Beauty Care Choices Privacy Policy
Effective Date: May 14, 2026
Last Updated: May 14, 2026
This Privacy Policy describes how Beauty Care Choices ("Beauty Care Choices," "we," "us," or "our") collects, uses, discloses, and protects personal information when you visit www.beautycarechoices.com, place an order, contact our customer service team, or otherwise interact with us (collectively, the "Services"). It also describes the rights and choices available to individuals with respect to their personal information.
1. Personal Information We Collect
In the past twelve (12) months, and on an ongoing basis, we collect the categories of personal information described below. The categories follow the framework set out under the California Consumer Privacy Act, as amended ("CCPA"), and are used as a common reference across the U.S. state privacy laws covered by this Policy.
| Category | Examples of Information Collected | Collected |
|---|---|---|
| A. Identifiers | Full name, postal and billing address, email address, telephone number, account username, IP address, device identifiers, cookie and similar identifiers. | Yes |
| B. Customer records (Cal. Civ. Code §1798.80(e)) | Name, address, telephone number, payment card information (processed and stored by our payment processor, not by us), and other identifying information you provide when placing an order or creating an account. | Yes |
| C. Protected classification characteristics | Age range or birthdate, sex/gender (if voluntarily provided, for example in a beauty or hair profile or sweepstakes entry). | Limited (only if voluntarily provided) |
| D. Commercial information | Records of products purchased, considered, or returned, order history, wishlist contents, loyalty/rewards balances, gift-card balances. | Yes |
| E. Biometric information | None. | No |
| F. Internet or other electronic network activity | Browsing history on our site, search queries, pages and products viewed, clicks, referring URLs, scroll and interaction data, advertising interaction data. | Yes |
| G. Geolocation data | Approximate (city/region/country level) geolocation derived from IP address. | Yes (coarse only) |
| H. Audio, electronic, visual, or similar information | Written transcripts of customer-service phone calls (see Section 5); photos or videos you voluntarily submit (for example, a product review). | Yes |
| I. Professional or employment-related information | Salon name, professional license information (only if you apply for a wholesale or salon-trade account). | Limited (only for trade applicants) |
| J. Education information | None. | No |
| K. Inferences | Profiles reflecting product preferences, predicted interests, hair or beauty profile attributes, and audience segments derived from your interactions with us. | Yes |
| Sensitive personal information | Account log-in credentials in combination with a password (used solely for security and authentication and not for inferring characteristics about you). | Limited |
We do not knowingly collect or process sensitive personal information for purposes of inferring characteristics about a consumer. We do not collect Social Security numbers, driver's license numbers, financial account numbers (other than payment card data processed by our payment processor), precise geolocation, racial or ethnic origin, religious beliefs, union membership, contents of mail or email, genetic data, or information about a known child under 13.
2. Sources of Personal Information
We collect personal information from the following sources:
- Directly from you — when you create an account, place an order, sign up for email or SMS, fill out a form, enter a sweepstakes, submit a product review, or contact customer service.
- Automatically — through cookies, pixels, software development kits, log files, and similar technologies that record your interaction with our site and emails.
- From service providers and partners — including fulfillment carriers, payment processors, fraud-prevention providers, marketing and advertising platforms, and identity-resolution providers.
- From publicly available sources — including public records and information you choose to make public on social media.
3. How We Use Personal Information
We use personal information for the following business purposes:
- To process and fulfill orders, including shipping, returns, refunds, and customer service.
- To create and maintain your account, authenticate you, and enable site features such as the shopping cart, wishlist, order status, and saved addresses.
- To communicate with you about your orders, account, customer-service inquiries, and product safety or recall notices.
- To send marketing and promotional messages by email and (with your consent) by SMS, and to measure the effectiveness of those campaigns.
- To personalize your experience, including product recommendations, on-site search results, and content.
- To operate, secure, debug, and improve our Services, including analytics, performance monitoring, error tracking, and fraud and abuse prevention.
- To deliver, measure, and improve advertising on our Services and on third-party platforms, including cross-context behavioral advertising.
- To comply with our legal obligations, enforce our terms, protect our rights and property, and protect the rights, property, and safety of others.
4. Cookies and Tracking Technologies
We and our service providers use cookies, pixels, web beacons, tags, software development kits, server logs, and similar technologies ("cookies") to operate our Services, remember your preferences, analyze site usage, measure advertising effectiveness, and deliver targeted advertising. Cookies may be set by us (first-party) or by service providers acting on our behalf or for their own purposes (third-party).
This site is protected by Google reCAPTCHA, and the Google Privacy Policy and Google Terms of Service apply.
You can control cookies through your browser settings and through device-level controls. Most browsers also recognize a Global Privacy Control ("GPC") signal. When we detect a GPC signal from a known U.S. state requiring its recognition, we treat it as a request to opt out of sale and sharing/targeted advertising for that browser. To submit a broader opt-out tied to your identity or account, see Your Privacy Choices.
5. Customer-Service Phone Call Transcription (Dialpad)
We use Dialpad as our telephony and contact-center platform. Calls placed to or from our customer-service numbers may be transcribed for quality assurance, training, dispute resolution, fraud prevention, accessibility (for example, to provide a written record of an order or return), and to operate and improve our Services. Dialpad's AI features may generate written transcripts, call summaries, and sentiment indicators from the audio of the call. We do not retain audio recordings of customer-service calls; only the resulting written transcripts and summaries are retained, for the period described in Section 9.
If you do not wish to have your call transcribed, please let the agent know at the start of the call, and the agent will assist you through an alternate channel (such as email or live chat) where available. Continuing the call after notice of transcription constitutes consent to the transcription where consent is required by applicable law.
6. Service Providers and Third Parties We Share Personal Information With
We share personal information with service providers, processors, contractors, and other third parties for the business purposes described in this Policy. We require service providers acting on our behalf to handle personal information consistent with this Policy and applicable law. The list below identifies the principal categories of recipients and representative providers; it is not exhaustive and may change from time to time without notice.
| Purpose | Representative Providers |
|---|---|
| Web analytics, advertising measurement, and advertising delivery | Google (including Google Ads and Google Analytics), Meta (Facebook/Instagram, including the Meta Pixel and Conversions API), Pinterest |
| Email and SMS marketing, transactional messaging, and customer profile management | Klaviyo |
| On-site search and merchandising | Searchspring |
| Forms, surveys, and customer feedback | Typeform, Bizrate Insights |
| Telephony and call transcription | Dialpad |
| Payments and buy-now-pay-later | PayPal, Afterpay, and our payment-card processor |
| Fraud prevention and bot mitigation | Google reCAPTCHA |
| Order fulfillment and shipping | UPS, USPS, Canada Post / ePostGlobal |
We may also disclose personal information:
- To our affiliates and to professional advisors (such as auditors, accountants, and attorneys).
- In connection with a corporate transaction such as a merger, acquisition, financing, reorganization, or sale of all or a portion of our assets.
- To comply with law, respond to lawful requests from public authorities, enforce our agreements, or protect the rights, property, or safety of Beauty Care Choices, our customers, or others.
- With your direction or consent.
We do not "sell" personal information for money. However, our use of cookies and similar technologies for advertising and analytics, including sharing personal information with Google, Meta, Pinterest, and similar platforms for cross-context behavioral advertising, may be considered a "sale" or "share" under the CCPA and a form of "targeted advertising" under other state privacy laws. You can opt out of these uses as described in Section 11 and at Your Privacy Choices.
7. Advertising and Your Choices
We participate in interest-based advertising. This means information about your activity on our site and (where permitted) other sites may be used to show you advertisements that are more relevant to you, and to measure the performance of those advertisements. To learn more or to opt out of interest-based advertising from participating companies, visit the Digital Advertising Alliance, the Network Advertising Initiative, or, for mobile apps, the DAA AppChoices tool. You can also use device-level controls (such as Limit Ad Tracking on iOS or Opt out of Ads Personalization on Android).
8. Payment Security
All credit-card transactions are processed using industry-standard encryption by our payment processor. We do not store full payment-card numbers on our servers. Payment-card data is transmitted directly to, and stored by, our payment processor under that processor's PCI-DSS-compliant environment. We use the Address Verification System (AVS) and other fraud-prevention controls to help detect and prevent unauthorized transactions.
No system can be guaranteed to be 100% secure. While we use commercially reasonable safeguards, we cannot guarantee the absolute security of personal information transmitted to or stored by us or our service providers. Please notify us promptly if you become aware of, or suspect, any unauthorized access to your account.
9. Data Retention
We retain personal information for as long as necessary to fulfill the purposes described in this Policy, to comply with our legal, accounting, and reporting obligations, to resolve disputes, and to enforce our agreements. The table below summarizes our standard retention periods. Actual retention may be longer or shorter where required or permitted by law.
| Category | Standard Retention Period |
|---|---|
| Customer account information | For the life of the account, plus up to seven (7) years after the account becomes inactive or is closed. |
| Order, transaction, and tax records | Seven (7) years from the date of the order, to satisfy tax, accounting, and audit obligations. |
| Email marketing list membership | Until you unsubscribe, plus a reasonable suppression-list period (typically up to two (2) years) to honor your opt-out. |
| SMS marketing list membership | Until you opt out, plus a suppression-list period (typically up to two (2) years) to honor your opt-out. |
| Customer-service correspondence (email, chat, contact form) | Up to three (3) years from the date of the interaction. |
| AI-generated call transcripts and summaries (Dialpad) | Up to one (1) year, except where a longer period is required for an active dispute, claim, or legal hold. Audio recordings of customer-service calls are not retained. |
| Website analytics (Google Analytics) | Up to twenty-six (26) months at the event level; aggregated/de-identified reports may be retained longer. |
| Cookies and similar identifiers | Per the lifetime of the cookie (session cookies expire when you close your browser; persistent cookies typically expire within twenty-four (24) months). |
| Records required by privacy-rights requests | Up to twenty-four (24) months from the date of the request, as required by applicable law. |
When personal information is no longer needed, we delete, anonymize, or aggregate it, except where retention is required to comply with law or for legitimate, documented business purposes.
10. Children's Privacy (COPPA)
Our Services are intended for users who are at least sixteen (16) years of age and are not directed to children under thirteen (13). Consistent with the Children's Online Privacy Protection Act ("COPPA"), we do not knowingly collect or solicit personal information from children under 13. If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will delete that information.
If you are a parent or guardian and believe that your child under 13 has provided personal information to us, please contact our Privacy Officer using the information in Section 14 and we will take prompt action.
11. Your U.S. State Privacy Rights
Depending on where you live and subject to applicable exceptions, you may have one or more of the following rights with respect to your personal information.
11.1 California Residents (CCPA / CPRA)
If you are a California resident, you have the right to:
- Know what personal information we have collected about you, including the categories of information, sources, business or commercial purposes, and categories of third parties with whom we share it.
- Access a copy of the specific pieces of personal information we have collected about you (data portability).
- Correct inaccurate personal information that we maintain about you.
- Delete personal information we have collected from you, subject to exceptions.
- Opt out of the "sale" or "sharing" of personal information, including cross-context behavioral advertising.
- Limit the use and disclosure of sensitive personal information to purposes specified by law.
- Not receive discriminatory treatment for exercising any of these rights.
To exercise these rights, use any of the methods in Section 13 or visit Your Privacy Choices. We will honor a valid Global Privacy Control signal as an opt-out of sale and sharing for the browser from which it is received.
11.2 California Shine the Light
Under California Civil Code §1798.83 ("Shine the Light"), California residents who have an established business relationship with us may request, once per calendar year, information about our disclosures of certain categories of personal information to third parties for those third parties' own direct marketing purposes. Beauty Care Choices does not currently disclose personal information to third parties for those third parties' own direct marketing purposes. To make a Shine the Light request, write to the Privacy Officer at the address in Section 14 with the subject line "Shine the Light Request."
11.3 Other U.S. State Privacy Rights
If you are a resident of Colorado, Connecticut, Delaware, Indiana, Iowa, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, or Virginia, you have one or more of the following rights, subject to the conditions and exceptions in your state's law:
- Right to confirm whether we process your personal information and access that information.
- Right to correct inaccuracies in your personal information.
- Right to delete personal information you provided or that we obtained about you.
- Right to obtain a portable copy of personal information you provided to us.
- Right to opt out of (i) targeted advertising, (ii) the sale of personal information, and (iii) certain profiling that produces legal or similarly significant effects (we do not currently engage in such profiling).
- Right to limit the processing of sensitive data (where applicable).
- Right to appeal a decision we make regarding your request. To appeal, reply to our written response within sixty (60) days, or contact us using the information in Section 14.
Some states require us to recognize universal opt-out mechanisms such as the Global Privacy Control. Where required, we do so for the browser from which the signal is received.
11.4 Authorized Agents
You may designate an authorized agent to make a request on your behalf. We will require the agent to provide written proof of authorization and may require you to verify your identity directly with us.
11.5 Verification
Before responding to a request, we may need to verify your identity by asking you to confirm information already associated with your account or recent activity (for example, an order number, email on file, or shipping ZIP code). We will not use information collected for verification for any other purpose.
12. Nevada Residents
Nevada law gives Nevada residents the right to direct certain operators of websites and online services not to "sell" their personal information. We do not currently sell personal information as defined under Nevada law. To submit a request, contact the Privacy Officer using the information in Section 14.
13. How to Submit a Privacy Request
You may submit a privacy rights request using any of the following methods:
- Online: Your Privacy Choices
- Email: privacy@beautycarechoices.com
- Phone: (866) 409-7227
- Mail: Privacy Officer, Beauty Care Choices, 2962 Cascade Blvd., Shasta Lake, CA 96019
We will respond to verifiable requests within the timeframes required by applicable law (generally forty-five (45) days, extendable as permitted by law).
14. Privacy Officer and Contact Information
Beauty Care Choices has designated a Privacy Officer who is responsible for our privacy program. Please direct any privacy questions, concerns, or complaints to:
Privacy Officer
Beauty Care Choices
2962 Cascade Blvd.
Shasta Lake, CA 96019
Email: privacy@beautycarechoices.com
Phone: (866) 409-7227
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of the Policy. If we make material changes, we will provide additional notice as required by applicable law (for example, by posting a prominent notice on our site). Your continued use of the Services after the Last Updated date constitutes your acknowledgment of the revised Policy.
16. Mobile Messaging
If you sign up for our SMS/text-message program, your participation is governed by our Mobile Messaging Terms, which describe message frequency, message and data rates, opt-out (STOP) and help (HELP) commands, supported carriers, and other program details. Message frequency varies; message and data rates may apply. Consent to receive SMS messages is not a condition of any purchase, and you may opt out at any time by texting STOP to the program number.
Privacy Policy last updated: May 14, 2026