Last updated: July 26, 2020
Table of Contents
- How to Contact Us
- Users Outside of the United States
- Personal Information We Collect
- Cookies and Other Technologies
- How We Use Your Personal Information
- How We Share Your Personal Information
- Third-Party Websites
- Your Choices
- Security of Personal Information
- Data Retention
- Notice to California Residents
How to Contact Us
2350 E. Germann Rd suite 32
Chandler, AZ 85286
Contact Us: https://costco.zaaina.com/pages/contact-us
A Note About Children
The Services are not directed to, and we do not knowingly collect personal information from, anyone under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information from our files as soon as reasonably practicable. We encourage parents with concerns to contact us.
A Note to Users Outside of the United States
Personal Information We Collect
Information You Provide to Us. Personal information you may provide to us through the Site or Services or otherwise communicate to us may include:
- Account Registration. When you create an account to log into our network (“Account”), we may collect information such as, but not limited to, your first and last name, email and mailing addresses, phone number and password.
- Purchases. If you sign up for a subscription or make a purchase, we, or our third-party payment processor, will collect your transaction details and other information needed to process and fulfill your order, including your credit card type, credit card number, expiration date, security code, billing address, and delivery address.
- Contact Information. We collect your contact details (such as, but not limited to, your name, email and mailing addresses, phone number and professional title) when you provide it to us through the Site, the Services or otherwise, including by signing up for our newsletter.
- Feedback. If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content included in the communication.
- Survey Data. If you participate in one of our surveys, such as our online Skincare Quiz, we will collect your responses to those surveys, which may include information about your age range, skin type, skin care routine, interests and preferences.
If you choose to login to the Services via a third-party platform or social media network, or otherwise connect your account on the third-party platform or network to your account through the Services, we may collect information from that platform or network. For example, this information may include your Facebook username, user ID, profile picture, cover photo, and networks to which you belong (e.g., school, workplace). You may also have the opportunity to provide us with additional information via the third-party platform or network, such as a list of your friends or connections and your email address. You can read more about your privacy choices in the “Third-party platforms or social media networks” portion of the “Your Choices” section below.
Information Collected via Technology. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and activity occurring on or through the Sites and other online services. The information that may be collected automatically includes:
- Device Data, such as your computer or mobile device operating system type and version number, manufacturer and model, device identifier (such as the Google Advertising ID or Apple ID for Advertising), browser type, screen resolution, IP address, the website you visited before browsing to our Site, and general location information such as city, state or geographic area; and
- Online Activity Data, such as information about your use of and actions on the Sites, including pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and length of access.
Our service providers and business partners may collect this type of information over time and across third-party websites and mobile applications.
Information Collected from Others. We may receive personal information about you from third-party sources. For example, a business partner may share your contact information with us if you have expressed interest in learning specifically about our products or services, or the types of products or services we offer. We may obtain your personal information from other third parties, such as marketing partners or publicly available sources.
- Google Analytics. We use Google Analytics for this purpose. Google Analytics uses its own cookies. You can find out more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our websites by downloading and installing the browser plugin available here.
- Flash Cookies. When we post videos, third parties may use local shared objects, known as flash cookies to store your preferences for volume control or to personalize certain video features. Flash cookies are different from cookies because of the amount and type of data and how the data is stored.
- Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
How We Use Your Personal Data
To operate the Services. We may use your personal information to:
- provide, operate and improve the Service
- provide information about our products and services
- establish and maintain your user profile on the Service
- facilitate your ability to login to the Services via third-party identity and access management providers, such as Facebook
- fulfill any order(s) you place with us, including to facilitate shipping and returns
- communicate with you about the Service, including by sending you announcements, updates, security alerts, and support and administrative messages
- operate and communicate with you about events or contests in which you participate
- understand your needs and interests, and personalize your experience with the Services and our communications
- provide support and maintenance for the Services
- respond to your requests, questions and feedback
To send you marketing and promotional communications. We may send you Zaaina related marketing communications as permitted by law. You will have the ability to opt out of our marketing and promotional communications as described below.
To serve advertisements. We work with advertising partners to display advertisements on the Services. These advertisements are delivered by our advertising partners and may be targeted based on your use of the Services or your activity elsewhere online. To learn more about your choices in connection with advertisements, please see the section below titled “Targeted online advertising.”
To display user testimonials and feedback. We often receive testimonials and comments from users who have had positive experiences with our Services. We occasionally publish such content. When we publish this content, we may identify our users by their first and last name and may also indicate their home city. We obtain the user’s consent prior to posting his or her name along with the testimonial. In addition, we may post user feedback on the Site from time to time. We will share your feedback with your first name and last initial only. If we choose to post your first and last name along with your feedback, we will obtain your consent prior to posting you name with your feedback. If you make any comments on a blog or forum associated with our Site, you should be aware that any personal data you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these blogs and forums.
To create anonymous, aggregated or de-identified data. We may create anonymous, aggregated or de-identified data records from your personal information and other individuals whose personal information we collect. We make personal information into anonymous, aggregated or de-identified data by excluding information (such as your name) that makes the data personally identifiable to you. We may use this data and share it with third parties for our lawful business purposes.
For compliance. We may use your personal information to:
- comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities
- protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims)
- audit our internal processes for compliance with legal and contractual requirements and internal policies
- enforce the terms and conditions that govern the Services
- prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft
How We Share Your Personal Information
Service Providers. We may share your personal information with third-party service providers to: provide you with the Services that we offer you, including through our Site; to conduct quality assurance testing; to facilitate creation of accounts; to provide technical support; and/or to provide other services to the Company. These third-party service providers are required not to use your personal information other than to provide the services requested by Company.
Third-Party Companies. We may enter into agreements with business partners, such as companies that aggregate consumer data to facilitate advertising. We do not share California residents’ personal information in this manner.
Advertising Partners. When we use third-party cookies and other tracking tools, our advertising partners may collect information from your device to help us analyze use of the Service, display advertisements on the Service and advertise the Service (and related content) elsewhere online.
Third-Party Platforms and Social Media Networks. If you have enabled features or functionality that connect the Service to a third-party platform or social media network, we may disclose the personal information that you authorized us to share. We do not control the third-party’s use of your personal information.
Compliance. We may share personal information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance purposes described above.
Your Choices Regarding Your Information.
You have several choices regarding use of information on our Services:
- Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Site may not work properly. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org. Similarly, your browser settings may allow you to clear your browser web storage.
- Access or Update Your Personal Information. You may change any of your personal data in your Account by editing your profile within your Account or by sending an email to us at the email address set forth above. You may request deletion of your personal data by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain your information for fraud or similar purposes.
- Third-Party Platforms or Social Media Networks. If you choose to connect to the Services via a third-party platform or social media network, you may have the ability to limit the information that we may obtain from the third-party at the time you login to the Services using the third-party’s authentication service or otherwise connect your account. Subsequently, you may be able to control your settings through the third-party’s platform or service. For example, you may access and change your settings through the Facebook settings page for Apps and Websites. If you withdraw our ability to access certain information from a third-party platform or social media network, that choice will not apply to information that we have already received from that third-party.
Targeted Online Advertising
Some of the business partners that collect information about users’ activities on or through the Service may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.
Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.
If you choose to opt-out of targeted advertisements, you will still see advertisements online, but they may not be relevant to you. Even if you do choose to opt out, not all companies that serve online behavioral advertising are included in this list, so you may still receive some cookies and tailored advertisements from companies that are not listed.
Security of Personal Information
The security of your personal information is important to us. We employ a number of organizational, technical and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes.
To determine the appropriate retention period for personal information, we may consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Notice to California Residents
We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal Information, and of the rights and choices we offer California residents regarding our handling of the personal information.
Personal Information We Collect, Use and Share
|Personal information we collect||CCPA-defined categories||Sources of personal information||Purposes for which we may collect and use the personal information||Data Sharing|
Protected Classification Characteristics
|You||To operate the Services
To send you marketing and promotional communications
|Shared with third-party platforms at your direction|
Information You Provide to Social Media Platforms
Professional or Employment Information
|To operate the Services
To send you marketing and promotional communications
To display user testimonials and feedback
|Shared with third-party platforms at your direction|
Online Activity Data
Internet or Network Information
|To operate the Services
To send you marketing and promotional communications
To display advertisements
|Collected directly by advertising partners|
California Residents’ Privacy Rights
Except as excluded from the scope of this notice above, the CCPA grants California residents the following rights.
- Information. You can request information about how we have collected, used and shared and used your personal information during the past 12 months. We have made this this information available to California residents without having to request it by including it in this notice, in the above chart.
- Access. You can request a copy of the personal information that we maintain about you.
- Deletion. You can ask us to delete the personal information that we collected or maintain about you.
Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you.
You are entitled to exercise the rights described above free from discrimination.
How to Submit a Request. To request access to or deletion of personal information:
- visit https://www.costco.zaaina.com/pages/contact-us
Identity verification. The CCPA requires us to verify the identity of the individual submitting a request to access or delete personal information before providing a substantive response to the request. We may attempt to verify your identity by asking you to confirm the information that we have on file about you or your interactions with us. Where we ask for additional personal information to verify your identity, we will only use it to verify your identity or your authority to make the request on behalf of another consumer.
Authorized agents. California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have written authorization confirming such authority.
|Statutory Category||Data Elements within the Category|
|Commercial Information||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.|
|Education Information||Personal information from an educational record, which could include: a student’s name, the names of the student’s parent or other family members, the address of a student or student’s family, a student’s personal identifier (e.g., SSN, student number), other indirect identifiers of the student (e.g., date of birth, place of birth, mother’s maiden name), other information that, alone or in combination, is linked or linkable to a specific student that would allow a reasonable person in the school community, who does not have personal knowledge of the relevant circumstances, to identify the student with reasonable certainty, or information requested by a person who the educational agency or institution reasonably believes knows the identity of the student to whom the education record relates.|
|Financial Information||Bank account number, debit or credit card numbers, insurance policy number, and other financial information.|
|Identifiers||Real name, alias, postal address, unique personal identifier, customer number, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.|
|Inferences||The derivation of information, data, assumptions, or conclusions from any other category of Personal Information to create a profile about a person reflecting the person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities and aptitudes.|
|Internet or Network Information||Browsing history, search history, and information regarding a person’s interaction with an Internet website, application, or advertisement.|
|Online Identifiers||An online identifier or other persistent identifier that can be used to recognize a person, family or device, over time and across different services, including but not limited to, a device identifier; an Internet Protocol address; cookies, beacons, pixel tags, mobile ad identifiers, or similar technology; customer number, unique pseudonym, or user alias; telephone numbers, or other forms of persistent or probabilistic identifiers (i.e., the identification of a person or a device to a degree of certainty of more probable than not) that can be used to identify a particular person or device.|
|Physical Description||An individual’s physical characteristics or description (e.g., hair color, eye color, height, weight).|
|Professional or Employment Information||This term is not defined in the CCPA, but likely includes any information relating to a person's current, past or prospective employment or professional experience (e.g., job history, performance evaluations).|
|Protected Classification Characteristics||Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).|
|Sensory Information||Audio, electronic, visual, thermal, olfactory, or similar information.|
Online Tracking Opt-Out Guide
Like many companies online, we may use services provided by Google, Facebook and other companies that use tracking technology. These services rely on tracking technologies – such as cookies and web beacons – to collect directly from your device information about your browsing activities, your interactions with websites, and the device you are using to connect to the Internet. There are a number of ways to opt out of having your online activity and device data collected through these services, which we have summarized below:
- Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
- Blocking advertising ID use in your mobile settings. Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
- Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery, uBlock Origin, or DuckDuckGo, and configuring them to block third party cookies/trackers.
- Platform opt-outs. The following advertising partners offer opt-out features that let you opt-out of use of your information for interest-based advertising:
- Google: https://adssettings.google.com
- Facebook: https://www.facebook.com/about/ads
- Outbrain: https://my.outbrain.com/recommendations-settings/home
- Advertising industry opt-out tools. You can also use these opt-out options to limit use of your information for interest-based advertising by participating companies:
- Digital advertising Alliance: http://optout.aboutads.info
- Network Advertising Initiative: http://optout.networkadvertising.org/?c=1
Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt-out on every browser and device that you use.