My Cart
Account
Settings
Language
NY EN
Not sure what you need?
Let SpoiledBrain find your
perfect hair and skin products.
Ask SpoiledBrain
Shop Hair
Hair
Shop Skin
Skin
Shop All Skin
Shop E27 Magic Collagen Shop E27 Magic Collagen

Popular Searches

Anti-Aging
Hair Loss
Wrinkles
Damaged Hair
Brittle Nails

Find exactly what you need

SpoiledBrain will identify the exact products for you based on your needs.
Just Ask SpoiledBrain

Popular Products

G25+ Anti-Aging Retin + Night Rewind Serum

G25+ Anti-Aging Retin + Night Rewind Serum

S34 Clarifying Prebiotic Treatment

S34 Clarifying Prebiotic Treatment

A22 Biotin Boost Hair + Scalp Serum

A22 Biotin Boost Hair + Scalp Serum

S24 Rapid Recovery Hair Mask

S24 Rapid Recovery Hair Mask

SPOILEDCHILD® Privacy Policy

LAST UPDATED: April 27th, 2023

SpoiledChild Inc. ("SPOILEDCHILD®", "we", "us", or "our") respects the privacy of your Personal Data (defined below), and as such, we make every effort to ensure that your Personal Data is protected and private.

This SPOILEDCHILD® Privacy Policy ("Privacy Policy") describes how we use Personal Data that we collect, receive, and store about individuals in connection with the use of the website located at www.spoiledchild.com, and any other related or affiliated websites and mobile applications (each, together with any sub-domains, content and services, the "Sites"), as well as the various product and/or service offerings made available on the Sites (collectively, "Site Offerings"). Users with disabilities who wish to access this Privacy Policy in an alternative format can contact us by emailing us at: [email protected]; or sending us U.S. mail to: SpoiledChild Inc., 110 Greene St., Second Floor, New York, NY 10012.

YOU SHOULD CAREFULLY READ THIS PRIVACY POLICY. By accessing, browsing, and/or otherwise using the Sites and/or Site Offerings, you are creating a binding contract between you and us , and you are acknowledging that you have read, understood, and agreed to be bound by this Privacy Policy, in its entirety. If you do not agree with the terms and conditions of this Privacy Policy in their entirety and/or would prefer that we not collect, use, or share your Personal Data as described herein, you should not use the Sites and/or Site Offerings, or otherwise provide us with any information.

INTRODUCTION

This Privacy Policy explains our online information practices and the choices you can make about the way your Personal Data is collected and used in connection with our Sites.

When we refer to "Personal Data" in this Privacy Policy, we are referring to any information that may be used, either alone or in combination with other information, to personally identify an individual, as well as the personal or material circumstances of an identified or identifiable individual. Different states, countries, and jurisdictions define Personal Data (and similar terms, such as personal information and personally identifiable information) to include different things, but Personal Data includes information, such as first and last name, email address, home or other physical address, telephone number, and other contact information. It may also include your computer or mobile device IP address, and geo-location information, if such data can be linked to a particular person.

This Privacy Policy applies only to Personal Data and other information provided by you and/or collected by us through the Sites. It does not apply to Personal Data and/or other information that we, or other parties, may collect through other means, such as through any business relationship between you and us. Other than where mandated by applicable law, including the GDPR and UK-GDPR (as those terms are defined below), this Privacy Policy also does not apply to information that you submit on other websites, even if we communicate with you on those other websites, or provide a link to those websites through our Sites. For example, if you login via or post something on Facebook®, LinkedIn®, Twitter®, or other social media or networking sites, that information is governed by the privacy policies of those websites, not by this Privacy Policy.

LEGAL BASIS

We collect Personal Data that you provide to us (e.g., during the registration, email submission, and/or checkout process) to fulfill your request to receive additional information or for the purpose of handling the contractual relationship that you have with SPOILEDCHILD®. We only use and store your Personal Data if we have a legal basis for doing so, including where you have given us your express consent, where we have a legitimate business interest or pursuant to a contractual relationship between you and SPOILEDCHILD®. Please be advised that users may withdraw consent at any time by using the options made available in this Privacy Policy.

TERMS OF USE

This Privacy Policy forms part of, and is fully incorporated into, our Terms and Conditions ("Terms"), which are available here.

SUPPLEMENTAL SECTIONS APPLICABLE TO CERTAIN JURISDICTIONS:

PRIVACY POLICY QUICK LINKS

Below are links to key sections of our Privacy Policy:

HOW AND WHY WE COLLECT PERSONAL DATA

Please see our Provisions for California Residents below for additional details regarding the categories of Personal Data collected, and the business purposes for such collection.

Providing Personal Data is Your Choice. However, if you choose to make use of certain Site Offerings and/or Site features, you may need to provide certain Personal Data to us. If you choose not to provide mandatory Personal Data, you may still visit parts of our Sites but you may be unable to access certain Site Offerings, options, programs, offers, and services that involve our interaction with you. If you do provide us with Personal Data as described below, you agree that it will be accurate and complete, and it is your responsibility to keep it current.

The types of Personal Data you may be asked to provide, and the circumstances in which we request it, are described below. We present the information below based on the categories of information collected, but please be aware that similar specific pieces of information may apply to multiple categories. For example, your name and email address may be included within each of the "Identification and Contact Information", "Billing Information", and "User-Provided Information" categories described below.

  1. Identification and Contact Information.
    1. This is information that identifies you as an individual, such as your first and last name, and information that enables us to contact you, such as an email address, mailing address, or phone number, as well as information about Site pages and products you have browsed, and actions taken on these pages. This information is generally collected when you: (i) create an account with us; (ii) contact us using the Sites; (iii) provide answers to quizzes and/or surveys provided by us; (iv) access the Sites from certain marketing material, links and emails; (v) request to receive newsletters and other materials; (vi) submit a product review; (vii) make a purchase (or attempt to make a purchase, but do not complete the purchase process); and (viii) participate in interactive features of the Sites, such as SpoiledBrain.
    2. Below is some additional information on how we collect this information:
      1. Account Creation: During your use of our Sites, and in order to use certain Site Offerings, you may choose, or be required, to create an account, referred to herein as an "Account." We may offer different options to create an Account, including:
        1. Direct registration, where you input your Personal Data to complete and submit a registration form directly on our Sites.
        2. Upon purchasing any SPOILEDCHILD® products and/or services and/or upon subscribing to our Auto-Refill service, an Account will automatically be created for you so that you may access, manage and cancel your subscription.
        3. Registration using third party accounts, where you use a "login with…" (or similar) button that we display on our Sites for a designated third party service, referred to herein as a "Third Party Account", such as Facebook® or Google®. Doing so will enable you to link your Account and your Third Party Account. If you choose this option, then you will be required to approve the connection as well as the types of information (which may include Personal Data) that we will obtain from your Third Party Account and the types of activities that we may perform in connection with your Third Party Account. Please note that in order to use this option, you will need to have, and may need to be signed-in to, an existing Third Party Account.
      2. Share with Friends Services: Our Sites may allow you to invite friends to use our Sites by sending them an invitation email or message. You may do so by:
        1. Using our Sites to send or post an invitation message via your Third Party Account; and/or
        2. Using our Sites to send an invitation email to your friend's external email address (for example, a Gmail address).
        3. If you send or post an invitation message to a friend, we may collect Personal Data about the recipient, such as their email address or Third Party Account user name and ID. Your name and/or email address may also be included in their invitation or email message. If we collect Personal Data about the recipient of an invitation from you, we will only use such Personal Data for the one (1) time purpose of sending the subject invitation message, and for no other purpose.
      3. Interactive Site Services: Our Site may from time to time offer interactive services that allow or request you to submit information about yourself in order to receive information, products, and services from us. For example, for our quiz(s) or similar digital experiences, you may elect to submit, or we may ask you to provide, pictures of yourself.
    3. We collect and use this category of Personal Data:
      1. for purposes of verifying your identity when you create an Account, make a purchase, or access certain Site Offerings and/or other features of our Sites;
      2. for purposes of providing you with Site Offerings, products, services, or content you have purchased, used, or otherwise engaged with;
      3. for purposes of contacting you regarding your use of the Site Offerings, purchases, or your Account, which may include providing updates and/or seeking feedback on our products;
      4. for purposes of sharing invitations and messages with your friends at your request;
      5. for purposes of responding to your inquiries and administrative requests;
      6. subject to your right to opt out and subject to applicable law, for purposes of sending you newsletters and other marketing and promotional communications that we believe may be of interest to you;
      7. for purposes of targeting you with relevant ads on third party media companies;
      8. for purposes of providing and improving our Sites and associated Site Offerings; and
      9. for internal business purposes, such as analysing and managing our service offerings including, without limitation, the Site Offerings.

      We may also combine the information we have gathered about you with information from other sources.

    4. At times, we may want to contact you via telephone regarding your use of the Site Offerings. For EU and UK residents, we will only contact you via telephone regarding your use of the Site Offerings and/or for telemarketing purposes where you provide your consent as required under the GDPR and UK-GDPR, respectively, or we have another valid legal basis under the GDPR and UK-GDPR, respectively, to do so. For US residents, by submitting your Personal Data by and through the Sites and/or Site Offerings, you agree that such act constitutes an inquiry and/or application for purposes of the Amended Telemarketing Sales Rule (16 CFR §310 et seq.), as amended from time to time (the "Rule") and applicable state do-not-call regulations. As such, notwithstanding that your telephone number may be listed on the Federal Trade Commission's Do-Not-Call List, and/or on applicable state do-not-call lists, we retain the right to contact US residents via telemarketing in accordance with the Rule and applicable state do-not-call regulations. For Australian residents, we will not contact you for telemarketing purposes where you are registered on the Do Not Call Register.
  2. Photo Data.
    1. You may be offered the opportunity to submit a photograph ("Photograph") in order for us to identify skin conditions and properties. We may apply software and algorithms against the Photographs to detect the general structure of your face ("Structural Data", together with the Photograph, the "Photo Data") and generate data derived from your Photo Data that has been de-identified, anonymized, and/or aggregated as those terms are defined by applicable law ("Derived Data") as legally permitted.
    2. We only collect Photo Data if you provide it to us through your mobile device, computer or other digital transfer as part of our quizzes or other Services.
    3. We use Photo Data and Derived Data to (i) improve our software and algorithms in order to provide the most accurate recommendations of our Site Offerings, and/or (ii) for research, product development, general Service improvements, and other legal purposes.
    4. Our legal basis for processing Photo Data provided by you to us is our legitimate business interests, specifically our ability to improve our existing and future Site Offerings and Services.
    5. Unless required to retain Photo Data to comply with the law or defend our rights, we will delete Photo Data upon the earlier of: (1) the initial purpose for collecting or obtaining such Photo Data being satisfied, or (2) 5 years since of your last interaction with SPOILEDCHILD®.
  3. Billing Information.
    1. Our Sites include the option to purchase products or services from us, as a standard sale, as part of our Auto-Refill plan, and as part of our try-before-you-buy program. If you choose to make any kind of purchase, we will require sufficient information from you to complete the transaction. Such information could include a credit card number and related account and billing information, invoice related information, and other data required to process the order. Please note that credit card information is considered "Sensitive Data" for purposes of this Privacy Policy.
    2. We collect and use this type of information for the purpose of processing required payments.
    3. SPOILEDCHILD® may utilize third-party service providers to provide payment processing services. If you choose to purchase products and/or services via the Sites, the payment method information provided will either be collected directly by the applicable third-party payment processor(s), or we will share that payment method information with those contracted third-party payment processor(s). SPOILEDCHILD® requires that its third-party payment processing service provider(s) has/have in place privacy policies and practices consistent with this Privacy Policy; provided, however, that we cannot guarantee the privacy practices of our third-party payment processing service provider(s).
    4. Our legal basis for processing this information is your contractual agreement to pay for our products.
    5. We will retain this information for as long as necessary to complete your purchase and/or to process any return, unless you have opted to save your billing information. If you do so, we will retain the information for as long as you maintain your Account.
  4. User-Provided Information.
    1. Some parts of our Sites may enable you to build a public profile in connection with your Account, referred to herein as a "Public Profile." Your Public Profile may include your name and other information that you choose to include in your Public Profile, such as your gender and a profile picture. Our Sites may also include interactive features, such as our SpoiledBrain program which allows you to answer questions about your preferences, or pages that allow users to submit product reviews or upload content. If you participate in any of these interactive areas, we will collect whatever Personal Data you choose to include.
    2. We collect and use this information for the purpose of allowing our customers and fans to engage with us and others through the Sites.
    3. Our legal basis for processing this information is our legitimate business interests, specifically our ability to operate an interactive platform that allows our customers and others to learn more about our products and for us to learn more about our customers' needs and preferences with respect to our existing or future product lines.
    4. We will retain this information for as long as we have a business need to do so, unless a longer period is required by law. Note that while you can, in some circumstances, request removal of this type of information, in some cases we may not be able to remove Personal Data that you voluntarily disclose due to technical limitations. We will inform you if we cannot remove information as requested.
    5. A Special Note About User-Provided Information. If you create a Public Profile or use other interactive features of the Sites, or engage with us via any social media websites, the information (including Personal Data) that you submit may be seen and used by others for as long as the applicable web pages remain active, and may be visible longer if pages are cached (depending on your privacy settings associated with your accounts with the applicable social media websites). This information may be used by other end-users of the Sites or the public to send you unsolicited messages. We provided notices and tools on our Sites to inform you of which content may be publicly available. However, we are not responsible for the Personal Data that you choose to post in this manner, and we encourage you to think carefully before posting anything in any public area of our Sites, and only to post information that you are sure you want to be accessible to everyone. Further, the social media websites operate independently from us, and we are not responsible for such social media websites' interfaces or privacy or security practices. We encourage you to review the privacy policies and settings of the social media websites with which you interact to help you understand those social media websites' privacy practices. If you have questions about the security and privacy settings of any social media websites that you use, please refer to their applicable privacy notices or policies.
  5. Location Information.
    1. We may provide certain location-based services, or "Location Services," through our Sites that are dependent on data related to the geographic location, or the Location Data, of your mobile device and/or other device through which you are accessing our Sites. You should be able to use the settings on your mobile device or other device to turn off location-sharing features.
    2. We collect this information for purposes of offering the Location Services on our Sites so that we can provide the applicable location-based content and any location-based Site Offerings to you.
    3. Our legal basis for processing this information is our legitimate business interests, specifically our ability to provide products and services that are applicable in the area in which our users are accessing and using the Sites.
    4. We will retain this information for only as long as the location services are active on your device.
  6. Log Files.
    1. We may (directly or through third parties) make use of log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, Internet service provider (ISP), date/time stamp, referring/exit pages, clicked pages, and any other information that your browser may send to us.
    2. We may (directly or through third parties) use such information to analyze trends, administer our Sites and/or Site Offerings, track users' movement around our Sites, and gather information.
  7. Cookies and Other Tracking Technologies.
    1. Our Sites utilize "cookies," anonymous identifiers and other tracking technologies which enable us to provide you with information that is customized for you.
    2. For more information, see the "Cookie Policy" section of this Privacy Policy.
  8. Analytics Services.
    1. Our Sites may use the tools described below (the "Analytics Services") to collect information about the use of our Sites, such as how often users visit our Sites, what pages they visit when they do so, and what other sites they used prior to visiting our Sites. We use the information we collect from the Analytics Services to maintain and improve our Sites and our products and services.
    2. The Analytics Services we use include, but are not limited to:
      1. Google® Analytics. Our Sites may use a tool called "Google Analytics®." We may combine the information collected through the use of Google Analytics® with Personal Data. Google's® ability to use and share information collected by Google Analytics® about your visits to and use of our Sites is restricted by the Google Analytics® Terms of Service, available here, and the Google® Privacy Policy, available here. You may learn more about how Google® collects and processes data specifically in connection with Google Analytics® here. You may prevent your data from being used by Google Analytics® by downloading and installing the Google® Analytics Opt-out Browser Add-on, available at here.
      2. Our Sites may use an analytics tool called "Hotjar®." Hotjar's® use of information collected through its analytics tools is set forth in the Hotjar® privacy policy available here. You may also opt-out of Hotjar® analytics tracking by visiting the Hotjar® Opt-Out Page, available here.
      3. Our Sites may use a marketing cloud and affiliate program tool called "Impact". Impact's use of information and privacy policy can be found here.
      4. Google Optimize. Our Sites may use an A/B Testing tool called Google Optimize. Google Optimize's use of information and privacy policy can be found here.
      5. Facebook Analytics. Our Sites may use a web analysis tool called Facebook Analytics. Facebook Analytics' use of information and privacy policy can be found here.
      6. Our Sites may use a web analysis tool called Klaviyo®. Klaviyo's® use of information and privacy policy can be found here.
      7. Our Sites may use a tool called "BigQuery®." BigQuery® is owned and operated by Google®. We may combine the information collected through use of BigQuery® with Personal Data. Google's® ability to use and share information collected by BigQuery® about your visits to and use of our Sites is restricted by the Google® Privacy Policy, available here. You may learn more about how Google® collects and processes data specifically in connection with BigQuery® here.

    Facebook® is a registered trademark of Facebook, Inc. ("Facebook"). BigQuery®, Google® and Google Analytics® are registered trademarks of Google, Inc. ("Google"). Hotjar® is a registered trademark of Hotjar Ltd. ("Hotjar"). Klaviyo® is a registered trademark of Klaviyo Inc. ("Klaviyo"). Please be advised that SPOILEDCHILD® is not in any way affiliated with Facebook, Google, Hotjar or Klaviyo, nor are the Site Offerings endorsed, administered or sponsored by any of the foregoing entities.

  9. Do Not Track Notice. We do not currently respond or take any action with respect to web browser "do not track" signals or other mechanisms that provide consumers with the ability to exercise choice regarding the collection of information about an individual consumer's online activities over time and across third-party websites or online services, as set forth above.

HOW AND WHY WE MAY CONTACT YOUR MOBILE DEVICE

At times, we may want to contact you via your mobile device regarding your use of the Site Offerings. Please review our full Privacy policy to learn how we protect your privacy and use your Personal Data.

  1. EU/UK Residents.

    For EU and UK residents, we will only contact you via your mobile device (including artificial voice calls, pre-recorded messages, calls, and/or SMS text messages delivered via automated technology, to the telephone number(s) that you provided) regarding your use of the Site Offerings and/or for marketing purposes (including cart reminders) where you provide your consent as required under the GDPR and UK-GDPR, respectively, or we have another valid legal basis under the GDPR and UK-GDPR, respectively, to do so.

  2. Canadian Residents.

    For Canadian residents, we will only contact you via your mobile device via SMS text messages to the telephone number(s) that you provided regarding your use of the Site Offerings and/or for marketing purposes (including cart reminders) where you provide your consent as required under CASL, or there is an exemption under CASL enabling us to do so.

  3. U.S. Residents

    For US residents, where you provide "prior express consent" within the meaning of the Telephone Consumer Protection Act (47 USC § 227), and its implementing regulations adopted by the Federal Communications Commission (47 CFR § 64.1200), as amended from time-to-time ("TCPA"), you consent to receive telephone calls, including artificial voice calls, pre-recorded messages, calls, and/or SMS text messages delivered via automated technology, to the telephone number(s) that you provided.

    1. Please note that you are not required to provide this consent in order to obtain access to the Site Offerings, and your consent simply allows SPOILEDCHILD® to contact you via these means.
    2. The frequency of SMS text messages that you receive from us may vary. Standard message and data rates may apply. Carriers are not liable for delayed or undelivered messages.
    3. Our legal basis for processing this Personal Data is our legitimate business interests, specifically our ability to provide you with the requested Site Offerings, to offer you our products and services, and to promote our Site Offerings (including cart reminders) and the content of our Sites.
    4. We will retain this Personal Data for as long as we continue to have a business purpose for doing so (which will be at least as long as you continue to maintain an Account), unless a longer period is required by law. Such business purposes may include legal, taxation, accounting, risk management, and other purposes.
    5. To stop receiving text messages from SPOILEDCHILD®, please reply "STOP" to the text message that you received from us. Please note this preference will only apply to the phone number that received the text message. Please reply "HELP" to receive help information.
    6. Please promptly notify SPOILEDCHILD® of any change to the mobile telephone number provided to us via e-mail at:[email protected], or by using one of the methods set forth in the "Contact Us" section below.

HOW AND WHY WE DISCLOSE PERSONAL INFORMATION

Please see our Provisions for California Residents below for additional details regarding how we share Personal Data that we collect.

  1. Sharing Personal Data with Affiliates.

    We may transfer your Personal Data to other companies within our group, including our subsidiaries, affiliates, and/or related companies, for the purpose of storing, using or processing such information on our behalf. We require that these parties agree to process such information in compliance with this Privacy Policy.

  2. Sharing Personal Data with Third Parties.
    1. We may share your Personal Data with our third party service providers and partners, but only to assist us with our business operations and to provide our Sites' services to you and other users. For example, our service providers may process payments made when you make purchases, deliver products you have ordered, or handle our data management, email distribution and analytics. We use commercially reasonable efforts to only engage or interact with third party service providers and partners that post a privacy policy governing their processing of Personal Data.
    2. We may share your Personal Data with our third party media partners in an anonymous, encrypted, or hashed format (primarily SHA256 encryption) or in standard format that is hashed or encrypted by the third party upon receipt in order to track and optimize performance of our marketing efforts (including tracking across multiple devices) and to provide you with relevant content across the web, such as banner ads including products you may have shown interest in, or sales offers for our site.
    3. We may share your Personal Data with our third party analytics service providers in order to help to improve the functionality and features of the Sites and Site Offerings.
    4. We may share your Personal Data with our Email Service Provider(s) that help us to send you our marketing and/or transactional text messages.
    5. We may share your Personal Data with our SMS Service Provider(s) that help us to send you our marketing and/or transactional text messages.
    6. We may disclose your Personal Data or any information you submitted via our Sites if we have a good faith belief that disclosure of such information is required, reasonably necessary or helpful to: (a) comply with any applicable law, regulation, legal process, subpoena, court order, or governmental request; (b) enforce this Privacy Policy or our Terms, including investigations of potential violations thereof; (c) detect, prevent, or otherwise address fraud or security issues; and (d) protect against harm to our rights, property or safety, and with respect to our users, yourself or the public.
    7. We may share Personal Data or any information you submitted via our Sites where we are the subject of bankruptcy proceedings, in connection with, during negotiations of, or as a part of the closing of, any merger, sale of company assets, or acquisition of all or a portion of our business to another company in which Personal Data about our Sites users is among the assets transferred; provided, however, that if we are involved in a bankruptcy proceeding, merger, acquisition or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on the Sites of any change in ownership or uses of your Personal Data, as well as any choices that you may have regarding your Personal Data.
    8. We will only use, share, and otherwise process Derived Data where permitted by law.
    9. We will store, transmit, and protect your Photo Data using a reasonable standard of care at least as protective as used to protect other confidential and sensitive information from disclosure. We disclose your Photo Data (i) to our service providers whom we prohibit from using the Photo Data for any purpose other than performing services for us; (ii) in connection with any proposed or actual type of acquisition, business combination or transfer of all or any portion of our assets; and (iii) to comply with the law or defend our rights.
    10. We will not disclose your information to third parties except as otherwise specified under this Privacy Policy, unless you have given us your separate, express, permission to do so.
      Notwithstanding the above, we do not share text messaging originator opt-in data and consent with any third parties.

Please see our Provisions for California Residents below for additional details regarding how we collect and share your non-personally identifiable information.

  1. Non-personally identifiable information refers to information that is not and cannot be used to identify a specific individual. While this information may define how you fit into a particular group of people, it is not unique to you, and it cannot be used (without being combined with other information) to specifically identify you. Some jurisdictions may consider some of the following categories of information to be personally identifiable information, in which case, we will collect and use such information as personally identifiable information.
  2. "Anonymous Information" refers to information that does not enable identification of an individual user, such as aggregated or demographic information about users of our Sites. We may use Anonymous Information or disclose it to third party service providers in order to improve our Sites and enhance your experience with our Sites. We may also disclose Anonymous Information (with or without compensation) to third parties, including advertisers and partners.

As noted above, our Sites use and allow certain third parties to use cookies. By using our Sites, you consent to the use of cookies as described in this cookie policy.

  1. What are cookies?
    1. Cookies are small amounts of data that are stored on your browser, device, or the page you are viewing when you visit a website. Some cookies are deleted once you close your browser or application (session cookies), while other cookies are retained even after you exit so that you can be recognized when you return (persistent cookies).
    2. Cookies used on our Sites are generally divided into the following categories:
      1. Essential cookies: These are cookies that are required for the operation of our Sites, such as cookies that enable you to log into secure areas.
      2. Analytics cookies: These are cookies that automatically collect information about your use of the Sites. These help us understand how our visitors are using our Sites and how they navigate through the Sites. These cookies record only hashed statistical data, not Personal Data. As mentioned above, we use Google® Analytics and HotJar® to analyze user behavior, so these third parties will place these types of cookies on our Sites.
      3. Functional cookies: These are cookies that remember choices that you make when you visit our Sites, such as language options. They help us to personalize your visit to the Sites.
      4. Targeting cookies: These are cookies that record your visit to our Sites, the pages of the Sites that you visit, and the links you followed. They will recognize you as a previous visitor to the Sites and track your activity on our Sites and other websites that you visit after you leave the Site. To opt out of our use of targeting cookies in connection with your visit(s) to the Sites, please adjust the settings in your browser to block cookies.
    3. How do we use cookies?
      1. We use cookies to make our Sites work more efficiently, to analyze how our Sites are used so that we can improve the Sites, Site Offerings and the other products and services we offer, and to personalize your visit to the Sites, such as by remembering your IP address when you return to the Sites and by setting language preferences.
      2. We may combine data collected via cookies with Personal Data about you, e.g., tracking items you put into your shopping cart (including when you have abandoned your cart) combined with mobile device numbers you have consented for our use to send SMS cart reminder texts.
    4. What are your choices regarding cookies?
      1. Most web browsers automatically accept cookies, but you can usually change your settings to prevent that, such as by having your device warn you each time a cookie is being sent or choosing to turn off all cookies. This can be done through your web browser settings, and because each browser is different, you should look at your browser's "Help" menu to learn how to modify your cookie settings. You can also learn more about how to opt out of targeted behavioral advertising from many major third party network advertisers by reviewing the information here and here. To opt out of cookie usage on our Sites, please adjust the settings in your browser to block cookies.
      2. If you do disable cookies from your browser, you may not be able to access certain sections of the Sites that use essential cookies, and this may make your experiences on the Sites less efficient.

YOUR RIGHTS REGARDING YOUR INFORMATION

Please see our Provisions for California Residents below for additional details regarding how California State residents can delete and/or access their Personal Data.

  1. Opting Out.
    1. You may choose not to receive future promotional, advertising, or other Sites-related emails from us by sending us an email to: [email protected], or selecting an unsubscribe link at the bottom of each email that we send. Please note that even if you opt out of receiving the foregoing emails, we may still send you a response to any "Contact Us" request as well as administrative emails (for example, in connection with a password reset request) that are necessary to facilitate your use of our Sites and notifications regarding your orders.
  2. Correcting and Updating Information.
    1. If you are a registered user of our Sites, you can access and edit your Account Information online by clicking the "My Account" button on the Sites. You may also have any Personal Data you have provided revised by sending us an email to [email protected].
  3. Removing Information.
    1. As noted above, we have standard retention practices with respect to the Personal Data we collect. If you would like to request any earlier removal of your Personal Data, you can email us at: [email protected].
    2. Please note that we may not be able to completely remove Personal Data from our systems in certain circumstances. This will be true if the data is not in searchable format, if it is retained in backup systems or cached or archived pages, if we need it in order to prevent fraud or future abuse, or if we are required by law to keep it.
    3. Any deletion request will not impact our ownership rights or continued processing of Derived Data to the extent permitted by law.

HOSTING OF OUR SITES

We do not ourselves host any of our Sites – all hosting is done by third party service providers that we engage. This means that data you provide us or that we collect from you (including any Personal Data) is hosted with such third party service providers on servers that they own or control. Regardless of where such third party service providers are located (and some are located in the US), their servers may be located anywhere in the world (including the US). Your data may even be replicated across multiple servers located in multiple countries. By using any of our Sites, you are consenting to your data being transferred to various third party service providers, possibly around the world (including the US).

OUR SECURITY MEASURES.

We endeavor to safeguard and protect our users' Personal Data. When users make Personal Data available to us, their Personal Data is protected both online and offline (to the extent that we maintain any Personal Data offline). Where our registration/application process prompts users to enter Sensitive Data (such as credit card information) and when we store and transmit such Sensitive Data, that Personal Data is encrypted with advanced TLS (Transport Layer Security).

Access to your Personal Data is strictly limited, and we take reasonable measures to ensure that your Personal Data is not accessible to unauthorized parties. All our users' Personal Data is restricted in our offices, as well as the offices of our third-party service providers. Only employees or third-party agents who need user Personal Data to perform a specific job are granted access to user Personal Data. Our employees are dedicated to ensuring the security and privacy of all user Personal Data. Employees not adhering to our firm policies are subject to disciplinary action. The servers that we store user Personal Data on are kept in a secure physical environment. We also have security measures in place to protect the loss, misuse and alteration of Personal Data under our control.

Please be advised, however, that while we take every reasonable precaution available to protect your data, no storage facility, technology, software, security protocols or data transmission over the Internet or via wireless networks can be guaranteed to be 100% secure. Computer hackers that circumvent our security measures may gain access to certain portions of your Personal Data, and technological bugs, errors and glitches may cause inadvertent disclosures of your Personal Data, and any attempt to breach the security of the network, our servers, databases or other hardware or software may constitute a crime punishable by law. For the reasons mentioned above, we cannot warrant that your Personal Data will be absolutely secure. Any transmission of data at or through the Sites, other Site Offerings or otherwise via the Internet or wireless networks, is done at your own risk.

In compliance with applicable laws, we shall notify you and any applicable regulatory agencies in the event that we learn of an information security breach with respect to your Personal Data. You will be notified via e-mail in the event of such a breach. Please be advised that notice may be delayed in order to address the needs of law enforcement, confirm and determine the scope of network damage, and to engage in remedial measures.

Our Sites may enable you to interact with or contain links to your Third Party Account and other third party websites that are not owned or controlled by us, referred to herein as "Third Party Services." We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services may collect Personal Data from you. Accordingly, we encourage you to read the terms and conditions and privacy policy of any Third Party Services that you choose to use or interact with.

CHILDREN'S PRIVACY

Please see our Provisions for California Residents below or additional details regarding our practices related to the collection and use of the Personal Data of California State residents who are under sixteen (16) years of age.

Our Sites are not structured to attract people under eighteen (18) years of age. Further, we do not intend to collect Personal Data from anyone we know to be under eighteen (18) years of age; provided, however, that if you are sixteen (16) years of age or older, but younger than eighteen (18) years of age, you can submit information to the Sites through and with the permission of a parent or legal guardian, but only after that parent or legal guardian has reviewed and agreed to the terms of this Privacy Policy in their entirety. If we learn that we have collected Personal Data from a person under eighteen (18) years of age (other than as expressly permitted in the relevant jurisdiction), we will delete that information as quickly as possible. If you believe that we might have any such information, please contact us at[email protected].

MODIFICATIONS OF THIS PRIVACY POLICY

SPOILEDCHILD® reserves the right to change or update this Privacy Policy at any time by posting a notice on the Sites that we are changing our Privacy Policy. If the manner in which we use Personal Data changes, SPOILEDCHILD® will notify users by: (a) sending the modified policy to our users via email; and/or (b) by any other reasonable means acceptable under applicable law. You will have a choice as to whether or not we use your information in this different manner, and we will only use your information in this different manner where you affirmatively consent to such use.

QUESTIONS REGARDING OUR PRIVACY PRACTICES

If you have any comments or questions regarding our Privacy Policy, or how we may be storing and/or using your Personal Data, please contact us via e-mail at: [email protected] or by mail at: IM Pro Makeup NY LP, 110 Greene St., Second Floor, New York, NY USA 10012.

FILING A COMPLAINT WITH THE FEDERAL TRADE COMMISSION

To file a complaint regarding our privacy practices, please Click Here.

VISITING OUR SITES FROM OUTSIDE THE UNITED STATES; INTERNATIONAL TRANSFERS OF PERSONAL DATA

If you are visiting our Sites from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, as well as any other location where Amazon Web Services ("AWS") servers are located or the servers of other third party hosting services that we utilize are located (collectively, "Server Locations"). Except as expressly described in this Privacy Policy, we make no representation that the practices we describe are compliant with the laws of other jurisdictions, including laws that apply to the collection, use, disclosure, and security of Personal Data.

If you are from Australia, the EU, UK or are otherwise located in the European Economic Area (EEA), we are required to give you information about the transfer of your information outside Australia, the EEA or UK, respectively. If this applies to you, whenever you voluntarily give us your Personal Data, you should understand that your information will be sent by you to the United States and/or the applicable Server Locations. These jurisdictions may not provide the same framework for the protection of Personal Data as Australia, the EEA and UK. By sending us your Personal Data, you are expressly consenting to the transfer of information from your location within Australia, the EEA and UK to our servers in the United States and/or the applicable Server Locations.

In addition, if we send any of your Personal Data to servers located within the EEA and/or UK, if we then transfer your Personal Data from those servers to areas located outside of the EEA and/or UK, we will adopt adequate measures as required by the GDPR and UK-GDPR, respectively (for example, the adoption of standard, approved contractual clauses between us and the recipient).

ADDITIONAL RIGHTS APPLICABLE TO RESIDENTS OF THE EUROPEAN UNION AND THE UNITED KINGDOM

For our users who are residents of the European Union ("EU") or the United Kingdom ("UK"), this Privacy Policy is intended to comply with the EU's General Data Protection Regulation ("GDPR") and the United Kingdom General Data Protection Regulation ("UK-GDPR"). If you are an EU resident or a UK resident, you have the following rights, subject to certain limitations and exceptions imposed by the GDPR and UK-GDPR, respectively:

  1. Right to Access – this is the right to request copies, in a machine readable format, of those portions of your Personal Data that we have collected.
  2. Right to Correct – this is the right to have Personal Data in our possession or control corrected if it is accurate or incomplete.
  3. Right to Erasure – this is the right to ask us to delete or remove your Personal Data from our systems.
  4. Right to Restrict Use – this is your right to block us from using, or to limit the ways we can use, your Personal Data.
  5. Right to Data Portability – this is your right to request that certain of your Personal Data be transferred to a different provider.
  6. Right to Object – this is your right to object to our use of your Personal Data, including when we use it for our legitimate interests, including for marketing purposes.
  7. Questions or Comments Regarding Your Privacy Rights.
    1. If you have questions relating to the above rights, you can contact us at: [email protected]
    2. If you are a resident of the EU and are not satisfied with how we have responded to any request that you submit to us regarding the above rights, you may be able to raise your complaint with the Data Protection Authority in your jurisdiction. You can find your national Data Protection Authority here
    3. For purposes of the GDPR and UK-GDPR, if you are located in the EU or UK, the Data Controller of the information you provide is SpoiledChild Inc., 110 Greene St., Second Floor, New York, NY USA 10012. Our Data Protection Officer may be contacted at [email protected]
    4. If you are located in the EU, for purposes of the GDPR, you may contact Achieved Compliance Advocacy, our appointed representative in the EU, at the following addresses: [email protected]; or Achieved Compliance Advocacy, Ltd. C/o Renata Kloss, Singel 250, 1016 AB Amsterdam, Netherlands.
    5. If you are located in the UK, for purposes of the UK-GDPR, you may contact Achieved Compliance Advocacy, our appointed representative in the UK at [email protected]; or Achieved Compliance Advocacy, Ltd. C/o Robert Cain, 40 Oxford Road, High Wycombe, Buckinghamshire, UK HP11 2EE.
    6. UK residents may also send complaints regarding how we responded to the above requests/how we use your data to the Information Commissioner's Office ("ICO") at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Alternatively, the ICO helpline number is: 0303 123 1113 and website is located at: https://www.ico.org.uk

PRIVACY PROVISIONS FOR CALIFORNIA RESIDENTS

These Privacy Provisions for California Residents ("CA Privacy Provisions") supplement the information contained in the Privacy Policy set forth above. These CA Privacy Provisions apply solely to residents of the State of California ("User(s)"). We adopt these CA Privacy Provisions in compliance with the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020) (the "CCPA"). Any terms defined in the CCPA (such as "personal information") have the same meaning when used in these CA Privacy Provisions.

  1. Shine the Light.

    California Civil Code Section 1798.83 permits our customers who are California State residents to request certain information regarding our disclosure of Personal Data to third parties for their direct marketing purposes. We may, in certain limited instances, disclose your Personal Data to third parties who perform administrative functions on our behalf. California State residents may request the following information regarding our disclosure of your Personal Data to third parties:

  1. How your Personal Data was disclosed to third parties;
  2. A list of certain categories of Personal Data that we have disclosed to certain third parties during the immediately preceding calendar year; and
  3. A list of certain categories of third parties that received Personal Data from us during that calendar year.

To make such a request, please send an email to [email protected]. Please note that we are only required to respond to one request per customer each year.

  1. California Consumer Privacy Act of 2018 ("CCPA")..

    In addition to the foregoing, if you are a resident of the State of California certain other privacy-related rights may apply to you in accordance with the CCPA, including the right to opt-out of our sale of your personal information, as well as the right to know what personal information about you we have collected, whether your personal information was shared with third-parties in the preceding year and, if so, what categories of personal information were shared, as well as the categories of third parties with whom we shared that personal information.

  2. Privacy Rights for California Minors in the Digital World.

    In addition, if you are a California State resident under eighteen (18) years of age and a registered user, California Business and Professions Code Section 22581 permits you to remove content or Personal Data that you have publicly posted on the Sites. If you wish to remove such content or Personal Data and you specify which content or Personal Data you wish to be removed, we will do so in accordance with applicable law. Please be aware that after removal, you will not be able to restore removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or Personal Data you have posted and, as such, there may be circumstances in which the law does not require us to enable removal of content.

  3. Categories of Information We Collect.

    We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular CA User or device ("personal information"). In particular, we have collected the following categories of personal information from CA Users within the last twelve (12) months:

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, telephone number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, postal address, telephone number, passport number, driver's license or State identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. YES
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). YES
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
Category Examples Collected
E. Internet or other similar network activity. Browsing history, search history, information on a User's interaction with a website, application or advertisement. YES
F. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. YES
L. Sensitive Personal Information Account log-in information and credit card numbers YES

We obtain the categories of personal information listed above from the following categories of sources (with the specific categories of personal information indicated in parenthesis):

  • Directly from our Users. For example, from online registration forms that our Users submit to us in connection with the products and/or services that we offer by and through the Sites (Category A, B, C,D, E and F)
  • Indirectly from our Users. For example, through information we collect from our Users in the course of providing our products and/or services to them (Category A, B, C, D, E and F)
  • Directly and indirectly from activity on the Sites. This includes the type of browser that you use (e.g., Safari, Chrome, Internet Explorer), your IP address, the type of operating system that you use (e.g., Windows or iOS) and the domain name of your Internet Service Provider. In addition, we obtain certain Sites-related usage details and analytics as same are collected automatically by us and our third party partners (Category E)
  • When our Users interact with us on our social media accounts, including commenting on and/or liking our posts (Category E)
  • From third-parties that interact with us in connection with the products and/or services that we offer to our Users. For example, third party entities that assist us in sending direct and electronic mail, removing duplicate information from User lists, analyzing data and providing marketing analysis (Category A, B, C, D and E)

Use of Personal Information
We may use or disclose the personal information that we collect for one or more of the following business purposes (with the specific categories of personal information indicated in parenthesis):

  • To fulfill or meet the reason for which the information is provided. For example, if you provide us with personal information in connection with your purchase of products and/or services, we will use that information to process your order (Category A, B, C, D and F).
  • To provide you with information, products or services that you request from us (Category A, B, C, D and F).
  • To create, maintain, customize and secure your account with us (Category A, B, C, D, E and F)
  • To provide you with e-mail, direct mail and telemarketing messages concerning certain SPOILEDCHILD® products and/or services, as well as third-party products and/or services, that we believe may be of interest to you (Category A, B, C, D, E and F)
  • To deliver relevant Sites-related content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (Category A, B, C, D and E).
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including the Sites' respective Terms and Conditions (Category A, B, C, D, E and F).
  • To improve the Sites and better present their respective contents to you (Category A, B, C, D and F).
  • For customer service purposes and to respond to inquiries from you (Category A, B, C, D and E).
  • For testing, research, analysis and product development (Category A, B, C, D, E and F).
  • As necessary or appropriate to protect our rights, property or safety, and that of our clients or others (Category A, B, C, D, E and F).
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations (Category A, B, C, D, E and F).
  • As described to you when collecting your personal information or as otherwise set forth in the CCPA (Category A, B, C, D, E and F).
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by us is among the assets transferred (Category A, B, C, D, E and F).

We collect or use your sensitive personal information as necessary to perform the services or provide the goods reasonably expected, or as otherwise permitted by the CCPA.

We will not collect additional categories of personal information or use the personal information that we collected for materially different, unrelated or incompatible purposes without providing you with notice.

Disclosure of Personal Information

We disclose each of the categories of personal information set forth above for the business and commercial purposes described in the Use of Personal Information section.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for the business or commercial purposes set forth in the Use of Personal Information section:

Category A Identifiers.
Category B California Customer Records personal information categories.
Category C Protected classification characteristics under California or federal law.
Category D Commercial Information.
Category E Internet or other similar network activity.
Category F Sensory data.

We disclose your personal information for a business or commercial purpose to the following categories of third parties (with the specific categories of personal information indicated in parenthesis):

  • Our affiliates (Category A, B, C, D, E and F).
  • Service providers (Category A, B, C, D, E and F).
  • Third parties who provide certain of the products and/or services featured on the Sites (Category A, B, C, D, E and F).
  • Third parties to whom you authorize us to disclose your personal information in connection with the products and/or services that we provide to you (Category A, B, C, D, E and F).

Your Rights and Choices
The CCPA provides CA Users (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

    1. Opt-Out from the Sale of Your Personal Information

      Under these CA Privacy Provisions, you have the right to opt-out of our sale of your personal information with third parties. To exercise your right to opt-out of our selling or sharing your personal information with third parties, please submit a verifiable CA User request to us by either:

      1. Clicking here
      2. Emailing us at:[email protected]; or
      3. Sending us U.S. Mail to: SpoiledChild Inc., 110 Greene St., Second Floor, New York, NY 10012.

        We endeavor to act on all opt-out requests as soon as practicable, but in all cases within fifteen (15) business days of the receipt of your request.

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past twelve (12) months. Once we receive and confirm your verifiable CA User request, we will disclose to you:

    • The categories of personal information we collected about you.
    • The categories of sources for the personal information we collected about you.
    • Our business or commercial purpose for collecting or selling that personal information.
    • The categories of third parties with whom we have shared that personal information.
    • The specific pieces of personal information we collected about you (also called a data portability request).
    • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
      • sales, identifying the personal information categories that each category of recipient purchased; and
      • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
  1. Deletion Request Rights

    You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable CA User request, we will delete (and direct our service providers to delete) your personal information from our (their) records, unless an exception applies; provided, however, that in some cases, strictly for regulatory compliance purposes and to better evidence/honor opt-out/unsubscribe requests (and for no other purposes), we may retain certain items of your personal information on a de-identified and aggregated basis in such a manner that the data no longer identifies you.

    We may deny your deletion request if retaining the information is necessary for us or our service providers to:

    1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our obligations in connection with our contract with you.
    2. Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity, or prosecute those responsible for such activities.
    3. Debug products to identify and repair errors that impair existing intended functionality.
    4. Exercise free speech rights, ensure the right of another CA User to exercise her/his free speech rights or exercise another right provided for by law.
    5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
    6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, but only if you previously provided informed consent.
    7. Enable solely internal uses that are reasonably aligned with CA User expectations based on your relationship with us.
    8. Comply with a legal obligation.
    9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
  2. Exercising Access, Data Portability and Deletion Rights

    To exercise your access, data portability and/or deletion rights described above, please submit a verifiable CA User request to us by either:

    1. Clicking here
    2. Emailing us at:[email protected]; or
    3. Sending us U.S. Mail to: SpoiledChild Inc., 110 Greene St., Second Floor, New York, NY 10012.

      We endeavor to act on all opt-out requests as soon as practicable, but in all cases within fifteen (15) business days of the receipt of your request.

    Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable CA User request related to your personal information.You may only make a verifiable CA User request for access or data portability twice within a 12-month period. The verifiable CA User request must:

    1. Provide sufficient information that allows us to reasonably verify that you are: (1) the person about whom we collected personal information; or (2) an authorized representative.
    2. Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

    We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Making a verifiable CA User request does not require you to create an account with us. We will only use personal information provided in a verifiable CA User request to: (i) verify the requestor's identity or authority to make the request, and (ii) fulfill the request.

  3. Response Timing and Format

    We endeavor to respond to all verifiable CA User requests within forty-five (45) days of the receipt thereof. If we require more time (up to ninety (90) days), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the twelve (12) month period preceding the receipt of your verifiable request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

    We do not charge a fee to process or respond to your verifiable CA User request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

  4. Non-Discrimination

    We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

    1. Deny you goods or services;
    2. Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
    3. Provide you a different level or quality of goods or services; and/or
    4. Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
  5. Changes to these CA Privacy Provisions

    We reserve the right to amend these CA Privacy Provisions in our discretion and at any time. When we make changes to these CA Privacy Provisions, we will notify you by email or through a notice on the Sites' respective homepages.

Contact Information

If you have any questions or comments about these Privacy Provisions, our Privacy Policy, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California State law, please contact us by either:

  1. Clicking here
  2. Emailing us at:[email protected]; or
  3. Sending us U.S. Mail to: SpoiledChild Inc., 110 Greene St., Second Floor, New York, NY 10012.

PRIVACY PROVISIONS FOR NON-CALIFORNIA US RESIDENTS

These privacy provisions for residents of the United States ("US Privacy Provisions") supplement the information contained in the Privacy Policy set forth above. These Privacy Provisions describe how to exercise your rights under the Colorado Privacy Act, the Connecticut Act Concerning Personal Data Privacy and Online Monitoring, the Utah Consumer Privacy Act, and the Virginia Consumer Data Protection Act.

Your Rights and Choices
Depending on where you live and subject to certain exceptions, you may have some or all of the following rights.

Access to Specific Information and Data Portability Rights
You may have the right to request that we confirm whether or not we have or currently are processing your personal data, and you may have the right to request a copy of your personal data that we have collected from you.

Deletion Request Rights
You may have the right to request that we delete any of your personal data that we collected from or about you, subject to certain exceptions. In some cases, strictly for regulatory compliance purposes and to better evidence/honor opt-out/unsubscribe requests (and for no other purposes), we may retain certain items of your personal data on a de-identified and aggregated basis in such a manner that the data no longer identifies you.

Right to Correct
You may have a right to request that we correct inaccurate personal data we maintain about you. We will take into account the nature of the personal data and the purposes for which we process it. We may require documentation from you in order to process your request, including your name, email address, phone number, and request details.

Exercising Access, Data Portability, Deletion, and Correction Rights
To exercise your access, data portability, deletion, and/or correction rights described above, please submit a verifiable User request to us by either:

  1. Clicking here
  2. Emailing us at: [email protected]; or
  3. Sending us U.S. Mail to: SpoiledChild Inc., 110 Greene St., Second Floor, New York, NY 10012.

We cannot respond to your request or provide you with personal data if we cannot verify your identity or authority to make the request and confirm that the personal data relates to you. Making a verifiable User request does not require you to create an account with us. We will only use personal data provided in a verifiable User request to verify the requestor's identity or authority to make the request.

Response Timing and Format
We endeavor to respond to all verifiable User requests within forty-five (45) days of the receipt thereof. If we require more time, we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable User request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Changes to these Privacy Provisions
We reserve the right to amend these US Privacy Provisions in our discretion and at any time. When we make changes to these US Privacy Provisions, we will notify you by email or through a notice on the Sites' respective homepages.

Contact Information
If you have any questions or comments about these Virginia Privacy Provisions, our Privacy Policy, the ways in which we collect and use your personal data, your choices and rights regarding such use, or wish to exercise your rights under Virginia State law, please do not hesitate to contact us by either:

  1. Clicking here
  2. Emailing us at: [email protected]; or
  3. Sending us U.S. Mail to: SpoiledChild Inc., 110 Greene St., Second Floor, New York, NY 10012.

ADDITIONAL RIGHTS APPLICABLE TO CANADIAN USERS

We are committed to providing transparency to outside parties (which we may electronically communicate with) with respect to our compliance practices associated with Canada's Anti-Spam Legislation, and its implementing rules and regulations ("CASL"). The types of commercial electronic messages ("CEM") that we may send from time to time may include: (a) email and/or text messages sent to our current or potential end-users; (b) messages sent to our users' social media profiles; and (c) CEM sent in connection with your use of the Site Offerings and/or SPOILEDCHILD® products and/or services that we think might be of interest to you.

If you have received a CEM from us, it is because either: (i) you have previously provided your express consent, as required by CASL; (ii) we have your implied consent, strictly as permitted under CASL; or (iii) the type of CEM sent is exempt under CASL. Without limiting the foregoing, a CEM sent by us would be exempt if the CEM or the relationship between you and SPOILEDCHILD® includes any of the following: (A) you have a personal relationship or a family relationship with the SPOILEDCHILD® employee who contacted you; (B) the CEM was sent by SPOILEDCHILD® to you in order to respond to your request or inquiry (including, without limitation, your request for Site Offerings and/or other SPOILEDCHILD® products and/or services); (C) the CEM was sent by SPOILEDCHILD® to you, in order to enforce a legal right or obligation (for instance, if you have an outstanding debt, breached the Terms, etc.); (D) the CEM only facilitates or confirms a transaction; (E) the CEM only provides SPOILEDCHILD® data security information; and/or (F) the CEM only provides information about your ongoing use of the Site Offerings if you have made a purchase during the prior two (2) year period.

If you have received a CEM, and you believe that you should not have, please contact us immediately at: [email protected] in order to unsubscribe and we will remove your electronic address from our database within ten (10) business days.

ADDITIONAL RIGHTS APPLICABLE TO AUSTRALIAN USERS

We take reasonable steps to make sure that third party recipients located outside Australia handle your personal information in a secure manner and in accordance with this Privacy Policy. However, we cannot always ensure that such third party recipients will comply with Australian privacy law in relation to your Personal Data. As such, where a foreign third party recipient does not handle your Personal Data in compliance with Australian privacy law, we will not be accountable to you and you will not be able to seek redress under Australian privacy law for such non-compliance. By providing us with your Personal Data, you consent to us disclosing your Personal Data to recipients outside Australia on this basis.

If you have any questions, concerns or complaints in relation to our handling of your Personal Data, you can contact us at: [email protected]. If you are unhappy with, or have further questions concerning, our handling of your question, concern, or complaint, you may contact the Office of the Australian Information Commissioner (telephone +61 1300 363 992 or email [email protected]).