Privacy Policy

POLICY OVERVIEW
Venus by Maria Tash, Inc. (“VMT”) wants you to feel comfortable about giving VMT access to your personal information. We regard the privacy and security of our users as a critical component of our business and the services we offer. Use this Privacy Policy to find out what happens to your data when you interact with VMT, and what choices you have. This Privacy Policy covers how and why VMT collects Personal, Non-Personal, and "… Sensitive Data, as those terms …" are defined below, and how VMT uses and shares that data.

Please read this Privacy Policy carefully to understand how we will treat your information before you start using VMT’s website, or communicate with us outside of our website. Please contact legal@mariatash.com for any further information about this policy and the below terms.

BY ACCESSING OR USING THIS WEBSITE OR COMMUNICATING WITH US OUTSIDE OF THIS WEBSITE, YOU ARE ACCEPTING AND CONSENTING TO THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY, WHICH MAY BE UPDATED AND AMENDED FROM TIME TO TIME

Effective Date: 5.30.2018

Last Updated: 1.1.2020

 

DEFINITIONS
For purposes of this policy:

"Affiliates" means any person or entity which directly or indirectly controls, is controlled by or is under common control with us, whether by ownership or otherwise. "Customer" means any natural or legal person using the website of VMT.

"Personal Data" means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity and includes information that relates to an identified or identifiable Customer or Supplier’s representative, or can be linked to that Customer or Supplier’s representative.

"Non-Personal Data" means data that cannot, on its own, be used to identify a natural person. That said, Non-Personal Data may be aggregated, in some circumstances, in a manner that could identify a natural person. In that circumstance, the aggregated Non-Personal Data would become Personal Data.

"Sensitive Personal Data" means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership or concerning health or sex, and the commission or alleged commission of any offense, any proceedings for any offense committed or alleged to have been committed by the individual or the disposal of such proceedings, or the sentence of any court in such proceedings.

"Supplier" means any supplier, vendor or other third party that provides services or products to VMT.

 

HOW WE COLLECT DATA
We collect your information in the following ways:

Customer Data
When Customers visit the website or contact us outside of the website, they may choose to interact with VMT in ways that may require us to gather certain data, including Customer name, e-mail address, telephone number, or credit card number to process a particular transaction. For example, we may require a Customer to register to receive certain benefits, products or services, and to provide certain registration data including the Customer’s name, country, zip code or postal code (as appropriate), and email address. If the Customer does not provide this data, the Customer may not have access to certain services.

In addition to the information Customers provide us, we also collect certain technical information when Customers access, browse and use the website, including information that we automatically receive and record from the Customer’s browser or mobile platform. This technical information helps us understand the characteristics of people who visit our website and to improve and market our website in general. This type of data includes standard information about visits and system capabilities, including:

Information about the device(s) Customers use to access the website, including MAC address, IP address, referrers, browser type and version, location, time zone, setting, browser plug-in types and versions, operating systems and platform, device type, device and application identifiers, operating information, mobile carrier, and cookies;

If the Customer becomes a registered user and makes postings on the website, we may collect information about those postings, including information concerning the areas of our website on which the Customer posts, the content of those posts, posts that respond, and the individuals or entities with whom the Customer communicates;

Information about Customer visits to the VMT’s website, including the full URL clickstream to, though, and from the VMT website, including dates and times; Information we need and use to facilitate Customer usage of the VMT website, including URL requests, destination IP addresses, or device configuration details;

Pages a Customer views, searches run by the Customer, length of time browsing search results, specific search results the Customer selects to view, length of visits to other pages, page interaction information (such as scrolling, clicks, and mouse-overs), Customer engagement with certain dynamic elements of a page and methods used to browse away from the page; and

Page response times and download errors. Some information we collect is generated from cookies and beacons. For more details about cookies, beacons, and your choices, see Cookies and Beacons below.

Supplier Data
VMT may obtain data associated with its Suppliers’ representatives. This information may include contact information and financial account information of the Suppliers’ representatives.

Social Media Integration
VMT’s website may, from time to time, contain links to and from social media platforms. You may choose to connect to us through a social media platform, such as Facebook or Twitter, and when you do, we may collect additional information from you, such as your screen names, profile picture, contact information, contact list, and the profile pictures of your contacts, through the social media platform. Please be advised that such social media platforms may also collect information ... from you, and about you ... When you click on a social plug-in, such as Facebook’s “Like” button, Twitter’s “tweet” button, or the Google+, that particular social network’s plug-in will be activated and your browser will directly connect to that provider’s servers. We do not have control over the collection, use and sharing practices of social media platforms and encourage you to review their usage and disclosure policies and practices, including the data security practices, before using the social media platforms.

To see all of the categories of personal data scroll down to appendix.

 

HOW WE USE THE INFORMATION WE COLLECT
VMT uses the information it collects in the following ways:

Customer Data
VMT uses Customer Data (including Personal, Non-Personal, and Sensitive Data) to:

Help establish and verify the identity of Customers;

Open, maintain, administer and service Customer accounts or memberships;

Process postings and send related communications;

Deliver content tailored to Customer interests and the manner in which Customers use the website;

Present content in a manner that is optimized for the Customer’s device;

Measure and analyze the effectiveness of the services we provide;

Provide all level of support to Customers;

Improve our website, including tailoring it to Customer preferences;

Respond to Customer questions, inquiries, comments and instructions;

Maintain the security and integrity of our systems;

Conduct online sales of product via a credit card or other means of payment;

Submit newsletters and other marketing material to Customers;

Conduct targeted marketing based on Customers' previously expressed preferences;

Communicate with credit institutions to resolve payment issues with Customers' credit cards or otherwise; and

Comply with applicable legal requirements, including government reporting and specific local law requirements.

We may also combine technical information about Customer use of our website with information we obtain from other Customers to use in the aggregate or in an anonymous manner for similar purposes.

Supplier Data
VMT uses Supplier data (Personal, Non-Personal, Sensitive) to manage its relationships with its Suppliers, process payments, expenses and reimbursements, and carry out VMT’s obligations under its contracts with the Suppliers.

 

HOW WE SHARE YOUR DATA
We feel strongly that your Personal and Sensitive Personal Data should only be seen by you, unless you choose to share it with others. We will never sell, rent, license or exchange your Personal or Sensitive Personal Data with a third party without your permission, except as otherwise provided. No Personal or Sensitive Personal Data will be shared with advertisers or partners without your permission. Some of your information may be shared on an aggregate basis only, as a part of a larger set of statistics (for example, statistics that indicate the percentage of our members that are female), but that information will not be sufficient to permit the recipient to identify you.

Notwithstanding the forgoing, we will only disclose Personal or Sensitive Personal Data without your permission in the following limited circumstances: (i) if we are required to do so by law, or (ii) if we have the good faith belief that such action is necessary to conform to applicable laws or comply with legal process served on us, or to protect and defend our rights or property or the rights or property of a Customer.

Sharing with Affiliates
We may disclose your Personal and Sensitive Personal Data with our Affiliates. The following is a list of those affiliates.

PayPal As a Payment Gateway Partner
Teamwork Data Integration Partner
Apple Pay As a Payment Gateway Partner

Any Personal or Sensitive Personal Data provided to our Affiliates will be treated by those Affiliates in accordance with this Privacy Policy.

Sharing with Third Parties
We may provide to third parties information about you that does not allow you to be identified or contacted, including where such information is combined with similar information of other users of our website. For instance, we may provide information to third parties regarding the number of unique users who visit our website, the demographic breakdown of the registered users of our website, or the activities that visitors to our website engage in while on our website. The third parties to which we may provide this information may include potential or actual advertisers, providers of advertising services (including website tracking services), commercial partners, sponsors, licensees, researchers and other similar parties. Listing of those third party recipients is as follows:

Remarkety and Klaviyo Use for Mail Communication
ShipStation Use for shipment of Items
CRM Use for Customer Relationship Management
Zendesk chat Online customer support
FedEx Used as Shipment Gateway
UPS Used as Shipment Gateway

Sharing with Outside Contractors

We may employ independent contractors, vendors and suppliers (collectively, "Outside Contractors") to provide specific services and products related to our website and online products, such as hosting and maintaining our message boards or chat rooms and developing applications for our website and e-mail services or processing payments and making deliveries. These Outside Contractors may sometimes have limited access to information collected on our website, including your Personal, Non-Personal, and Sensitive Personal Data, in the course of providing products or services to us. Access to your information by these Outside Contractors is limited to the information reasonably necessary in order for the Outside Contractors to perform their limited function for us. We also require that these Outside Contractors (i) protect the privacy of your information in a manner consistent with this Privacy Policy, and (ii) not use or disclose your information for any purpose other than providing us with the products or services for which we contracted.

Sharing for Legal Purposes
We may also disclose your information to law enforcement agencies, government officials, or other third parties as necessary for the purpose of:

Complying with any court order, law or legal process, including to respond to any government or regulatory request;

Preventing fraud and providing credit risk reduction;

Investigating potential unauthorized access or misuse of our website;

Protecting the assets or property, and enforcing the rights of our website, including for billing and collection purposes; and

Protecting the rights, property, or safety of our users or others.

In the event that we receive a request from a governmental entity to provide it with your information, we will make reasonable attempts to notify you of such request, to the extent reasonably and legally permissible.

To see all of the categories of personal data we collect, scroll down to appendix.

 

COOKIES AND BEACONS
We may use cookies, beacons, and similar technologies, now or in the future, to support the functionality of our website. This provides a better experience when you visit our website and allows us to improve our services. Our service providers, advertising partners, and ad networks may also use cookies and beacons to collect and share Non-Personal Data about your activities both on our website and on other websites. In addition, third parties that are unaffiliated with us may also collect information about you, including tracking your browsing history, when you use our website. We do not have control over these third party collection practices. If you wish to minimize these third-party collections, and you can adjust the settings of your browsers or install plug-ins and add-ins.

A comprehensive list of the types of cookies and beacons on our website is as follows:

Session_id Frontend: To check customer is logged in
Customer_id Frontend: To check customer is logged in or not
Cart Frontend: Association with Customer shopping cart
Is_Logged_in Frontend: To check customer is logged in or not

Browser Cookies. A browser cookie is a small file placed on the hard drive of your computer. That cookie then communicates with servers, ours or those of other companies that we authorize to collect data for us, and allows recognition of your personal computer. We associate cookies with Personal or Sensitive Personal Data only if you authorize us to do so. We do not otherwise collect Personal or Sensitive Personal Data from browser cookies and we do not associate browser cookies with your Personal or Sensitive Personal Data. You may use the tools available on your computer or other device to set your browser to refuse or disable all or some browser cookies, or to alert you when cookies are being set.

Flash Cookies. Certain features of our website may use locally stored objects called flash cookies to collect and store information about your preferences and navigation to, from and on our website. We also include cookies to provide aggregate reporting. The cookies do not identify you as an individual or track your online behavior. We do not collect Personal or Sensitive Personal Data from flash cookies and we will not associate them with your Personal or Sensitive Personal Data.

Beacons. Our website and e-mails may contain small electronic files known as beacons (also referred to as web beacons, clear GIFs, pixel tags and single-pixel GIFs) that permit us to, for example, count users who have visited those pages or opened an e-mail and for other website-related statistics. Beacons in e-mail marketing campaigns allow us to track your responses and your interests in our content, offerings and web pages. You may use the tools in your device to disable these technologies as well.

 

YOUR CHOICES
You have choices relating to how we collect and use your information.

E-mail Communications. You may have the opportunity to receive certain communications from us related to our services. If you provide us with your e-mail address in order to receive communications, you can opt out of marketing e-mails at any time by following the instructions at the bottom of our e-mails and adjusting your e-mail preferences. Please note that certain e-mails may be necessary for the operation of our website. You will continue to receive these e-mails, if appropriate, even if you unsubscribe from our optional communications.

Cookies / Beacons. If you wish to minimize information collected by cookie or beacon, you can adjust the settings of your browsers to notify you when you receive a cookie, which lets you choose whether or not to accept it. You can also set your browser to automatically reject any cookies. You may also be able to install plug-ins and add-ins that serve similar functions. However, please be aware that some features and services on our website may not work properly if we are not able to recognize and associate you with your account. In addition, the offers we provide when you visit us may not be as relevant to you or tailored to your interests.

Do Not Track. Some devices and browsers support a “Do Not Track” (or, DNT) feature, a privacy preference that you can set in certain web browsers, which is intended to be a signal to websites and services that you do not wish to be tracked across different websites or online services you visit.

Please note that we cannot control how third party websites or online services you visit through our website respond to Do Not Track signals. Check the privacy policies of those third parties for information on their privacy practices.

 

SECURING YOUR INFORMATION
The security of your information is important to us, and we have established administrative, technical, and physical safeguards designed to protect your Personal and Sensitive Personal Data against unauthorized alteration, access, loss, theft, use or disclosure. Unfortunately, no system can guarantee complete security of your information. As a result, VMT cannot ensure or warrant that your information, including your Personal or Sensitive Personal Data, is secure from unauthorized third parties. Thus, your use of the VMT website and communication with us about them is at your own risk. WE CANNOT ENSURE OR WARRANT THE SECURITY OF ANY INFORMATION YOU TRANSMIT TO US, AND YOU DO SO AT YOUR OWN RISK.

VMT takes reasonable precautions, using up to date systems and procedures to protect Personal and Sensitive Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. The relevant systems and procedures, which provide for system security and protect Personal Data from breaches, are described in the Technology Resources, Use, and Security Policy, available to all VMT, and the IT Operations Manual which is applied by competent VMT personnel who manage and support the VMT information technology systems and processes.

If you have reason to believe that your interaction with VMT is no longer secure (for example, if you feel that the security of your username or password has been compromised), you must immediately notify us of the problem by contacting us at cs@mariatash.com.

 

DATA INTEGRITY
VMT takes reasonable steps to ensure that the Personal Data the company processes is (i) relevant for the purposes for which the Personal Data is to be used, (ii) reliable for its intended use, and (iii) accurate, complete and current. In this regard, VMT depends on Suppliers’ representatives to update and correct their Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorized by the individuals.

 

LINKS TO THIRD PARTY WEBSITES
Our website may contain links to third party websites and services. Please note that these links are provided for your convenience and information, and the websites and services may operate independently from us and have their own privacy policies or notices, which we strongly suggest you review. This Privacy Policy applies to VMT. We do not accept any responsibility or liability for the policies or practices of any third parties. If you chose to access any websites or services linked from our website, please check the applicable policies before you use or submit any personal data to such website or service.

 

JURISDICTION
VMT’s website is hosted in the United States of America and is subject to U.S. state and federal law. If you are accessing our website from another jurisdiction, please be advised that you are transferring your data to us in the United States. By using our website, you consent to that transfer and use of your data in accordance with this Privacy Policy. You also agree to abide by the applicable laws of applicable states and U.S. federal law concerning your use of the website and your agreements with us. Any persons accessing our website from any jurisdiction with laws or regulations governing the use of the Internet, including personal data collection, use and disclosure, different from those of the jurisdictions mentioned above may only use the website in a manner lawful in their jurisdiction. If your use of the website would be unlawful in your jurisdiction, you may not use the website.

 

INFORMATION RETENTION
VMT keeps your Personal and Sensitive Personal Data for no longer than is reasonably necessary or required by law. How long we keep that data depends on the type of information and purpose.

The criteria we use to determine the retention period for certain categories of data is as follows:

The length of time that you are a member of VMT;

How frequently you do business with VMT;

Whether there are contractual or legal obligations that exist that require us to retain the data for a particular period of time;

Whether there is any ongoing legal claim that relates to any service you may have received from VMT, or that is otherwise related to your relationship with us;

Whether any applicable law, statute, or regulation allows for a specific retention period;

Whether the personal information is considered to be a special category of personal information, in which case a shorter retention period generally would be applied; and What the expectation for retention was at the time the data was provided to us.

 

YOUR PRIVACY RIGHTS
You may have, in accordance with applicable data protection laws, the following rights when it comes to our handling of your personal information:

Right of access. You may have the right to request a copy of the personal information we have about you and to request supporting information explaining how the personal information is used.

Right of rectification. You may have the right to request that we rectify inaccurate personal information about you.

Right of deletion/erasure. You may have the right to request that we erase personal information about you.

Right to restrict processing. In some situations, you may have the right to request that we do not use the personal information you have provided (e.g., if you believe it to be inaccurate).

Right to data portability. You may have the right to receive certain of your personal information in a structured, commonly used and machine-readable format and to transmit such information to another controller.

Right to withdraw consent. Where we process your personal information based on consent (including direct marketing consents, you have the right to withdraw consent at any time. However, this will not affect the lawfulness of the processing based on consent before its withdrawal. Furthermore, even in case of a withdrawal we may continue to use your personal information as permitted or required by law.

Right to object. Where we are processing your personal information based on a legitimate interest (or those of a third party) you may challenge this. However, we may be entitled to continue processing your information based on our legitimate interests or where this is relevant to legal claims. You also have the right to object where we are processing your personal information for direct marketing purposes.

Right against Profiling. You may have the right not to be subject to a decision based solely on automated processing, including profiling, which produces effects concerning you.

Right against discrimination. You have the right to not receive discriminatory treatment for exercising any of your privacy rights.

Please contact legal@mariatash.com if you would like to exercise any of these rights or in case you should have any concerns about how we process your personal information. You are also free to lodge a complaint with the relevant and applicable supervisory authority, should you feel that we have processed your personal information in way that is against applicable law.

 

CHILDREN
This website is directed toward and designed for use by persons aged 18 or the age of majority in the jurisdiction in which you reside. We will not approve applications of, or establish or maintain accounts or memberships for, any child that we knows to be under the age of 18. We do not solicit or knowingly collect information from children under the age of 18. If we nevertheless discover that we have received information from an individual who indicates that he or she is, or that we otherwise have reason to believe is, under the age of 18, we will promptly delete such information from our systems. Additionally, a child's parent or legal guardian may request that the child's information be corrected or promptly deleted from our files by contacting our Privacy Coordinator at the telephone number or address set out below.

 

YOUR CALIFORNIA PRIVACY RIGHTS
We do not share personal information with third parties for their own direct marketing purposes without your consent. California residents under 18 years old, in certain circumstances, may request and obtain removal of personal information or content about you and posted on our Services. Please be mindful that this would not ensure complete removal of the content posted on our Services by you. To make any request pursuant to California privacy law, please contact us.

 

ENFORCEMENT AND OVERSIGHT
VMT has established procedures for periodically verifying implementation of and compliance with the relevant data protection laws. VMT conducts an annual self-assessment of its data practices to verify that the attestations and assertions it makes concerning privacy practices are true and that the company’s privacy practices have been implemented as represented.

Suppliers’ representatives may file a complaint concerning VMT’s processing of their Personal Data with the competent corporate officers and company's representatives, whose contact information is below. VMT will take steps to remedy any issues arising out of a failure to comply with applicable law. If Supplier complaint cannot be resolved through VMT’s internal processes, VMT will cooperate with the relevant EEA or Swiss data protection authority, as appropriate.

VMT undertakes to comply with national legislation of EEA Member States in transposition of the EU Data Protection Directive and conduct any registration or notification to the competent EEA or Swiss data protection authorities, including but not limited to the filing of Standard Contractual Clauses, when required, to secure the lawful character of personal data transfers from the EEA to the United States.

VMT intends to have the EU DPAs and Swiss FDPIC serve as the Independent Recourse Mechanism for all categories of personal data covered by the self-certification or merely for ‘organization human resources data'.

 

CHANGES TO OUR PRIVACY POLICY
VMT may, in its sole discretion, change this Privacy Policy from time to time. Any and all changes to this Privacy Policy will be reflected on this page and the effective date will be stated at the top of this Privacy Policy. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. You should regularly check this page for any changes to this Privacy Policy. VMT will always post new versions of the Privacy Policy on VMT’s website. However, VMT may, as determined in its discretion, decide to notify users of material changes made to this Privacy Policy via email or otherwise. Accordingly, it is important that you always maintain and update your contact information.

 

CONTACT US
To report a personal data breach or to ask questions or express concerns about personal data collection, management and processing, please contact the following:

Contact: Privacy Coordinator - legal@mariatash.com

Telephone: 1-833-775-8274

Venus By Maria Tash, Inc.
653 Broadway, New York NY 10012

APPENDIX

Category: Identifiers
Examples: Name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers.
When it is collected: Collected online or offline when you directly provide it to us, through your use of our website or services, purchasing our products, or from third parties.
Purpose of the collection: We collect this information for the purposes listed in the How We Use The Information We Collect section above.
Who it is shared with: Shared with our affiliates, partners, vendors, and service providers.

Category: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
Examples: Name, signature, address, telephone number, credit card number, debit card number, or any other financial information. (Some personal information included in this category may overlap with other categories.)
When it is collected: Collected online or offline when you directly provide it to us, through your use of our website or services, purchasing our products, or from third parties.
Purpose of the collection: We collect this information for the purposes listed in the How We Use The Information We Collect section above.
Who it is shared with: Shared with our affiliates, partners, vendors, and service providers.

Category: Protected classification characteristics under California or federal law
Examples: Age (40 years or older), physical or mental disability, sex (including gender, gender identity, gender expression), sexual orientation, veteran or military status.
When it is collected: Collected online or offline when you directly provide it to us, through your use of our website or services, purchasing our products, or from third parties.
Purpose of the collection: We collect this information for the purposes listed in the How We Use The Information We Collect section above.
Who it is shared with: Shared with our affiliates, partners, vendors, and service providers.

Category: Commercial information
Examples: Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
When it is collected: Collected online or offline when you directly provide it to us, through your use of our website or services, purchasing our products, or from third parties.
Purpose of the collection: We collect this information for the purposes listed in the How We Use The Information We Collect section above.
Who it is shared with: Shared with our affiliates, partners, vendors, and service providers.

Category: Biometric information
Examples: Genetic, physiological, behavioral, and biological characteristics
When it is collected: Not collected
Purpose of the collection: N/A
Who it is shared with: N/A

Category: Internet or other similar network activity
Examples: Information on a customer's interaction with a website, application, or advertisement.
When it is collected: Collected online or offline when you directly provide it to us, through your use of our website or services, purchasing our products, or from third parties.
Purpose of the collection: We collect this information for the purposes listed in the How We Use The Information We Collect section above.
Who it is shared with: Shared with our affiliates, partners, vendors, and service providers.

Category: Geolocation data
Examples: Physical location or movements.
When it is collected: Not collected
Purpose of the collection: N/A
Who it is shared with: N/A

Category: Sensory data
Examples: Audio, electronic, visual, thermal, olfactory, or similar information.
When it is collected: Not collected
Purpose of the collection: N/A
Who it is shared with: N/A

Category: Professional or employment-related information
Examples: Current or past job history
When it is collected: Not collected
Purpose of the collection: N/A
Who it is shared with: N/A

Category: Non-public education information
Examples: Education records directly related to a student maintained by an educational institution.
When it is collected: Not collected
Purpose of the collection: N/A
Who it is shared with: N/A

Category: Inferences drawn from other personal information
Examples: Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
When it is collected: Not collected
Purpose of the collection: N/A
Who it is shared with: N/A