Effective Date: 5.30.2018
For purposes of this policy:
"Affiliates" means any person or entity which directly or indirectly controls, is controlled by or is under common control with us, whether by ownership or otherwise.
"Customer" means any natural or legal person using the website of VMT.
"Personal Data" means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity and includes information that relates to an identified or identifiable Customer or Supplier’s representative, or can be linked to that Customer or Supplier’s representative.
"Non-Personal Data" means data that cannot, on its own, be used to identify a natural person. That said, Non-Personal Data may be aggregated, in some circumstances, in a manner that could identify a natural person. In that circumstance, the aggregated Non-Personal Data would become Personal Data.
"Sensitive Personal Data" means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership or concerning health or sex, and the commission or alleged commission of any offense, any proceedings for any offense committed or alleged to have been committed by the individual or the disposal of such proceedings, or the sentence of any court in such proceedings.
"Supplier" means any supplier, vendor or other third party that provides services or products to VMT.
How We Collect Your DataWe collect information in the following ways:
When Customers visit the website or contact us outside of the website, they may choose to interact with VMT in ways that may require us to gather certain data, including Customer name, e-mail address, telephone number, or credit card number to process a particular transaction. For example, we may require a Customer to register to receive certain benefits, products or services, and to provide certain registration data including the Customer’s name, country, zip code or postal code (as appropriate), and email address. If the Customer does not provide this data, the Customer may not have access to certain services.
In addition to the information Customers provide us, we also collect certain technical information when Customers access, browse and use the website, including information that we automatically receive and record from the Customer’s browser or mobile platform. This technical information helps us understand the characteristics of people who visit our website and to improve and market our website in general. This type of data includes standard information about visits and system capabilities, including:
Information about the device(s) Customers use to access the website, including MAC address, IP address, referrers, browser type and version, location, time zone, setting, browser plug-in types and versions, operating systems and platform, device type, device and application identifiers, operating information, mobile carrier, and cookies;
If the Customer becomes a registered user and makes postings on the website, we may collect information about those postings, including information concerning the areas of our website on which the Customer posts, the content of those posts, posts that respond, and the individuals or entities with whom the Customer communicates;
Information about Customer visits to the VMT’s website, including the full URL clickstream to, though, and from the VMT website, including dates and times;
Information we need and use to facilitate Customer usage of the VMT website, including URL requests, destination IP addresses, or device configuration details;
Pages a Customer views, searches run by the Customer, length of time browsing search results, specific search results the Customer selects to view, length of visits to other pages, page interaction information (such as scrolling, clicks, and mouse-overs), Customer engagement with certain dynamic elements of a page and methods used to browse away from the page; and
Page response times and download errors.
Some information we collect is generated from cookies and beacons. For more details about cookies, beacons, and your choices, see Cookies and Beacons below.
VMT may obtain data associated with its Suppliers’ representatives. This information may include contact information and financial account information of the Suppliers’ representatives.
Social Media IntegrationVMT’s website may, from time to time, contain links to and from social media platforms. You may choose to connect to us through a social media platform, such as Facebook or Twitter, and when you do, we may collect additional information from you, such as your screen names, profile picture, contact information, contact list, and the profile pictures of your contacts, through the social media platform. Please be advised that such social media platforms may also collect information from you, and about you. When you click on a social plug-in, such as Facebook’s “Like” button, Twitter’s “tweet” button, or the Google+, that particular social network’s plug-in will be activated and your browser will directly connect to that provider’s servers. We do not have control over the collection, use and sharing practices of social media platforms and encourage you to review their usage and disclosure policies and practices, including the data security practices, before using the social media platforms.
How We Use Information We Collect
VMT uses the information it collects in the following ways:
VMT uses Customer Data (including Personal, Non-Personal, and Sensitive Data) to:
Help establish and verify the identity of Customers;
Open, maintain, administer and service Customer accounts or memberships;
Process postings and send related communications;
Deliver content tailored to Customer interests and the manner in which Customers use the website;
Present content in a manner that is optimized for the Customer’s device;
Measure and analyze the effectiveness of the services we provide;
Provide all level of support to Customers;
Improve our website, including tailoring it to Customer preferences;
Respond to Customer questions, inquiries, comments and instructions;
Maintain the security and integrity of our systems;
Conduct online sales of product via a credit card or other means of payment;
Submit newsletters and other marketing material to Customers;
Conduct targeted marketing based on Customers' previously expressed preferences;
Communicate with credit institutions to resolve payment issues with Customers' credit cards or otherwise; and
Comply with applicable legal requirements, including government reporting and specific local law requirements.
We may also combine technical information about Customer use of our website with information we obtain from other Customers to use in the aggregate or in an anonymous manner for similar purposes.
VMT uses Supplier data (Personal, Non-Personal, Sensitive) to manage its relationships with its Suppliers, process payments, expenses and reimbursements, and carry out VMT’s obligations under its contracts with the Suppliers.
How We Share Your Data
We feel strongly that your Personal and Sensitive Personal Data should only be seen by you, unless you choose to share it with others. We will never sell, rent, license or exchange your Personal or Sensitive Personal Data with a third party without your permission, except as otherwise provided. No Personal or Sensitive Personal Data will be shared with advertisers or partners without your permission. Some of your information may be shared on an aggregate basis only, as a part of a larger set of statistics (for example, statistics that indicate the percentage of our members that are female), but that information will not be sufficient to permit the recipient to identify you.
Notwithstanding the forgoing, we will only disclose Personal or Sensitive Personal Data without your permission in the following limited circumstances: (i) if we are required to do so by law, or (ii) if we have the good faith belief that such action is necessary to conform to applicable laws or comply with legal process served on us, or to protect and defend our rights or property or the rights or property of a Customer.
Sharing With Affiliates
We may disclose your Personal and Sensitive Personal Data with our Affiliates. The following is a list of those affiliates.
|Affiliate||Relationship with VMT|
|Paypal||As a Payment Gateway Partner|
|Authorize.net||As a Payment Gateway Partner|
|Teamwork||Data Integration Partner|
|Amazon Pay||As a Payment Gateway Partner|
|Apple Pay||As a Payment Gateway Partner|
Sharing With Third Parties
We may provide to third parties information about you that does not allow you to be identified or contacted, including where such information is combined with similar information of other users of our website. For instance, we may provide information to third parties regarding the number of unique users who visit our website, the demographic breakdown of the registered users of our website, or the activities that visitors to our website engage in while on our website. The third parties to which we may provide this information may include potential or actual advertisers, providers of advertising services (including website tracking services), commercial partners, sponsors, licensees, researchers and other similar parties. Listing of those third party recipients is as follows:
|Third party recipient||Purpose of disclosure||Legal basis for disclosure|
|Remarkety||Use for Mail Communication|
|Ship Station||Use for shipment of Items|
|CRM||Use for Customer Relationship Management|
|Zendesk chat||Online customer support|
|Fedex||Used as Shipment Gateway|
|UPS||Used as Shipment Gateway|
Sharing With Outside Contractors
Sharing For Legal Purposes
We may also disclose your information to law enforcement agencies, government officials, or other third parties as necessary for the purpose of:
Complying with any court order, law or legal process, including to respond to any government or regulatory request;
Preventing fraud and providing credit risk reduction;
Investigating potential unauthorized access or misuse of our website;
Protecting the assets or property, and enforcing the rights of our website, including for billing and collection purposes; and
Protecting the rights, property, or safety of our users or others.
In the event that we receive a request from a governmental entity to provide it with your information, we will make reasonable attempts to notify you of such request, to the extent reasonably and legally permissible.
Cookies and Beacons
A comprehensive list of the types of cookies and beacons on our website is as follows:
|Type of Cookie||Placement Point||Purpose of Cookie|
|Session_id||Frontend||To check customer is logged in|
|Customer_id||Frontend||To check customer is logged in or not|
|Cart||Frontend||Association with Customer shopping cart|
|Is_Logged_in||Frontend||To check customer is logged in or not|
Browser Cookies. A browser cookie is a small file placed on the hard drive of your computer. That cookie then communicates with servers, ours or those of other companies that we authorize to collect data for us, and allows recognition of your personal computer. We associate cookies with Personal or Sensitive Personal Data only if you authorize us to do so. We do not otherwise collect Personal or Sensitive Personal Data from browser cookies and we do not associate browser cookies with your Personal or Sensitive Personal Data. You may use the tools available on your computer or other device to set your browser to refuse or disable all or some browser cookies, or to alert you when cookies are being set.
Flash Cookies.Certain features of our website may use locally stored objects called flash cookies to collect and store information about your preferences and navigation to, from and on our website. We also include cookies to provide aggregate reporting. The cookies do not identify you as an individual or track your online behavior. We do not collect Personal or Sensitive Personal Data from flash cookies and we will not associate them with your Personal or Sensitive Personal Data.
Beacons.Our website and e-mails may contain small electronic files known as beacons (also referred to as web beacons, clear GIFs, pixel tags and single-pixel GIFs) that permit us to, for example, count users who have visited those pages or opened an e-mail and for other website-related statistics. Beacons in e-mail marketing campaigns allow us to track your responses and your interests in our content, offerings and web pages. You may use the tools in your device to disable these technologies as well.
You have choices relating to how we collect and use your information.
E-mail Communications.You may have the opportunity to receive certain communications from us related to our services. If you provide us with your e-mail address in order to receive communications, you can opt out of marketing e-mails at any time by following the instructions at the bottom of our e-mails and adjusting your e-mail preferences. Please note that certain e-mails may be necessary for the operation of our website. You will continue to receive these e-mails, if appropriate, even if you unsubscribe from our optional communications.
Cookies / Beacons. If you wish to minimize information collected by cookie or beacon, you can adjust the settings of your browsers to notify you when you receive a cookie, which lets you choose whether or not to accept it. You can also set your browser to automatically reject any cookies. You may also be able to install plug-ins and add-ins that serve similar functions. However, please be aware that some features and services on our website may not work properly if we are not able to recognize and associate you with your account. In addition, the offers we provide when you visit us may not be as relevant to you or tailored to your interests.
Securing Your Information
The security of your information is important to us, and we have established administrative, technical, and physical safeguards designed to protect your Personal and Sensitive Personal Data against unauthorized alteration, access, loss, theft, use or disclosure. Unfortunately, no system can guarantee complete security of your information. As a result, VMT cannot ensure or warrant that your information, including your Personal or Sensitive Personal Data, is secure from unauthorized third parties. Thus, your use of the VMT website and communication with us about them is at your own risk. WE CANNOT ENSURE OR WARRANT THE SECURITY OF ANY INFORMATION YOU TRANSMIT TO US, AND YOU DO SO AT YOUR OWN RISK.
VMT takes reasonable precautions, using up to date systems and procedures to protect Personal and Sensitive Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction. The relevant systems and procedures, which provide for system security and protect Personal Data from breaches, are described in the Technology Resources, Use, and Security Policy, available to all VMT, and the IT Operations Manual which is applied by competent VMT personnel who manage and support the VMT information technology systems and processes.
If you have reason to believe that your interaction with VMT is no longer secure (for example, if you feel that the security of your username or password has been compromised), you must immediately notify us of the problem by contacting us at firstname.lastname@example.org.
VMT takes reasonable steps to ensure that the Personal Data the company processes is (i) relevant for the purposes for which the Personal Data is to be used, (ii) reliable for its intended use, and (iii) accurate, complete and current. In this regard, VMT depends on Suppliers’ representatives to update and correct their Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorized by the individuals.
Links To Third Party Websites
VMT keeps your Personal and Sensitive Personal Data for no longer than is reasonably necessary or required by law. How long we keep that data depends on the type of information and purpose.
The criteria we use to determine the retention period for certain categories of data is as follows:
The length of time that you are a member of VMT;
How frequently you do business with VMT;
Whether there are contractual or legal obligations that exist that require us to retain the data for a particular period of time;
Whether there is any ongoing legal claim that relates to any service you may have received from VMT, or that is otherwise related to your relationship with us;
Whether any applicable law, statute, or regulation allows for a specific retention period;
Whether the personal information is considered to be a special category of personal information, in which case a shorter retention period generally would be applied; and
What the expectation for retention was at the time the data was provided to us.
Your Privacy Rights
You may have, in accordance with applicable data protection laws, the following rights when it comes to our handling of your personal information:
Right of access. You may have the right to request a copy of the personal information we have about you and to request supporting information explaining how the personal information is used.
Right of rectification. You may have the right to request that we rectify inaccurate personal information about you.
Right of erasure. You may have the right to request that we erase personal information about you.
Right to restrict processing. In some situations, you may have the right to request that we do not use the personal information you have provided (e.g., if you believe it to be inaccurate).
Right to data portability. You may have the right to receive certain of your personal information in a structured, commonly used and machine-readable format and to transmit such information to another controller.
Right to withdraw consent. Where we process your personal information based on consent (including direct marketing consents, you have the right to withdraw consent at any time. However, this will not affect the lawfulness of the processing based on consent before its withdrawal. Furthermore, even in case of a withdrawal we may continue to use your personal information as permitted or required by law.
Right to object. Where we are processing your personal information based on a legitimate interest (or those of a third party) you may challenge this. However, we may be entitled to continue processing your information based on our legitimate interests or where this is relevant to legal claims. You also have the right to object where we are processing your personal information for direct marketing purposes.
Right against Profiling. You may have the right not to be subject to a decision based solely on automated processing, including profiling, which produces effects concerning you.
Please contact email@example.com if you would like to exercise any of these rights or in case you should have any concerns about how we process your personal information. You are also free to lodge a complaint with the relevant and applicable supervisory authority, should you feel that we have processed your personal information in way that is against applicable law.
This website is directed toward and designed for use by persons aged 18 or the age of majority in the jurisdiction in which you reside. We will not approve applications of, or establish or maintain accounts or memberships for, any child that we knows to be under the age of 18. We do not solicit or knowingly collect information from children under the age of 18. If we nevertheless discover that we have received information from an individual who indicates that he or she is, or that we otherwise have reason to believe is, under the age of 18, we will promptly delete such information from our systems. Additionally, a child's parent or legal guardian may request that the child's information be corrected or promptly deleted from our files by contacting our Privacy Coordinator at the telephone number or address set out below.
Enforcement and Oversight
VMT has established procedures for periodically verifying implementation of and compliance with the relevant data protection laws. VMT conducts an annual self-assessment of its data practices to verify that the attestations and assertions it makes concerning privacy practices are true and that the company’s privacy practices have been implemented as represented.
Suppliers’ representatives may file a complaint concerning VMT’s processing of their Personal Data with the competent corporate officers and company's representatives, whose contact information is below. VMT will take steps to remedy any issues arising out of a failure to comply with applicable law. If Supplier complaint cannot be resolved through VMT’s internal processes, VMT will cooperate with the relevant EEA or Swiss data protection authority, as appropriate.
VMT undertakes to comply with national legislation of EEA Member States in transposition of the EU Data Protection Directive and conduct any registration or notification to the competent EEA or Swiss data protection authorities, including but not limited to the filing of Standard Contractual Clauses, when required, to secure the lawful character of personal data transfers from the EEA to the United States.
VMT intends to have the EU DPAs and Swiss FDPIC serve as the Independent Recourse Mechanism for all categories of personal data covered by the self-certification or merely for ‘organization human resources data'.
To report a personal data breach or to ask questions or express concerns about personal data collection, management and processing, please contact the following:
Contact: Privacy Coordinator - firstname.lastname@example.org
Telephone: 212 253 0921 653 Broadway, New York NY 10012
Venus By Maria Tash, Inc.