PRIVACY POLICY

LAST UPDATED: 7/1/25

Graceful Skin Waxing LLC DBA (“Graceful Skin & Body Spa”) (the “Company”, “Website”, "we", "us", or "our") respects your privacy and is committed to protecting it through our compliance with this policy.

This Privacy Policy describes the type of information we may collect from you or that you may provide when you visit https://www.gracefulskinandbodyspa.com/ (the "Site") or otherwise communicate with us regarding the Site (collectively, the "Services") and our practices for collecting, using, maintaining, protecting and disclosing that information. For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy. Personal information is information that identifies you, relates to or describes you. 

If you do not agree with our policies, your choice is not to use our Website. By accessing or using this Website, you agree to this privacy policy. 

This policy applies to information we collect:

  • On this Website.

  • In email, text, and other electronic messages between you and this Website.

  • When you use our products and services.

It does not apply to information collected by:

  • Us offline or on any other website operated by Company or any third party (including our affiliates and subsidiaries); or

  • Any third party [(including our affiliates and subsidiaries)], including through any application or content (including advertising) that may link to or be accessible from or through the Website.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy. We will post the revised Privacy Policy on the Site and update the "Last updated" date. If we make material changes to how we treat our users’ personal information, we will notify you by email and through a notice on the Website home page. You are responsible for ensuring we have an active and deliverable email address for you, and for visiting our Website and this privacy policy to check for updates. 

QUESTIONS OR CONCERNS?

Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have questions or concerns, please contact us at freshfacebygrace@gmail.com.

INFORMATION WE COLLECT FROM YOU

  • Personal information, such as name, postal address, e-mail address, telephone number, comments, and postings, the times you visited the Website and any other identifier by which you may be contacted online or offline (“personal information”).  

  • Details of your visits to our Website, including browsing information, traffic data, location data, logs, and other communication data and the resources that you access and use on the Website.

  • Information about your computer and internet connection, including your IP address, operating system, and browser type.

HOW WE COLLECT INFORMATION

  • Directly from you when you provide it to us.

  • Automatically through automatic data collection as you navigate through the site.

  • From third parties, for example, our vendors or business partners.

INFORMATION WE COLLECT DIRECTLY FROM YOU

  • Contact details including your name, address, phone number, and email.

  • Transaction information including your name, billing address, shipping address, payment confirmation, email address, and phone number.

  • Account information including your username, password, security questions and other information used for account security purposes.

  • Customer support information including the information you choose to include in communications with us.

  • Information that you provide by filling in forms on our Website 

  • Your search queries on the Website.

  • Device data including information about your computer, phone, tablet, or other device you use to access the Services. 

  • Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files.

  • Location data such as information about your device’s location, which can be either precise or imprecise. 

TECHNOLOGIES WE USE FOR AUTOMATIC DATA COLLECTION 

  • Cookies (or browser cookies) are files that are automatically generated when you visit our website and placed on the hard drive of your computer. You may decline browser cookies. However, if you select this setting you may be unable to access certain parts of our Website.

  • Web Beacons are pages of our Website and our emails which may contain small electronic files (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit tracking user activity for website statistics which may be linked to personal information provided by users.

INFORMATION WE OBTAIN FROM THIRD PARTIES 

  • Payment information from our payment processors to process your payment in order to fulfill your orders and provide you with products or services you have requested.

  • When you visit our Site, open or click on emails we send you, or interact with our Services or advertisements, we, or third parties, may collect certain information using online tracking technologies.

HOW WE USE YOUR PERSONAL INFORMATION

  • To present our Website and its content.

  • To provide you with information, products, or services that you request from us.

  • To send you information for marketing and promotional purposes. You can opt out of this targeted marketing.

  • To carry out our obligations and enforce our rights arising from any contracts entered into between us.

  • To notify you about changes to our Website or any products or services we offer or provide through it.

  • To allow speakers and partners to communicate with you, and offer third party products and services.

  • We use your personal information to provide you with customer support and improve our Services.

  • We use your personal information to detect, investigate or take action regarding possible fraudulent, illegal or malicious activity. 

  • To respond to user inquiries/offer support to users. We may process your information to respond to your inquiries and solve any potential issue you might have with the requested service.

  • To evaluate and improve our Services, products, marketing and your experience. We may process your information when we believe it is necessary to identify usage trends, determine the effectiveness of our marketing efforts, and to evaluate and improve our Services, products, marketing, and your experience.

  • If You opt to receive any free resources or purchase any products sold by the Company and consent to receiving emails from us, we will automatically have you receive our free email newsletter. You can unsubscribe anytime if you do not wish to receive this newsletter. We include an “unsubscribe” link at the bottom of every email. If You ever have trouble unsubscribing, You can email freshfacebygrace@gmail.com requesting to unsubscribe from future emails. 

  • For any other purpose with your consent. 

YOUR GENERAL DATA PROTECTION REGULATION (“GDPR”) RIGHTS

The legal basis for which we use your personal information for these data processing activities is our legitimate interest in keeping our website secure, providing effective service and sending you information for marketing purposes.  You will only be added to our email list if you consent to receiving our emails. If you are located within the European Union (“EU”), according to Art. 6 (1) (f) GDPR, you have the following rights.

  • Knowing how long we’ll keep your information.  We will keep you information until you ask us to delete it or we do not need it any longer.

  • You have the right to access or delete your information.

  • You can withdraw consent to the Company's processing of your data.

  • You can file a GDPR related complaint

  • You have the right to limit the personal information that you provide.  

DISCLOSURE OF YOUR INFORMATION

As a general rule, we do not sell, rent, lease, or otherwise transfer any information collected from You. 

We may disclose your personal information to third parties for legitimate purposes and other reasons subject to this Privacy Policy. We do not sell your Personal Information. We will not disclose your name and address, along with the title, description, or subject matter of any materials you have viewed on our Website, unless you opt-in to such disclosure by clicking a checkbox authorizing such disclosure or email us at freshfacebygrace@gmail.com. We may disclose your personal information for circumstances such as: 

  • With third parties who perform services on our behalf (payment processing, data analytics, customer support, cloud storage, fulfillment and shipping).

  • With business, contractors and marketing partners who provide support, services and advertising.

  • When you direct, request us or otherwise consent to our disclosure of certain information to third parties, such as to ship you products or through your use of social media widgets or login integrations, with your consent.

  • Affiliates include our franchisees, any subsidiaries of ours, joint venture partners, or other companies that we control or that are under common control with us.

  • For any other purpose disclosed by us when you provide the information.

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.

  • To enforce or apply our Terms and Conditions and other agreements, including for billing and collection purposes.

  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of our Company, our customers, or others. 

  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

  • When we use Google Analytics. We may share your information with Google analytics to track and analyze the use of the Services. 

  • With your consent. 

PAYMENT INFORMATION

When you make a purchase on the Website, any credit card information you provide as part of your payment information is collected and processed directly by our payment processor. We at no time receive or store your full credit card information.

USER GENERATED CONTENT 

The Services may enable you to post product reviews and other user-generated content. If you choose to submit user generated content to any public area of the Services, this content will be public and accessible by anyone. We are not responsible for the privacy or security of any information that you make publicly available, or for the accuracy, use or misuse of any information that you disclose or receive from third parties.

THIRD PARTY WEBSITES AND LINKS

Our Site may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites. Our inclusion of such links does not, by itself, imply any endorsement of the content on such platforms or of their owners or operators.

CHILDREN’S ONLINE PRIVACY PROTECTION ACT

Our website is not intended to be used by children under 16 years of age, and we do not knowingly collect any personal information about children. If you are the parent or guardian of a child who has provided us with their personal information, you may contact us via our email below to request that it be deleted. If you are under 16, do not use or provide any information on this Website or through any of its features. 

As of the Effective Date of this Privacy Policy, we do not have actual knowledge that we “share” or “sell” (as those terms are defined in applicable law) personal information of individuals under 16 years of age.

DATA SECURITY AND PROTECTING AND RETENTION OF YOUR INFORMATION 

We do our best to protect your personal information but please be aware that no security measures are impenetrable.  We cannot guarantee perfect security.  The transmission of information via the internet is not completely secure and transmission of personal information is at your own risk.  We recommend that you do not share passwords or use insecure channels to communicate confidential information to us. All sensitive information is protected by SSL technology.  

All information you provide to us is stored on our secure servers behind firewalls. Any payment transactions and other information will be encrypted using SSL technology. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Website like message boards. The information you share in public areas may be viewed by any user of the Website.

How long we retain your personal information depends on different factors, such as whether we need the information to maintain your account, to provide the Services, comply with obligations by law, resolve disputes or enforce other applicable contracts and policies. If there is any known data breach we will notify you within 10 business days.

YOUR RIGHTS

Depending on where you live, you may have some or all of the rights listed below in relation to your personal information. However, these rights are not absolute, may apply only in certain circumstances and, in certain cases, we may decline your request as permitted by law.

  • Right to Access / Know: You may have a right to request access to personal information that we hold about you, including details relating to the ways in which we use and share your information.You may also send us an email freshfacebygrace@gmail.com to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

  • Right to Delete: You may have a right to request that we delete personal information we maintain about you.

  • Right to Correct: You may have a right to request that we correct inaccurate personal information we maintain about you.

  • Right of Portability: You may have a right to receive a copy of the personal information we hold about you and to request that we transfer it to a third party, in certain circumstances and with certain exceptions.

  • Restriction of Processing: You may have the right to ask us to stop or restrict our processing of personal information.

  • Withdrawal of Consent: Where we rely on consent to process your personal information, you may have the right to withdraw this consent.

  • Appeal: You may have a right to appeal our decision if we decline to process your request. You can do so by replying directly to our denial.

  • Managing Communication Preferences or Unsubscribe: We may send you promotional emails, and you may opt out at any time by using the unsubscribe option displayed. If you opt out, we may still send you non-promotional emails, such as those about your account or orders that you have made. 

  • Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services.

HOW WE KEEP YOUR INFORMATION SAFE

We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of the personal information we process. However, despite our safeguards and efforts to secure your information, so electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.  Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services with a secure environment.

YOUR CALIFORNIA PRIVACY RIGHTS

If you are a California resident, California law may provide you with additional rights regarding our use of your personal information.The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months (the "right to know"). Once we receive your request and confirm your identity, we will disclose to you the specific information we collected, categories and sources of personal information we collect from you, business purpose for collection of information and categories of businesses that we shared this information with. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions (the "right to delete"). Once we receive your request and confirm your identity, we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider. 

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. However, please know we do not currently sell data triggering that statute’s opt-out requirements. 

To exercise your rights to know or delete described above, please submit a request by emailing us at freshfacebygrace@gmail.com or write to us at Graceful Skin & Body Spa, 100 Madison St. Hoboken, NJ 07030. We will not discriminate against you for exercising any of your CCPA rights.

YOUR NEVADA PRIVACY RIGHTS

Nevada residents who wish to exercise their sale opt-out rights under Nevada Revised Statutes Chapter 603A may submit a request to this designated freshfacebygrace@gmail.com.  However, please know we do not currently sell data triggering that statute’s opt-out requirements.

COMPLIANTS

If you have complaints about how we process your personal information, please contact us using the contact details provided below. If you are not satisfied with our response to your complaint, depending on where you live you may have the right to appeal our decision by contacting us using the contact details set out below, or lodge your complaint with your local data protection authority. 

EMAIL INFORMATION

If you choose to correspond with us through email, we may retain the content of your email messages, your email address, and our responses. We provide the same protections for these electronic communications we employ to maintain information received online, by mail, and by telephone. This also applies when you visit our website, sign up through any of our forms using your email address or make a purchase on this site. We are committed to keeping your email address confidential. We do not sell, rent, or lease our subscription lists to third parties and will not disclose your email address to any third parties except as allowed in the Disclosure Of Your Information section. We will maintain the information you send via email in accordance with applicable federal law. In compliance with the CAN-SPAM Act, all emails sent from our organization will clearly state who the email is from and provide clear information on contacting the sender. In addition, all email messages will also contain concise information on removing yourself from our mailing list so that you receive no further email communication from us. Our emails allow users to opt out of receiving communications from our partners and us by following the unsubscribe instructions at the bottom of any email they receive from us at any time. Users who no longer wish to receive our newsletter or promotional materials may opt out of receiving these communications by clicking on the unsubscribe link in the email.

SECURITY COMMITMENTS 

Graceful Skin Waxing LLC takes the topics of security and privacy very seriously. It is our priority to protect the data we work with. We take the following steps to ensure that data is safe.

Organizational

  • Assign roles and responsibilities

  • Security policies are reviewed and accepted by all relevant team members

Access

  • Limited access to confidential information

Risk

  • Annual risk assessment and vendor review process

DATA BREACH PROCEDURES

We take all necessary precautions to safeguard your personal data and ensure your information remains secure. We utilize online payment systems and adhere to widely accepted security standards to prevent loss or misuse of personal data. However, it’s important to note that no security measure is completely infallible, and no data transmission method can be fully protected against misuse. Therefore, we cannot assure the complete security of any information you send to us. By agreeing to this Privacy Policy, you acknowledge that your personal data could be accessed online globally. We cannot prevent other parties from using or misusing your data.

In the unlikely event that customer data is lost, stolen, or potentially compromised, our policy is to notify our customers via email within 72 hours of becoming aware of the situation. We will also report such incidents to the relevant data protection authority. We will collaborate closely with any affected customers to determine the appropriate next steps, including end-user notifications, necessary patches, and measures to prevent similar occurrences in the future.

CONTACT

For the purpose of applicable data protection laws and if not explicitly stated otherwise, we are the data controller of your personal information. Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please call or email us at your 

freshfacebygrace@gmail.com

Graceful Skin & Body Spa, 100 Madison St. Hoboken, NJ 07030.

Phone: (201) 514-5317