1.1.1 This privacy notice (Privacy Notice) sets out the ways in which we, Kat Burki Skincare Inc. (Kat Burki, we, us, our), collect and use your personal data (your personal information) in connection with our business. It also explains what rights you have to access or change your personal data.
In summary, to keep your personal data secure we have put in place appropriate physical, electronic and managerial procedures to safeguard the information you provide.
If you subscribe to our content materials, newsletter, etc., we store your email address. If you place an order with us, we store your name and email address, and billing, delivery. We do not store payment details other than how you wish the order be handled. If you have subscribed to our information materials or ordered from us, you can change the way you want us to contact you by changing your preferences through our website. You have the right to remove any or all of your information from our system or ask us to send you details on what data of yours we hold. We never ‘sell’ your information to other firms.
2. ABOUT KAT BURKI
2.1 We are a company with our headquarters in the USA at the address set out below.
2.2 You can contact us as follows:
Kat Burki Skincare Inc.
40 Signal Road, Stamford, CT 06902 USA
Phone number: 1-888–881-7677
3. INFORMATION WE MAY COLLECT ABOUT YOU
3.1 We only collect and hold personal information provided by you. However, there are instances where we may require that you opt to select whether or not you would like to receive information from us e.g. to opt-in or opt-out of receiving special promotional offers.
3.1.1 We may collect any information that you provide to us when you:
(a) respond to our surveys (online or on the phone), fill in a form, or use any features of our website;
(b) make an enquiry, provide feedback or make a complaint over the phone, by email or on our website;
(c) submit correspondence to us by post, email or via our website;
(d) create an account to use our website
(e) update your profile and other account details on our website;
(f) submit comments via our website;
(g) register for and/or attend our events;
(h) submit a CV, submit an application to a job vacancy, or attend an interview or assessment;
(i) ‘follow’, ‘like’, post to or interact with our social media accounts, including LinkedIn, Twitter, Facebook, Instagram, Youtube and Google+.
3.1.2 The information you provide to us may include (depending on the circumstances):
(a) Identity and contact data: title, names, addresses, email addresses and phone numbers, job function, areas of expertise;
(b) Survey data: If you are willing to participate in our surveys, we will also collect any information that you provide as part of that survey;
(c) Account profile data: if you’re registering for an account on our website as part of placing an order, you may also provide a username, password, job title/position, years of experience, phone number, website, location of your office and an optional profile photo; and/or
(d) Employment and background data: If you are submitting a job application, you may also provide additional information about your academic and work history, qualifications, skills, projects and research that you are involved in, references, proof of your entitlement to work in the US, your national security number, your passport or other identity document details, your current level of remuneration (including benefits), and any other such similar information that you may provide to us;
3.2 Information we collect about you:
(a) Information contained in correspondence: We will collect any information contained in any correspondence between us. For example, if you contact us using a contact form on our website or by email or telephone, we may keep a record of that correspondence; (b) Information transmitted on the website: We will collect information that you upload or post to our website;
(c) Website usage data: We will collect information about your interactions with the website, including information such as login data, IP address, page views, searches, requests, and other actions on the website; and
(d) Technical data: We will also collect certain information about how you use our website and the device that you use to access our website, even where you have not created an account or logged in. This might include your geographical location, device information (such as your hardware model, mobile network information, unique device identifiers), the data transmitted by your browser (such as your IP address, date and type of the request, content of the request regarding the specific site, time zone settings, access status/HTTP status code, volume of data transmitted, browser type and version, language settings, time zone settings referral source, length of visit to the website, date and time of the request, operating system and interface) number of page views, the search queries you make on the website and similar information. This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies or similar technologies. For more information on cookies please read the COOKIES section below.
3.3 We do not collect “Special categories” of particularly sensitive personal information.
3.4 Information we receive from third parties
3.4.1 In certain circumstances, we will receive information about you from third parties. For example:
(a) Information provided by our clients: Our clients often provide us with business contact information, including names, titles, companies, locations, email addresses, phone numbers, job functions that we use to conduct survey research.
(b) Employers, recruitment agencies and referees: if you are a job applicant, we may contact your recruiter, current and former employers and/or references, who may be based inside or outside the EU, to provide information about you and your application;
(c) Service providers: we may collect personal information from our Sales Representatives, website developers and IT support providers (who may be based inside or outside the EU);
(d) Website security: we may collect information from our website security service partners (who are based outside the EU) about any misuse to the website – for instance, the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful;
(e) Social media plugins: we currently use social media plugins from the following service providers who are based both inside and outside the EU: Google+, Twitter, LinkedIn, Instagram, Facebook and YouTube. By providing your social media account details, you are authorizing that third-party provider to share with us certain information about you;
(f) Publicly available sources: we currently use publicly available sources such as LinkedIn, Yahoo!, Google. and government agencies’ registrations databases to gather, verify and update information we may have about you (these sources are based inside and outside the EU);
(g) Private databases: we currently subscribe to data aggregators to gather, verify and update data we may have about you (based inside and outside the EU); and
(h) Referrals: we might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us, and also via referrals from colleagues or others in your industry who believe you may be interested in our products/services.
4. HOW WE USE INFORMATION ABOUT YOU, AND RECIPIENTS OF YOUR INFORMATION
4.1 We value your privacy and hereby assure you that we will only share your personal information with relevant service providers that provide adequate protection for such information:
4.1.1 transactional communications aid us to improve the quality of service in dealing with your queries and requests, update your account(s) information, and to manage transaction specific tasks such orders for goods or services that you order from us or fulfillment of such transactions (e.g. delivery);
4.1.2 where we need to comply with a legal or regulatory obligation; or
4.1.3 our legitimate interests or those of a third party (see paragraph 4.3 below).
4.2 We use your information for the following purposes:
4.2.1 Marketing Communications help us communicate with you about our products and services;
4.2.2 Surveys that are relevant to you;
4.2.3 Relationship management and marketing analysis helps us assess trends or to measure traffic to our websites. It also enables us to provide more relevant, personalized content to you when you visit our website or in our email or physical communications to you, where you have given us permission to contact you;
4.2.4 Access to our website in a manner that is convenient and optimal and with personalized content relevant to you, (note: this may include sharing your information with our website hosts and developers to ensure our website is presented in an effective and optimal manner, and on the basis of performing our contract with you regarding your purchases, if applicable);
4.2.5 To register your account: when you sign up to use any portion of our website we may use the details provided on your account registration form;
4.2.6 User and customer support: to provide customer service and support (on the basis of our contract with you or on the basis of our legitimate interests to provide you with customer service), deal with enquiries or complaints about the website and our business practices, and to share your information with our website developer and IT support provider as necessary to provide customer support (on the basis of our legitimate interest in providing the correct products and services to our website users and to comply with our legal obligations);
4.2.7 Recruitment: to process any job applications you submit to us, whether directly or via an agent or recruiter (on the basis of our legitimate interest to recruit new employees or contractors);
4.2.8 Social media interactions: to interact with users on social media platforms including YouTube, LinkedIn, Twitter, Facebook, Instagram, and Google+, for example, responding to comments and messages, posting, ‘retweeting’ and ‘liking’ posts (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals);
4.2.9 Analytics: to use data analytics to improve our website, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in defining types of customers for our website and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy);
4.2.10 Customer engagement research: to carry out aggregated and anonymized research about general engagement with our website (on the basis of our legitimate interest in providing the right kinds of products and services to our website users); and
4.2.11 Compliance with policies, procedures and laws: to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).
4.3 As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties. Where we refer to using your information on the basis of our “legitimate interests”, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in:
4.3.1 marketing of products and services that may be of interest to you in your profession;
4.3.2 personalising, enhancing or improving the services and/or communications that we provide to you;
4.3.3 ensuring our website is presented in an effective and optimal manner;
4.3.4 providing the correct products and services to our website users;
4.3.5 promoting our brand and communicating with interested individuals via social media;
4.3.6 defining types of customers for our website and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy;
4.3.7 keeping our records updated;
4.3.8 operating a safe and lawful business;
4.3.9 detecting and preventing fraud; and
4.3.10 and improving security and optimisation of our network, sites and services.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing please refer to details of “Your Rights” in paragraph 10 below.
5. WHO WE MIGHT SHARE YOUR INFORMATION WITH
5.1 We value your privacy and hereby assure you that we will only share your personal information with relevant service providers that provide adequate protection for such information. We may disclose personal information to:
5.1.1 Our service providers: we work with various service providers to conduct our business, who are acting as processors and provide us with:
(a) hosting services on 1and1, IONOS, MailChimp, Campaign Monitor,;
(b) Google Analytics, MSN/Bing, website analytics providers, based in USA and part of Privacy Shield, CloudFront, Vimeo;
(c) social media plugin services including Facebook, Instagram, YouTube, Google+, Twitter and LinkedIn — all based in the US and members of Privacy Shield;
(e) banking, financial, insurance, HR and payroll
(f) accountancy (Quickbooks, based in the US and a member of Privacy Shield) ;
(g) legal (for US employee issues only, based in the US); and (i) other professional advisers who may be appointed from time to time, when necessary subject to Privacy Shield, and/or GDPR-compliant Independent Contractor Agreements.
5.1.2 Regulators and governmental bodies: regulators, governmental bodies and other authorities acting as processors or joint controllers based in the United States and elsewhere who require reporting of processing activities in certain circumstances;
5.1.3 Prospective sellers and buyers of our business: any prospective seller or buyer of such business or assets, only in the event that we decide to sell or buy any business or assets; and
5.1.4 Other third parties (including professional advisers): any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) based in the USA where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
5.2 We require third parties to maintain appropriate security to protect your information from unauthorized access or processing.
Cookies are small text files that can be used by websites to make a user's experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Your consent applies to the following domains: katburki.com
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
|Used by the content network, Cloudflare, to identify trusted web traffic.||1 year||HTTP Cookie|
|CookieConsent||katburki.com||Stores the user's cookie consent state for the current domain||1 year||HTTP Cookie|
|cookies.js||katburki.com||Determines whether the visitor has accepted the cookie consent box. This ensures that the cookie consent box will not be presented again upon re-entry.||Session||HTTP Cookie|
|PHPSESSID||app.viralsweep.com||Preserves user session state across page requests.||Session||HTTP Cookie|
|wc_cart_created||katburki.com||Necessary for the shopping cart functionality on the website.||Session||HTML Local Storage|
|wc_cart_hash_#||katburki.com||Pending||Persistent||HTML Local Storage|
|wc_fragments_#||katburki.com||Pending||Session||HTML Local Storage|
|woocommerce_cart_hash||katburki.com||Necessary for the shopping cart functionality on the website to remember the chosen products - This also allows the website to promote related products to the visitor, based on the content of the shopping cart.||Session||HTTP Cookie|
|woocommerce_items_in_cart||katburki.com||Necessary for the shopping cart functionality on the website to remember the chosen products - This also allows the website to promote related products to the visitor, based on the content of the shopping cart.||Session||HTTP Cookie|
|wp_woocommerce_session_#||katburki.com||Pending||1 day||HTTP Cookie|
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
|CookieConsentBulkSetting-#||consentcdn.cookiebot.com||Enables cookie consent across multiple websites||Persistent||HTML Local Storage|
|CookieConsentBulkTicket||cookiebot.com||Enables cookie consent across multiple websites||1 year||HTTP Cookie|
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
|Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||2 years||HTTP Cookie|
|Used by Google Analytics to throttle request rate||1 day||HTTP Cookie|
|Registers a unique ID that is used to generate statistical data on how the visitor uses the website.||1 day||HTTP Cookie|
|_pinterest_cm||pinterest.com||Used by Pinterest to track the usage of services.||1 year||HTTP Cookie|
|collect||google-analytics.com||Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.||Session||Pixel Tracker|
|mailchimp_landing_site||katburki.com||Used to register how the user entered the website - This function is provided by Mailchimp.||27 days||HTTP Cookie|
|OTZ||google.com||This cookie is set by the Google+ tool. This is necessary for the integration of the Google+ plug-in - the Google+ tool is a social platform based on a Google account.||29 days||HTTP Cookie|
|tk_ai||katburki.com||Registers data on visitors' website-behaviour. This is used for internal analysis and website optimization.||Session||HTTP Cookie|
|uvc||addtoany.com||Updates the counter for the website's social sharing features.||1 day||HTTP Cookie|
|vuid||vimeo.com||Collects data on the user's visits to the website, such as which pages have been read.||2 years||HTTP Cookie|
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
|_fbp||katburki.com||Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.||3 months||HTTP Cookie|
|_gcl_au||katburki.com||Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.||3 months||HTTP Cookie|
|ads/ga-audiences||google.com||Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites.||Session||Pixel Tracker|
|consent/hod||d.adroll.com||Registers data on visitors from multiple visits and on multiple websites. This information is used to measure the efficiency of advertisement on websites.||Session||Pixel Tracker|
|fr||facebook.com||Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.||3 months||HTTP Cookie|
|NID||google.com||Registers a unique ID that identifies a returning user's device. The ID is used for targeted ads.||6 months||HTTP Cookie|
|rc::c||google.com||This cookie is used to distinguish between humans and bots.||Session||HTML Local Storage|
|test_cookie||doubleclick.net||Used to check if the user's browser supports cookies.||1 day||HTTP Cookie|
|tr||facebook.com||Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.||Session||Pixel Tracker|
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
|_sbtk||katburki.com||Pending||1 year||HTTP Cookie|
|elementor||katburki.com||Pending||Persistent||HTML Local Storage|
|et_bloom_optin_optin_2_408c3ac5f5_imp||katburki.com||Pending||1 year||HTTP Cookie|
7. HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
7.1 We operate a policy of “privacy by design” by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
7.1.1 ensuring the physical security of our offices;
7.1.2 ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption in transit, as well as encryption at rest and two-factor authentication whenever feasible and necessary;
7.1.3 anonymizing or pseudonymizing data whenever feasible and necessary;
7.1.4 maintaining a data protection policy for, and delivering data protection training to, our employees and staff; and
7.1.5 limiting access to your personal information to those in our company who need to use it in the course of their work.
8. HELP KEEP YOUR INFORMATION SAFE
8.1 You can also play a part in keeping your information safe by:
8.1.1 choosing a strong account password and changing it regularly;
8.1.2 using different passwords for different online accounts;
8.1.3 keeping your login and password confidential and avoiding sharing these details with others;
8.1.4 making sure you log out of the website each time you have finished using it. This is particularly important when using a shared computer;
8.1.5 letting us know if you know or suspect that your account has been compromised, or if someone has accessed your account without your permission;
8.1.6 keeping your devices protected by using the latest version of your operating system and maintaining any necessary anti-virus software; and
8.1.7 being vigilant to any fraudulent emails that may appear to be from us. Any emails that we send will come from an email address ending in ‘@katburki.com.
9. INTERNATIONAL TRANSFERS OF YOUR INFORMATION
9.1 We share your personal data within our company, Kat Burki Skincare Inc.. This may involve a transfer of data outside the European Economic Area (EEA) and/or Switzerland.
9.2 Some of our external third parties are also based outside the EEA/Switzerland so their processing of your personal data will involve a transfer of data outside those areas.
9.3 Whenever we transfer your personal data out of the EEA/Switzerland, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:
(a) We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission and/or Swiss Federal Data Protection and Information Commissioner (FDPIC). For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries; and Swiss Commissioner: Transborder data flows;
(b) Where we use certain service providers, we may use specific contracts approved by the European Commission and Swiss FDPIC which give personal data the same protection it has in Europe. For further details, see (for both EU and Switzerland) European Commission: Model contracts for the transfer of personal data to third countries; and
(c) Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between Europe and the US. For further details, see European Commission: EU-US Privacy Shield and Swiss FDPIC: Transfer of data to the USA.
9.4 Please contact us using the contact details at the top of this Privacy Notice if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
10. YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU
10.1 You have certain rights in respect of the information that we hold about you, including (to the extent each of these rights are provided to you by applicable law):
10.1.1 the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Notice;
10.1.2 the right to ask us not to process your personal data for marketing purposes;
10.1.3 the right to request access to the information that we hold about you;
10.1.4 the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
10.1.5 in certain circumstances, the right to ask us to stop processing information about you; and
10.1.6 the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/).
10.1.7 in addition to your right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/), you will also be able to lodge a complaint with the relevant authority in your country of work or residence;
10.1.8 the right to withdraw your consent for our use of your information in reliance of your consent (refer to paragraph 4 to see when we are relying on your consent), which you can do by contacting us using any of the details at the top of this Privacy Notice;
10.1.9 the right to object to our using your information on the basis of our legitimate interests (refer to paragraph 4 above to see when we are relying on our legitimate interests or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
10.1.10 the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine-readable format, in certain circumstances; and
10.1.11 the right to ask us to limit or cease processing or erase information we hold about you in certain circumstances.
10.2 How to exercise your rights
10.2.1 You may exercise your rights above by contacting us using the details in paragraph 2 of this Privacy Notice or, in the case of preventing processing for marketing or survey research activities, by checking certain boxes on forms that we use to collect your data to tell us that you don’t want to be involved in those activities. You can update your preferences here.
10.2.2 Please note that we may need to retain certain information for our own record-keeping and research purposes. We may also need to send you service-related communications relating to your website user account even when you have requested not to receive marketing or survey research communications.
10.3 What we need from you to process your requests
10.3.1 We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
10.3.2 You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
11. SHARING DATA DIRECTLY WITH THIRD PARTIES
11.1 You might end up providing personal information directly to third parties upon using our website and other services offered by us. For example, you may attend an event hosted by us where you communicate personal information directly with other attendees. We are not responsible for how such third parties use personal data provided by you.
11.2 Please be responsible with personal information of others when using our website and the services available on it. We are not responsible for your misuse of personal information, or for the direct relationship between you and others when it takes place outside of the website or our services.
12. CHILDREN UNDER 13
12.1 If you are under 13 years of age, you may browse our Site. However, you may not provide personal information to us. For example, you cannot register or make a purchase. This Site is not designed for children and we do not knowingly collect personally identifiable information from any children under 13.
13. THIRD-PARTY LINKS
13.1 The website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
14. CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
14.1 We may make changes to this Privacy Notice from time to time. We will post any changes to our site, or notify you of any material changes by e-mail.
14.2 It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your profile account information, reaching out to your regular contact at Kat Burki Inc., or by contacting us via the details at the top of this Privacy Notice.
15.1 CLICK HERE to access CCPA Opt-Out page.