9.1 Bonjour Skin Ltd is committed to respecting and protecting your privacy
9.2 You Agree and Provide Full Consent when you provide your personal information and by using our website
Your name, email address, phone number, shipping address, and credit or debit card details will only be collected if you agree to sign up for our newsletters or if you contact us via our Contact Form or when you purchase from any of our products from our online store.
All your personal information is safe with us, is kept strictly confidential, not sold, disclosed, reused, rented, or loaned. Your personal information is used exclusively for the purpose of providing you the best experience by accessing our website, analyzing our website traffic data, providing appropriate and relevant advertising and affiliate products, fulfilling your orders and making your buying experience a success.
9.3 What Personal Data Do We Collect, Why We Collect It And Who We Share It With?
What are cookies?
Cookies are text files placed on your computer to collect standard internet information and visitor behavior information. When you visit our website, we may collect information from you automatically through cookies or similar technology. For further information, visit allaboutcookies.org.
- Keeping you signed in
- Understanding how you use our website
- Relevant and specialized advertisements
What type of cookies do we use?
There are a number of different types of cookies, however, our websites use:
Functionality – Our website uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and the location you are in. A mix of first-party and third-party cookies are used.
Advertising – Our website uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. Our website sometimes some limited aspects of this data with third parties for advertising purposes and affiliate marketing products. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown similar advertising based on your browsing patterns on our website.
Affiliate Partners Program – Our website is affiliated and partnered with a few merchants, e-commerce sites and other service providers (Affiliate Partner Programs including Amazon.com, Skimlinks.com). These merchants or Affiliate Partner Programs provide us links to post within our articles on our website related to their specific products. When you click on our affiliate links on our site, the link puts a cookie on your browser to track your clicks and product purchase in order for us to earn a commission.
Comment, login, account registration cookies
If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Purchasing Our Products or Orders via Woocommerce Online Store
When you purchase any of our products, you agree to provide your information such as your full name, shipping address, phone number, and email through our checkout billing or shipping form. The information you provide us with through checkout form will only be used to fulfill your orders by us or by our fulfillment centers, and for our courier companies to update the status of your orders so your orders will be delivered to you by our courier companies.
When placing orders via our checkout, you agree to provide your credit or debit card details in order to complete your payment. You have the option to save or not save your credit or debit card details on our checkout so you won’t have to enter your payment details again when you place an order in the future. We do not hold, save or view your credit or debit card details as eWay (our payment gateway) processes your payment.
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address, and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account with us, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for a number of years or indefinitely for tax and accounting purposes. This includes your name, email address and billing and shipping addresses and order details.
We will also store product comments or reviews if you choose to leave them.
Payment Safety and Security
Please note that your credit or debit card details will never be saved at Bonjour Skin’s website and it will always remain the private property of the cardholder at all times prior, during and after purchasing our items on our website. All of your transactions are processed through our robust, safe, secure and reliable eWay Payment Gateway. eWay payment gateway is used by millions of people daily. eWay is a heavily encrypted third-party payment processor offering SSL encryption to protect your private data.
All customers’ credit or debit card payments must conform and verify their CVV2 (Card Verification Value) 3 digit numbers found at the back of the card during checkout. CVV2 is an important security feature for credit card transactions on the Internet.
Your personal and identity protection is our most important priority. That is why we process all payments through eWay’s robust, safest, secure and reliable online payment gateway that uses Secure Socket Layer (SSL) technology, which makes it really easy for you to pay by credit or debit card payments from anywhere and from any device.
Furthermore, eWAY Payment Gateway is tier-one PCI DSS compliant—as externally audited by Stratsec (QSA)—ensuring the highest security standards set by Visa and MasterCard. Read more about eWay’s robust, safest and secure Payment Gateway.
We take reasonable care to make our website secure. All credit/debit card transactions on this site are processed using eWay, a secure online payment gateway that encrypts your card details in a secure hosted environment.
We will not store your credit/debit card details on our systems as eWay processes it independently of Bonjour Skin Ltd. eWay ensures that all transactions will be fully encrypted and only be used to process card transactions, which you have initiated. To help ensure that your shopping experience is safe, simple and secure Bonjour Skin, and Eway use Secure Socket Layer (SSL) technology.
Furthermore, we take reasonable care, in so far as it is in our power to do so, to keep the details of your order and payment secure, but in the absence of negligence on our part, we cannot be held liable for any loss you may suffer if a third party procures unauthorized access to any data you provide when accessing or ordering from the Site.
Your safety and security are very important to us and therefore we take many active important steps in ensuring the absolute safety of your credit or debit card and personal information.
Who on our team has access to our website?
Members of our team have access to our website and the information you provide us to help fulfill orders, process refunds, and support customer service. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased, and where it should be sent to, and,
- Customer information like your name, email address, and billing and shipping information.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection. Visitor comments may be checked through our automated spam detection service to prevent from receiving any spam messages. However, your email address will not be shown in the comments section.
If you upload images to our website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you send us an email or correspondence via our Contact Forms and by using our email address, your name and your email address will only be visible to us and we will not share your information with any third-parties.
We use Aweber or Mailerlite for our Mailing List. If you sign up to our mailing list your name and email address will be collected.
By joining our mailing list, you also agree to receive email marketing or newsletters such as new posts or articles, we may sometimes send out the new product alerts via email marketing, promotions, giveaways, or articles containing advertising and affiliate product links) from us.
It is, of course, optional to join our mailing list, although it is recommended so you won’t miss out on our posts and future updates.
However, if you have already signed up to our mailing list and would like to unsubscribe, you can simply email us at firstname.lastname@example.org by writing “Unsubscribe” in the subject area and state that you would like to unsubscribe and we will remove your email or information from our mailing list immediately. Alternatively, all newsletters sent via Mailerlite or Aweber will also have an unsubscribe link in the footer.
Google Analytics and Google Adsense
Our website uses Google Analytics and Google Adsense to serve advertisements, to measure data and website traffic data. Google Analytics and Google Adsense advertisements and website traffic measurement understand how our website is used. They analyze data about our website traffic to our sites in order to serve better services and optimize ads services. They also use data about the ads you interact with in order to help advertisers understand the performance of their ad campaigns.
Affiliate Partner Programs
Our website is affiliated and partnered with a few merchants, e-commerce sites and other service providers (Affiliate Partner Programs including Amazon.com, Skimlinks.com). These merchants or Affiliate Partner Programs provide us links to post within our articles on our website related to their specific products. When you click on our affiliate links on our site, the link puts a cookie on your browser to track your clicks and product purchase in order for us to earn a commission.
How Do We Store Our Website Data And Your Data Through Our A2 Hosting Server?
How We Protect Our Website Data and Your Data With A2 Hosting Server?
Our website uses SSL (Secure Socket Layer) certificate encryption for the secure transmission of data provided by A2 Hosting. SSL enhances our website or any website’s security by providing two important features, such as encryption and authentication.
According to A2 Hosting –
Encryption means that the data sent or being transmitted between our website and users are unreadable by others. By accessing our website in connection with SSL (our URL begins with https://), the webserver and web browser exchange encrypted information.
When SSL is installed on a web server, it activates the padlock and the https protocol and enables secure connections from a web server to a browser. SSL is most importantly used to secure credit or debit card details and transactions, data transfers, and logins through a website.
Therefore, your data is securely encrypted and protected.
Authentication means that our visitors can trust us and be confident that they are seeing and using our site with security and encryption implementations.
A2 Hosting also uses SSL certificate encryption along with more advanced security systems in its data center worldwide. A2 Hosting’s advanced security systems are Perpetual Security, which contains several features such as KernelCare, HackScan, Brute Force Defence, and a Dual Firewall that helps proactively protect our website data and your data from malicious actors or attackers.
KernelCare is a software extension installed on all A2 Hosting servers part of Perpetual Security in order to enhance Linux kernel security.
HackScan is an exclusive feature for A2 Hosting Servers and customers that prevents all hacking attempts and helps protect accounts from malware before they can harm our website data.
A2 Hosting Data Centers are also SSAE 16 certified, which is an additional robust security system in place in order to protect our website data and your personal data.
Their worldwide physical data center security measures also include the following:
- The parking lot is securely gated and requires a security key to enter
- They need a security key to be able to enter their data center
- They also need a security key in order to access a fully enclosed locked server rack
- It has video surveillance
A2 Hosting also exclusively own all of their web servers. That means that each server is high powered, ultra-reliable, expertly tuned by their team of engineers and they monitor their web servers 24/7/365. This way we can and you can also be confident that our website, files, and data are securely hosted securely at all times by A2 Hosting.
What Data Breach Procedures We Have In Place?
In case of a data or security breach by malware or attackers, we will take reasonable action as soon as possible.
Step 1: Attempt to contain the breach
The first step would be to contain the breach as much as possible. By acting quickly, we can potentially limit its reach.
We will reset all our passwords, disable network access for affected computers, and recall or delete false information.
By shutting down or separating individual sections of our site should also help. By following this first step should effectively contain the breach, and therefore we can deal with it in isolation.
Step 2: Assess the level of damage
We will investigate the attack, investigate the affected areas of our site, and also assess any damage it has caused. This will help us establish whether there’s any malware left behind, or if there are any remaining cracks in our security system.
- During our investigation process, we will keep the following questions in mind:
- Investigate how sensitive is the breached data
- Was the attack targeted at a particular area of our site?
- Was the attack a result of human error, or something more serious?
- Are any loss of any data can be restored?
Step 3: Notify those who are affected
We will always be transparent and notify everyone by explaining if there was a security breach in our website data. We will send out emails and publish them to our social media.
Step 4: Perform a Security Audit
Once the breach has been dealt with, we will perform an audit of our existing security measures and identify any areas that can be improved to prevent future data breaches or attacks from succeeding.
What rights you have over your data?
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How long we retain your data?
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
We keep contact form entries, analytics records, and customer purchase records for a number of years or indefinitely.