HataCos (“HataCos”, “our” or “we”) has developed this privacy policy (“Privacy Policy”) to explain how HataCos collects, uses, and discloses certain information. It applies to individuals (“users,” “you” or “your”) who visit hatacos.com (the “Site”), set up an account through the site, and/or make purchases through the Site or other sites, apps or services that link to this Policy (collectively, along with other functionalities of the Site, the “Services”). This Privacy Policy does not apply to any information collected by websites other than the site.

We encourage you to read this Privacy Policy carefully to understand how we handle your information. By using the Services, you acknowledge that you have read and understand this Policy and that we collect, use, and disclose your information as set forth below. If you do not agree to this Privacy Policy, do not use the Services.

INFORMATION WE COLLECT ABOUT YOU

HataCos may collect the following information from and about you:

Information You Provide to Us. We may collect information that you provide to us when you use the Services, for example, you create an account, make a purchase, input information into a form on our Site, email us, or engage with us on social media. This information may include:

  • Contact Information such as your name, email address, and telephone number;
  • Transactional & Payment Information such as your order information, your billing and shipping address, and payment information (e.g., financial information which is processed by our respective third party payment processors);
  • Profile Information such as information about your skincare needs, such as skin conditions;
  • Inquiries and Feedback including comments and questions you submit through customer service interactions with us (via email, phone, or online chat) or through surveys;
  • User Generated Content certain parts of the Services may enable you to post comments, reviews or other content, that, depending on where you post them, may be publicly viewable.

Information Collected Automatically.

When you interact with the Services or communications from us (such as emails), we may automatically collect:

  • Device information and related identifiers, including: your IP address, browser type and language, browser type, browser language, operating system, device identifiers, the state or country from which you accessed the Services, and software and hardware attributes. From your IP address, we may be able to infer your general location (e.g., city/state or postal code).
  • Usage Information including domain names, access times, referring website addresses, landing pages, the links you click, and the amount of time you spend on the Sites. Some of this data is collected using cookies and similar technologies. To learn more about these technologies and your choices regarding them, please see the section below titled Your Information Choices.

Information From Other Sources.

We may receive social media information (such as profile picture, gender, demographics, interests, and likes) if you choose to login via social media or interact with us over social media (subject to your social media account settings).

We sometimes collect information about you from other sources, including marketing and demographic data, analytics information, and other information such as updated delivery and address information from carriers or third parties; which enables us to correct our records and deliver your next purchase from this Site or future communications more easily; account information, purchase information, and page-view information from some merchants with which we operate co-branded businesses or for which we provide technical, fulfillment, advertising, or other services; search terms and search result information from some searches conducted through the Site’s search features; and search results and links including paid listings (such as Sponsored Links from Google).

HOW WE USE THE INFORMATION WE COLLECT

We may use the information we collect from and about you for the following purposes:

  • To provide, maintain, and improve the Services;
  • To allow you to set up an account and profile;
  • To provide customer support and respond to your questions or requests;
  • To personalize the Services, including by providing custom content;
  • To conduct sweepstakes or contests;
  • To communicate with you, including to provide you with information, updates, and offers, subject to any preferences you have communicated to us;
  • To research and analyze the functioning and use of the Services;
  • To process orders and payments;
  • To verify your identity and prevent fraud;
  • To advertise and market our Services to you, including on third-party websites, subject to any preferences you have communicated to us;
  • To comply with legal requirements and enforce our policies;
  • To protect the safety, rights, property or security of SS, our users, employees, third parties, members of the public and/or our Services; and
  • For any other purpose for which you have provided your consent.

For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Privacy Policy.

We may aggregate or anonymize any information we collect so that such information is no longer reasonably capable of being associated with you and use such information for any purpose. We may also share such information for any purpose with any third parties, at our discretion.

The laws in some jurisdictions require companies to tell you about the legal grounds they rely on to process your information. Our legal bases for processing your information as described in this Privacy Policy are as follows:

  • Where use of your information is necessary to perform our obligations under a contract or commitment to you. For example, to provide the services you’ve requested from us, such as fulfilling a purchase, or to comply with our Terms of Service.
  • Where use of your information furthers our legitimate interests or the legitimate interests of others. For example, to provide security for our Services, defend our legal rights, and prevent fraud.
  • Where we use your information to comply with applicable legal obligations. For example, keeping track of purchases for tax and auditing purposes.
  • Where you have consented to our processing of your information for a particular purpose.

WITH WHOM WE SHARE YOUR INFORMATION

We may share your information with:

Subsidiaries and Affiliates. We may share your information with our subsidiaries and affiliates.

Service Providers: We may share your information with entities that perform certain services on our behalf, such as processing orders, processing credit card payments, delivering products and services, providing customer service and marketing assistance, performing business and sales analysis, supporting our website functionality, and supporting other features and promotions offered through our Site (“service providers”). We will only provide these service providers with the information that they need to provide such services, and service providers are not permitted to share or use such information for other purposes.

Business Transfers: We may share your information if another entity acquires us or our assets in connection with a merger, acquisition, reorganization, sale of assets or similar transaction, or in the event of bankruptcy. If your information is among those assets, we may disclose your information as one of the transferred assets.

Business Partners: From time to time, we may offer promotions, sweepstakes or third-party offerings on our Site. If you make purchases, engage in these services and/or products, offered through our Site or our services, we may share personal information with the businesses with which we partner to offer you those products, services, promotions, contests and/or sweepstakes. When you elect to engage in a particular merchant’s offer or program, you authorize us to provide your email address and other information to that merchant.

Legal Obligations: HataCos may disclose your information to third parties in good faith in response to a subpoena, court order, or other legal process from law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us, in our sole discretion.

Other Users of the Services: We may provide areas on the Services where you can communicate with others, upload content, and post comments or reviews. If you choose to share information in this way, you share such information with all individuals capable of viewing it. For example, if you post a comment on a publicly viewable area of the Services, you choose to share the information you post with the public. We encourage you to exercise discretion and caution with respect to sharing your information.

YOUR INFORMATION CHOICES

We provide several ways for you to exercise control over how we use information about you and how we communicate with you, described below.

Marketing Communications: Consistent with your choices and in compliance with applicable law, we may send you marketing and promotional emails. You may opt out of continuing to receive these emails through your account settings or by using the opt out link at the bottom of our marketing emails. It may take up to 10 days for us to process an opt-out request. You will still receive transactional communications from us, such as confirmation of your purchase with us. We process requests to be unsubscribed from future marketing communications, as required by applicable law.

“Do Not Track” Signals: “Do Not Track” (“DNT”) is a setting that users can enable in certain web browsers. DNT signals do not have a commonly agreed up meaning and we do not currently recognize or respond to DNT signals.

Social Media: To control the information you share with us when you follow us, like our posts, or otherwise interact with us on social media, you can adjust your social media account settings related to how your information is shared.

Analytics: We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

If you receive email from us, we may use certain analytics tools, such as tracking pixels, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.

Online Advertising: The Services may allow third-party advertising technologies (e.g., ad networks and ad servers such as Bing Ads and others) to place cookies or other tracking technologies on your computer, mobile phone, or other device to collect information about you to assist in the delivery of relevant advertising about the Services on other websites you visit and other services you use.

We neither have access to, nor does this Privacy Policy govern, the cookies or other tracking technologies that may be placed on the device you use to access the Services by such non-affiliated third parties. For more information about tailored advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, please visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link, or Your Online Choices to opt out of receiving tailored advertising from companies that participate in those programs. To opt-out of Google Analytics for display advertising or customize Google display network ads, visit the Google Ads Settings page. Please note that these opt-outs apply per device, so you will have to opt-out for each device through which you access our Services. For more information on how to manage mobile device settings related to tailored advertising, please visit the Network Advertising Initiative’s mobile choice page at https://www.networkadvertising.org/mobile-choice.

Modifying your mobile device or browser settings may have different results depending on the type of device or browser you are using and the version of the device operating system you are running. Opting out of tailored advertising does not prevent you from seeing advertising online; instead, the ads you see are less likely to be customized to your interests.

Any third-party practices are not governed by this Privacy Policy.

Data Retention

We will retain your information for as long as your account is active, as long as necessary to provide you with our Services, as long as necessary for our legitimate business interests, and/or as long as necessary to comply with our legal obligations.

In accordance with routine record keeping practices, and subject to any requirements of applicable law, we may delete records that contain your information. We are under no obligation to store your information indefinitely and disclaim any liability arising out of, or related to, deletion of your information.

Protecting Your Information

HataCos maintains appropriate security measures (including physical, electronic and procedural measures) to help safeguard your information. However, we cannot guarantee the security of such information because no security measures are perfect. We are not responsible for third-party circumvention of any of our privacy settings or security measures.

You can also take steps to safeguard your information. If you create an account on our Site, you will be required to select a password which should be kept confidential and be of appropriate complexity. You should also limit access to your devices and account to avoid unwanted access to your information. For example, you should always log out of your account after using it on a shared device. You should think carefully about how you handle and disclose your information.

Third-Party Sites

The Services may link to third-party websites not owned or operated by HataCos. We do not control, recommend or endorse such websites. We are not responsible for and make no representations about such websites or their content, services, or practices. This Privacy Policy does not govern any third-party websites. Thus, we encourage you to review the privacy policies of any third-party websites you choose to visit to understand how those websites collect, use and share your information.

Children’s Privacy

Our Services are not directed to or intended for children under the age of 13, and we do not knowingly collect “personal information” (as defined in the U.S. Children’s Online Privacy Protection Act, or “COPPA”) from children under the age of 13 without the verifiable consent of the child’s parent or guardian.

Notice to International Users

The Services are operated in the United States and are subject to U.S. law. We may store and process information data in the United States. If you are accessing the Services from outside the United States, please be advised that U.S. law may not offer the same privacy protections as the law of your country. By using the Services, you acknowledge the transfer, processing, and/or storage of your information in the United States.

Information for Residents of the European Economic Area

If you reside in the European Economic Area (“EEA”), you have certain rights with regard to the Personal Data (as defined in the General Data Protection Regulation, or “GDPR”) that we collect about you. You have the right to request the following with respect to the Personal Data we hold about you:

  • Access to and certain information about the Personal Data;
  • Correction of inaccurate Personal Data;
  • Deletion of the Personal Data, subject to any legal or other rights we have to retain certain Personal Data;
  • Restrict and/or object to the processing of the Personal Data in certain circumstances; and
  • Receive a machine-readable copy of the Personal Data.

Where we collect, use, or share Personal Data on the basis of your consent, you have the right to withdraw that consent at any time.

We encourage you to contact us directly and allow us to work with you to address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside or work, or the place of the alleged infringement. You have the right to do so if you consider that the processing of Personal Data relating to you infringes applicable data protection laws.

No Rights of Third Parties

To the extent permitted by applicable law, this Privacy Policy does not create rights enforceable by third parties or require disclosure of any information relating to users of the Sites.

Changes to This Privacy Policy

We will occasionally update this Privacy Policy. When we post changes to this Privacy Policy, we will revise the “Last Updated” date at the bottom of the Policy and, if applicable notify you as required by applicable law. Please note, we may change information on the Sites and/or this Privacy Policy at any time and any changes to this Privacy Policy are effective immediately upon publication, and your continued use of the Services indicates your consent to these changes. We recommend that you check our Site from time to time to inform yourself of any changes in this Privacy Policy.