CALIFORNIA CONSUMER PRIVACY POLICY AND NOTICE AT COLLECTION

This California Consumer Privacy Policy and Notice at Collection (“Policy”) describes how ZO Skin Health, Inc. and our affiliated entities (collectively, “ZO,” “we,” “us,” “our”) collect, process, and disclose the “personal information” of California residents (“you,” “your,” “yours”) who visit our website at zoskinhealth.com, zoskincentre.com, or any other affiliated ZO website (collectively, the “Sites”), use our services or any application we may offer, or otherwise interact with us whether online or offline (the Sites, our services, and such interactions being, collectively, the “Services”).

This Policy applies only to California residents. If you are not a California resident, our general Privacy Policy describes how we handle your information. This Policy also does not apply to individuals applying for employment with us in the context of their role as applicants, or to our personnel in their capacity as personnel.

Terms in quotation marks used throughout this Policy have the definitions provided to such terms under the California Consumer Privacy Act (as amended, the “CCPA”).

1. Personal Information We Collect

We may collect the following categories of personal information from and about you:

  • Identifiers, such as first and last name, address, unique personal identifier, online identifier, Internet Protocol (“IP”) address, email address, and account name.
  • Commercial Information, such as records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Payment Information, is general information related to paying for our products or services.
  • Internet or Other Electronic Network Activity Information, such as browsing history, search history, and information about your interactions with and use of our Services or advertisements.
  • Geolocation Information: general geographic location.
  • Sensitive Personal Information, such as general information about skin conditions.
  • Other information that directly or indirectly identifies you, such as physical characteristics, age range, and any other information you provide to us, including through your interactions with us via our website, on social media (e.g., profile picture, gender, demographics, interests, “likes” and “shares” of our content or if you choose to login to our website via social media, subject to your social media account settings), or otherwise.

We may obtain this personal information from the following categories of sources:

  • Directly from you, such as information you provide when you set up an account, sign up to receive emails from us, or place an order for our products.
  • Automatically through the use of cookies and similar technologies, such as Sites usage information.

2. How We Use Personal Information

We may use personal information for any of the following purposes:

  • To provide, maintain, and improve the Services;
  • To allow you to set up an account and profile;
  • To provide customer support and respond to your questions or requests;
  • To personalize the Services, including by providing custom content;
  • To conduct sweepstakes or contests;
  • To communicate with you, including to provide you with information, updates, and offers, subject to any preferences you have communicated to us;
  • To research and analyze the functioning and use of the Services;
  • To process orders and payments;
  • To verify your identity and prevent fraud;
  • To advertise and market our Services to you, including on third-party websites, subject to any preferences you have communicated to us;
  • To comply with legal requirements and enforce our policies;
  • To protect the safety, rights, property or security of ZO, our users, employees, third parties, members of the public and/or our Services; and
  • For any other purpose for which you have provided your consent.

For the purposes discussed in this Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy.

We may aggregate or anonymize any information we collect so that such information is no longer reasonably capable of being associated with you and use such information for any purpose. We may also disclose such information for any purpose to any third parties, at our discretion.

Please note that we only use sensitive personal information to provide the products or services you request and to personalize the Services (e.g., by recommending skincare products that are suited to your particular skin concerns).

3. How We Disclose Your Personal Information

In the twelve (12) months leading up to the effective date of this Policy, we may have disclosed personal information for any of the purposes in the “How We Use Personal Information” section above to the following types of entities and in the following circumstances.

HTML Table Example
Category of personal information disclosed Categories of entities to which it was disclosed
Identifiers, such as first and last name, address, unique personal identifier, online identifier, Internet Protocol (“IP”) address, email address, and account name.
  • Our affiliates, such as our parents and subsidiaries.
  • Companies that provide services to us, such as web hosting, customer service, payment processing, and security; and providers of professional services such as accounting services. Analytics, advertising, and marketing providers.
  • ZO Authorized Physicians (if you select a ZO Authorized Physician and direct us to disclose your information to them).
  • Regulators, legal counsel, and other entities as necessary to exercise our legal rights and comply with the law,
  • such as in connection with litigation or to respond to legal process such as a court order.
  • Acquiring entities and other parties relevant to a business transaction, such as evaluating or conducting a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding.
Commercial Information, such as records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Our affiliates, such as our parents and subsidiaries.
  • Companies that provide services to us, such as web hosting, customer service, payment processing, and security; and providers of professional services such as accounting services. Analytics, advertising, and marketing providers.
  • ZO Authorized Physicians (if you select a ZO Authorized Physician and direct us to disclose your information to them).
  • Regulators, legal counsel, and other entities as necessary to exercise our legal rights and comply with the law,
  • such as in connection with litigation or to respond to legal process such as a court order.
  • Acquiring entities and other parties relevant to a business transaction, such as evaluating or conducting a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding.
Payment Information, general information related to paying for our products or services.
  • Our affiliates, such as our parents and subsidiaries.
  • Companies that provide services to us, such as web hosting, customer service,payment processing, and security; and providers of professional services such as accounting services.
  • Regulators, legal counsel, and other entities as necessary to exercise our legal rights and comply with the law, such as in connection with litigation or to respond to legal process such as a court order.
Internet or Other Electronic Network Activity Information, such as browsing history, search history, and information about your interactions with and use of our Services or advertisements.
  • Companies that provide services to us, such as web hosting, customer service, payment processing, and security; and providers of professional services such as accounting services.
  • Analytics, advertising, and marketing providers.
  • Regulators, legal counsel, and other entities as necessary to exercise our legal rights and comply with the law, such as in connection with litigation or to respond to legal process such as a court order.
Geolocation Information: general geographic location.
  • Companies that provide services to us, such as web hosting, customer service, payment processing, and security; and providers of professional services such as accounting services.
  • ZO Authorized Physicians (if you select a ZO Authorized Physician and direct us to disclose your information to them).
  • Analytics, advertising, and marketing.
Other information that directly or indirectly identifies you, such as physical characteristics, age range, and any other information you provide to us, including through your interactions with us via our website, on social media (e.g., “likes” and “shares” of our content), or otherwise.
  • Companies that provide services to us, such as web hosting, customer service, payment processing, and security; and providers of professional services such as accounting services.
  • Analytics, advertising, and marketing.

We may provide areas on the Services where you can communicate with others, upload content, and post comments or reviews. If you choose to disclose information in this way, you (and not ZO) disclose such information to all individuals capable of viewing it. For example, if you post a comment on a publicly viewable area of the Services, you choose to disclose the information you post to the public. We encourage you to exercise discretion and caution with respect to disclosing your information.

4. Your Rights

The CCPA provides you with the right to request that we:

  • Provide you with the categories of personal information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for collecting, “selling,” or “sharing” this information; the categories of third parties to which we disclosed or sold, or with which we “shared,” this information; and the categories of personal information that we “sell” or “share” (most of which is provided in this Policy).
  • Provide access to and/or a copy of the personal information we hold about you.
  • Delete certain personal information that we hold about you.
  • Correct inaccurate personal information that we hold about you.
  • Opt out of our “sale” or “sharing” of your personal information (as discussed in more detail below).

You have the right to not be discriminated against (as provided for in California law) for exercising the above rights and to be informed of any “financial incentives” we may offer, as described below under “Notice of Financial Incentives.”

The CCPA also allows you to limit certain uses or disclosures of your “sensitive personal information” if such information is used for certain purposes. The sensitive personal information we collect about you is stated above. Please note that we only use or disclose sensitive personal information for purposes you cannot limit under the CCPA.

Exceptions to Your Rights. There are certain exceptions to the above rights. For example, we may deny a deletion request if it is reasonably necessary for us or our vendors to retain your personal information to provide a service that you have requested, comply with law, or detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity or prosecute those responsible for such activity.

Exercising Your Rights. To exercise any of the rights listed above, please submit the form located HERE.

Only you or a person registered with the California Secretary of State that you authorize to act on your behalf (an “authorized agent”) may make a request related to your personal information. The request must provide sufficient information to allow us to reasonably verify you are making a request about information pertaining to you, or in the case of requests submitted by an authorized agent, that the agent is authorized to act on your behalf. If we are unable to verify your identity from the request itself, we may ask for additional information from you in order to verify you or your authorized agent.

Right to Opt Out of “Sales” and “Sharing”. In connection with our advertising, marketing, and analytics activities, we provide certain personal information to providers of advertising, marketing, and analytics services, including (without limitation) to third-party advertising providers for targeted advertising purposes, so that we can provide you with more relevant and tailored ads regarding our Services. Disclosing personal information to these entities may be considered a “sale” of personal information under the CCPA or the “sharing” of personal information for targeted advertising purposes under the CCPA.

If you would like to opt out of our online disclosure such as through cookies and similar technologies of your personal information for purposes that could be considered “sales” for those third parties' own commercial purposes, or “sharing” for purposes of targeted advertising, please [click here]. You can also submit a sale opt-out request to opt out of our offline disclosures of information that are subject to applicable opt out rights by emailing us at [email protected].. Please note that we do not knowingly sell the personal information of minors under 16 years of age without legally required affirmative authorization.

Please note that if you have a legally recognized browser-based opt out preference signal turned on via your device browser, we recognize such preference in accordance with applicable law. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them.

5. Notice of Financial Incentives

We may provide certain rewards or incentives for users who sign up for certain services. For example, we may offer free shipping for users who subscribe to our marketing emails. You can obtain free shipping by providing your email address and opting into our marketing emails as prompted via the popup on the Site. Your participation is completely voluntary, and you have the right to withdraw at any time. If you decide you no longer want to receive marketing emails, you can opt out by clicking the “Unsubscribe” button in our marketing emails.

The specific reward or incentive offered, if any, is made available to you when you subscribe to emails. The monetary value of the reward or incentive is a reasonable approximation of the monetary value of participation in our text message program. We have arrived at this estimate based on consideration of multiple factors, including the following: (a) revenue generated by us in connection with our email marketing programs; (b) expenses incurred by us in operating our email marketing programs; and (c) improvement of products and services based on information obtained through our email marketing programs.

6. Retention

We will retain your information for as long as your account is active, as long as necessary to provide you with our Services, as long as necessary for our legitimate business interests, and/or as long as necessary to comply with our legal obligations.

In accordance with routine record keeping practices, and subject to any requirements of applicable law, we may delete records that contain your information. We are under no obligation to store your information indefinitely and disclaim any liability arising out of, or related to, deletion of your information.

7.“Shine the Light” Disclosure

Under California’s “Shine the Light” law, California residents who provide information to the Website may request certain information regarding our disclosure of your information to third parties for their direct marketing purposes.

8. Changes to this Policy

We may change this Policy at any time and will indicate the date of the most recent update at the end of this Policy. By continuing to use the Services, you are confirming that you have read and understood the latest version of this Policy.

9. Contact Us

If you have any questions regarding this Policy or our privacy practices, please feel free to contact us by email at: [email protected], via phone at (888) 893-1375, or in writing at: ZO Skin Health, Inc. 9685 Research Drive Irvine, CA 92618 USA Last Updated: November 15, 2023