Privacy Policy

Updated February, 2022

FAQ

Commonly asked questions about how we collect, store and use your data.

Do we sell your personal information for monetary compensation? No

Do we share your data with third party partners? Yes

Do we receive information from other companies you have given data permission to? Yes

Do we use your information for better product recommendations and site experiences? Yes

Do we give you control of your data? Yes

How You Control Your Data

You are in control of your personal information. You can exercise your rights and change your preferences anytime.

Data Subject Rights Requests

Depending upon the country where you registered, your Cera Secrets account may offer the ability to access your information and make updates to or delete your data.

If not, you may make a request for access, erasure, rectification, to opt out of receiving marketing emails or texts, or to object to our use of your email address or phone number for advertising,

Please send an email to copyright@cerasecrets.com You can also tell us to stop sending you email and text messages by following the opt-out instructions sent with these communications. Please be aware that we may need to keep certain information to honor your choices (e.g., if you tell us to stop sending marketing emails, we will need your email address on file so that our systems remember that you no longer wish to receive marketing communications to that email address).

Also, there some situations where we may be unable to grant your request (e.g., deleting transaction data where we have a legal obligation to keep it, or for fraud prevention, security, or to protect the privacy of others, among other things).

Traditional Online Behavioral Advertising

How you can stop receiving traditional interest-based ads To stop receiving Cera Secrets interest-based advertising, you can send a email to adcare@cerasecrets.com.

You can also prevent getting interest-based ads on websites by declining cookies in your browser(s). declining the “access to data” requests that apps usually present when you install them, or by adjusting the ad tracking settings on your device. Please note that you may also receive personalized ads based on your email address or phone number, if you have provided those to us for marketing purposes. To opt out of that usage, please contact us.

You will still see “contextual” ads even if you opt out of interest-based ads Even if we stop sending you interest-based ads, you will still get ads from our brands on your computer or mobile devices. These ads, however, are based on the context of the sites you visit and are called contextual ads. Unlike interest-based ads which are based on pages you visit on your mobile phone or computer viewing activities, contextual ads are ads shown to you based on the context of the specific site you are visiting. For example, you still may see an ad for one of our baby care brands while looking at nursery products online because these sites traditionally have had mostly new or expecting parents as visitors. You should also know that we may still collect information from your computer or devices and use it for other purposes like evaluating how our websites work, for consumer research, or detecting fraud.

Deleting cookies also deletes your opt out When you opt out of interest-based advertising, we send an opt-out cookie to your browser that tells us that you no longer want to receive interest-based ads from us. Your opt-out cookie will be deleted if you decide to delete all cookies. This means that you will need to opt-out again if you still do not want to receive interest-based ads.

Access or Erasure To make a request for access or erasure with respect to personal data used for traditional online behavioral advertising which, for example, would include information we may have about you at a cookie or device ID level and which we use to provide you with relevant ads, please contact us.

To process your request, we need you to provide any of the following identifying cookies IDs from our service providers:

Consumer Research Participants

To make a request with respect to personal data we may have as part of your participation in one of our research studies, please see the contact information provided on your consent form or call or visit your research center.

California Residents

If you live in California, you may access the personal information we hold about you, request details about how we process your personal information, ask us to delete your data or request that we no longer “sell” your personal information (as “sell” is defined in the CCPA).

EEA and UK Residents

If you live in the EEA or the UK, or are physically in the EEA or the UK, you may access the personal data we hold about you, request that inaccurate, outdated, or no longer necessary information be corrected, erased, or restricted, and ask us to provide your data in a format that allows you to transfer it to another service provider. You also may withdraw your consent at any time where we are relying on your consent for the processing of your personal data. And you may object to our processing of your personal data (this means ask us to stop using it) where that processing is based on our legitimate interest (this means we have a reason for using the data).

If you would like more information about data protection and your personal data rights in general, please visit the European Data Protection Supervisor’s site at https://edps.europa.eu/data-protection/ or the UK Information Commissioner’s Office site at https://ico.org.uk. If you are not happy with our response to your requests, you may lodge a complaint with the data protection authority in your country.

For Spain Cera Secrets adheres to the Code of Conduct for Data Protection in AUTOCONTROL, accredited by the Spanish Data Protection Agency and therefore is subject to its extrajudicial system of data processing complaints when related to data protection and advertising, available for those interested on the website www.autocontrol.es.

How We Gather & Use Data

Like all brands, we collect data as you interact with us or when you share data that in turn can be shared with us. We do this respectfully and carefully to protect your rights. Data can help you be better understood as a consumer and a person. We can use the information we have separately, or combine it together, to bring you better products, services, and experiences.

How We Collect Data

We collect information about you in many ways from many places. Some of the information we collect may include personal information that can be used to identify you; for example, your name, email address, telephone number, or postal address. In some countries like those in the EEA or UK or in states like California, things like IP address or cookie and mobile device identifiers may also be considered personal information.

Please note: We may combine all of the information we collect about you to give you better products, services, and user experiences.

You Share it Directly

You give us your information when signing up for an account on our websites or mobile apps or by calling or emailing us. We may ask for things like your name, email or home address, date of birth, payment information, your age, gender, the number of people in your family, and the way you want us to send you information about our products and services—for example, to your home address, email address, or by texting you.

You Interact with Websites & Emails

We may use technologies that automatically collect information when you visit our sites, view our advertisements, or use our products or services. For example, we use cookies (a tiny file stored on your computer’s browser) to tell us what browser and operating system you are using, your IP address, web pages you visit, links you click, or whether you have or have not opened an email from us.

You Use Mobile Apps & Other Devices

To give you the best possible user experience, we may use technologies that collect information from your phone when you use our mobile apps or our “smart” devices in your home. You consent to do this when downloading the app or installing household internet connected devices. This information could

include your mobile phone or other device advertising ID, information about your phone’s operating system, how you use the app or device, and your physical location. You will get a pop up notice on your phone or device that gives you the option to accept or reject allowing us to know your precise geolocation (exactly where you are standing or where you are accessing the internet).

You Connect with Partners or Third Parties

We may get information that other companies share with or sell to us. For example, you may have given consent for another company to share your personal information with us when you signed up for telecom services or a retailer loyalty points program. We may also collect information from places that you know everyone can see, such as from internet postings, blog entries, videos, or social media sites. We may also receive information from other companies, such as consumer data resellers, who are in the business of collecting or aggregating information about you sourced from publicly available databases (in line with local legal requirements as applicable) or from consent you have given to their use and subsequently our use of your information. This might be information about your income level, age, gender, number of people in your family, and products you have bought on the internet or from stores in your neighborhood.

General Ways We Use Data

We use your information to help us meet our purpose of touching and improving the lives of people like you every day around the world.

For example, we use your information to:

Perform services for you
Identify and authenticate you to our different marketing programs and websites
Respond to your questions or requests for information
Provide customer service
Send transactional messages (such as account statements or confirmations)
Send marketing communications, survey, and invitations
Process your payment for the products you buy from us
Process and issue refunds and collections
Send you products or samples you have requested
Help you manage your Cera Secrets site or app preferences
Allow you to enter our contests or sweepstakes
Interact with you on social media
Better understand your interests and preferences and serve you and others like you with relevant offers and communications
Serve you with relevant ads and serve others with relevant ads through look-alike audiences. For example, if you sign up for marketing emails for laundry detergents in the U.S., we may upload your hashed email address into Facebook in France to find consumers there who, according to Facebook, “look like” you so we can serve them an ad on Facebook.

We also use your information for internal business purposes such as:

Quality control, training, and analytics
Safety maintenance and verification
System administration and technology management, including optimizing our websites and applications
Security purposes, including detecting threats and protecting against malicious or fraudulent activity
Record-keeping and auditing interactions with consumers, including logs and records maintained as part of transaction information
Risk management, audit, investigations, reporting and other legal and compliance reasons

We may also use your personal information to better understand you, including:

For internal research
To design and develop products, services and programs that delight our consumers
To identify prospective consumers

We also collect and use your information, including information provided by a third party (e.g., refer-a-friend program), to administer and maintain our financial incentive, rewards, discounts (e.g., price or service coupons) and loyalty programs (collectively, “Rewards Programs”). We use the information you provide in these programs to verify your identity, offer unique rewards, track your program status, and to facilitate the exchange of program points for products, promotional materials, training workshops, and other items. If you consent to participate in any of our Rewards Programs, you may withdraw that consent at any time by contacting us using the contact details in this Privacy Policy or in accordance with the instructions set forth in the applicable Rewards Program’s terms and conditions. We may use the information gathered from, or related to, participants in our Rewards Programs for any other purpose or in any other manner set forth in this Privacy Policy. For more information on how we calculate the value of your personal information for Rewards Programs as required under the California Consumer Privacy Act (“CCPA”).

How We Use Cookies

Cookies are small files sent to your computer as you surf the web. They store useful information about how you interact with the websites you visit. Cookies do not collect any information stored on your computer or device or in your files. Cookies do not contain any information that would directly identify you as a person. Cookies show your computer and device only as randomly assigned numbers and letters (e.g., cookie ID ABC12345) and never as, for example, John E. Smith.

We use cookies for a number of reasons, such as:

to serve you with relevant advertising
to learn more about the way you interact with Cera Secrets content
help us improve your experience when visiting our websites
to remember your preferences, such as a language or a region, so there is no need for you to customize the website on each visit
to identify errors and resolve them
to analyze how well our websites are performing

Types of Cookies We Use

Strictly necessary These cookies allow the page to load or provide some essential functionality without which the page would not work (i.e., store your data in a shopping cart).

Performance cookies These cookies allow sites to remember what you prefer when you come back again. For example, if you choose to read the site in French on your first visit, the next time you come back the site will appear automatically in French. Not having to select a language preference every time makes it more convenient, more efficient, and user-friendly for you.

Advertising cookies These cookies can be used to learn about what interests you generally might have, based, for example, on the websites you visit and the products you buy. This can also help us infer things about you such your age, marital status, and how many kids you may have. That data allows us to send you ads for products and services that better fit the things you like or need. It also allows us to limit the number of times you see the same advertisement.

Analytics cookies These cookies tell us how our websites are working. In many cases, we use Google analytics cookies to monitor the performance of our sites. Our ability to use and share information collected by Google Analytics about your visits to our sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.

How You Can Control Cookies

You can set your browser to refuse all cookies or to indicate when a cookie is being sent to your computer. However, this may prevent our sites or services from working properly. You can also set your browser to delete cookies every time you finish browsing.

Interest-Based Advertising

When you visit our partner sites, we can show you ads or other content we believe you would like to see. For example, you may receive advertisements for Cocera Skincare if we notice that you are visiting sites that are focussing on skincare or beauty products. And from that information we may conclude that you my have interest in skincare products and therefore could well be interested in a powerful skincare or beauty product. In this way, we intend to send you relevant information about our products that might be of benefit to you.

We learn from groups of consumers sharing similar interests We may place you into a particular group of consumers who show the same interests. For example, we may put you in the group of “skincare lovers” if we see you frequently purchase skincare products online or you could be a “bargain-shopper” if we notice you use online coupons or look for discounts or sales. We notice these things about you as you look at web pages, links you click on our websites and other websites you visit, mobile applications you use, or our brand emails you view and links you click in the emails. We group together cookie and device IDs to help us learn about general trends, habits, or characteristics from a group of consumers who all act similarly online and/or offline. By doing this, we can find and serve many others who “look like” those already in the group and thereby send them what we believe will be relevant and beneficial product offers and information.

We link other information to your cookie and device IDs

Your cookie and device IDs may be supplemented with other information, such as information about the products you buy offline or information that you provide directly to us when creating an account on our sites. We generally do this in ways that will not directly personally identify you. For example, we could know that cookie ID ABC12345 belongs to the skincare lovers group based on person’s web site visits, age, gender, and shopping habits, but we would not know that person’s name or address or other information that would identify him or her as a person. Should we ever want to personally identify your cookie or device information (web and app viewing history), we will always ask you before doing so.

We may know you across all of your computers, tablets, phones, and devices We may know that cookie ID ABC12345 is from a computer that that may be connected to the same person or household owning the mobile phone with device ID ETU67890. This means that you may search for skincare on your laptop, click on a Google search result link which we have sponsored, and then later see an ad for our Cocera Skincare brand on your mobile phone. We might assume or deduce that the same person owns the computer and phone because, for example, they sign on to the same WiFi network every day at the same time. Understanding what devices seem to be used by a person or household helps us limit the number of times you see the same ad across all of your devices. And this is important because that way you don’t get annoyed at us for spamming you with the same ad and we don’t pay for such repetitive ads that we don’t want you to receive.

Addressable Media When you provide us with your personal data via our sites or apps, we will use an encryption of that data – or a substitute identifier to serve you with ads we think you may like. We do this generally by uploading an encrypted copy of your email address, phone number, or your mobile advertising ID to a platform that offers ad space (e.g., Facebook, YouTube, Instagram, TikTok, etc.). We also use that same data to serve you advertising through what is called the open web. This means you may see relevant ads from us on sites like vogue.com or apps or other places like digital TV that participate in online auctions of their ad inventory.

Facebook’s Advanced Matching Some of our sites use Facebook’s Advanced Matching features, which is a service they offer to advertisers. Through Advanced Matching, we will send some of the information you enter into our site form fields (e.g., your name, email address, and phone number – not any sensitive or special category data) encrypted in hashed format to Facebook, or the Facebook pixel will encrypt and pull that data automatically, for the purpose of helping associate you with your browser cookie or device ID. We do this so that we can better target and measure the effectiveness of our advertising on Facebook’s platform. This is how we can know that if we showed you an ad on Facebook, you clicked on it, came to our site and bought something – or not – and therefore whether we should continue to buy ads on Facebook – or not.

Other Technologies We May Use

Proximity-based beacons Beacons send one-way signals to mobile apps you install on your phone over very short distances to tell you, for example, what products are on-sale as you walk through a store. Beacons only talk to your device when you get close enough and after you have given consent within the mobile application associated with a particular beacon. In turn, apps may provide us location information to help customize advertising and offers to you. For example, when you are near a beacon in the skin care section of a supermarket, we may send you a $5 off coupon.

Pixels These are small objects embedded into a web page, but are not visible. They are also known as “tags,” “web bugs,” or “pixel gifs.” We use pixels to deliver cookies to your computer, monitor our website activity, make logging into our sites easier, and for online marketing activity. We also include pixels in our promotional email messages or newsletters to determine whether you open and act on them.

Mobile device identifiers and SDKs We use software code in our mobile apps to collect information similar to what cookies collect on the internet. This will be information like your mobile phone identifiers (iOS IDFAs and Android Advertising IDs) and the way you use our apps. Similar to cookies, the device information we collect automatically as you use our apps will never identify you as a person. We only know a mobile device as randomly assigned numbers and letters (e.g., advertising ID ETU67890) and never as, for example, John E. Smith.

Precise geolocation We may receive information about your exact location from things like global positioning system (GPS) coordinates (longitude and latitude) when you use our mobile apps. You will always get a pop-up notice on your phone or device asking for you to accept or reject allowing us to know exactly where you are in the world. You should understand that we will not always ask for consent to know generally that you are in a broader city, postal code, or province. For example, we do not consider it to be precise location if all we know is that you are somewhere in Melbourne, Australia.

Site and App Content

Plugins Our websites may include plugins from other companies such as social networks. An example of a plugin is the Facebook “Like” button. These plugins may collect information (e.g., the url of the page you visited) and send it back to the company that created them. This may happen even if you do not click on the plugin. These plugins are governed by the privacy policy and terms of the company that created them, even though they appear on our sites. We act as a controller of that data for our EEA and UK sites for the purposes of collection and transmission of that data. Such plug-ins are non-essential cookies and will only work on our EEA and UK sites if you accept cookies.

Logins Our websites may allow you to log in using your account with another company such as, for example, “Login with Facebook.” When you do this, we will have access only to the information that you have given us consent to receive from your account settings in the other company’s account you’re using to log in with.

User content Some of our sites and apps will allow you to upload your own content for contests, blogs, videos, and other functions. Please remember that any information you submit or post becomes public information. We do not have control over how others may use the content you submit to our sites and apps. We are not responsible for such uses in ways that may violate this privacy policy, the law, or your personal privacy and safety.

Links Cera Secrets’s sites may include links to other sites, which we do not control. Those sites will be governed by their own privacy policies and terms, not ours.

How We Share Data

We are not in the business of sharing your personal data and do so only in very limited situations where your privacy is protected.

With Your Consent

When we have your consent, we may share your information with select partners so they can send you offers, promotions, or ads about products or services we believe you may be interested in. For example, people who receive Cera Secrets emails from our skincare brands such as Cocera may also consent to hear about skincare formulas made by other companies.

Online Platforms and Ad Tech Companies

Our websites and applications may share unique identifiers, inferred and derived information, online and technical information and geolocation data with online platforms and ad tech companies to help us serve you relevant advertisements and offers. We always ensure we follow the applicable legal requirements, which may include consent and/or opt-outs, when doing so. We do not sell your personal information to marketers outside of Cera Secrets in exchange for monetary compensation. If you are a California resident, please see the California Consumer Privacy Rights section of the privacy policy below for additional information.

Service Providers

We may share your information with service providers who help us run our business, including hosting our sites, delivering our emails and marketing communications to you, analyzing the data we collect, helping us with sales attribution (e.g., to see if we showed you an ad on a platform site and then you bought a product from us) and sending you the products and services you requested. We also share your information with lawyers, auditors, consultants, information technology and security firms, and others who provide services to us. We share only the personal information needed for these companies to complete the tasks we request. They are required to protect your information in the same way we do and will not share it or use it for any other purpose than to provide us services. During the 12-month period prior to this privacy policy’s last update, we may have disclosed data from all of the categories listed in the “Types of Data We Collect” section above to third parties for a business purpose depending upon the specifics of the business execution.

Payments for Purchases

Payments for purchases made through some of our sites are completed using a third-party vendor’s online payment system. Cera Secrets does not have access to your credit card information provided for purchases and does not store or disclose your credit card information as part of your purchases through these third-party systems. The personal or financial information you provide to our online payment system is subject to the third-party’s privacy policy and terms of use and we recommend you review these policies before providing any personal or financial information. Cera Secrets currently uses Stripe, we may also use PayPal and Braintree other others as our third-party e-commerce platforms.

Legal and Similar Reasons

If a brand or one of our businesses with which you’ve shared personal data is sold to another company, your data will be shared with that company. As a result, your account and the personal data in it will not be deleted unless you tell the brand or new company that you want it deleted. We may also share your information with companies who help us protect our rights and property, or when required by law or government authorities.

Types of Data We Collect

We collect the following types of data in order to best serve all of our consumers.

Please be aware that this is an exhaustive list of all of the possible types of data we collect, and many of these types almost certainly will not apply to you. If you want to know what data we actually have about you, just ask us by send an email to: adcare@cerasecrets.com

What We Typically Collect

Contact Information Data elements in this category include names (including nicknames and previous names), titles, mailing address, email address, telephone/mobile number and contact information for related persons (such as authorized users of your account).

General Demographics & Psychographics Data elements in this category include personal characteristics and preferences, such as age range, marital and family status, shopping preferences, languages spoken, loyalty and rewards program data, household demographic data, data from social media platforms, education and professional information, hobbies and interests and propensity scores from third parties (likelihood of purchase, experiencing a life event, etc.).

Transaction and Commercial Information Data elements in this category include customer account information, qualification data, purchase history and related records (returns, product service records, records of payments, credits etc.), records related to downloads and purchases of products and applications, non-biometric data collected for consumer authentication (passwords, account security questions), customer service records.

Unique IDs & Accounts Details Data elements in this category include unique ID number (such as customer number, account number, subscription number, rewards program number), system identifiers (including username or online credentials), device advertisers, advertising IDs and IP address.

Online & Technical Information This includes internet or other electronic network activity information. Data elements in this category include: IP address, MAC address, SSIDs or other device identifiers or persistent identifiers, online user ID, encrypted password, device characteristics (such as browser information), web server logs, application logs, browsing data, viewing data (TV, streaming), website and app usage, first party cookies, third party cookies, flash cookies, Silverlight cookies, web beacons, clear gifs and pixel tags.

Inferred Information This includes information derived from other information listed in this section. We create inferred and derived data elements by analyzing our relationship and transactional information. Data elements in this category include propensities, attributes and/or scores generated by internal analytics programs.

What We Sometimes Collect

Precise Geolocation Data elements in this category include precise location (such as latitude/longitude or in some cases IP address).

Health-related Information Data elements based on how it is collected include:

Information collected from consumer programs
- General health and symptom information
- Pregnancy-related information, such as due date
Consumer Research Studies where you have provided your informed consent
- Information about physical or mental health, disease state, medical history or medical treatment or diagnosis, medicines taken and related information

Financial information Data elements in this category include bank account number and details and payment card information (e.g., when you make a purchase directly with a brand or receive a credit from a brand).

Government-issued IDs Data elements in this category include governmental ID and Tax ID (e.g., for winners of a contest in jurisdictions where we are required to collect that information).

Audio Visual Information Data elements in this category include photographs, video images, CCTV recordings, Call Center recordings and call monitoring records, and voicemails (e.g., for research, when you visit our facilities, or when you call us).

Smart Devices and Sensor data Data elements in this category include smart device records, IoT products (e.g., from an Cocera app-connected skincare).

Data About Children Data elements in this category may include the number of children you have their genders, and ages.

Biometric Information Data elements in this category include facial recognition data, and a mathematical representation of your biometric identifier, such as the template maintained for comparison (e.g., for healthcare research studies). We will retain this biometric data for no more than three years from the individual’s last interaction with us, unless we are required to retain it longer for legal or regulatory compliance purposes, or to exercise or defend our legal interests. We have implemented commercially reasonable protocols to safeguard and, when appropriate, to permanently delete or dispose of such biometric data.

Children and Personal Data

We follow all applicable data protection laws when collecting personal information online from children. For example, in the EEA and the UK we do not collect personal information from children under 16 years of age without the consent of the holder of parental responsibility over the child, unless a lower age is provided for by the local laws – provided that such lower age is not below 13 years. Similarly, in the U.S., we obtain verified parental consent when collecting personal information from children younger than 13.

How Your Information Stays Safe

Your privacy is important. That’s why we respect it by taking steps to protect it from loss, misuse, or alteration.

We respect your personal information and take steps to protect it from loss, misuse, or alteration. Where appropriate, these steps can include technical measures like firewalls, intrusion detection and prevention systems, unique and complex passwords, and encryption. We also use organizational and physical measures such as training staff on data processing obligations, identification of data incidents and risks, restricting staff access to your personal information, and ensuring physical security including appropriately securing documents when not being used.

International Transfers

Your personal information may be transferred to, stored, and processed in a country other than the one in which it was collected, including the United States. For example, we may store your data on a server in the United States because that is where a particular database is hosted; and that data may be “transferred” again when one of our marketers accesses that data from Switzerland to send you a product sample. For EEA and UK data, we perform such transfers, both between Cera Secrets entities and between Cera Secrets and our service providers, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as model contract clauses). If you would like a copy of a transfer agreement, contact us. For non-EEA and UK data, we perform such transfers based on your consent, or on our contracts, where so required by local law.

Regional Disclosures

California Consumer Privacy Rights

For more information about the categories of personal information we collect, business and commercial purposes for the collection of the personal information and categories of third parties with whom we share the personal information, please see the disclosures above. As a California resident, you may have the right to request, twice in a 12-month period, the following information about the personal information we have collected about you during the past 12 months:

the categories and specific pieces of personal information we have collected about you;
the categories of sources from which we collected the personal information;
the business or commercial purpose for which we collected or sold the personal information;
the categories of third parties with whom we shared the personal information; and
the categories of personal information about you that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose.

In addition, you have the right to request that we delete certain personal information we have collected from you. To submit a request for general disclosure, to access all the information we have about you, or to ask to delete your data as described above you can email us at consumercare@cerasecrets.com or call us at (305) 922 1578 in any case. To help protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal information or considering

your deletion request. Upon receipt of your request, we will send you a verification form by email or postal mail. To complete your request, please respond to the verification form when you receive it. To verify your identity, we may require you to provide any of the following information: Name, email address, postal address, or date of birth. In addition, if you ask us to provide you with specific pieces of personal information, we will require you to sign a declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request.

Please understand that Cera Secrets cannot delete personal information in those situations where our retention is required for our own internal business purposes or otherwise permitted by the CCPA (such as fraud prevention or legal compliance). In these situations, we will retain your information in accordance with our records retention program and securely delete it at the end of the retention period.

Finally, you also have the right to opt out of the sale of your personal information. To exercise that right, please contact us here or call us at (305) 922 1578.

For more information about how we have shared your information with third parties such that it constitutes a “sale” under CCPA during the 12-month period prior to the date this privacy policy was last updated, please see the below chart. We do not knowingly sell personal information of minors under 16 years of age.

Rewards Programs calculation Under the CCPA, you may be entitled to be informed as to why financial incentive programs, or price or service differences, are permitted under the law, including (i) a good-faith estimate of the value of your personal information that forms the basis for offering the financial incentive or price or service difference, and (ii) a description of the method we used to calculate the value of your personally identifiable information. Generally, we do not assign monetary or other value to personal information. However, in the event we are required by law to assign such value in the context of Rewards Programs, or price or service differences, we have valued the personal information collected and used as being equal to the value of the discount or financial incentive provided, and the calculation of the value is based upon a practical and good-faith effort often involving the (i) categories of personal information collected (e.g., names, email addresses), (ii) the transferability of such personal information for us and our Rewards Programs, (iii) the discounted price offered, (iv) the volume of consumers enrolled in our Rewards Programs, and (v) the product or service to which the Rewards Programs, or price or service differences, applies. The disclosure of the value described herein is not intended to waive, nor should be interpreted as a waiver to, our proprietary or business confidential information, including trade secrets, and does not constitute any representation with regard to generally accepted accounting principles or financial accounting standards.

California Notice for Minors We may offer interactive services which allow teens under the age of 18 to upload their own content (e.g., videos, comments, status updates, or pictures). This content can be removed or deleted any time by following the instructions on our sites. If you have questions about how to do this, contact us. Be aware that such posts may have been copied, forwarded, or posted elsewhere by others and we are not responsible for any such actions. You will, in such cases, have to contact other site owners to request removal of your content.

“Sales” of Personal Information

Unique Identifiers, Inferred and Derived Information, Online & Technical Information, and Geolocation Data

We sell this personal information to the following categories of third parties:

Online platforms such as Google, Amazon, Facebook
Adtech companies such as our DSPs

This data is shared for purposes of targeted advertising. These companies use that data to improve their products and services in accordance with their platform terms.

Demographic Information and Preferences

We sell this personal information to the following categories of third parties:

Retail partners

This data is shared pursuant to your consent for joint marketing (e.g. linking for rewards programs)

We also sell any other information with your consent.

How to Opt Out

To opt out of sales of your data, click here or call us at

(305) 922 1578.

If you want us to update our internal records so we do not share your personal information from our brand programs with a third party in a way that may be defined as a “sale,” click here or call us at (305) 922 1578.

Please note that Cera Secrets may also transfer your personal information to third parties through cookies or tracking technologies for advertising and joint marketing purposes. To exercise your “Do Not Sell” right related to website cookies and tracking technologies, please go to the applicable brand website, access our California Do Not “Sell” Request Center available at the bottom of the page and set your preferences. Because some of these third parties operate differently by website and device, you may need to take this step for each Cera Secrets website you use.Under the CCPA, you may designate an authorized agent to make a request on your behalf but the agent will need to complete the verification process, including the submission of proof that it has been designated to act on your behalf. For access and deletion requests made by an authorized agent on your behalf, we also may require you to verify your own identity directly with us (as described above). We will not deny, charge different prices for, or provide a different level or quality of goods or services if you choose to exercise your rights under the CCPA.

EEA and UK Privacy

This section applies only to our processing of personal data of EEA country and UK residents. It aims to provide increased transparency into our processing, retention, and transfer of EEA and UK residents personal data that is in line with the letter and spirit of the General Data Protection Regulation (“GDPR”) and the GDPR as incorporated into UK law by the Data Protection Act 2018 and amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019.

Entities

Different Cera Secrets entities may be the controller of your personal data. A data controller is the entity which directs the processing activity and is principally responsible for the data.

Processing and retention

As a general rule, we keep your data for only as long as it is needed to complete the purpose for which it was collected or as required by law. We may need to keep your data for longer than our specified retention periods to honor your requests, including to continue keeping you opted out of marketing emails, or to comply with legal or other obligations. This section tells you the type of data we collect, the purposes for which we use it, why such uses comply with the law (legal basis), and how long we usually keep it (retention period).

Marketing

Types of Data Email, name, phone number, postal address, your affinities, your interests, your logged in browsing behavior on our sites or apps, your profession, your habits, what you bought, the photos or videos you upload, information about your children and your home, your family composition, the number of people in your household, your hair type, your skin type, your favorite scent, whether you have a pet, health-related information (for example your pregnancy due date), etc.

Why We Collect This Data To send you materials, including advertisements, marketing our products or services or the products or services of our partners

Legal Basis Your consent for email and SMS and any special category data, and, where we obtain it, consent for postal. Legitimate interests for everything else (e.g., for advertising).

Retention Period Until you request to delete the personal data or withdraw your consent. If you do not make such a request, the personal data will be deleted on the following schedule:

email: after <50 months of all-channel inactivity. We define inactivity through several internal criteria.

SMS: after <50 months of all-channel inactivity. We define inactivity through several internal criteria.

postal address: after <50 months of all-channel inactivity. We define inactivity through several internal criteria.

These retention periods may be shorter in certain countries in line with local requirements.

Contests

Types of Data Email, name, phone number, sometimes other data.

Why We Collect This Data To provide contest participants with information about the contest, including announcing the winner(s) of the contest.

Legal Basis Performance of a contract.

Retention Period For 24 months unless local law requires us to retain it longer.

Product Purchases

Types of Data Email, name, phone number, payment information (including bank account IBAN or Paypal details), sometimes other data.

Why We Collect This Data To process your purchases of our products, cashback offers, or warranties and to send you relevant communications related to that purchase.

Legal Basis Performance of a contract.

Retention Period As long as necessary to fulfill your order and follow up with communications about your order unless local law requires us to retain it longer. We also generally retain data for 24 months for cashback offers and 10 years for warranties

Contact Us

Types of Data Email, name, phone number, sometimes other data.

Why We Collect This Data To address your inquiries and make sure we follow up appropriately or as may be required by law or Cera Secrets policy.

Legal Basis Our legitimate business interest in managing consumer inquiries and improving our processes and products, as well as your consent for special category data which may be collected in some adverse event cases.

Retention Period From 0 to 10 years, depending on the nature of the inquiry, our legitimate interests for processing the data, and our legal obligations.

Research

Types of Data Email, name, phone number, address, identifiable photos or videos, sometimes other data.

Why We Collect This Data To test our product ideas and learn about your preferences and practices so that we can improve our products and the lives of our consumers.

Legal Basis Your consent.

Retention Period We will retain the personal data collected as part of substantive clinical research for as long as we need it for the purpose for which it was collected, and/or for as long as may be required to retain it by local law or regulation, which may be up to 25 years. For non-clinical research, we will retain your substantive personal data for a maximum of 5 years. We will retain your signed informed consent documents.

Traditional Online Behavioral Advertising

Types of Data Advertising cookies, device ID, demographic information such as gender and age, behavioral data such as page views, and other data.

Why We Collect This Data To learn about your Internet interests and customize the ads we send you.

Legal Basis We will obtain your consent for the deployment of cookies on our own websites in accordance with ePrivacy requirements. When we place our tags on third party websites or buy data from third party vendors, we require that our partners obtain your consent before our tag is deployed or your data is shared with us.

Depending on the case, we may rely on our legitimate business interests or on your consent for the processing your personal data to serve you with relevant advertising across different media channels.

Retention Period We will retain this data for thirteen months from the date we collect it or until you opt out, whichever is earlier.

Reporting a data breach to the authorities

Cera Secrets will seek to report potential data breaches within 72 hours of knowledge of such breaches to the relevant authorities responsible for monitoring the security of personal data.

Contact Us

Still have a question or concern? We’re here to help.

Please contact us directly with any questions or concerns you may have about your privacy and our data protection practices or if you are a consumer with a disability and need a copy of this notice in an alternative format. If you have an inquiry that is specific to our data protection officer, such as a suspected data breach, please state that in your message. You may also write to our Data Protection Department at:

By Mail:

Cera Secrets LLC

3565 Mystic Pointe Dr.

Miami, Florida 33180

United States

Please go to www.coceraskincare.com and click the “Contact Us” link at the bottom of the page.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Privacy Policy

FAQ

Company

Help and Support

Cera Secrets LLC