Privacy Policy

We take the protection of user data on our website very seriously and commit to safeguarding the information users provide to us in connection with using our website. Furthermore, we commit to protecting and using your data in accordance with applicable law.

This Privacy Policy explains our practices regarding the collection, use, and disclosure of your data through the use of our digital assets (the "Services") when you access the Services through your devices.

Please read this Privacy Policy carefully and ensure that you fully understand our practices regarding your data before using our services. If you have read and fully understood this policy and do not agree with our approach, you must cease using our digital assets and services. By using our services, you acknowledge the terms of this Privacy Policy. Continued use of the services signifies your consent to this Privacy Policy and any changes thereto.

 

In this Privacy Policy, you will learn about:

How we collect data What data we collect Why we collect this data Whom we share the data with Where the data is stored How long the data is retained How we protect the data How we handle minors Updates or changes to the Privacy Policy

What data do we collect?

Below is an overview of the data we may collect:

Unidentified and non-identifiable information that you provide during the registration process or that is collected through the use of our services ("non-personal data"). Non-personal data does not allow conclusions to be drawn about who collected it. Non-personal data we collect consists mainly of technical and aggregated usage information.

Individually identifiable information, i.e., any information that can identify you or be reasonably identifiable ("personal data"). The personal data we collect through our services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses, and more. When we combine personal data with non-personal data, as long as they are in combination, we treat them as personal data.

How do we collect data?

Below are the main methods we use to collect data:

We collect data when you use our services. So, when you visit our digital assets and use services, we may collect, record, and store usage, sessions, and related information.

We collect data you provide to us directly, for example, when you contact us directly through a communication channel (e.g., an email with a comment or feedback).

We may, as described below, collect data from third-party sources.

We collect data you provide to us when you sign up for our services through a third-party provider like Facebook or Google.

Why do we collect this data?

We may use your data for the following purposes:

To provide and operate our services;

To develop, customize, and improve our services;

To respond to your feedback, inquiries, and requests and provide assistance;

To analyze request and usage patterns;

For other internal, statistical, and research purposes;

To improve our data security and fraud prevention capabilities;

To investigate violations and enforce our terms and policies and comply with applicable law, regulations, or governmental orders;

To send you updates, news, promotional materials, and other information related to our services. For promotional emails, you can choose whether you want to continue receiving them. If not, simply click the unsubscribe link in these emails.

Whom do we share this data with?

We may share your data with our service providers to operate our services (e.g., storing data through third-party hosting services, providing technical support, etc.).

We may also disclose your data under the following circumstances: (i) to investigate, detect, prevent, or take action against illegal activities or other misconduct; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety, as well as the safety of our users or the public; (iv) in the event of a change of control within us or one of our affiliates (through a merger, acquisition, purchase of substantially all assets, etc.); (v) to capture, retain, and/or manage your data through authorized third-party providers (e.g., cloud service providers) to the extent reasonably necessary for business purposes; (vi) to collaborate with third parties in improving your user experience. To avoid misunderstandings, please note that we may transmit, share, or otherwise use non-personal data with third parties at our discretion.

Cookies and Similar Technologies

When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analysis services ("tracking technologies"). These tracking technologies allow third parties to automatically collect your data to enhance the navigation experience on our digital assets, optimize their performance, ensure a customized user experience, and for security and fraud prevention purposes.

To learn more, please read our Cookie Policy.

We may provide advertising through our services and digital assets (including websites and applications that use our services) that may be tailored to you, such as ads based on your recent browsing behavior on websites, devices, or browsers.

To provide these ads to you, we may use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or HTML5 Local Storage and/or other technologies. We may also use third parties, such as network advertisers (i.e., third parties that display ads based on your website visits), to serve targeted ads. External providers of advertising networks, advertisers, sponsors, and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including transparent GIFs) and/or Flash cookies and/or other technologies to measure the effectiveness of their ads and tailor advertising content to you. These third-party cookies and other technologies are subject to the specific privacy policy of the respective third party, not this one.

Where do we store the data?

Please note that our companies, trusted partners, and service providers are based all over the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data we collect in different jurisdictions.

Personal data

Personal data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and, as required for the proper provision of our services and/or legally required (as further explained below), in other jurisdictions.

How long will the data be retained?

Please note that we retain the collected data for as long as necessary to provide our services, comply with legal and contractual obligations to you, resolve disputes, and enforce our agreements. We may correct, supplement, or delete incorrect or incomplete data at our discretion at any time.

How do we protect the data? The hosting service for our digital assets provides us with the online platform through which we can offer our services. Your data may be stored on secure servers behind a firewall, and secure HTTPS access is provided to most areas of its services.

All payment options offered by us and our hosting provider for our digital assets comply with the requirements of the Payment Card Industry Data Security Standard (PCI DSS) of the PCI Security Standards Council. This involves collaboration with brands such as Visa, MasterCard, American Express, and Discover. PCI DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural measures) by our shop and service providers.

Despite the measures and efforts taken by us and our hosting provider, we cannot and will not guarantee absolute protection and security of the data you upload, publish, or otherwise provide to us or others.

For this reason, we kindly ask you to set secure passwords and refrain from transmitting confidential information to us or others whenever possible if disclosure of such information could cause you significant or lasting harm. As email and instant messaging are not considered secure forms of communication, we also ask you not to transmit confidential information through these communication channels.

How do we handle minors?

Children can use our services. However, if they wish to access certain features, they may need to provide certain information. The collection of certain data (including data collected through cookies, web beacons, and other similar technologies) may occur automatically. If we knowingly collect, use, or disclose data collected from a child, we will do so in accordance with applicable law and obtain parental consent. A child's participation in an online activity will not be conditioned on the child providing more contact information than is reasonably necessary for participation in that activity. We only use data collected from a child in connection with the services the child requested.

We may also use a parent's contact information to communicate about the child's activities in the services. Parents can access data we have collected from their child, prevent us from collecting further data from their child, and request that all data collected from their child be deleted.

Please contact us to access, update, or delete your child's data. To protect your child, we may request proof of your identity. We may deny you access to the data if we believe your identity is questionable. Please note that certain data cannot be deleted due to other legal obligations.

We use your personal data only for the purposes set out in the Privacy Policy and only when we are convinced that:

The use of your personal data is necessary to fulfill or conclude a contract (e.g., to provide you with the services themselves or customer support or technical support);

The use of your personal data is necessary to comply with relevant legal or regulatory obligations, or

The use of your personal data is necessary to support our legitimate business interests (provided that this is done in a manner that is proportionate and respects your privacy rights).

If you are an EU resident, you can:

Request confirmation whether personal data concerning you is being processed, and access your stored personal data and certain additional information;

Request the receipt of personal data you have provided to us in a structured, commonly used, and machine-readable format;

Request the correction of your personal data stored by us;

Request the deletion of your personal data;

Object to the processing of your personal data by us;

Request the restriction of processing of your personal data, or

Submit a complaint to a supervisory authority.

Please note, however, that these rights may not be absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and its use, please contact us as indicated below.

In the course of providing the services, we may transfer data across borders to affiliated companies or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide. By using the services, you consent to the transfer of your data outside the EEA.

If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA if we are convinced that an adequate or equivalent level of protection for personal data exists. We will take appropriate steps to ensure that we have adequate contractual arrangements with our third parties to ensure appropriate security measures are in place, thereby minimizing the risk of unlawful use, alteration, deletion, loss, or theft of your personal data, and ensuring that these third parties act in accordance with applicable laws at all times.

 

Rights under the California Consumer Privacy Act

If you use the services as a California resident, you may be entitled under the California Consumer Privacy Act ("CCPA") to request access to and deletion of your data.

To exercise your right to access and delete your data, please see below for how to contact us.

We do not sell users' personal data for the purposes and intent of the CCPA.

Updates or changes to the Privacy Policy

We may revise this Privacy Policy at our discretion from time to time, and the version posted on the website is always current (see "Last Updated" statement). We ask you to regularly review this Privacy Policy for changes. For significant changes, we will provide notice on our website. If you continue to use the services after being notified of changes on our website, this constitutes your acknowledgment and consent to the changes to the Privacy Policy and your agreement to be bound by the terms of these changes.

Contact

If you have general questions about the services or the data we collect about you and its use, please contact us at:

Name: Kynd Hair GmbH

Address: Kurfürstendamm 97-98

Email: hello@kyndhair.com

 

DISCLAIMER

The information contained herein does not constitute legal advice, and you should not rely solely on it. Specific legal definitions and policies may vary from state to state and/or legal system to legal system. As stated in our terms of use, you are responsible for ensuring that your use of the services complies with the applicable law and adheres to it.

To ensure that you fully comply with your legal obligations, we strongly recommend that you seek professional advice to better understand which requirements apply specifically to you.