improve and provide the Service. Your use of the Service implies consent to collect and use information as specified in this Privacy Policy.
Interpretation
Words capitalized at the beginning hold particular definitions under these circumstances. The subsequent definitions retain the same meaning, irrespective of whether they appear in singular or plural form.
Definitions
For the purposes of this Privacy Policy:
- The Company, referred to as “the Company”, “We”, “Us”, or “Our” in this Agreement, denotes TOTA SKINCARE, A-8-2 Concerto North Kiara, 18 Jalan Dutamas Orkid, 51200 Kuala Lumpur.
- For Personal Data Protection, the Company serves as the Data Controller.
- Cookies, small files positioned on Your computer, mobile, or other devices by a website, contain details of Your browsing history among their various functions.
- Country designates Malaysia.
- The Data Controller, under the Personal Data Protection Act 2010, refers to the Company, a legal entity determining the purposes and means of processing Personal Data, either alone or with others.
- Device encompasses any tool capable of accessing the Service, like a computer, cellphone, or digital tablet.
- Facebook Fan Page, a public profile titled TOTA SKINCARE, is specifically established by the Company on the Facebook social network, accessible via https://www.facebook.com/totaskincare.
- Personal Data constitutes information linked to an identified or identifiable individual.
- Within the context of Personal Data Protection, Personal Data encompasses information related to You, such as a name, identification number, location data, online identifier, or factors specific to identity.
- Service denotes the Website.
- Service Provider refers to any individual or entity processing data on behalf of the Company. It includes third-party entities or persons engaged by the Company to facilitate or provide services related to the Service or aid in analyzing Service usage. For PDPA purposes, Service Providers are deemed Data Processors.
- Third-party Social Media Service points to websites or social networks through which a User can log in or create an account to access the Service.
- Usage Data refers to automatically collected data, either generated during Service use or within the Service infrastructure itself (e.g., page visit duration).
- Website pertains to TOTA SKINCARE, accessible via totaskincare.com.
- You signifies the individual or entity accessing or using the Service, or a legal entity on behalf of which the individual accesses or uses the Service, as applicable.
Terms
- Consent: You have provided Your consent for processing Personal Data for one or more specific purposes.
- Performance of a contract: Provision of Personal Data is necessary for executing an agreement with You and/or fulfilling pre-contractual obligations.
- Legal obligations: Processing Personal Data is essential to comply with a legal obligation binding on the Company.
- Vital interests: Processing Personal Data is necessary to safeguard Your or another natural person’s vital interests.
- Public interests: Processing Personal Data is tied to a task executed in the public interest or exercising official authority vested in the Company.
- Legitimate interests: Processing Personal Data is vital for pursuing the Company’s legitimate interests.
Collecting and Using Your Personal Data
While you use our Service, we may ask you for specific personally identifiable information. This information allows us to contact or identify you and may include, but is not limited to:
- Email address
- First name and last name
- Address, State, Province, ZIP/Postal code, City
While using our Service, we automatically collect Usage Data. This data encompasses details like your Device’s Internet Protocol (IP) address, browser type, visited pages, time and date of your visit, duration on these pages, unique device identifiers, and additional diagnostic data.
If you access our Service through a mobile device, certain information is collected automatically, including the type of mobile device, its unique ID, mobile device IP address, operating system, mobile Internet browser type, unique device identifiers, and other diagnostic data.
Additionally, information is gathered each time you visit our Service or access it through a mobile device.
Cookies
We employ Cookies and similar tracking technologies like beacons, tags, and scripts to monitor and store specific information related to your activity on our Service. These technologies include:
- Cookies or Browser Cookies: Small files placed on your device to enhance user experience. You can adjust browser settings to decline Cookies, but this may limit Service accessibility.
- Flash Cookies: Local stored objects used by specific Service features, not managed through regular browser settings.
- Web Beacons: Small electronic files in certain Service sections or emails, allowing us to track user visits, page popularity, and ensure website integrity.
Cookies may be “Persistent” (remaining on your device when offline) or “Session” (deleted when you close the browser). We use both Session and Persistent Cookies for the purposes set out below:
Type: Session Cookies
Administered by: Us
Purpose: These Cookies play a crucial role in furnishing available services and enabling specific features on the Website. They aid user authentication and prevent fraudulent account usage. Without these Cookies, requested services cannot be rendered, and they are solely utilized to provide those services.
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies determine whether users have agreed to the use of cookies on the Website.
Type: Persistent Cookies
Administered by: Us
Purpose: These Cookies enable us to recall the choices you make while using the Website, like retaining login details or language preferences. Their purpose is to personalize your experience and prevent repeated preference entries with each use of the Website.
Type: Persistent Cookies
Administered by: Third-Parties
Purpose: We use these Cookies to monitor Website traffic and user behavior. Information collected via these Cookies may directly or indirectly identify individual visitors, as it’s linked to a pseudonymous identifier tied to your device. Additionally, we employ these Cookies to test new Website pages, features, or functionality and gauge user responses.
Use of Personal Data
The Company may use Personal Data for the following purposes:
- To actively maintain and oversee our Service’s usage is part of our commitment.
- Managing Your Account involves administering your registration for Service access, granting you various functionalities.
- Performance of contractual obligations encompasses the development and fulfillment of purchase agreements or other Service-related contracts.
- Contacting You via email, calls, SMS, or other electronic means ensures communication about updates, security, or necessary information related to functionalities, products, or services.
- Providing news, special offers, and relevant information about goods, services, or events similar to your interests unless opted out.
- Attending and managing Your requests is part of our dedication to catering to Your needs.
- Utilizing Your information for business transfers may occur in evaluations, mergers, or asset transfers.
- Employing Your information for various purposes such as data analysis, identifying usage trends, assessing campaign efficacy, and enhancing our Service, products, services, marketing, and overall user experience.
- We may use Your Personal Data to contact You with newsletters, marketing or promotional materials and other information that may be of interest to You. You may opt-out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us.
- We may use Email Marketing Services to manage and send emails to You.
- We may provide paid products and/or services within the Service. In that case, we may use third-party services for payment processing (e.g. payment processors).
We may share Your personal information in the following situations:
- Service Providers: We share Your information to facilitate Service usage monitoring, analysis, payment processing, and communication.
- For Business Transfers: During mergers, sales, financing, or acquisitions, Your personal information may be shared or transferred.
- Affiliates: Your information is shared with Our affiliates, requiring adherence to this Privacy Policy.
- Business Partners: Sharing Your information enables offers of specific products, services, or promotions.
- Other Users: When interacting with other users or using Third-Party Social Media Services, shared personal information may be viewed, distributed, or accessed by all users.
- With Your Consent: We may disclose Your personal information for other purposes upon Your consent.
Data Privacy and Protection
While we prioritize safeguarding Your Personal Data, it’s important to note that no internet transmission or electronic storage method is entirely foolproof. Despite our efforts to employ commercially acceptable security measures, absolute security cannot be guaranteed. Our Service Providers may access Your Personal Data, storing, using, processing, and transferring information in line with their Privacy Policies.
The Company is committed to clarifying the specific legal basis applicable to the processing of Your Personal Data. This includes whether providing Personal Data is a statutory or contractual requirement or necessary to enter into a contract. We ensure the confidentiality of Your Personal Data and empower You to exercise Your rights. You have the right to:
- Access, update, or delete Your Personal Data, available within Your account settings. Contact Us if you require assistance.
- Correct any incomplete or inaccurate Personal Data We hold about You.
- Object to processing based on Our legitimate interest or for direct marketing purposes.
- Request erasure of Your Personal Data when it’s no longer needed.
- Request Your Personal Data in a machine-readable format for transfer to You or a chosen third-party.
- Withdraw consent, noting it might affect access to specific Service functionalities.
- Lodge a complaint with a Data Protection Authority about Our use of Your Personal Data.
You can exercise Your rights (access, rectification, deletion, and objection) by contacting Us. We may verify Your identity before processing such requests. For more information, especially if You’re in the European Economic Area (EEA), get in touch with Your local data protection authority.
Record Keeping
We keep Your Personal Data to fulfill legal obligations, settle disputes, and uphold the agreements and policies outlined in this Privacy Policy.
Meanwhile, the Company actively holds onto Usage Data for internal analysis, usually for a shorter duration, unless it’s utilized to bolster security, enhance Service functionality, or legally required for longer periods.
Your information, including Personal Data, undergoes processing at the Company’s operational offices and other processing locations. This involves potential data transfer and maintenance on computers located beyond your jurisdiction, governed by different data protection laws.
By consenting to this Privacy Policy and sharing information, You acknowledge and agree to such data transfer. The Company ensures robust security measures and adherence to this Privacy Policy in all data transfers. No transfer of Your Personal Data takes place without stringent controls, including data and personal information security, to avert transmission to a third-party or country lacking adequate measures.
Business Transactions
If the Company engages in a merger, acquisition, or asset sale, your Personal Data might be transferred. We’ll provide prior notice before any such transfer, ensuring transparency and keeping you informed about any changes to the Privacy Policy related to your Personal Data.
Law Enforcement
In specific situations, the Company might need to disclose Your Personal Data as mandated by law or in response to legitimate requests from public authorities, such as courts or government agencies.
Other Legal Requirements
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to comply with a legal obligation to:
- Protect and defend the rights or property of the Company.
- Prevent or investigate possible wrongdoing in connection with the Service.
- Protect the personal safety of Users of the Service or the public.
- Protect against legal liability.
Third Party Services
We engage third-party Service providers, like Google Analytics, to monitor and analyze Service and website usage. Google Analytics tracks and reports website traffic, sharing collected data with other Google services, which may personalize ads within its advertising network.
To opt-out of sharing Your Service activity with Google Analytics, install the Google Analytics opt-out browser add-on. This add-on prevents Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing visit-related information.
For detailed information on Google’s privacy practices, visit the Google Privacy & Terms web page: https://policies.google.com/privacy
We do not store or collect Your payment card details. This information is provided directly to Our third-party payment processors, whose use of Your personal information is governed by their Privacy Policy. You can view their Privacy Policy at https://stripe.com/us/privacy.
Data Controller for the Facebook Fan Page
The Company acts as the Data Controller for Your Personal Data collected during Service use. As the operator of the Facebook Fan Page https://www.facebook.com/totaskincare, the Company and the social network Facebook jointly oversee this platform.
Agreements with Facebook define the terms, largely based on Facebook’s Terms of Service: https://www.facebook.com/terms.php. For insights into Facebook’s management of Personal Data or for direct contact, refer to the Facebook Privacy Policy at https://www.facebook.com/policy.php, or write to Facebook, Inc., ATTN, Privacy Operations, 1601 Willow Road, Menlo Park, CA 94025, United States.
Utilizing the Facebook Insights function, we gather anonymized statistical data about Our users, facilitated by a Cookie placed by Facebook on the user’s device upon visiting Our Facebook Page. These Cookies have unique identifier codes and remain active for up to two years, unless deleted earlier.
Facebook processes the information within the Cookies, notably when the user engages with Facebook services, services by other members of the Facebook Fan Page, or services by companies using Facebook services.
For detailed privacy practices of Facebook, visit their Privacy Policy: https://www.facebook.com/full_data_use_policy.
We hold no control over third-party site content, privacy policies, or practices. Periodic updates to Our Privacy Policy will be posted on this page. We’ll notify You via email or prominent notice on Our Service before any changes take effect and update the “Last updated” date atop this Privacy Policy.
Regularly review this Privacy Policy for updates, as changes become effective when posted on this page.
Other
Our Service isn’t intended for individuals under 13. We don’t knowingly collect personally identifiable information from anyone under 13. If You’re a parent or guardian and believe Your child provided Us with Personal Data, please reach out. If We unknowingly collected Personal Data from someone under 13 without parental consent verification, We take steps to remove it from Our servers.
When consent is necessary for processing Your information and Your country mandates parental consent, We may require Your parent’s approval before collecting and using that information. Our Service might feature links to other websites not operated by Us. Clicking on a third-party link redirects You to that site. We strongly recommend reviewing the Privacy Policy of each visited site.
Contact Us
If you have any questions about this Privacy Policy, You can contact us at support@totaskincare.com
Last Updated: 15 November 2023