2024 Privacy Policy

Last Update: October 29, 2024

Previous Version: July 20, 2023

Keeping Your Information Safe

Clearstem is committed to keeping your information safe and secure and handling it in accordance with our legal obligations. This Privacy Policy (“Policy”) explains how we collect, use, store, protect, and share your personal information through our services. 

How we handle your information depends on which services you use, and how you use them. This Policy is grouped into these sections: 

About Us and This Policy

Contact Us

Clearstem Skincare LLC (“Clearstem”, “we”, “our” or “us”) is the data controller of the personal information collected through the services (as defined in our Terms of Service (“Terms”).  If you have any questions or comments about this Policy, you can reach out to us at Clearstem, 7440 Girard Ave #9, La Jolla, CA 92037, or email hello@clearstemskincare.com.

Clearstem, 7440 Girard Ave #9, La Jolla, CA 92037
Email: hello@clearstemskincare.com

How This Policy Applies

This Policy applies to you when you use the Services, effective as of the Last Update date above. By using or accessing the Services, you signify that you have read, understand and agree to be bound by this Policy and the Terms.

  • If you have rights under any local laws described under Information about Local Privacy Laws, the applicable section overrides any contrary descriptions elsewhere in the Policy as they relate to you.
  • If you are a current or former employee or contractor of ours, this Policy does not apply to you. You may contact us about your privacy practices and rights at hello@clearstemskincare.com.
  • If we receive your information in our role as a service provider to another business, our agreement with that business governs our use of your information. We will refer any questions or concerns of yours to that business.

Updates

Because the Services change often, this Policy may change over time.  Anytime we modify the Policy, we will post a revised version on the Services and update the Last Update date above.  If we intend to use your personal information in a way that is materially different from the ways described at the time of collection, we will notify you before the material changes to this Policy take effect, so you have time to review them.  If we have your contact information (such as your email or phone number), we will notify you that way.  We may also post a temporary notice on the Services, or notify you by other means to the extent required by law.

We encourage you to review the Last Update date periodically to ensure you’re aware of the current Policy.  By using or accessing the Services, you signify that you have read, understand and agree to be bound by this Policy and the Terms.  

Information We Collect

The table below describes, in a comprehensive manner, the types of personal information that we may collect when you use the Services, whether provided by you, a third party or automatically as you use the Services.

Before you review the comprehensive table, here’s a summary of (1) information you may provide and (2) information about you we may collect from third parties.

Information You Provide

  • Necessary information: To provide you with many of our Services, we need some of your personal information.  Without it, we may not be able to provide all services requested.  For example, your personal information is necessary to establish an Account or make a purchase.
  • Sensitive information: We ask that you not provide us with any sensitive personal information, whether in your Customer Data, Your Content or in your other interactions with us.  If you provide sensitive personal information to us, we use it only for our operational business purposes, and we do not disclose it to others for any other purpose.  We attempt to limit the amount of sensitive personal information we collect.  For instance, if you make a purchase through our Services, your payment information, like your full credit card number and any payment-related security information, is only collected and processed by our payment processor.

Information We Receive from Others

  • Via cookies and similar technology: We and third party partners collect personal information on the Services using cookies, pixel tags or similar technologies.  Our third party partners, such as analytics and advertising partners, may use these technologies to collect information about your online activities over time and across different services.  We may use both session cookies (which are deleted from your device when you exit the Services) and persistent cookies (which remain on your device for longer or until you delete them manually).  We may also receive information about you from our advertising partners where our ads are published on a partner’s service (in which case they may pass along details on a campaign’s success).
  • Inferences: Finally, we may infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics, and we may use this information to build audience or other interest-based groupings, which may not use personal information  (“inferences”).
What we collect How we use it Why we process it Legal basis Retention
Account Data – info you provide when creating an Account We collect, analyze, process, and store your Account data. To create and maintain an Account at your direction. Account & Profile Data is processed as part of performance of a contract. Account lifetime, or as applicable law requires
Contact information – Customer Data like your name, email address, phone number We collect, process, and store the contact information you provide. When we create a Profile, it may contain contact information. We associate your phone number with your Account or Profile when you place calls to interact with our Personas. To send you marketing and transactional emails, and to send you reminders. To create an Account at your direction. For personalized ads. Transactional emails are sent as part of performance of a contract. Marketing communications are sent only if you consent. Account lifetime, or as applicable law requires
Commercial information – your purchases of products or paid Services and payment-related information We store records of how you buy paid Services, which you buy, and truncated information about your payment method. To provide our paid Services to you and ensure valid payment, including through our Payment Processor. Performance of a contract with you when you buy paid Services. Account lifetime, or longer, when required by law or our compliance policies
Activity data – Products you interact with, and when and for how long the activity occurred, including account-related metadata (such as logs of when your account is created, how long you use the Services, etc.) We collect, analyze, process, and store activity data via automated means. For fraud prevention. To improve our Services. For personalized ads. Our legitimate interests in understanding how users interact with and use our Services; and keeping our Services safe and secure. Activity data is monitored to prevent malicious and fraudulent activity and unauthorized use on our Services as part of performance of a contract. Periodically deleted in the ordinary course, or for no longer than Account lifetime, if associated with an active Account
Device and visit information – IP address, device identifiers, user agent, browser identifiers, times of visit, entry and exit paths We collect, process, and store your device information and visit information when you visit our websites or connect with our apps. We do not collect precise location information. For personalized ads. For fraud prevention. To administer your account. Our legitimate interests in keeping our Services safe and secure and to provide a valid and relevant service to our users. For no more than two (2) years, or Account lifetime, if associated with an Account
Feedback and satisfaction data – including Testimonials (as defined in our Terms), ratings, and text feedback on how we can improve our services We process, monitor, review, store, and analyze such content, including via automated means. To improve our Services and ensure your satisfaction. Our legitimate interest in operating, managing, and improving our Services and services. Account lifetime

Security

We and the Services implement technical, administrative and physical security measures to protect your information from unauthorized access, use or disclosure. Still, no data transmission over the Internet is 100% secure, so we cannot promise that your information will remain absolutely secure in all circumstances.  You provide information at your own risk.  We are not responsible for the circumvention by any other party of any privacy settings or security measures we use or provide.

Purposes

We rely on the following purposes to collect and use your information as described in this Policy:

  • Commercial purposes: At times, we process your information to advance your economic interests or our economic interests.  These purposes include our targeted advertising to you and performing the contract that you have with us, as embodied by our Terms, which advance our economic interests and yours.  For instance, if you order products from us, we use your information to complete your payment and provide your product to you.  
  • Business purposes: Most often, we process your information for operational reasons, in a reasonably necessary and proportionate manner (i.e., for business purposes under CCPA).  For instance, we analyze users’ behavior on our services to continuously improve our offerings, we suggest offers we think might interest you and promote our own services, we process information to help keep our members safe and we process data where necessary to enforce our rights, assist law enforcement and enable us to defend ourselves in the event of a legal action.
  • Comply with applicable laws and regulations: We also process your information where it is necessary for us to comply with applicable laws and regulations and evidence our compliance with applicable laws and regulations.  For example, we retain traffic data and data about transactions in line with our accounting, tax and other statutory data retention obligations and to be able to respond to valid access requests from law enforcement.  
  • Consent: From time to time, we may ask for your consent to collect specific information, such as your precise geolocation, or use your information for specific reasons, like messaging your email address or phone number for direct marketing purposes.  In general, you may withdraw your consent by changing your settings (such as browser or device settings) or following instructions provided with information we send you on a consent basis (such as clicking ‘unsubscribe’ in any email or replying ‘STOP’ to any text we send you).  You may always withdraw your consent at any time by contacting us.

    • Disclosures of Information to Others

    As our goal is to provide you with great skincare products and services, we disclose your information to maintain and improve your experience with Clearstem. Here's how and why we exchange personal information with contractors and third parties:

  • Functional Disclosures: We work with contractors who provide services related to the functionality and features of the Services. These services include payment processing, email and hosting services, software development, shipping and fulfillment, data management, and contest administration. We may disclose relevant information to these contractors to enable them to perform their services. However, contractors are not allowed to use your information for any other purpose.
  • For Targeted Advertising: We share information with advertising partners to make the advertising presented to you more relevant to you.  We also market the Services to you through ads facilitated by marketing vendors.  We and our advertising partners use technologies like cookies and data like unique device identifiers, in combination with data collected outside the Services, to show you ads based on your visits to our webpages and to other sites. 

    • We try to limit how our third-party advertising technology vendors use information they collect from you.  Most providers require us to enter contracts that allow them to optimize their ad services and products.  Essentially, they combine any information they may gather about you through our Services with information they receive from their other clients.  This helps them target ads to you on behalf of their other clients, not just us.

    In the past twelve months, we have shared these categories of personal information with third parties to personalize advertising:

    • Device Information (including Personal Identifiers)
    • Commercial Information
    • Internet Activity
    • Geolocation (imprecise)
  • For Legal Reasons: We may disclose personal information in response to subpoenas, court orders, or other legal processes, to protect our rights or defend against legal claims, or as required by law. In certain corporate transactions or events, such as mergers or asset sales, we may also disclose personal information.
  • With Your Consent or at Your Request: We may periodically ask for your consent to disclose your information to third parties for specific purposes. For example, we may offer discounts if you consent to join our mailing list. In such cases, we will explain the purpose and scope of the disclosure.

      • How Long We Retain Your Information

      We retain your information only as long as necessary for the purposes described in this Policy. The retention period depends on the type of information and the specific purposes. For instance, we delete some Internet Activity data when you exit the Services, but we may retain records of your product orders for several years as required by law or contractual obligations.

      Use by Minors

      Clearstem is intended for adult users, and we do not knowingly collect information from anyone under the age of 16. If you are under 16 and have provided us with information, please contact us, and we will promptly delete it.

      How to Control Your Privacy

      In General: We want you to be in control of your information, and you have the following options and tools available to you:

    • Marketing opt-outs: You can opt out of receiving marketing messages and promotions from Clearstem at any time.
    • Disallowing location collection: Your browser or device may offer settings to generalize or obscure the general or precise geolocation it transmits.
    • Exercising rights:  If any of the local privacy laws listed below apply to you, see Requesting Information to exercise your rights. 
    • Personalized ads:  In addition to any choices the Services offer you, there are several ways to exercise choice regarding technologies that are similar to cookies, such as browser storage and plugins (for example, HTML5, IndexedDB, and WebSQL). For example, many popular browsers provide the ability to clear browser storage, typically in the settings or preferences area. See your browser's help function or support area to learn more. Most email clients have settings that allow you to prevent the automatic downloading of images, including pixel tags, and the automatic connection to the web servers that host those images. Other technologies may be cleared from within the application.  For more about targeted advertising, go to the DAA Webchoices Browser Check and NAI Opt Out of Interest-Based Advertising. You can download the AppChoices app to opt out in mobile apps.

      • Information About Local Privacy Laws

      The Services operates from the United States, but this Policy applies worldwide. Our practices generally do not differ based on your location, but your rights and choices depend in part on the law where you live.

      If any of these local privacy laws apply to you, that section overrides any contrary descriptions elsewhere in the Policy as they relate to you.  To exercise any rights described in this section, follow the instructions under Requesting Information.  If you have questions about your rights under other data privacy laws, please contact us

      Requesting Information

      Submitting Requests

      To exercise any rights described in this Policy, please contact us. Your request must:

      • provide sufficient information to identify you and the law that applies to you, such as your name, e-mail address, home or work address, or other information we maintain. 
      • not include social security numbers, driver’s license numbers, third-party account numbers, credit or debit card numbers, or health information.
      Verifying Requests

      We verify requests first, by confirming the source of the request and then by matching the information submitted to the information we maintain.  If your request is unclear or we are unable to authenticate your identity, we will respond with direction on how to remedy the deficiencies, in accordance with law that applies to you.  If we cannot verify the identity of the individual making the request, we may deny it, in full or in part.

      Responses to Requests

      We will respond to your request as quickly as we can, taking into account the nature of your request and the volume of pending requests.  The content of our response will vary with the nature of your request, but will always respond in accordance with any deadlines or requirements specified by the laws that applies to you.

      Under certain circumstances, we may be unable to provide responsive personal information, such as when disclosure would create a substantial, articulable and unreasonable risk to the security of the information, customers’ account with us, or the security of our systems or networks.  We do not disclose account passwords or any other non-personal information that enables access to an account.

      Please understand, however, that we reserve the right to retain an archive of any deleted information, to the extent permitted by law.  We may also retain deidentified or aggregate data derived from information about you.

      Appealing Decisions

      Residents of California, Colorado, Connecticut, Virginia, and other jurisdictions that provide for an appeal mechanism may appeal a decision we have made regarding their requests by contacting us.

      Information for Users in Certain U.S. States

      Exercising your rights: As described in the “How to control your privacy" section of the Policy, all our users have control over their information and can limit what data we process. If you are a resident of California, Colorado, Connecticut, Utah, Virginia or another state with a similar data-privacy law, you may have additional rights that you (or, in certain states, an authorized agent acting on your behalf) can exercise by contacting us, including the right to:

      • Information about the categories and specific pieces of personal information we have collected and disclosed for a business purpose in the last 12 months
      • Access and/or receive a copy of certain personal information we hold about you
      • Correct your personal information
      • Delete certain personal information we hold about you
      • Receive information about the financial incentives that we offer to you, if any
      • Opt out of the processing of your personal information for purposes of profiling in furtherance of decisions that produce legal or similarly significant effects, if applicable
      • You also have the right not to be discriminated against for exercising your rights. You may also have the right to opt out of “sales” of your information and “sharing/processing of your information for targeted advertising.”

      Certain information may be exempt from the requests above under applicable law. For example, we need to retain certain information in order to provide our services to you. We also need to take reasonable steps to verify your identity before responding to a request.  If you are an authorized agent submitting a request on a user’s behalf (where permitted), we may require proof of your written authorization before processing the request.  Depending on applicable law, you may have the right to appeal our decision to deny your request.  

      If you have any questions about these rights, wish to exercise them, or request an appeal, please contact us.

      Additional Information for Users in California

      In addition to the rights described above, consumers residing in California are afforded the right to certain additional information with respect to their personal information under the California Consumer Privacy Act (“CCPA”). If you are a California resident, this section applies to you.

    • Our collection and use of personal information: We collect the following categories of personal information: identifiers (such as your username, the email address you used to sign up, and your phone number if you’ve chosen to provide it); commercial information (a record of what you’ve bought from Clearstem, if anything); financial data (payment information and your history of purchases from Clearstem); internet or other network information (how you interact with the services); location information (because your IP address may indicate your general location); inference data about you (for example, what content you may be interested in); and other information that identifies or can be reasonably associated with you. For more information about what we collect and the sources of such collection, please see the “Information we collect & why we process it” section of the Privacy Policy. To the extent we collect or use sensitive personal information as defined by law (such as the CCPA), we do so in accordance with applicable legal requirements, and we do not use or disclose it other than for purposes for which there is not a right to limit under the CCPA. 
    • We collect personal information for the business and commercial purposes described in the “Information we collect & why we process it” section of the Policy.
    • Disclosure of personal information: We may share your personal information with third parties as described in the “Our disclosures of information to others” section of the Policy. We disclose the categories of personal information mentioned in that section for business or commercial purposes.
    • Because we sell and/or share personal information, you have the right to opt-out of the sale or share of your personal information.  You may use the Do Not Sell or Share My Personal Info link in our homepage footer links.  We are also in the process of updating the Service to automatically honor Global Privacy Control signals.  
      •
    • Additionally, we disclose certain information as outlined in the “Our disclosures of information to others” section of the Policy and you can make choices with respect to your information as outlined in the Policy.
    • We retain personal information as described in the “How long we retain your information” section of the Policy. 

      • California’s “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties, as defined under applicable law, for their direct marketing purposes. We only share your personal information with third-parties for their own direct marketing purposes with your consent and, if you have consented, only until you withdraw your consent.

      Information for Users in the European Union, the UK, and Switzerland

      Overview: As described in the “How to control your privacy" section of the Policy, all our users have control over their information and can limit what data we process. In addition to these rights, users residing in the European Union, the UK and Switzerland are afforded the right to certain additional information with respect to their personal information under the GDPR.  If you reside in any of those jurisdictions, this section applies to you.

      • Data retention and destruction: We retain personal information until we determine it is no longer needed for the processing purposes for which we collected or retained it or for legal compliance.
      • Exercising your rights: All our users have control over their information and can directly edit or delete information from their account and limit what data we process. Users in the European Union and Switzerland have additional rights that you can exercise by contacting us. Those rights include:
        • Right of access to your personal data
        • Right to rectify your personal data if they are incorrect
        • Right to erase your personal data
        • Right to limit the processing of your personal data
        • Right to the portability of your personal data
        • Right to object to the processing of your personal data
        • Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal.

      Additionally, you may contact Clearstem’s Privacy Officer by contacting us.

      Information for Users in Canada

      Overview: As described in the “How to control your privacy" section of the Policy, all our users have control over their information and can limit what data we process. In addition to these rights, users residing in Canada are afforded the right to certain additional information with respect to their personal information under the Personal Information and Electronic Documents Act (PIPEDA). If you are a Canadian resident, this section applies to you.

      • Exercising your rights: Users in Canada have additional rights that you can exercise by contacting us. Those rights include:
        • Right of access to your personal data
        • Right to rectify your personal data if they are incorrect
        • Right to withdraw consent. Withdrawing consent does not affect the lawfulness of processing based on consent before withdrawal
        • Right to file a complaint regarding the processing of your personal data with the Office of the Privacy Commissioner of Canada

      Additionally, you may contact Clearstem’s Privacy Officer by contacting us.

      Notice of Financial Incentive

      From time to time, we may offer you promotional pricing or discounts in exchange for enrolling in our SMS or email marketing messages. By confirming enrollment, you consent to receive our SMS or email messages until you opt-out, including any discount codes we offered you. The specific terms of any offer are disclosed at the time the offer is extended. To opt-in to emails, a consumer must enter their email address into the form and submit it. To opt-in to SMS messages, a consumer must enter their phone number and reply Y to the auto-generated message. To opt out of future emails, unsubscribe from our marketing emails by using the unsubscribe link in the email footer at any time. To opt out of future SMS, reply "STOP" to any of our SMS.