Select Page

Our Privacy Policy

Who are we?

We are Neos Skin Care™, a small independent family-owned owned and operated cosmetic company. We’re located in the southeastern state of Tennessee in the United States where we formulate, hand-produce and offer premium handcrafted products at retail and wholesale as well as an array of cosmetic and aromatherapy consultation services. We currently serve customers and clients across the continental US and Hawaii.

Our website address is: https://neosskincare.com

If you would like to read more about us and learn “Our Story”, you can do so here.

For information regarding payment processes, shipping fees and more, visit our “Our Company Policies” page.

What personal data do we collect and why do we collect it?

We only collect the personal data needed and required for commerce transactions, your registered account (should you set one up) or for engaging and corresponding with you when necessary and what is required when you comment or engage on or through the site. See below for more info.  

Comments On The Site

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website such as with an avatar or profile image, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact Forms

When you contact us using a contact form on the site, we collect the data shown in the contact form and what is logged by our email provider. 

Cookies

As a general protocol standard, when you visit or engage with a website, small data files called cookies are stored on your device and browser. These cookies are designed to hold a modest amount of data specific to a particular client and website, and are accessible either by the web server or the client’s computer. This allows the website’s servers to deliver a page tailored to a particular individual user. Additionally, the page itself may contain some script which is aware of the data in the cookie and therefore is able to carry information from one visit to the website (or related site) to the next if you revisit said website or page. You can learn more about cookies here.

If you leave a comment on our site you may opt-in to save your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you have an account permission and login given by the site owner or administrator which allows you to edit your registered account, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just uploaded or edited. It expires after 1 day.

Embedded content from other websites

Articles and other content on this site may include embedded content (e.g. videos, images, articles, social media links, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We use analytics tools on our site and with our mailing list to gauge engagement with content  and effectiveness of campaigns. These tools help us see dates and times visitors are active on the site, what pages and posts they visit on the site, times spent on the site, frequency of visits, who opens mailings, clicking and opening of links, if content and links are shared on social media, and similar analytical information which helps us with content, site functionality and user engagement. The providers of these analytical tools (Google, WordPress, MailChimp, WooCommerce, etc.) collect data and cookie information as their policies describe. 

Who we share your data with

When we use services from website hosting, themes, site plugins, spam detection, shopping carts, email subscription services, security layers and website tools providers, by default, some data collected from you while visiting on our site is automatically shared with those providers. In addition to those previously mentioned in other sections, necessary data may be shared by default with our webhost provider, Automattic, WordPress, Elegant Themes, WooThemes, WooCommerce,  UpdraftPlus, Yoast and several independent security plugin providers I use to keep you and this site safe, secure and optimized.  

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can automatically monitor and filter spam as well as recognize and/or approve any follow-up comments automatically instead of holding them in a moderation queue. 

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service. Account login attempts may be screened through a security service. 

Your contact information

It is necessary to collect contact information along with some general information when someone purchases merchandise or services from us,  subscribes to one or more of our mailing lists, contacts us through our site or comments on the site. This may include your name, email address, website (when provided), phone number, mailing address, IP address, order information and history, date and time orders were placed, order status, and similar.

Additional Information

We do not collect or store your payment/financial information, credit/debit card numbers or bank information on or off our site. Those are collected and handled by Paypal, either through our site when you checkout or when we send an invoice for off-site ordering and you pay that invoice through Paypal. We never even see your payment/financial information, credit/debit card information or bank information. Paypal’s privacy policy and data collection policies are available at the paypal.com website. We manually enter your name, shipping information and email address as provided with your order or service agreement (for service related clients) into USPS for shipping purposes and track your package through them from the time we print the labels until your package is delivered. That information is collected and stored on the USPS site under our account with them and may be added to our address book on our USPS account. The US Postal Service privacy policies and data collection policies may be found on the usps.com website. We collect your name and email address when you subscribe to our mailing list. This gets shared with our email marketing and newsletter service provider, MailChimp. They store this info on their systems and in our account. MailChimp’s privacy policies and data collection policies may be found on the mailchimp.com website.

How we protect your data

All data you provide to us or that is collected through our site is protected with multiple layers of security provided by our webhost, shopping cart, service providers and security plugins we’ve chosen to use. We realize tech savvy and malicious people can find a way around almost any program or security system if they are determined to do so. We do our best to preempt such behavior and prevent data breaches from happening with the security measures we currently use. We acknowledge awareness that our ability to protect your data is limited. As such, we do not accept responsibility for breaches in data security which is beyond our control or ability to prevent or preempt with the protection tools and means at our disposal. As a user of this site, you acknowledge awareness and acceptance that our ability to protect your data is limited. As such, if you continue to use our site, you agree to not hold us responsible for damages or loss incurred while using our site or engaging with us in any way. 

What data breach procedures we have in place

Should the unthinkable and unintended happen and we are made aware our systems has become compromised in some way, we will work with IT specialists, service providers and other relative parties to rectify the situation as soon as possible. You will be contacted and alerted to any breach or compromise to your data and information you’ve provided to us as is warranted and needed.

What third parties we receive data from

To operate our site and ecommerce, we receive data from Paypal regarding your order. This is generally the same information you provide on our site when placing and order and includes your order, name, mailing address, shipping address and contact information along with notification you have paid the transaction through them. No financial information beyond “Paid/Transaction Completed” is supplied to us.

What automated decision making and/or profiling we do with user data

Aside from the analytics as described above, their only automated decision making and/or profiling we do is a mailing subscription confirmation email, sending an automated email if you order or contact us through the site, and an automated email if you register for an account or edit your account.

We also have a lock-down protocol for registered user accounts and the number of times you may attempt to and fail to sign into that account at one session. If more than our set login attempt limits is made and fails due to the wrong username or password, your account is locked down and not accessible for login or use for a set time frame. This is a security measure we’ve implemented to help prevent a brute-force hacking of your account on our site.

The only automated profiling that may occur on our site at this time is anyone whose email address and/or IP address has been blacklisted for bad behavior and regular screening for spam and spambot activity. In that event, these time and resource wasters are denied access on the site and/or any comments they attempt to make anywhere on the site are quarantined and marked for removal.

Bad Behavior has blocked 216 access attempts in the last 7 days.

error: Content is protected !!
%d bloggers like this: