Privacy Policy

Introduction

Welcome to the “Privacy Policy” page. Lean Enterprises, an S-Corporation (hereinafter called We/we”,or “Us/us”or“Our/our”) incorporated in the State of North Carolina (United States of America) doing business as “Zoi Teli’a” and selling cosmetic products [the “Product(s)”] through the Website www.zoitelia.shop. We are committed to protecting your privacy. When you visit, access, and use our Website, you trust us with your data including personal data. In this Privacy Policy, we describe our practices with respect to your data. By reading the Privacy Policy, you will get to know what data we collect, how we use it, and what rights you have in relation to it. Please take some time to read through it carefully, as it is important. We request you to read Privacy Policy along with the “Terms of Use” posted on the Website.

What personal data do we collect about you?

The personal data that we collect depends on the context of your interactions with us and the Website. Briefly stating, we collect the personal data that you voluntarily provide to us including the following:

  1. First Name;
  1. Last Name;
  1. Email Address;
  1. Phone Number;
  1. Payment Information;
  1. Shipping and Billing Addresses.

You may modify your personal data, with the help of account settings.

If we publish your review or feedback of our Product(s) in the form of testimonials on the Website, we may use your first name, last name, personal pictures, personal videos, etc. We may collect this personal data to show the users your use, application of our Product(s), before usage and after usage comparison photos or videos, and the results you achieved. This will be done to make our users believe that the testimonial is genuine. We will use the personal data that you share for the testimonials only for the purpose of the testimonials and not for any other purpose, except when required by a court or government authority. By providing a review, or feedback of our Product(s) and participating in the testimonials, you hereby consent to the usage of your personal data for the purpose of displaying testimonials on the website.

What data is automatically collected when you visit, access, or use our Website?

Some data that we collect about you do not reveal your personal identity. This is called non-personal information. Such data is automatically collected by us when you visit, use, or navigate the Website. Such data may include:

  1. IP address;
  1. website access times;
  1. browser type, and language;
  1. the website users visited before visiting your website;
  1. length of visits to certain pages;
  1. download errors;
  1. page interaction information (such as scrolling, clicks, and mouse-overs);
  1.  Products and/or content viewed or searched for;
  1. operating Systems (OS) running on the user’s device;
  1. download errors;
  1. page response time.

This data is primarily needed to maintain the security and operation of our Website and for our internal analytics and reporting purposes.

For what purposes do we process, or utilize your data?

To make it possible for you to register or signup on the Website by creating a personal user account or personal user profile on the Website, enabling the sign-in or login process, and managing your user account;

  1. To fulfill and manage your purchases of the Product(s) on the Website including the payments made through the Website;
  1. To send an automated response for a user-generated account activity;
  1. To personalize and customize your experience based on your interactions with us;
  1. To help us perform analytics, debug the platform, and conduct research;
  1. To Keep a track of your sessions;
  1. To contact you by email, or other equivalent forms of electronic communication, regarding Website or informative communications related to the Product(s), including the security updates, when necessary or reasonable for their implementation;
  1. To protect our Website as part of our efforts to keep our Website safe and secure, from any suspected activities, to maintain session count, to avoid attacks like DDoS, etc. (for example, for fraud monitoring and prevention);
  1. To enforce our terms, conditions, and policies;
  1. To respond to legal requests and prevent harm to you or to us. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond;
  1. For other business purposes, such as data analysis, identifying usage trends, and evaluating and improving our Website, Product(s), and your experience;
  1. To attend and manage your requests to us;

To otherwise interact with you for any other legitimate purpose or activities.

What is the legal basis for processing your personal data?


We may process personal data under the following conditions:

  1. Consent:

You have given your consent for processing personal data for one or more specific purposes.

  1. Performance of a contract:

Provision of personal data is necessary for the performance of an agreement with you and/or for any pre-contractual obligations thereof.

  1. Legal obligations:

Processing personal data is necessary for compliance with a legal obligation to which you are subject.

  1. Vital interests:

Processing personal data is necessary in order to protect your vital interests or of another natural person.

  1. Public interests:

Processing personal data is related to a task that is carried out in the public interest or in the exercise of official authority vested with us.

  1. Legitimate interests:

Processing personal data is necessary for the purposes of our legitimate interests pursued by us.

In any case, we will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.

Will your data be shared with anyone?

We only share your data with your prior consent, to comply with laws, protect your rights, or fulfill our business obligations. We only share and disclose your data in the following situations or to the following recipients:

  1. Government bodies or courts:

We may share or disclose your data where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal processes, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements). We may disclose your data where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

  1. Service providers:

We may share your data with third-party service providers including consultants, vendors, independent contractors, or agents who perform services for us or on our behalf and require access to such data to perform such services. Such services may include marketing or promotional efforts, customer service, hosting services, payment processing, data analysis, and email delivery. Unless described in this Privacy Policy, we do not share, sell, rent or trade any of your data with third parties for any purpose whatsoever. The Website will be hosted by Shopify. We will share your data with the web developer for handling information storage and safeguarding. We use Shopify Analytics as a Website Analytics service provider. All the payments on the Website will be processed with the help of third-party payment providers as provided by Shopify that including credit cards, PayPal, Zelle, CashApp, etc. For more information, please check https://www.shopify.com/payment-gateways/united-states/shopify-payments.

  1. Business transfers, mergers, or acquisitions:

We may share or transfer your data in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

  1. Affiliates and business partners:

We may share your data with our affiliates and business partners, in which case we will require those affiliates and business partners to comply with this Privacy Policy.

  1. With your consent:

We may disclose your data for any other purpose with your prior consent.

Do we use Website analytics?

Yes, we use Shopify Analytics to monitor and analyze your use of our Website.

What about links to third-party websites and mobile applications on the Website?

The Website will have social media links (Facebook, Twitter, Instagram, LinkedIn, etc.) and links to any other third-party websites or apps. Please note that if you follow a link to any of these websites or apps, such websites or apps will apply different privacy practices for the collection of your personal data and we do not accept any responsibility or liability for the privacy practices of such websites or apps. When you leave our Website, we encourage you to read the privacy policy of every third-party app or website you visit.

How long do we retain your data?

This Website sells cosmetic products and hence, users may repeatedly use this Website for any amount of time on an ongoing basis. Hence, we would retain your data on a continuing basis without deleting it. This is done for your convenience only. However, you may reach out to us at customcare@zoitelia.shop, if you do not want us to retain your data. If you request us to delete your data, we will do our best to delete most of your data. But please remember that it will not be possible for us to delete all of your data. Some data, for example, your payment transaction details, your interaction history, etc. will still be retained by us for record purposes or proof.

How do we secure and protect your data?

We take due care to protect your data. We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of personal data. We take reasonable steps to help protect your data in an effort to prevent the loss, misuse, unauthorized access, disclosure alteration, and destruction. The data you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organizational measures including SSL security designed to secure your data against accidental loss and unauthorized access, use, alteration, or disclosure. In addition, we limit access to personal data on a need-to-know basis to those employees or third parties that have a legitimate business need for such access.

If you are concerned about your data, you have the right to request access to the personal data which we may hold or process about you. You have the right to direct us to correct any inaccuracies in your data free of charge. At any stage, you also have the right to ask us to stop using your personal data for direct marketing purposes. However, please also remember that we cannot guarantee that anything on the internet itself is completely secure. Although we will do our best to protect your data, the transmission of data to and from our Website is at your own risk. You should only access the Website within a secure environment. For more information about security, please go through this page https://www.shopify.com/security.

 How do we transfer your data?

Your data is processed at our operating offices and in any other places where the parties involved (third-party service providers) in the processing are located. It means this data may be transferred to and maintained on devices outside of your state, province, country, or other legal jurisdiction where the data protection laws may differ from those of your jurisdiction. Your consent to this Privacy Policy followed by your submission of such data represents your agreement to the transfer of your data across the borders of your legal jurisdiction. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your data will take place to an organization or a country unless there are adequate controls in place including the security of your data.

How should a minor or child access or use our Website?

In case you are a minor or a child in the jurisdiction, country, or territory in which reside or are domiciled and you are about to access the Website or are accessing the Website, you agree and confirm that you have obtained the permission of your parents or guardians before accessing or using the Website and shall continue to do so under the absolute supervision of your parents or guardians and we shall not be liable to verify your compliance in this regard.

How do we process your payment data?

We will use third-party services for payment processing (e.g., payment processors). We will not store or collect your payment card details. The payment data is provided directly to our third-party payment processors, whose use of your data is governed by their privacy policies. These payment processors adhere to the standards set by PCI-DSS standards as managed by the PCI Security Standards Council. PCI-DSS requirements help ensure the secure handling of payment data. You should contact the payment processor directly for any questions regarding the collection, processing, storage, use, and retention of your payment data. For more information, please check https://www.shopify.com/payment-gateways/united-states/shopify-payments.

Do we use cookies on the Website?

Yes, we use cookies to access, track or store data. Cookies are small pieces of data stored on your computer or mobile device by your web browser. These small files contain a string of characters, to your IP address, giving the browser distinct identification, in order to keep track of your preferences. Among other things, cookies help us improve our Website and your experience. Cookies are used to track your online activity on the Website.

Most web browsers are set to accept cookies by default. If you prefer, you can choose to set your browser to remove cookies and reject cookies. If you set your browser to reject cookies, then you may not be able to access some features or functionalities on our Website. For more information on rejecting cookies, see your browser’s instructions on changing your cookie settings. You can prevent the storage of cookies by choosing a ‘disable cookies” option or another similar option in your browser settings.

As we use Shopify as our website host, our usage of cookies is dependent on Shopify. For more information, please check the page https://www.shopify.com/legal/cookies. When you visit our Website for the first time, you will be provided with an option through a pop-up notice to opt out from providing your cookies or adjust cookie settings.

Do Not Track:

If you are a user from the State of California (USA), you must note that we currently do not recognize or respond to Do Not Track signals. “Do not Track” is a privacy preference that some users can set in certain web browsers.

If you are a citizen or resident of the European Union, what are your rights under the GDPR (General Data Protection Regulation)?

We respect the confidentiality of your personal data. We will provide you with complete support in exercising your rights. You have the right under this Privacy Policy, and by law, if you are within the European Union, to:

  1. Request access to your personal data:

The right to access, update or delete the data we have about you. Whenever made possible, you can access, update or request deletion of your personal data directly by contacting us. This also enables you to receive a copy of the personal data we hold about you.

  1. Request correction of personal data:

You have the right to have corrected any incomplete or inaccurate data we hold about you.

  1. Object to processing of your personal data:

This right exists where we are relying on legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to our processing of your personal data on this ground. You also have the right to object to where we are processing your personal data for direct marketing purposes.

  1. Request erasure of your personal data:

You have the right to ask us to delete or remove your personal data when there is no good reason for us to continue processing it.

  1. Withdraw your consent:

You have the right to withdraw your consent to use your personal data. If you withdraw your consent, you may not be able to purchase our Product(s) or we may not be able to provide you with access to the Website.

How can you exercise your GDPR data protection rights?

You may exercise your rights of access, rectification, cancellation, and opposition by contacting us at customcare@zoitelia.shop. Please note that we may ask you to verify your identity before responding to such requests. If you make a request, we will try our best to respond to you as soon as possible. You have the right to complain to a Data Protection Authority about our collection and use of your personal data. For more information, if you are in the European Economic Area (EEA), please contact your local data protection authority in the EEA.

Do we make updates to this Privacy Policy?

We may update this Privacy Policy from time to time. The updated version will be indicated by the “Last Updated and Effective Date” displayed at the start of the Privacy Policy and the updated version will be effective as soon as it is posted on the Website. If we make substantial changes to this Privacy Policy, we may notify you through an email on the Website. We expect you to read the updated Privacy Policy carefully and only then proceed ahead to use our Website.

How can you contact us?

If you have any questions regarding this Privacy Policy, please contact us at customcare@zoitelia.shop.

Shopping Cart

FREE SHIPPING ON U.S. ORDERS $100 OR MORE!

Great!
X
Scroll to Top
Verified by MonsterInsights