Privacy Policy

Last Modified: August 2022

This Privacy Policy describes how Rationale USA, LLC (“we”, “us”, “our”) collects, uses, and shares your personal information when you visit or make a purchase from us.rationale.com (the “Site”). Please read this Privacy Policy carefully to understand our policies regarding your information and how we will treat it. If you do not agree with our policies and practices, do not use our Site. By accessing our Site or making a purchase, you agree to the policies outline here. 

Updates To This Policy

We may revise this Privacy Policy from time to time. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. If you do not agree with our changes, you should cease use of our Site immediately.

PERSONAL INFORMATION THAT WE COLLECT

Interpretation

As used in this Privacy Policy, 'personal data' means all data that falls within the definition of personal information, personal data, personally identifiable information or similar language under any applicable law relating to the protection, privacy and security, collection, use, disclosure and/or processing of sensitive or other personally identifiable information.

General information  

The types of personal information that we collect and hold about you could include:
- your ID and contact information, such as your name, postal or email address, telephone numbers and date of birth
- your social media handles;
- billing information, such as your credit card number and bank account details;
- information about your communications and interactions with us, including about the products and services that you have purchased from us, orders you have placed on the RATIONALE website or any purchases you have made in one of our store locations (‘Flagships’);
- information relevant to your skin care, including skin type, images of your face and skin, skin sensitivity, the colour of your skin, eyes and hair, lifestyle information (e.g. smoking and use of solariums) and family history; and
- other information that we consider is reasonably necessary to perform our business functions or activities.

Sensitive Personal Information 

Sometimes we also collect sensitive information about you in order to provide certain products and services. This information includes information about your ethnic heritage and health information such as information about your health conditions, DNA cheek swab tests and the results of such tests, skin treatments and medications. Unless we are otherwise authorised by law, we only collect sensitive information with your consent, such as when you are completing a treatment consent form in one of our Flagships.  

Personal Information Collection Summary

Category Examples Collected
A: Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. YES
B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. YES
C: Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). YES
D: Commercial Information Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
E: Biometric Information Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. YES
F: Internet or other similar network activity Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement. YES
G: Geolocation Data Physical location or movements. YES
H: Sensory Data Audio, electronic, visual, thermal, olfactory, or similar information. NO
I: Professional or employment-related information Current or past job history or performance evaluations. NO
J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99) Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial Information, or student disciplinary records. NO
K: Inferences drawn from other personal information. Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. YES

HOW WE COLLECT YOUR PERSONAL INFORMATION

We collect personal information about you via a variety of ways, this includes when you fill out a form with us, when you visit or submit information through our website, when you purchase a product or service from us or one of our stockists, if you apply for a job with us, including any information that you may provide during the recruitment process and from publicly available sources (such as social media channels).

If you provide incomplete or inaccurate information or do not want to provide your personal information to us, we may not be able to provide you with the product or service that you want, or, personalise your experience with us.

WHY WE HANDLE YOUR PERSONAL INFORMATION

We collect, store, use, disclose and/or process personal information for purposes including to provide, review and improve our products and services, understand your preferences and needs, communicate with you, customise your experience with us (including on our website and social media channels), maintain and update our records and facilitate our business operations (including any sale or potential sale of our business) and if you have applied for a job with us, to consider your employment application and manage the recruitment process.  

The types of third parties with which we share personal information include our agents, related companies, business partners, suppliers and third party service providers such as providers of website services, delivery, payment, data management, legal, accounting and insurance services.

Some of the third parties we disclose personal information to may be located in other countries.

Behavioral Advertising

As described further below, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. You may opt-out of behavioral advertising by clicking here, updating your privacy preferences on our Site, or choosing the relevant option in the banner that appears across your screen when you visit the Site. 

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by using the links below:

Facebook: https://www.facebook.com/settings/?tab=adsGoogle: https://www.google.com/settings/ads/anonymousBing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

RATIONALE partners with Rakuten Advertising, who may collect personal information when you interact with our digital property, including IP addresses, digital identifiers, information about your web browsing and app usage and how you interact with our properties and ads for a variety of purposes, such as personalisation of offers or advertisements, analytics about how you engage with websites or ads and other commercial purposes. For more information about the collection, use, and sale of your personal data and your rights, please use the below links: here: https://rakutenadvertising.com/legal-notices/services-privacy-policy/ and here: https://rakutenadvertising.com/legal-notices/services-privacy-rights-request-form/.

You may withdraw your consent by contacting us at the details below.

QUALITY OF YOUR PERSONAL INFORMATION

We are committed to ensuring that your personal information is accurate, complete and up to date. If you believe that the information we have about you is not accurate, complete or up-to-date, please contact us at the details below and we will use all reasonable efforts to correct the information.

HOW WE KEEP YOUR INFORMATION SECURE

We take the protection of the information that you provide to us seriously and have implemented a range of measures designed to protect your personal information from loss, misuse and interference, from unauthorised access, collection, use, copying, disposal, modification or disclosure, or similar risks and from the loss of any storage medium or device on which personal information is stored. Depending on the circumstances, those measures include electronic access controls, premises security and network firewalls.  

We hold personal information electronically and in hard copy form, both at our own premises and with the assistance of our service providers.  

RETENTION OF YOUR PERSONAL INFORMATION

We will retain any personal information for as long as is necessary, in line with the purpose for which it was obtained.  Our data retention period will be determined by a number of factors, including your interactions with us and any legal or applicable tax obligations.

Your data will be destroyed securely when it is no longer required.

VISITING OUR WEBSITE

Cookies

When you visit RATIONALE’s website, we may collect information such as your IP address, the date and time of your visit, the number of pages that you viewed, navigation patterns, what country you visited from, what system you used to access the website, and, when entering our website from an external website, the address of that website through the use of 'cookies'. This information on its own does not identify an individual but it does provide RATIONALE with statistics that we can use to analyse and improve our website.  

A 'cookie' is a packet of information that allows the server (the computer that houses the website) to identify and interact more effectively with your computer. When you use our website, we send you a temporary cookie that gives you a unique identification number. A different identification number is sent each time you use our website. Cookies do not necessarily identify individual users, although they do usually identify a user's browser type and your Internet Service Provider (ISP).

You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is sent. Please refer to your browser instructions or help screens to learn more about these functions. Our order entry system does require cookies during the order entry process; however, it does not use the information once the order is complete. At the end of your interaction with our website, you can have your computer ensure that the cookie is deleted. This means it no longer exists on your computer and can’t be used for further identification or access to your computer.

Online service providers  

We also use third parties for the provision of online services such as personalised advertising and website analytics, to collect anonymous internet usage data and for social media engagement. These third parties may use cookies and other tracking technologies, such as web beacons on our website in connection with the online services that they provide. For example, with personalised advertising, we can customise the delivery and content of our ads on third party websites and online services for people who have previously visited our websites (this is also known as remarketing) so that we can serve advertisements and content that we think may be of relevance to you. Advertisements or content may also be targeted to users based on location (identified via an IP address), gender, age and interests. No personally identifiable information will be collected on these occasions. These third parties may also transfer this information to other parties including where they are required to do so by law, or where such other parties process the information on their behalf.

We may use Google services such as Google Analytics and Google Ads from time to time to provide the services set out above. For more information about how Google collects and processes data, including information on how to opt-out of certain conduct, please see Google’s privacy policy and their information at www.google.com/policies/privacy/partners/. There are also opt-out facilities which cover multiple online services, such as http://www.youronlinechoices.com.au/opt-out-help/.  

If you visit our website via an external website, or click on a link on the RATIONALE website to other websites, please be aware that we are not responsible for the privacy practices of these other websites. This Privacy Policy applies only to personal information that we collect from you as set out here. We encourage you to be aware of the privacy practices and privacy policies of these third party websites.

HOW WE MARKET OUR PRODUCT AND SERVICES TO YOU

You may be a subscriber to our newsletters and we may send you information on promotions, product updates and general RATIONALE news. If you decide you no longer wish to receive communication from us, you can opt-out of receiving them by following the instructions included in every newsletter or communication, by unchecking the newsletter subscription box in your RATIONALE online account, or by contacting customer service at consultant@rationale.com or writing to us at the address below:

RATIONALE USA LLC

Privacy Officer
333 S.E. 2nd Avenue
Suite 2000
Miami, Florida, 33131
United States

HOW CAN YOU ACCESS AND CORRECT YOUR PERSONAL INFORMATION?

At your request, we will provide you with access to your personal information that we hold, and the ability to update, correct or delete it, unless there is a legal basis not to, in which case we will let you know. Such requests can be made by contacting us at the details provided below. Please provide as much detail as you can about the particular information you are enquiring about, in order to help us locate it. We may need to verify your identity.

CALIFORNIA USER RIGHTS

Your Right to Know and Delete 

You have the right to request that we disclose certain information to you about our collection and use of your personal data over the past 12 months. Once we receive and validate your request, we will include a list of your personal data that may have been disclosed and the categories of third parties the information may have been disclosed to.  

You may request that we delete any of your personal data that we collected from you and retained, subject to certain exceptions. Once we receive your request and confirm your identity, we will review your request. We may deny your deletion request if retaining the information is proper and necessary or if an exception allowing us to retain the information applies. 

If your request is approved, we will delete or deidentify the relevant information and will direct our service providers to take similar action.

Exercising Your Rights to Know, Delete or Correct

To exercise your rights to know or delete described above, please submit a request by either: 

·       Calling us at (+1) [Insert Phone Number]

·       Emailing us at dataprivacyofficer@rationale.com  

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal data. 

You may only submit a request to know twice within a 12-month period. We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt unless we require an extension. If we reasonably require an extension, we will inform you of the reason and extension period.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA/CPRA rights.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

California’s Shine the Light Law

California Civil Code Section 1798.83 permits Users of our Website that are California residents to request certain information regarding our disclosure of the information you provide through the Site to third parties for their direct marketing purposes. To make such a request, please contact us at the following address:

Rationale USA LLC 
333 S.E. 2nd Avenue
Suite 2000
Miami, Florida, 33131
United States 

Who Do We Share Your Personal Information With?

Personal Information Category Category of Third-Party Recipients: Business Purpose Disclosures Category of Third-Party Recipients: Sales
A: Identifiers Data Analytics Providers; advertising networks; Operating Systems & Platforms; Social Networks; Advertising Networks
B: California Customer Records personal information categories. Data Analytics Providers; Advertising Networks Advertising Networks
C: Protected classification characteristics under California or federal law. Data Analytics Providers; Service Providers None
D: Commercial Information Data Analytics Providers; Service Providers; Advertising Networks None
E: Biometric Information None None
F: Internet or other similar network activity Data Analytics Providers; Operating Systems & Platforms; Social Networks; Advertising Networks
G: Geolocation Data Data Analytics Providers; Operating Systems & Platforms Advertising Networks
H: Sensory Data None None
I: Professional or employment-related information None None
J: Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99) None None
K: Inferences drawn from other personal information. Data Analytics Providers; Operating Systems & Platforms; Social Networks; Advertising Networks Advertising Networks

RESOLVING YOUR PRIVACY REQUESTS AND COMPLAINTS

If you have a query or complaint about how we handle your personal information, would like to withdraw your consent to any use of your personal information as set out in this Privacy Policy, or any requests, issues or concerns regarding your personal information or any aspect of this Privacy Policy, then please contact us on the details provided below. We may request additional details from you regarding your concerns, and may need to engage or consult with other parties in order to investigate and deal with your issue. We will keep records of your request and any resolution.

RATIONALE USA LLC
333 S.E. 2nd Avenue
Suite 2000
Miami, Florida, 33131
United States
dataprivacyofficer@rationale.com