Privacy policy

Privacy Statement

We (“Peace Out, LLC”) respect your concerns about privacy and value the relationship we have with you. This Privacy Statement is intended to provide comprehensive information on the types of personal data we collect about our customers when they visit the website www.peacoutskincare.com (our “Website”), how we use this information, with whom we share it, and the rights of our customers regarding our use of this information. We also describe the measures we take to protect the security of the information, how long we retain it and how our customers can contact us about our privacy practices and how to exercise their rights.

By accessing or using our Website, you agree to this privacy policy. This policy may change from time to time. Your continued use of our Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

For the purposes of applicable data protection laws, we, Peace Out, LLC., a company registered in California and having its registered office at 95 Third Street, Second Floor, San Francisco CA 94103, United States are the “data controller”. "Data controller" is a legal term used to describe the person or entity that controls the way your personal information is processed.

-----

SECTION 1 – WHAT IS PERSONAL DATA? 

“Personal data” means any information or pieces of information that could identify you either directly (e.g. your name) or indirectly (e.g. through pseudonymized data, such as a unique ID number). This means that personal data includes things like email/home addresses, usernames, profile pictures, personal preferences and shopping habits, user generated content, financial information, and health information. It could also include unique numerical identifiers like your computer’s IP address.

 

SECTION 2 – WHEN DO WE COLLECT PERSONAL DATA FROM YOU? 

We receive personal data from you through the internet such as via our selling Website or via our mobile app or via email.  

 

SECTION 3 – WHAT DATA DO WE COLLECT? 

Although the precise details of the personal information collected will vary according to the specific purpose for which we are collecting the information, we may typically collect the following personal data: 

(a)  name 

(b)  address 

(c)  phone number(s) 

(d)  date of birth 

(e)  e-mail address 

(f)   credit card number 

(g)  gender 

(h)  language preference 

(i)   merchandise category preferences 

(j)   identity card number or national insurance number (where this is appropriate pursuant to local law or custom). 

 

SECTION 4 – WHAT DO WE DO WITH YOUR DATA?

We limit the amount and type of personal information that we collect to that which is necessary for the purposes for which we are collecting it. 

We collect your personal information for the following purposes: 

  • When you create an account on our Website, we collect the personal data you give us such as your name and surname, gender, date of birth, address and email address and phone number. This allows us to manage your orders, allow you to manage your preferences (country setting, currency, language), respond to your questions, requests and otherwise interact with you, offer and manage our loyalty program called the Peace Out Perks, monitor and improve our Website and run analytics or collect statistics. This processing is necessary for the performance of our contract with you.
  • When you have subscribed to receiving our marketing communications, we collect the personal data you give us such as your name and surname, gender, date of birth, address and email address and phone number. This allows us to send you marketing communications (where you have subscribed to receiving such communications) about our store, our new products and other updates. This processing is based on your consent.
  • When you purchase something from our Website, as part of the buying and selling process, we collect the personal data you give us such as your name and surname, gender, date of birth, address and email address, phone number, payment information such as credit card or debit card details and purchase history. This allows us to contact you to finalize your transaction, manage your order, inform you when a product is available or out of stock, process information relative to the delivery address of the goods, secure checkout/transaction against fraud.  This processing is necessary for the performance of our contract with you. This processing also responds to our legitimate interests which include to improve our products and services, to better engage with you, to secure our tools and to prevent fraud or criminal activity.
  • When you have purchased a product from us and wish to receive an exchange or return, we collect the personal data mentioned above to process the product exchange or return.  This processing is necessary to perform our contractual obligations. 
  • When you browse our Website, we also automatically receive your computer’s internet protocol (IP) address through cookies or similar technologies. We also collect data related to your navigation on our Website such as the pages/ads/content you looked at, clicked or tapped on, the videos you watched, the duration of your visit; and/or Products you searched for and/or selected to create your basket. This allows us to gather information that helps us learn about your browser and operating system.  This processing is necessary to pursue our legitimate interests such as to improve our products and services and to better engage with you. Our Website uses Google analytics to help us learn about visits and the pages being viewed.


SECTION 5 – PROCESSING ON THE BASIS OF YOUR CONSENT 

Where appropriate (for purposes of direct marketing communications from us for example), we will ask for your consent to process the personal data or leave an express option to opt-in or out. 

Where you have given consent for processing activities, you have the right to withdraw your consent at any time. How do you withdraw your consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at info@peaceoutinc.com or mailing us at:

Peace Out, LLC
95 Third Street,
Second Floor, 
San Francisco, CA 94103


SECTION 6 – HOW LONG DO WE STORE YOUR DATA?

Generally, we store your personal data for as long as necessary in order to perform our contract with you. Personal data processed through consent is deleted upon receipt of your withdrawal of consent. Your personal data may be retained for a longer period for legal or regulatory reasons.  


SECTION 7 - DISCLOSURE

We may disclose your personal information in the following but limited to circumstances:  

  1. To comply with a legal obligation;
  2. When we believe in good faith that an applicable law requires it;
  3. At the request of governmental authorities conducting an investigation;
  4. To enforce our “Terms of Use”.

 

SECTION 8 – SHARING OF YOUR PERSONAL DATA WITH THIRD PARTIES

We want to be clear that we do not sell your personal data. We may share your personal data within Peace Out. In addition, we share your personal data with selected third-parties which perform functions on our behalf, such as companies that host or operate our Website, process payments, provide customer service or postal or delivery services. These third-party providers that assist us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. They have all entered into processing agreements with us and undertake to comply with the GDPR. 

  • SHOPIFY

Our Website is hosted on Shopify Inc. Shopify provides us with the online e-commerce platform that allows us to sell our products and services to you.

Your data is stored through Shopify’s data storage, databases and the general Shopify application. Shopify stores your data on a secure server behind a firewall. Shopify has access to personal data needed to perform its functions but may not use it for other purposes. We recommend that you read Shopify’s Privacy Statement (https://www.shopify.com/legal/privacy) and Shopify’s Terms of Service (https://www.shopify.com/legal/terms) so you can understand the manner in which your personal information will be handled by these providers.

Payment: 

If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

  • KLAVIYO 

We use the services of Klaviyo as an email and sms service provider and Klaviyo does not store your personal data. 

For more insight, you may also want to read Klaviyo’s Privacy Notice (https://www.klaviyo.com/privacy/policy

  • Links to third-party sites and social media 

Our Website contains links to other websites. When you click on one of those links on our Website, they may direct you away from our site. Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

We are not responsible or liable for the privacy practices of other sites. We encourage you to read their privacy statements before you share any personal data with websites. 

We also have links to our social media channels. We encourage you to visit the relevant social media platform and review its privacy policy to understand how your personal data is shared and used in this context.

 

SECTION 9 – HOW DO WE PROTECT YOUR PERSONAL DATA? 

To protect your personal data, we take every reasonable precaution and follow industry best practices to make sure it is not inappropriately lost, stolen, misused, accessed, disclosed, copied, altered or destroyed.

We incorporate security measures that include encrypting your payment information: if you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption.  We use firewalls to protect our servers from unauthorized access. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

 

SECTION 10 – COOKIES 

We collect and process your personal data through cookies when you browse our Website. We use cookies to enhance the usability or functionality of a website; therefore disabling some types of cookies may prevent you from using certain parts of our websites.

You can easily manage your preferences regarding the cookies which are set by our Website and choose to opt-in or opt-out by using the tools on our websites.

If you would like to disable cookies on your browser, use the ‘Help’ function on your browser for information on how to do this. To delete or restrict cookies on your mobile phone device, refer to your handset manual. Please be aware that some parts of our Website and the purchase of our products will not function correctly if you disable all cookies. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not. You don’t have to opt-in, but some things might not work properly if they’re switched off. 

  • Necessary Cookies 

This type of cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

  1. secure_session_id (unique token, sessional). This allows Shopify to secure your session.
  2. storefront_digest (unique token, indefinite if the shop has a password). These cookies are used to determine if the current visitor has access.

 

  • Analytics Cookies 

This type of cookie lets us measure and improve the performance of our website, so we can see what’s popular, or what needs improving. The info all gets grouped together, so it is anonymous.

  1. _landing_page by Google. This cookie is used to track statistical data on visitor behaviour for analytics purposes.
  2. _ga by Google. This cookie is used to distinguish website users in Google Analytics, allowing us to monitor activity and help us to continually improve site usability.
  3. _gat by Google. This cookie is used to distinguish website users in Google Analytics, allowing us to monitor activity and help us to continually improve site usability.
  4. _gid by Google. This cookie is used to distinguish website users in Google Analytics, allowing us to monitor activity and help us to continually improve site usability.
  5. _hjFirstSeen by Google. This cookie is used by Google Session and is set to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions for statistical purposes. 
  6. _hjid by Google. This is a Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID for statistical purposes.
  7. _ga by Rakuten. This cookie is used to distinguish users.
  8. _gid by Rakuten. This cookie is used to distinguish users.
  9. _gat_gtag_UA_60188713_1 by Rakuten. This cookie is used to throttle request rate.
  10. __kla_id Klaviyo. This cookie is used by Klaviyo 
  11. Rp by Rakuten. This cookie is used to identify unique visitors, with an ID and timestamp and for measurement of the number of visitors and users.
  12. rat_v by Rakuten. This cookie is used to identify unique visitors, with an ID and timestamp and for measurement of the number of visitors and users.
  13. s_vi by Rakuten. This cookie is used to identify unique visitors, with an ID and timestamp.
  14. s_sess by Rakuten. This cookie is a value for measurement during a session such as clickmap.
  15. s_pers by Rakuten. This cookie is a value for measurement beyond sessions such as visit experience.
  16. shopify_uniq. These cookies count the number of visits to a store by a single customer and store information about the contents of your cart, determine when your cart has been abandoned and trigger automated cart reminders via email and sms. The storage expires at midnight.
  17. shopify_visit (no data held). This is persistent for 30 minutes from the last visit and is used by our Website provider’s internal stats tracker to record the number of visits.
  • Functional cookies

This type of cookies ensures that our Website works properly. They make it easier for you to visit our Website by remembering your preferences.   

  1. _orig_referrer by Google. This cookie collects information to become an ID string on a specific visitor which can be used to target groups with similar preferences. Can also be used by third parties.
  2. Rp by Rakuten. This cookie is used to identify unique visitors, with an ID and timestamp and for measurement of the number of visitors and users.
  3. kL forms modal. This cookie is used by Klaviyo.
  4. PREF, persistent for a very short period. Set by Google and tracks who visits the store and from where.
  5. session_id (unique token, sessional). This allows Shopify to store information about your session (referrer, landing page, etc).
  • Advertising Cookies 

These cookies come from our trusted advertising partners, to make sure the ads on our website are relevant and tailored to your interests.

  1. _fbp by Facebook. This cookie is used by facebook to deliver a series of advertisements such as real time bidding for third party advertisers.
  2. shopify_sa_t by Shopify.  These are Shopify analytics relating to marketing & referrals and are used to make advertisements more relevant and allows us to detect referrals from other websites. 
  3. _shopify_sa_p by Shopify. These are Shopify analytics relating to marketing & referrals and are used to make advertisements more relevant and allows us to detect referrals from other websites.
  4. _s Google by Google. This cookie is used to optimise the website and make advertisements more relevant by collecting visitor behavious and interaction data.
  5. _pin_unauth by Google (Google Tag Manager).

 

SECTION 11 – YOUR RIGHTS

You hold rights in relation to the processing of personal data and can exercise these rights at any time. Please find below the different rights that enable you to control your personal data: 

  1. You have the right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data, and your rights. We seek to fulfil your right with the information in this Privacy Statement. 
  2. You have the right to access your personal data. You have the right to access any personal data we hold about you on a free of charge basis. In exceptional circumstances we may charge a reasonable fee for providing a copy of your personal data. such access but only where permitted by law.
  3. You have the right to request a rectification of your personal information. You have the right to correct your data. Should your personal data be incomplete, you have the right to complete the data (taking into account the processing purposes).
  4. You have the right to request the erasure of your personal data. You have the right to delete or block your data. Reasons for the existence of a cancellation/blocking right can be, among others, the revocation of the consent on which the processing is based. We may not abide by your request if we need to retain such data to comply with a legal obligation or to exercise or defend a legal claim. 
  5. You have the right to object to direct marketing or processing based on our legitimate interests. You have the right to unsubscribe or opt out of our direct marketing communication at any time and to object to our processing when it is based on our legitimate interests. 
  6. You have the right to request the restriction of processing of your personal data. You have the right to request we store your data but may not use nor process it further. 
  7. You have the right to data portability. You have the right to obtain personal data we hold about you, in a structured, electronic format, and to transfer such data to another data controller, where this is (1) personal information which you have provided to us, and (2) if the processing is based on your consent or to perform a contract with you.
  8. You have the right to withdraw your consent at any time if you have provided your consent to the processing of your personal information by contacting us with the details provided below. 
  9. You have the right not to be subject to a decision based solely on automated decision-making which produces legal or similarly significant effects on you. 

If you would like to exercise your rights, please contact our Privacy Compliance Officer using the contact information below. 

Privacy Compliance Officer at info@peaceoutinc.com or by mail at:
Peace Out, LLC
666 Natoma Street
San Francisco, CA 94103

If you do not receive a satisfactory answer from us, you have the right to make a complaint to the competent supervisory authority.

 

SECTIOn 12 – DO NOT TRACK

We currently do not participate in any "Do Not Track" frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your personal data.

 

SECTION 13 - AGE OF CONSENT

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.

 

SECTION 14 – CHILDREN’S PRIVACY

We do not knowingly collect personal data from children under the age of thirteen (13). If you are under the age of thirteen (13), please do not submit any personal data through the Website. We encourage parents and legal guardians to monitor their children's internet usage and to help enforce our Privacy Policy by instructing their children never to provide personal data through the Website without their permission. If you have reason to believe that a child under the age of 13 has provided personal data to us through the Website, please email us at info@peaceoutinc.com and we will endeavor to delete that information from our databases. If we become aware that we have collected personal data from anyone under the age of 13 without verification of parental consent, we will take steps to remove that information from our servers.

If we need to rely on consent as a legal basis for processing your information and your country requires consent from a parent, we may require your parent’s consent before we collect and use that information.

 

SECTION 15 – CALIFORNIA’S SHINE THE LIGHT LAW

Under California Civil Code Section 1798 (California's Shine the Light law), California residents with an established business relationship with us can request information once a year about sharing their personal data with third parties for the third parties' direct marketing purposes.

If you'd like to request more information under the California Shine the Light law, and if you are a California resident, you can contact us by using the contact information provided below.

 

SECTION 16 – CALIFORNIA PRIVACY RIGHTS FOR MINOR USERS

California Business and Professions Code Section 22581 allows California residents under the age of 18 who are registered users of online sites, services or applications to request and obtain removal of content or information they have publicly posted.

To request removal of such data, and if you are a California resident, You can contact us using the contact information provided below, and include the email address associated with your account.

Be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.

 

SECTION 17 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

 

SECTION 18 - QUESTIONS AND CONTACT INFORMATION

If you would like to exercise your rights or register a complaint, or simply want more information contact our Privacy Compliance Officer at info@peaceoutinc.com or by mail at:

Peace Out, LLC
95 Third Street,
Second Floor,
San Francisco, CA 94103


This Privacy Policy was last updated on Nov 18th, 2022.