• It looks like you're visiting from

    Shop in EUR € and get FREE SHIPPING on orders over €50.

Recently Added Items
    Grand Total -

    Privacy Policy

    For the purpose of the Data Protection Act 2018 (the Act) and the EU General Data Protection Regulation 2016/679 (the GDPR), the data controller is Cult Beauty Limited (company no. 6195011), having its registered office at 77 Kingsway, London WC2B 6SR, United Kingdom (“Company/we/us”).

    We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions or you would like to make a request to exercise any of your legal rights, please contact the DPO via privacy@cultbeauty.co.uk. At Cult Beauty we are committed to protecting your privacy. This Privacy Policy sets out the privacy practices of the Company. Please take the time to review this Privacy Policy carefully as it tells you how your personal information will be processed when you use the Cult Beauty website (the "Site") and our services. 

    Cult Beauty wants to offer you the best possible internet experience; consequently, additional functions, features, products or services are incorporated into the Site from time to time. This, and our commitment to protecting the privacy of your personal information, may result in periodic changes to this Privacy Policy. As a result, please remember to refer back to this Privacy Policy regularly.

    Any questions regarding our Privacy Policy should be directed to Cult Beauty’s Privacy Policy Manager at privacy@cultbeauty.co.uk or alternatively see the Contact Us page on this Site. Date of last update: November 2019.



    WHAT DO WE COLLECT AND HOW DO WE USE YOUR PERSONAL INFORMATION?




    NON-PERSONAL INFORMATION


    We may automatically collect non-personal information about you such as the type of internet browsers you use or the site from which you linked to our Site. You cannot be identified from this information and it is only used to assist us in providing an effective service on our Site. We may from time to time supply the owners or operators of third party sites from which it is possible to link to our Site with information relating to the number of users linking to our Site from their sites. You cannot be identified from this information.



    COOKIES



    We may store some information (commonly known as a “cookie”) on your computer when you look at our Site. This information facilitates your use of our Site and helps us to understand how our Site is used. You can erase or block some cookies from your computer if you want to (your help screen or manual should tell you how to do this), but certain Cult Beauty services may not work correctly or at all if you set your browser not to accept cookies. Please refer to our Cookie Policy for detailed information.



    MARKETING AND COMMUNICATION



    It is very important to us that we provide you with the highest level of service. In order to help us do this, from time to time we may contact you using one of the contact methods you have provided, with details of our newsletters, surveys, products and services which we think may be of interest to you, as well as relevant advertising messages. If at any time you do not wish to receive emails from Cult Beauty, please click the 'unsubscribe' link included in the footer of every marketing email we send. Alternatively, send an e-mail message titled "unsubscribe" to info@cultbeauty.co.uk. Please note that active customers will continue to receive order and account communications from us.



    LEGAL BASIS FOR USING YOUR INFORMATION?



    Cult Beauty only uses or shares your personal information only where we have a proper reason to do so. These reasons are:

    • Contract - your personal information is processed in order to fulfil a contractual arrangement e.g. in order to send you your Order
    • Consent – where you agree to us using your information in this way e.g. for storing your payment card details
    • Legitimate Interests - this means the interests of Cult Beauty in managing our business to allow us to provide you with the best products and service in the most appropriate way e.g. to manage our stock levels, for business development and risk management
    • Legal Obligation – where there is statutory or other legal requirement to use or share the information e.g. when we have to use your information for law enforcement purposes or statutory compliance

    Here is a list of the ways that we may use your personal information, and which of the reasons described above we rely on to do so. Where we list legitimate interests as a reason, we also describe below what we believe these legitimate interests are:


    WHO WE SHARE YOUR INFORMATION WITH AND WHY


    Other than the disclosures referred to in this policy, we will not disclose any personal information without your permission unless we are legally entitled or obliged to do so (for example, if required to do so by Court Order or for the purposes of prevention of fraud or other crime). We will only disclose and/or transfer your personal information to a third party having ensured that steps have first been taken to ensure that your privacy rights continue to be protected. Cult Beauty may disclosure or transfer personal information as part of a reorganisation or a sale of the assets of a Cult Beauty.

    Cult Beauty works with a number of national and international trusted suppliers, individuals, agencies and businesses in order to provide you the high quality goods and services you expect from us such as delivery companies, fraud prevention agencies, beauty and cosmetic brands and market research companies amongst others. Some examples of the categories of third parties with whom we share your data are:



    SUPPLIER PARTNERS



    Cult Beauty works with a number of trusted partners who supply products and services on our behalf. We will only hold the minimum amount of personal information needed in order to fulfil the orders you place or for them to provide a service on our behalf.

    DELIVERY AND LOGISTICS PARTNERS


    In order for you to receive your goods, Cult Beauty works with a number of delivery and logistics partners. We only pass limited information to them in order to ensure successful delivery of your order.

    IT COMPANIES


    Cult Beauty works with businesses and individuals who support our Site and business systems.

    MARKETING COMPANIES


    Cult Beauty works with marketing companies who help us manage our electronic communications with you or carry out surveys, analytics, and product reviews on our behalf.

    PAYMENT PROCESSING COMPANIES


    Cult Beauty works with trusted third party payment processing providers in order to securely take and manage payments.

    KEEPING OUR RECORDS ACCURATE


    We aim to keep our information about you as accurate as possible. If you would like to review or change the details you have supplied us with, or you would like to remove your published Submission from the Site you may do so at any time by using the Contact Us page on this Site.

    SECURITY


    You should be aware that the internet is an insecure environment. We have implemented technology and employee policies to help safeguard your privacy from unauthorised access and improper use. We will continue to update these measures, as appropriate, when new technology becomes available.

    THIRD PARTY SITES AND SOCIAL MEDIA


    We cannot be responsible for the privacy policies and practices of other third party sites (including but not limited to Facebook, YouTube, Twitter), or for advertisers on our site, even if you access them using links from our Site and we recommend that you check the policy of each site you visit. If you linked to our Site from a third party site, we cannot be responsible for the privacy policies and practices of the owners or operators of that third party site and we recommend that you check the policy of that third party site and contact its owner or operator if you have any concerns or questions. Unless expressly stated, we are not agents for these third party sites or for any third party advertisers on our Site, nor are we authorised to make representations on their behalf.

    MATCHME TERMS & CONDITIONS & PRIVACY POLICY

    Terms and Conditions

    Please read these Terms and Conditions ("Terms", "Terms and Conditions") carefully before using the MIME “Flawless by MIME” mobile applications and website and any other MIME- related sites, communications, capabilities and services (collectively, the "Service") operated by MIME, Inc. ("us", "we", or "our").

    Your access to and use of the Service is conditioned upon your acceptance of and compliance with these Terms. These Terms apply to all visitors, users and others who wish to access or use the Service.

    By accessing or using the Service in any manner you agree that (1) you have read and familiarized yourself with this Agreement, (2) you understand the Agreement, and (3) you are bound by the Agreement in your use of the Website. You are entering into this Agreement with MIME, Inc. to be bound by these Terms. If you disagree with any part of the terms then you do not have permission to access the Service.

    Modification of These Terms and Conditions

    We reserve the right at any time, at our sole discretion, to change or otherwise modify the Agreement without prior notice, and such changes will be effective immediately upon posting. Your continued access or use of the Website signifies your acceptance of the updated or modified Agreement. Unless otherwise indicated, any new material added to the Website will also be subject to the Agreement. Be sure to return to this page periodically to review the most current version of the Agreement.

    Who Can Use the Website

    The Service are not intended to be used by persons under the age of 18 years old. If you are under the age of 18 years old, please do not use the Service offered by us. If you are submitting information for a business entity, by doing so, you represent that you have the authority to bind that business entity to the Agreement. If you are using the Services or logging into an account assigned to you by an administrator, such as your employer, additional terms may apply to your use of the Services and Website. In addition, your administrator may be able to access or disable your account. We may, in our sole and absolute discretion, refuse to allow use of the Service or accept a person’s or entity’s information and may, at any time, refuse to permit a person’s, or entity’s, continuing use of the Service for any reason or for no reason, in our sole discretion.

    Business Uses of our Services

    If you are using our Services on behalf of a business, that business accepts these terms. It will hold harmless and indemnify MIME, Inc. and its affiliates, officers, agents, and employees from any claim, suit or action arising from or related to the use of the Services or violation of these terms, including any liability or expense arising from claims, losses, damages, suits, judgments, litigation costs and attorneys’ fees.

    Purchases

    If you wish to purchase any product or service made available through the Service ("Purchase"), you may be asked to supply certain information relevant to your Purchase including, without limitation, your credit card number, the expiration date of your credit card, your billing address, and your shipping information.

    You represent and warrant that: (i) you have the legal right to use any credit card(s) or other payment method(s) in connection with any Purchase; and that (ii) the information you supply to us is true, correct and complete.

    The service may employ the use of third party services for the purpose of facilitating payment and the completion of Purchases. By submitting your information, you grant us the right to provide the information to these third parties subject to our Privacy Policy located at https://www.cultbeauty.co.uk/privacy-policy

    We reserve the right to refuse or cancel your order at any time for reasons including but not limited to: product or service availability, errors in the description or price of the product or service, error in your order or other reasons.

    We reserve the right to refuse or cancel your order if fraud or an unauthorized or illegal transaction is suspected.

    Privacy Policy

    The MIME Privacy Policy governs the use of information collected from or provided by you through the Website. With respect to any individual whose personal information is provided by you to us, you represent to Flawless that you have obtained all necessary consents for the processing of such personal information contemplated by the services you are using, including the transfer of such data to the United States or other countries whose laws may not provide the same level of protection for the personal data as the laws of the country of origin of such individual.

    We believe in protecting your privacy. Please click here to review our current Privacy Policy, which also governs your use of the Website and all other websites, pages, accounts and other electronic media owned or controlled by us, to understand our practices.

    Security

    Registered Users are responsible for the protection of their account numbers, customer name, and password associated with Internet access to all Website and Interactive Areas. In the event of any unauthorized access to your account, you must immediately notify MIME; however, MIME is not responsible or liable for damage of any kind as a result of any unauthorized access. To protect yourself from unauthorized access to your account information, MIME highly recommends that you change your password frequently and do not share your password with anyone.

    Availability, Errors and Inaccuracies

    We are constantly updating product and service offerings on the Service. We may experience delays in updating information on the Service and in our advertising on other web sites. The information found on the Service may contain errors or inaccuracies and may not be complete or current. Products or services may be mispriced, described inaccurately, or unavailable on the Service and we cannot guarantee the accuracy or completeness of any information found on the Service.

    We therefore reserve the right to change or update information and to correct errors, inaccuracies, or omissions at any time without prior notice.

    Content

    Our Service allows you to post, link, store, share and otherwise make available certain information, text, graphics, videos, or other material ("Content"). You are responsible for the Content that you post on or through the Service, including its legality, reliability, and appropriateness.

    By posting Content on or through the Service, You represent and warrant that: (i) the Content is yours (you own it) and/or you have the right to use it and the right to grant us the rights and license as provided in these Terms, and (ii) that the posting of your Content on or through the Service does not violate the privacy rights, publicity rights, copyrights, contract rights or any other rights of any person or entity. We reserve the right to terminate the account of anyone found to be infringing on a copyright.

    You retain any and all of your rights to any Content you submit, post or display on or through the Service and you are responsible for protecting those rights. We take no responsibility and assume no liability for Content you or any third party posts on or through the Service. However, by posting Content using the Service you grant us the right and license to use, modify, publicly perform, publicly display, reproduce, and distribute such Content on and through the Service. You agree that this license includes the right for us to make your Content available to other users of the Service, who may also use your Content subject to these Terms.

    MIME, Inc. has the right but not the obligation to monitor and edit all Content provided by users.

    Accounts

    When you create an account with us, you guarantee that you are above the age of 18, and that the information you provide us is accurate, complete, and current at all times. Inaccurate, incomplete, or obsolete information may result in the immediate termination of your account on the Service.

    You are responsible for maintaining the confidentiality of your account and password, including but not limited to the restriction of access to your computer and/or account. You agree to accept responsibility for any and all activities or actions that occur under your account and/or password, whether your password is with our Service or a third-party service. You must notify us immediately upon becoming aware of any breach of security or unauthorized use of your account.

    We reserve the right to refuse service, terminate accounts, remove or edit content, or cancel orders in our sole discretion.

    Copyright Policy

    We respect the intellectual property rights of others. It is our policy to respond to any claim that Content posted on the Service infringes on the copyright or other intellectual property rights ("Infringement") of any person or entity.

    If you are a copyright owner, or authorized on behalf of one, and you believe that the copyrighted work has been copied in a way that constitutes copyright infringement, please submit your claim via email to copyright@getmime.com, with the subject line: "Copyright Infringement" and include in your claim a detailed description of the alleged Infringement as detailed below, under "DMCA Notice and Procedure for Copyright Infringement Claims"

    You may be held accountable for damages (including costs and attorneys' fees) for misrepresentation or bad-faith claims on the infringement of any Content found on and/or through the Service on your copyright.

    DMCA Notice and Procedure for Copyright Infringement Claims

    You may submit a notification pursuant to the Digital Millennium Copyright Act (DMCA) by providing our Copyright Agent with the following information in writing (see 17 U.S.C 512(c)(3) for further detail):

    • an electronic or physical signature of the person authorized to act on behalf of the owner of the copyright's interest;
    • a description of the copyrighted work that you claim has been infringed, including the URL (i.e., web page address) of the location where the copyrighted work exists or a copy of the copyrighted work;
    • identification of the URL or other specific location on the Service where the material that you claim is infringing is located;
    • your address, telephone number, and email address;
    • a statement by you that you have a good faith belief that the disputed use is not
    • authorized by the copyright owner, its agent, or the law;
    • a statement by you, made under penalty of perjury, that the above information in your
    • notice is accurate and that you are the copyright owner or authorized to act on the copyright owner's behalf.
    • You can contact our Copyright Agent via email at copyright@getmime.com.
    • Intellectual Property
    • Except for public domain material, the Service is protected by intellectual property laws, including U.S. copyright laws. The Service and its original content (excluding Content provided by users), features and functionality are and will remain the exclusive property of MIME, Inc. and its licensors. The Service is protected by copyright, trademark, and other laws of both the United States and foreign countries. Our trademarks and trade dress may not be used in connection with any product or service without the prior written consent of MIME, Inc.

    Copyright and Trademark Notices

    All trademarks, trade names, logos, images, typefaces, graphics, service marks and trade dress displayed on the Sites (collectively, the “Marks”) are the property of MIME, Inc. or its licensors, content providers or other third parties. Nothing in these Terms and Conditions or on the Service shall be construed as granting, by implication, estoppel or otherwise, any license or right to use any Mark without the prior written consent of MIME, Inc. or the owner of the Mark. In addition, the look and feel of the Service and Website, including all page headers, custom graphics, button icons and scripts, is the service mark, trademark and/or trade dress of MIME, Inc. and may not be copied, imitated or used, in whole or in part, without the prior written permission of MIME, Inc. All other trademarks, registered trademarks, product names and company names or logos mentioned in the Website are the property of their respective owners. Reference to any products, services, processes or other information, by trade name, trademark, manufacturer, supplier or otherwise, does not constitute or imply endorsement, sponsorship or recommendation thereof by MIME, Inc.

    If you are aware of an infringement of either your brand or our brand, please let MIME, Inc. know by contacting us via phone or email.

    Feedback

    You may from time to time identify problems, solutions to identified problems, provide suggestions, comments or other feedback related to our Services or otherwise relating to Us (“Feedback”). You acknowledge and agree that all Feedback is and shall be given entirely voluntarily and We shall be free to use or disclose such Feedback for any purpose. You further acknowledge and agree that your Feedback does not contain confidential or proprietary information and you are not entitled to any compensation or reimbursement of any kind from Us under any circumstances relating to such Feedback.

    Acceptable Use Policy

    You agree to comply with all applicable laws and regulations in connection with your use of the Services. You may not use our Services to post or transmit any illegal material, including without limitation any transmissions that would constitute a criminal offense, give rise to civil liability, or otherwise violate any local, state, national or international law or regulation. In particular, the following is a representative, non-exhaustive list of acts that are prohibited:

    • The transmission or posting of chain letters or pyramid schemes, or other acts that involve deceptive online marketing practices or fraud;
    • Acts that may materially and adversely affect the quality of other users’ experience;
    • Actual or attempted unauthorized use or sabotage of any computers, machines or
    • networks;
    • Introducing malicious programs into Our Services, network or servers (e.g. viruses,
    • worms, Trojan horses, etc.);
    • Engaging in any monitoring or interception of data not intended for you without
    • authorization;
    • Attempting to circumvent authentication or security of any host, network, or account
    • without authorization;
    • Reverse engineer, decompile, disassemble, decipher or otherwise attempt to derive the source code for any underlying intellectual property used to provide the Services, or any part thereof;
    • Adapt, modify or create derivative works based on the Services, technology underlying the Services, or other users’ content, in whole or part;
    • Duplicate, license, sublicense, publish, broadcast, transmit, distribute, perform, display, sell, rebrand, or otherwise transfer information found on the Services (excluding content posted by you) except as permitted in these Terms, or as expressly authorized by Us in writing;
    • Using any method, software or program designed to collect identity information, authentication credentials, or other information;
    • Transmitting or receiving, uploading, using or reusing material that is abusive, indecent, defamatory, harassing, obscene or menacing, or a breach of confidence, privacy or similar third party rights;
    • Transmitting or receiving, uploading, using or reusing material that violates any intellectual property rights of a third party, including, without limitation, patents, trademarks, trade secrets or copyrights;
    • Transmitting, receiving, uploading, using or reusing material that you do not have a right to transmit under any law or under contractual or fiduciary relationships (such as inside information, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);
    • Falsifying user identification information;
    • Using the Services for anything other than lawful purposes including, but not limited to,
    • intentionally or unintentionally violating any applicable local, state, national or
    • international law; or
    • Impersonating any person or entity, including, but not limited to, a MIME representative,
    • or falsely stating or otherwise misrepresenting your affiliation with a person or entity.
    • We enforce a zero-tolerance SPAM policy regarding information transmitted through our network. We may determine in its sole discretion whether any transmissions are considered SPAM. SPAM includes, but is not limited to, the following:
    • Bulk unsolicited e-mail, promotional material, or other forms of solicitation sent via the Services, or e-mail that advertises any IP address belonging to Us or any URL (domain) that is hosted by Us.
    • The use of web pages set up on ISPs that allow SPAM-ing that directly or indirectly reference customers to domains or IP addresses hosted by Us.
    • Forging or misrepresenting message headers, whether in whole or in part, to mask the true origin of the message.
    • If we determine that you have posted one or more articles of SPAM, we may cancel your account immediately and take steps to prevent you from using our network at any time thereafter.
    • You agree not to use the Services for the purpose of recruiting for another website or service that offers competing functionality to the Services.
    • Links To Other Web Sites

    Our Service may contain links to third party web sites or services that are not owned or controlled by MIME, Inc.

    MIME, Inc. has no control over, and assumes no responsibility for the content, privacy policies, or practices of any third party web sites or services. We do not warrant the offerings of any of these entities/individuals or their websites. Further, it is up to you to take precautions to ensure that whatever links you select or software you download (whether from the Website or other websites) is free of such items as viruses, worms, Trojan horses, defects and other items of a destructive nature. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators.

    You acknowledge and agree that MIME, Inc. shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such third party web sites or services.

    We strongly advise you to read the terms and conditions and privacy policies of any third party web sites or services that you visit.

    Apple Terms

    If you are accessing the Services through an application from the Apple App Store, you agree to the following additional terms:

    • You acknowledge that these Terms are concluded between you and us only, and not with Apple, and We, not Apple, are solely responsible for the Services and the content thereof. You acknowledge and agree that Apple, and Apple’s subsidiaries, are third party beneficiaries of these Terms, and that, upon your acceptance of the Terms, Apple will have the right (and will be deemed to have accepted the right) to enforce the Terms against you as a third party beneficiary thereof. You agree to be bound by the App Store Terms of Service as of the Effective Date (which you acknowledge you have had the opportunity to review), including without limitation the Usage Rules (as defined in the App Store Terms of Service) (capitalized terms below have the definitions given to them in the App Store Terms of Service unless otherwise defined herein).
    • You may only access the Services on an iOS product that you own or control and only as permitted by the Usage Rules set forth in the App Store Terms of Service.
    • To the extent set forth herein or required by applicable law, We are solely responsible for providing any maintenance and support services with respect to the Services. You acknowledge and agree that Apple has no obligation whatsoever to furnish any maintenance and support services with respect to the Services.
    • We, not Apple, are solely responsible for any product warranties set forth in these Terms, whether express or implied by law, to the extent not effectively disclaimed. In the event of any failure of the application to conform to any applicable warranty, you may notify Apple, and Apple will refund the purchase price for the application to you; provided that, to the maximum extent permitted by applicable law, Apple will have no other warranty obligation whatsoever with respect to the Services, and any other claims,

    losses, liabilities, damages, costs or expenses attributable to any failure to conform to any warranty, if any, will be Our sole responsibility, to the extent not disclaimer herein.

    • We acknowledge that We, not Apple, are responsible for addressing any claims by you or any third party relating to the Services or your possession and/or use of the Services, including, but not limited to: (i) product liability claims; (ii) any claim that the Services fail to conform to any applicable legal or regulatory requirement; and (iii) claims arising under consumer protection or similar legislation.
    • Apple shall in no way be responsible for any claim (including any related investigation, defense, settlement or discharge thereof) that the Services or your possession and use of the Services infringe any third party’s intellectual property rights.
    • If you send SMS messages through Services, you acknowledge that standard text messaging rates or other carrier charges may apply to such use.
    • You represent and warrant that you are not located in a country that is subject to a U.S. Government embargo, or that has been designated by the U.S. Government as a “terrorist supporting” country and that you are not listed on any U.S. Government list of prohibited or restricted parties.
    • Termination
    • We may terminate or suspend your account and bar access to the Service immediately, without prior notice or liability, under our sole discretion, for any reason whatsoever and without limitation, including but not limited to a breach of the Terms.
    • If you wish to terminate your account, you may simply discontinue using the Service.
    • Accessing the Website, Interactive Areas, Submissions, Content, information, and Service after such termination, suspension or discontinuation shall constitute an act of trespass. Further, you agree that MIME, Inc. shall not be liable to you or any third party for any termination or suspension of your access to the Website, Interactive Areas, Content, information, and Service.
    • All provisions of the Terms which by their nature should survive termination shall survive termination, including, without limitation, ownership provisions, warranty disclaimers, indemnity and limitations of liability.
    • Indemnification
    • You agree to defend, indemnify and hold harmless MIME, Inc. and each of its subsidiaries, affiliates, employees, contractors, agents, officers and directors, investors, successors and assigns, and its licensee and licensors, from and against any and all claims, damages, obligations, losses, liabilities, costs or debt, and expenses (including but not limited to attorney's fees), resulting from or arising out of a) your use and access of the Service, by you or any person using your account and password; b) a breach of these Terms, or c) Content posted on the Service. You and each of your successors, assigns, subsidiaries and affiliates, hereby unconditionally release and forever discharge MIME, Inc. and each of its subsidiaries, affiliates, directors, officers, agents, partners, investors, employees, successors and assigns harmless from any and all complaints, claims, charges, damages, demands, suits, actions and causes of

    action, whether at law or in equity (including attorneys’ fees, costs and expenses), known and unknown, suspected and unsuspected, disclosed and undisclosed, arising out of or in any way connected with your use of the Website and Service.

    Limitation Of Liability

    IN NO EVENT SHALL MIME, INC. NOR ITS DIRECTORS, EMPLOYEES, PARTNERS, INVESTORS, AGENCT, SUPPLIERS, OR AFFILIATES, BE LIABLE FOR ANY INCIDENTAL, DIRECT, INDIRECT, EXEMPLARY, SPECIAL, PUNITIVE AND CONSEQUENTIAL DAMAGES, LOST PROFITS, OR ANY KIND OF DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, ATTORNEYS’ FEES AND LOST PROFITS OR SAVINGS) RESULTING FROM LOST DATA OR BUSINESS INTERRUPTION RESULTING FROM THE USE OF OR INABILITY TO USE THE WEBSITE, INTERACTIVE AREAS, OR SERVICES, ANY CONDUCT OR CONTENT OF ANY THIRD PARTY ON THE SERVICE, ANY CONTENT OBTAINED FROM THE SERVICE, AND UNAUTHORIZED ACCESS, USE OR ALTERATION OF YOUR TRANSMISSION OR CONTENT, WHETHER BASED ON BASED ON WARRANTY, CONTRACT, TORT, OR ANY OTHER LEGAL THEORY, AND WHETHER OR NOT MIME, INC. IS ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

    Disclaimer

    MIME, INC. MAKES NO REPRESENTATIONS ABOUT THE SUITABILITY OF THE INFORMATION, SOFTWARE, PRODUCTS, AND SERVICES, CONTAINED ON THE WEBSITE OR SERVICE FOR ANY PURPOSE, AND THE INCLUSION OR OFFERING OF ANY PRODUCTS OR SERVICES ON THE WEBSITE DOES NOT CONSTITUTE ANY ENDORSEMENT OR RECOMMENDATION OF SUCH PRODUCTS OR SERVICES BY MIME, INC. ALL SUCH INFORMATION, SOFTWARE, PRODUCTS, AND SERVICES ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MIME, INC. DISCLAIMS ALL WARRANTIES AND CONDITIONS THAT THE WEBSITE, ITS SERVERS OR ANY EMAIL SENT FROM MIME, INC., ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. MIME, INC. HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, SOFTWARE, PRODUCTS, AND SERVICES, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NONINFRINGEMENT.

    MIME, Inc. its subsidiaries, affiliates, and its licensors do not warrant that a) the Service will function uninterrupted, secure or available at any particular time or location; b) any errors or defects will be corrected; c) the Service is free of viruses or other harmful components; or d) the results of using the Service will meet your requirements.

    Exclusions

    Some jurisdictions do not allow the exclusion of certain warranties or the exclusion or limitation of liability for consequential or incidental damages, so the limitations above may not apply to you.

    Governing Law

    These Terms shall be governed and construed in accordance with the laws of Delaware, United States, without regard to its conflict of law provisions.

    Our failure to enforce any right or provision of these Terms will not be considered a waiver of those rights. If any provision of these Terms is held to be invalid or unenforceable by a court, the remaining provisions of these Terms will remain in effect. These Terms constitute the entire agreement between us regarding our Service, and supersede and replace any prior agreements we might have had between us regarding the Service.

    Changes

    We reserve the right, at our sole discretion, to modify or replace these Terms at any time. If a revision is material we will provide at least 30 days’ notice prior to any new terms taking effect. What constitutes a material change will be determined at our sole discretion.

    By continuing to access or use our Service after any revisions become effective, you agree to be bound by the revised terms. If you do not agree to the new terms, you are no longer authorized to use the Service.

    Contact Us

    If you have any questions about these Terms, please contact MatchMe by email: terms@getmime.com.

    Or by mail: MIME Inc, 329 NE Couch Street, Suite 312, Portland, Oregon 97232

    Privacy Policy

    MIME, Inc.(collectively referred to herein as “MIME”, “we”, “our” or “us”), recognizes the importance of protecting personal data we may collect from visitors and any other individual or entity (“Users”, “you”, or “your”) who visit our web sites. This Privacy Policy applies to data collection by MIME and shall apply to your use of the website, www.getmime.com and other MIME-related sites, applications, including the Flawless by MIME mobile application, software, communications, capabilities and services (“Services”) accessible on or by any top-level MIME domain owned by us (each, a “Site” and collectively the “Sites”), but excluding services that state that they are offered under a different privacy policy.

    Our Privacy Policy explains: (1) what information we collect; (2) why we collect it; (3) how we use that information; (4) how we may share it; (5) the choices we offer, including how to access and update information; (6) and the measures we take to keep your information safe. Specifically, our Privacy Policy covers the following topics:

    1. When This Privacy Policy Applies
    2. Terms of Use
    3. Information We Collect
    4. How We Use Information We Collect
    5. Our Legal Basis for Collecting Personal Data
    6. Information We Share
    7. Your Failure to Provide Personal Data
    8. Our Retention of Your Personal Data
    9. Your Choices and Accessing, Updating or Deleting Your Personal Data
    10. Third Party Links
    11. International Transfer
    12. How We Protect Personal Data
    13. Children
    14. Direct Marketing and “Do Not Track” Signals
    15. MIME Partners
    16. Changes to this Privacy Policy
    17. How to Contact Us

    Please familiarize yourself with our privacy practices and let us know if you have any questions. By using the Sites, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Sites.

    Irrespective of which country you live in, you authorize us to transfer, store, and use your information in the United States, and any other country where we operate. In some of these countries, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those in the country where you live. Learn more about our data transfer operations in the “International

    1

    Transfer” section below. If you do not agree to the transfer, storage and use of your information in the United States, and any other country where we operate, please do not use the Sites or Services.

    If you have any questions or comments about this Privacy Policy, please submit a request to privacy@getmime.com .

    When this Privacy Policy Applies

    Our Privacy Policy applies to all of the Services offered by MIME and its affiliates, including some MIME partners, and Services offered on other sites, but excludes services that have separate privacy policies that do not incorporate this Privacy Policy.

    Our Privacy Policy does not apply to services offered by other companies or individuals, including products or sites that may be displayed to you, or other sites linked from our Services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our Services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.

    Terms of Use

    By accessing or using the Sites in any manner, you also agree to be bound by MIME’s Terms of Use (the “Agreement”). Please read the Agreement carefully. If you do not accept all of the terms and conditions contained in or incorporated by reference into the Agreement, please do not use the Sites.

    Information We Collect

    We collect information, including personal data, to provide better services to all our Users. We use the term “Personal Data” to refer to any information that identifies or can be used to identify you. Common examples of Personal Data include: full name, email address, digital identity, such as a login name or handle, information about your device, and certain metadata.

    “Sensitive Personal Data” refers to a smaller subset of Personal Data which is considered more sensitive to the individual, such as race and ethnic origin, political opinions, religious or philosophical beliefs, trade- union membership, genetic or biometric information, physical or mental health information, medical insurance data, or sexual orientation.

    When you use our Services, we collect Personal Data in the following ways: 1. Information You Give to Us

    • Website

    You may choose to provide us with Personal Data about yourself, including your name, organization name, title, address, phone number, and email address by completing forms on our website or emailing us, such as when you request information about our Services.

    In some instances, you may elect to provide us with location and address information. You may also provide us with Personal Data about yourself when you report a problem or have a question about our services.

    The Sites offer interactive and social features that permit you to submit content and communicate with us. You may provide Personal Data to us when you post information in these interactive and social features. Please note that your postings in these areas of the Sites may be publicly accessible or accessible to other Users.

    • Mobile Applications

    Certain information is required when creating an account to use our Services on the mobile application, such as your name, email address, birth date, User name and password. If you elect to create an account using Facebook, we will require your Facebook username and/or Facebook ID.

    In addition, in order to use the Services, you may choose to provide additional information such as your personal characteristics, including skin tone and type, skin concerns, hair color and type, hair concerns, eye color, age range, photographs, videos and product reviews.

    In connection with the use of the Services, your mobile device may collect certain data points like your IP address and mobile device ID. When your device syncs with MIME’s application, certain data recorded on your device is transferred from your device to our servers.

    2. Information We Obtain from Your Use of Our Services

    We collect certain information automatically, such as your operating system version, browser type, and internet service provider. We also collect information about your interaction with the Services, such as creating or logging into your account, or opening or interacting with the Services on Your mobile device. When you use our Site, we automatically collect and store this information in service logs. This includes: details of how you used our Site; Internet protocol address; cookies that uniquely identify your browser, the referring web page and pages visited. We may also collect and process information about your actual location. The information we collect automatically is statistical data and may or may not include Personal Data, but we may maintain it or associate it with Personal Data we collect in other ways or receive from third parties.

    • Location Data

    If you grant us access to your location, MIME may collect information about your location when you use our Sites and Services. Your location can be determined by: GPS, IP address, and information about things near your device, such as Wi-Fi access points and cell towers. When you use our Services via a wireless device, we may solicit your permission to collect your location data. Some features within our application may only function upon confirmation of your location, and therefore such features will not be available if you choose not to provide your location data to us. The specificity of the location data collected may depend on a number of factors, including the device you are using (e.g. laptop, smartphone or tablet) and how you are connected to the Internet (e.g., via cable broadband connection, WiFi). If you enable location services for our mobile application, we may collect location data periodically as you use or leave open our mobile application. We may associate such location data with Personal Data you provide to us. Depending on the platform you use to access our mobile application (e.g., Apple’s iOS, Google’s Android), you may

    3

    be able to control whether location data is collected from within “Settings” or other controls on your wireless device or the mobile application.

    • Device ID

    When using our Services, we or our service provider may collect your unique device ID. We may use such information for internal purposes and to provide you a better experience, such as to troubleshoot application problems you may experience. We may associate device ID with personal information you provide to us. You may learn more about opt out of any anonymous device ID collection via the privacy settings available within your mobile device.

    3. MIME Partners

    We may partner with third parties, such as retail stores, that offer MIME Services to their customers. In such cases, those companies may provide us with your name, email address, similar information and other personal information so that we can provide you with our Services.

    4. Cookies and Similar Technologies

    We and our partners use various technologies to collect and store information when you visit one of our services, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. Our third party advertising and analytics partners include Google, Parse Analytics, MixPanel and similar partners.

    The technologies we use for this automatic data collection may include:

    Cookies. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our services. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our services. For more information about our use of cookies, including details on how to opt-out of certain cookies, please see our Cookie Policy.

    Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count Users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

    Clickstream Data. Clickstream data is information collected by our computers when you request Web pages from the Sites. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Sites.

    5. Advertising

    We share certain data with third parties to allow us to target existing Users and customers with highly relevant advertising campaigns. We will not share your email address, telephone number, loyalty identification number or other personal information for the purpose of such campaigns.

    How We Use Information We Collect

    We use your Personal Data in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:

    1. To present, operate or improve the Site and Services, including analysis of Site activity;
    2. To inform you about Services and products available from MIME;
    3. To authorize access to our Sites and Services;
    4. To provide, maintain, administer or expand the Services, performing business analyses, or for
    5. other internal purposes to support, improve or enhance our business, the Services, and other
    6. products and services we offer;
    7. To offer and administer programs;
    8. To customize or tailor your experience of the Services;
    9. To administer content, promotion, sweepstakes, surveys, voting polls or other Site features;
    10. To communicate about, and administer your participation in, special programs, surveys, contests,
    11. online campaigns, online programs, sweepstakes, and other offers or promotions, and to deliver
    12. pertinent emails;
    13. To improve our Site and Services;
    14. To secure our Services, including to authenticate Users;
    15. To use statistical information that we collect in any way permitted by law, including from third
    16. parties in connection with their commercial and marketing efforts;
    17. To use anonymized and aggregated information, including sharing anonymized and aggregated
    18. information with third parties to use for their own purposes;
    19. To respond to and support Users regarding their use of the Sites and Services;
    20. To comply with all applicable legal requirements;
    21. To enforce our Terms of Use and other agreements;
    22. To perform data analysis and testing;
    23. To investigate possible fraud or other violations of our Terms of Use or this Privacy Policy and/or
    24. attempts to harm our Users;
    25. To resolve disputes;
    26. To otherwise fulfill the purpose for which the information was provided.

    We use the information we collect from our Sites to provide, maintain, and improve them, to develop new services, and to protect our company and our Users.

    We use information collected from cookies and other technologies, to improve your User experience and the overall quality of our services. For example, by saving your language preferences, we’ll be able to have our services appear in the language you prefer. We may use your Personal Data to see which web pages you visit at our Site, which web site you visited before coming to our Site, and where you go after you leave our Site. We can then develop statistics that help us understand how our visitors use our Site and how to improve it. We may also use the information we obtain about you in other ways for which we provide specific notice at the time of collection.

    5

    We will ask for your consent before using information for a purpose other than those set out in this Privacy Policy.

    Our Legal Basis for Collecting Personal Data

    Whenever we collect Personal Data from you, we may do so on the following legal bases:

    1. Your consent to such collection and use;
    2. Out of necessity for the performance of an agreement between us and you, such as your
    3. agreement to use our Services or your request for Services;
    4. Our legitimate business interest, including but not limited to the following circumstances where
    5. collecting or using Personal Data is necessary for:
    6. Intra-organization transfers for administrative purposes;
    7. Product development and enhancement, where the processing enables MIME to
    8. enhance, modify, personalize, or otherwise improve our services and communications for
    9. the benefit of our Users, and to better understand how people interact with our Sites;
    10. Communications and marketing, including processing data for direct marketing purposes, and subject to your opt-in for these purposes, and to determine the effectiveness of our
    11. promotional campaigns and advertising;
    12. Fraud detection and prevention;
    13. Enhancement of our cybersecurity, including improving the security of our network and
    14. information systems; and
    15. General business operations and diligence;
    16. Provided that, in each circumstance, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.
    17. Information We Share
    18. We do not share personal data with companies, organizations and individuals outside of MIME unless one of the following circumstances applies:
    • With your consent. We will share Personal Data with companies, organizations or individuals outside of MIME when we have your consent to do so.
    • Corporate Affiliates. MIME may share certain personal information with its affiliates (including parent company, sister companies and subsidiaries.)
    • Enterprise Accounts. Your employer or your organization may offer you access to our Services. We will share Personal Data with your employer or organization. Your employer or organization can review and manage your use of such enterprise Services.
    • For external processing. We provide personal information to our affiliates or other trusted businesses or partners to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures. These third parties include marketing partners, third party hosted services providers, and similar partners. It is our policy to only share Personal Data with contractors, service providers and other third parties


    6

    who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them. Under certain circumstances, you may avoid having us share your information with our business partners and vendors by not granting us permission to share your information. Not granting us permission to share your information with our business partners or vendors may limit your access to their services through the Sites.

    • Joint Marketing Partners. We may share your personal information with third parties that we have partnered with to jointly create and offer a product or service. These joint marketing partners may only use this information to market products and services to you. Additionally, to the extent permitted by law, MIME’s joint marketing partners may share your personal information with us to better serve you.
    • For Legal Reasons. We will share Personal Data with companies, organizations or individuals outside of MIME if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:


    o meet any applicable law, regulation, legal process or enforceable governmental request. o enforce applicable Terms of Use or Services Agreement, including investigation of

    potential violations. o detect, prevent, or otherwise address fraud, security or technical issues. o protectagainstharmtotherights,propertyorsafetyofMIME,ourUsersorthepublicas

    required or permitted by law. We attempt to notify Users about legal demands for their Personal Data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.

    • Business Transfers. If we establish a new related entity, are acquired by or merged with another organization, or if substantially all of our assets are transferred to another organization, Personal Data about our Users is often a transferred business asset. In the event that MIME itself or substantially all of our assets are acquired, Personal Data about our Users may be one of the transferred assets.
    • Non-Personal and Aggregate Site Use Information. MIME may compile and share your information in aggregated form (i.e., in a manner that would not personally identify you) or in de- identified form so that it cannot reasonably be used to identify an individual (“De-Identified Information”). We may disclose such de-identified information publicly and to third parties, or to MIME Partners under agreement with us. MIME may also disclose De-Identified Information for general research purposes and in research collaborations with third parties. MIME may also use De-Identified Information for commercial collaborations with private companies for purposes such as product design or enhancement of Services.
    • Your Failure to Provide Personal Data
    • Your provision of Personal Data is required in order to use certain parts of our services and our programs. If you fail to provide such Personal Data, you may not be able to access and use our Services and/or our programs, or parts of our Services and/or our programs.
    • Our Retention of Your Personal Data
    • We may retain your Personal Data for a period of time consistent with the original purpose for collection. For example, we keep your Personal Data for no longer than reasonably necessary for your use of our


    7

    programs and Services and for a reasonable period of time afterward. We also may retain your Personal Data during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.

    We retain your Personal Data even after your business relationship with us ends if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our Terms of Use, or fulfill your request to “unsubscribe” from further messages from us. We will retain de-personalized information after your account has been closed.

    Your Choices and Accessing, Updating or Deleting Your Personal Data

    Whenever you use our Services, we aim to provide you with choices about how we use your Personal Data. We also aim to provide you with access to your Personal Data. If that information is wrong, we strive to give you ways to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes. Subject to applicable law, you may obtain a copy of personal information we maintain about you or you may update or correct inaccuracies in that information by contacting us. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information. In addition, if you believe that personal information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the How to Contact Us section below.

    • Your Rights With Respect to Personal Data

    Some data protection laws, including the European Union’s General Data Protection Regulation (“GDPR”), corresponding legislation in Switzerland and in the United Kingdom, and some U.S. state laws, provide you with certain rights in connection with Personal Data you have shared with us. If you are resident in the European Economic Area, you may have the following rights:

    1. The right to be informed. You are entitled to be informed of the use of your Personal Data. This Privacy Policy provides such information to you.
    2. The right of access. You have the right to request a copy of your Personal Data which we hold about you.
    3. The right of correction: You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
    4. The right to be forgotten: You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data. Note, however, that deletion of your Personal Data will likely impact your ability to use our services.
    5. The right to object (opt-out): You have the right to opt-out of certain uses of your Personal Data at any time.
    6. The right to data portability: You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers / IT environment to another service provider’s servers / IT environment.
    7. The right to refuse to be subjected to automated decision making, including profiling: You have the right not to be subject to a decision and insist on human intervention if the decision is

    8

    based on automated processing and produces a legal effect or a similarly significant effect on

    you. 8. The right to lodge a complaint with a supervisory authority.

    You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data- protection/bodies/authorities/index_en.htm.

    If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. To make these requests, you may contact us using the contact information below, and we will consider your request in accordance with applicable laws. For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.

    In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.

    • Changing or Deleting Your Information

    You may update or correct information about yourself by making changes to your profile in your account or by emailing us at privacy@getmime.com. If you completely delete all such information, then your account may become deactivated. We may retain an archived copy of your records as required by law, to comply with our legal obligations, to resolve disputes, to enforce our agreements or for other legitimate business purposes.

    We may contact you to request that you update your Personal Data on a regular basis to ensure its integrity for the purposes of ongoing data management.

    • Our Opt-in/Opt-out Policy

    By providing an email address on the MIME Sites or Services, you agree that we may contact you in the event of a change in this Privacy Policy, to provide you with any Service related notices, or to provide you with information about our events, invitations, or related educational information.

    For purposes of this Privacy Policy, “opt-in” is generally defined as any affirmative action by a User to submit or receive information, as the case may be.

    We currently provide the following opt-out opportunities:

    1. At any time, you can follow a link provided in offers, newsletters or other email messages (except for e-commerce confirmation or service notice emails) received from us or a MIME Partner to unsubscribe from the service.
    2. At any time, you can contact us through privacy@getmime.com or the address or telephone 9


    number provided below to unsubscribe from the service and opt-out of our right per your consent under the terms of this Privacy Policy to share your Personal Data.

    Notwithstanding anything else in this Privacy Policy, please note that we always reserve the right to contact you in the event of a change in this Privacy Policy, or to provide you with any service related notices.

    Third Party Links

    The Sites may contain links to webpages operated by parties other than MIME. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to the User to take precautions to ensure that whatever links the User selects or software the User downloads (whether from this Site or other websites) is free of such items as viruses, worms, trojan horses, defects and other items of a destructive nature. These websites and services may have their own privacy policies, which the User will be subject to upon linking to the third party's website. MIME strongly recommends that each User review the third party's terms and policies.

    International Transfer

    We are committed to complying with applicable laws, regulations and mandatory government standards regarding the protection of Personal Data.

    Personal Data and any additional information submitted may be used globally in connection with employment, business processes within MIME, or communicating with our MIME Partners. Therefore, Personal Data may be transferred to such entities worldwide, where it will be processed in accordance with this Privacy Policy and laws that are applicable in each country. Countries where we process data may have laws which are different, and potentially not as protective, as the laws of your own country.

    If we transfer your Personal Data out of your jurisdiction, we will implement suitable safeguards and rely on legally-provided mechanisms to lawfully transfer data across borders to ensure that your Personal Data is protected.

    How We Protect Personal Data

    MIME maintains administrative, technical and physical safeguards designed to protect the User's Personal Data and information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms. For example, we restrict access to personal information to MIME employees, contractors, business partners and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. We use commercially reasonable security measures such as encryption, firewalls, and Secure Socket Layer software (SSL) or hypertext transfer protocol secure (HTTPS) to protect Personal Data.

    10

    If MIME collects account information for payment or credit, MIME will use the information only to complete the task for which the account information was offered.

    Children

    The Site is not intended for use by children. We do not intentionally gather Personal Data about United States visitors who are under the age of 13 or about European Union, United Kingdom or Swiss visitors who are under the age of 16. If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under the ages of 13 or 16 in the applicable jurisdictions, please contact us at privacy@getmime.com. If we learn that we have inadvertently collected the personal information of a child under 16, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.

    Direct Marketing and “Do Not Track” Signals

    MIME does not track its users over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.

    California residents are entitled to contact us to request information about whether we have disclosed Personal Data to third parties for the third parties’ direct marketing purposes. Under the California “Shine the Light” law, California residents may opt-out of our disclosure of Personal Data to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your Personal Data with third parties for marketing purposes at any time by submitting a request to privacy@getmime.com. California users may request further information about our compliance with this law by contacting us at privacy@getmime.com or by writing to us at the address listed in the “How to Contact Us” section.

    MIME Partners

    MIME customers (“MIME Partners”) engage us to deliver Services to their employees, customers and other users. Partner Information, Information about our Partner’s Contacts and Archival Information (each defined below) are governed by this Privacy Policy, the MIME Terms of Use and any other Services agreements between MIME and the applicable Partner.

    • MIME Partner Information. We collect information about individuals within our MIME Partners organization (“Partner Information”). Partner Information may include information related to the Partner’s account, name, work e-mail address, work phone number, job title or similar kinds of information. We use Partner Information to support the Partner account, maintain our business relationship with the Partner, respond to Partner inquiries, or perform accounting functions. MIME Partners may update personal information and password by logging into the MIME Platform and updating their account. MIME Partners may contact MIME support in order to delete their Personal Data. In some cases, we may not be able to delete Partner Information, and in such cases we will tell you why.

    11

    • Information about our Partners’ Contacts. We collect information about any contacts, such as employees, customers, and others, that may be uploaded into the MIME Platform (“Information about our Partners’ Contacts”). Information about our Partner’s Contacts may include name, e- mail address, phone number, job title, or similar kinds of information. We use Information about our Partner’s Contacts for the purposes of providing Services to such contacts. MIME Partners may update or delete Information about their contacts in the MIME Platform. MIME Partners may also contact MIME support in order to update and delete such information. In some cases, we may not be able to delete such information, and in such cases we will tell you why.
    • Archival Information. We collect communications information for archival purposes on behalf of, and as directed by, our MIME Partners. This information may include emails, texts, websites, social media messages or posts, and other forms of data or electronic communications (“Archival Information”). Archival Information includes data about our MIME Partners and the third parties they correspond with. We do not control or monitor the information our MIME Partners collect and store through our services, or their privacy practices or policies. It is our Partner’s obligation to obtain all necessary consents and to comply with all applicable laws with respect to the Partner’s communications and use of our services. Our Partner’s privacy policies or practices apply to Archival Information, the purposes for which the Partner collects Archival Information, how the Partner may use Archival Information and what choices the individual may have with respect to Archival Information. Individuals must contact the applicable Partner in order to correct, amend, or delete their information, or to opt out of any collection, uses or disclosure of their information by our Partner.
    • Automatically Collected Information. We collect information automatically about how our MIME Partners use our services (“Automatically Collected Information”). We do this via data collection technologies such as cookies, web beacons, gifs or other tracking technologies. We collect this information in order to monitor, support and improve our services or to provide MIME Partners with certain customized features. We may use Automatically Collected Information to tell us how our MIME Partners use our services, to improve our services or develop new products, services or features. We may combine this information with other information we collect.
    • We treat Partner Information, Information about our Partner’s Contacts, Archival Information and Automatically Collected Information as the confidential and proprietary information of our MIME Partners, subject to the terms of the MIME Terms of Use and any other service agreement between MIME and the Partner. We do not share Partner Information, Information about our Partner’s Contacts, Archival Information or Automatically Collected Information with third parties unless directed to do so by our Partner, as may be necessary to provide services to the Partner, to our advisors, affiliates, representatives, agents, service providers, in connection with a business transaction (such as a merger or sale), as allowed under the terms of our agreement with our Partner, or in response to a court order, subpoena, warrant or to comply with a legal requirement or to cooperate with an investigation. We may disclose Partner Information, Information about our Partner’s Contacts, Archival Information or Automatically Collected Information for the aforementioned reasons, or in order to protect our rights or the rights of our affiliates, MIME Partners, channel partners or service providers.
    • We will retain Partner Information we process on behalf of our MIME Partners for as long as needed to provide Services to our Partner, or for the period of time requested by a particular Partner.


    12

    Changes to this Privacy Policy

    Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services or programs, email notification or privacy policy changes). We will also keep prior versions of this Privacy Policy in an archive for your review.

    Revisions: • October 22, 2019

    How to Contact MatchMe

    If you have any specific questions about this Privacy Policy, you can contact us via email or phone or by writing to us at the address below:

    Send e-mail to: privacy@getmime.com or send mail to our address:

    MIME, Inc. Attn: Privacy Policy Inquiry 329 NE Couch Street, Suite 312 Portland, Oregon 97232 U.S.A. 


    TRANSFERRING YOUR PERSONAL INFORMATION OUTSIDE THE EUROPEAN ECONOMIC AREA



    We may need, as part of the services offered to you though our Site, to communicate your details outside the European Economic Area (“EEA”).

    We are obliged to satisfy ourselves before transferring your information to a country outside the EEA that it provides adequate protection for your data protection rights. Cult Beauty only transfers your personal information to those third parties where we can be sure that we can protect your privacy and your rights, for example the third party is located in a country which the EU has deemed to have adequate data protection laws in place, where that third party is certified on the EU-US Privacy Shield or where we have a contract in place with that third party which includes the European Commission's standard data protection clauses. Our Site is hosted on servers located in Ireland.



    HOW LONG WE KEEP YOUR INFORMATION



    If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We will not keep your personal information for longer than is necessary for the purpose or purposes for which they are collected, unless there is another legal reason for us to retain the information. We will take all reasonable steps to destroy or erase from our systems all data which is no longer required. We will keep your personal information for the duration of your account being active and for 7 years after our contract with you has terminated.



    CHANGES TO OUR PRIVACY POLICY



    Any changes we may make to this Privacy Policy in the future will be posted on this page. Please check back frequently to see any updates or changes to this Privacy Policy.



    WHAT ARE YOUR RIGHTS



    We endeavour to process all personal information in line with your rights under GDPR. In particular, You have the rights to:-

    • Withdraw your consent to Our processing your personal Information at any time. You can do this at any time by changing your “Preferences” when you log in to your account or by contacting us at privacy@cultbeauty.co.uk. In certain circumstances, We can process your personal Information without your consent in line with the lawful processing requirements in GDPR. These include (amongst other reasons) where processing is necessary to comply with a legal obligation, or to protect your vital interests
    • Ask us to rectify inaccurate or incomplete personal Information. We would seek to rectify the data as soon as possible and usually within one month unless the request is complex
    • Ask us to erase your personal Information. This is commonly referred to as the right to be forgotten. This right is only applicable where there is no compelling reason for the continued processing of your personal Information. There are some circumstances where this right to erasure does not apply and in such cases We would notify You of the reason(s) why We need to retain your personal Information (unless prevented to do so by law)
    • Restrict processing of your personal Information where, for example, the data is inaccurate, being processed unlawfully or where the data is no longer relevant to the specific purpose for processing. In such cases, We would retain the data but We would not process it further without your consent, or if processing your Information is for establishing, exercising or defending a legal claim, or for the protection of rights of other individuals, or for public interest reasons. In such circumstances, We would let You know that We intend to lift the restriction on processing your personal Information
    • Request access to your personal Information via a subject access request. your request should be made to us in writing and We may ask you for proof of your identity before providing You with the data. There is usually no fee for making such a request however, in limited circumstances, We can charge an administrative fee (which will be based on the administrative cost of providing the information)
    • You have the right to ask us not to process your personal Information for marketing purposes (including profiling). We will usually inform You (before collecting your data) if We intend to use your data for such purposes or if We intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms We use to collect your data. You can also exercise the right at any time by contacting us at privacy@cultbeauty.co.uk
    • Obtain and reuse your personal Information for your own purposes across different services (right to data portability). This right is only applicable to data that You have provided to us, where We are processing the data based on your consent or for the performance of a contract and when the processing is carried out by automated means. Where this right applies, the data will be provided to You in a structured, commonly used and machine-readable format

    Please be aware that we will need to verify your identity before providing any personal information to you. We do this to protect your information. We may also ask you to provide us some additional voluntary information to help us process your request more efficiently.



    CONTACTING US



    If at any time you would like to contact us with your views about our privacy practices, or with any enquiry relating to your personal information, you can do so by sending an e-mail to us at privacy@cultbeauty.co.uk, or via post at Data Protection Officer, Cult Beauty Limited, 46 Colebrooke Row, London N1 8AF United Kingdom.

    If you have any complaints regarding our handling of your personal Information, we would appreciate the chance to deal with your concerns in the first instance. However, if you wish, you may make a complaint directly to the Information Commissioner’s Office, the UK supervisory authority for data protection issues (www.ico.org.uk or 0303 123 1113)