Demure Derma

Menu
Menu

Privacy Policy

Privacy Policy

 

Effective Date: January 1, 2025

Welcome to Demure Derma (“we,” “our,” or “us”). Your privacy is critically important to us. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website, www.demurederma.com (the “Site”), and when you interact with our products or services. By using our Site, you agree to the terms outlined below.

1. Information We Collect

A. Information You Provide to Us

We collect personal information that you voluntarily share, including but not limited to:

  • Contact Information: Name, email address, mailing address, phone number.
  • Payment Information: Masked credit card details for purchase processing.
  • Account Information: Username, password, or other login credentials.
  • Health Information: Skincare concerns, preferences, or other information submitted via forms or assessments.

B. Information We Collect Automatically

When you interact with our Site, we may collect certain information automatically, such as:

  • Device Information: IP address, browser type, operating system.
  • Usage Data: Pages viewed, time spent on the Site, and referral URLs.
  • Cookies and Tracking: See the “Cookies and Tracking” section for more details.

C. Sensitive Personal Information

In connection with certain services or assessments, we may collect:

  • Skin type, concerns, or goals.
  • Responses to quizzes or product recommendations.

2. How We Use Your Information

We use the collected information to:

  • Provide, operate, and improve our Site and services.
  • Process transactions and deliver products.
  • Send marketing communications, if you’ve opted in.
  • Personalize your experience and recommend products tailored to your needs.
  • Conduct analytics and improve our offerings.

3. Sharing Your Information

We do not sell your personal information. However, we may share it in the following situations:

A. Service Providers

We share information with trusted third-party vendors who assist with:

  • Payment processing (e.g., Stripe, PayPal).
  • Data hosting and analytics (e.g., Google Analytics).
  • Marketing campaigns and email communications (e.g., Klaviyo).

B. Legal and Compliance Requirements

We may disclose your information if required by law or to protect our rights, property, or safety.

C. Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor organization.

4. Cookies and Tracking Tools

We use cookies and similar technologies to enhance your browsing experience and gather data about:

  • Your interactions with our Site.
  • Preferences to optimize functionality (e.g., language and region).
  • Analytics for performance insights.

You can manage cookie settings through your browser preferences or opt out of certain tracking tools via tools like Google’s Ad Settings or the Network Advertising Initiative’s opt-out page.

5. Your Rights

A. General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have the right to:

  • Access, update, or delete your personal data.
  • Restrict or object to the processing of your information.
  • Port your data to another provider upon request.

To exercise your GDPR rights, email us at privacy@demurederma.com.

B. California Privacy Rights Act (CPRA)

California residents have the right to:

  • Know what personal information we collect.
  • Request deletion of their information.
  • Opt out of the sale or sharing of personal information.

To submit a CPRA request, visit email us at privacy@demurederma.com.

6. Data Security

We implement robust security measures to protect your data, including:

  • Encryption of sensitive information during transmission.
  • Access controls to limit data exposure within our organization.
  • Regular security audits to identify and address vulnerabilities.

However, no online system is 100% secure. If a data breach occurs, we will notify affected users within 72 hours, where required by law.

7. Retention of Information

We retain personal information for as long as necessary to:

  • Fulfill the purposes outlined in this Privacy Policy.
  • Comply with legal, tax, or regulatory requirements.
  • Support our legitimate business interests.

Inactive accounts may be deleted after 12 months of inactivity. Aggregated or anonymized data may be retained indefinitely for analytics.

8. Children’s Privacy

Our Site is not directed at children under 13. We do not knowingly collect personal information from children. If we learn that we’ve inadvertently collected such data, we will delete it promptly.

9. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. Updates will be posted on this page, and the “Effective Date” will be revised.

10. Contact Us

If you have any questions about this Privacy Policy or your personal data, please contact us: