Privacy Policy

Last updated: February 2025

Our Commitment to You

Membership Enrollment

Maelys Cosmetics Ltd. and its affiliated companies (together: "Maelys", "us" or "we") are dedicated to providing clients and site visitors (collectively, "users") with the highest level of transparency and control over the use of their information. In order for us to provide you with our services we are required to collect and process certain personal information about you and your activity.

By entrusting us with your information, we would like to assure you of our commitment to keep such information private. We have taken measurable steps to protect the confidentiality, security and integrity of this information.

When you use our Services, you consent to the collection, storage, use, disclosure and other uses of your Personal Data as described in this Privacy Policy.

We urge you to read this Privacy Policy carefully and make sure that you fully understand and agree to it. If you do not agree to this Privacy Policy, please discontinue and avoid using our Services.

Contents

Grounds for Data Collection

You are not legally required to provide us with your "Personal Data" (meaning any information which may potentially allow your identification with reasonable means), but without it we might not be able to provide you with the full range of, or the best experience while using, our websites or services (together, the "Services").

Processing of Personal Data is necessary for the performance of our contractual obligations towards you, for providing you with our services, for protection of our legitimate interests and for compliance with legal and regulatory obligations to which we are subject.

Our legal basis for collecting and using your Personal Data will depend on the particular purpose for which your data is being processed. We generally use the following legal bases:

  1. Performance of a contract: processing necessary to make the Services, including support services, available to you, and to send you service communications.
  2. Consent: in limited cases (for example, direct marketing emails/text messages and accepted website cookies) we process your Personal Data based on your consent. You can withdraw consent at any time using the contact details below.
  3. Legitimate interests: maintaining and improving our Services, understanding usage, improving customer service and support, and securing users and systems.
  4. Compliance with legal obligation: where processing is required by applicable law or by order of a court or regulatory body.

What Type of Data We Collect

Personal Data

In the course of using the Service, we may ask you to provide us with certain Personal Data to provide and improve the Service, to contact or identify you, to enable access to certain parts of the Website, and as otherwise indicated in this Policy. We collect the following Personal Data:

  • Registration and order information: name, mailing address, email address, telephone number, and, if registering via social account, profile picture and other data made available under your social privacy settings.
  • Information received from you: data you voluntarily provide when contacting us (contact forms, email, support channels), or when signing up to receive newsletters or other communications.
  • Billing information: data required to complete transactions, including payment-related and billing-related information and invoice details. Payment method details may be encrypted and stored by third-party payment providers compliant with PCI DSS.
  • Website usage data: IP address and general location data (for example city/country) collected by our webserver.
  • Information from third parties: contact details and business-related details received from business partners.

Non-Personal Data

We also collect data about Service usage and user activity in order to operate and improve the Service.

  • Technical information: website visits, browser and display settings, operating system, device type, session times, referral URL, time zone, network connection type, and cookie information.

If we combine Personal Data with non-Personal Data, the combined data will be treated as Personal Data.

Tracking Technologies

A "cookie" is a small text file used, for example, to collect data about activity on our Site. Some cookies and other technologies recall Personal Data such as an IP address.

When you visit or access our Services we use (and authorize third parties to use) pixels, cookies, events and other technologies ("Tracking Technologies") to collect information about you, your device and online behavior for navigation improvements, analytics, advertising effectiveness and personalization.

We also use Google Analytics to collect information about use of our Service. Information collected through Google Analytics is used to improve our Services.

Types of Cookies We Use

  • Strictly necessary cookies: required for operation of the website.
  • Analytical or performance cookies: help measure traffic and usage patterns to improve the Service.
  • Functionality cookies: recognize returning users and remember preferences, including cart state.
  • Targeting cookies: record your visit and browsing actions to improve ad relevance.

How to Manage Tracking Technologies Settings

UK and EU customers can manage cookie preferences via the "Your Privacy Choices" tool. Blocking cookies may affect some features of the Services.

Common browser controls include Google Chrome, Internet Explorer, Mozilla Firefox, Safari (Desktop/Mobile), and Android Browser. Mobile users can also limit ad tracking through device settings.

You can also turn off certain third-party targeting/advertising cookies via Network Advertising Initiative options.

How Do We Use the Data We Collect

  • Provision of service: to provide and improve our Services and respond to your queries.
  • Service announcements: to communicate updates and service offers.
  • Marketing purposes: to send newsletters and promotional materials, including profile-based marketing.
  • Opt-out handling: you may unsubscribe from promotional communications; we may still send service-related notices.
  • SMS services: we do not share SMS opt-in for unrelated purposes; we may share related data with vendors that help deliver messaging services.
  • Analytics, surveys and research: to test, evaluate and improve Service features.
  • Protecting our interests: fraud prevention, claim defense, and security/integrity protection.
  • Policy enforcement: including enforcement of client agreements and internal policies.
  • Legal compliance: where required by law, regulation, subpoena or similar legal process.

With Whom Do We Share Your Personal Data

  • Internal concerned parties: group companies and employees to provide Services.
  • Business partners: storage, analytics and other service providers acting on our behalf under contractual restrictions.
  • Compliance with laws and law enforcement entities: where disclosure is necessary to comply with legal process, enforce rights, or protect safety/security.
  • Merger and acquisitions: in connection with merger, acquisition, reorganization, bankruptcy or asset sale.

Transfer of Data Outside the EEA (for EU Data Subjects)

Some data recipients may be located outside the EEA. In such cases, we transfer data only to countries approved by the European Commission as providing an adequate level of protection, or under legal agreements that ensure adequate data protection safeguards.

How We Protect Your Information

We implement administrative, technical and physical safeguards to prevent unauthorized access, use, or disclosure of Personal Data. Data is stored on secure servers and access is limited on a need-to-know basis.

Despite these measures, absolute security cannot be guaranteed. You are responsible for protecting your account credentials and limiting access to your account.

Retention

We retain Personal Data for as long as necessary to provide Services and as needed to comply with legal obligations, resolve disputes and enforce policies. Retention periods depend on the nature of the data and collection purpose.

User Rights

European Union Users

If you reside in the EU, you may request to:

  • Receive confirmation whether Personal Data concerning you is processed and access that data with supplementary information.
  • Receive a copy of data you provided in a structured, commonly used and machine-readable format.
  • Request rectification of Personal Data.
  • Request erasure of Personal Data.
  • Object to processing of Personal Data.
  • Request restriction of processing.

These rights are not absolute and may be subject to legitimate interests and regulatory requirements.

California Users

You have rights to know, delete, non-discrimination, and opt-out of sale/share of personal information as defined by applicable California law.

You may designate an authorized agent to submit requests on your behalf, subject to statutory verification requirements.

Additional Information for California Residents

This section addresses disclosure requirements under the California Consumer Privacy Act of 2018 and related regulations.

In the preceding twelve (12) months, we have collected the following categories of Personal Information:

Category Personal Information Collected Sources Business Purpose
A. Identifiers Name, email address, social media identifier, IP address, username Directly from consumers; website activity via cookies and tracking technologies; third parties including social networks and advertising networks Operate Services, product development and improvement, customer service, security, internal analytics and reporting
B. Personal information categories listed in California Customer Records statute Name and related customer record information Directly from consumers and integrated service/business partners Service maintenance and enhancement, debugging, internal research
C. Internet or other electronic network activity information Interaction with Services Advertising networks, data analytics providers, consumer devices via cookies/tracking technologies Auditing interactions and transactions, advertising/direct marketing, security and fraud prevention
D. Geolocation data Country, state (derived from IP address) Directly from consumer device (IP address) Fraud prevention, policy enforcement, legal compliance
E. Inferences Preferences and characteristics used to create profile/summary Advertising networks, social networks, direct submissions, publicly available/social sources Personalization, analytics, legal and regulatory compliance
F. Commercial information Transaction records and purchase history Directly from transactions and payment/order systems Order processing, analytics, customer support, compliance

Selling and Sharing Personal Information

We do not "sell" or "share" personal information as those terms are commonly understood. However, we allow certain third-party advertising partners to collect pseudonymized data for advertising-related purposes, including ad measurement and analytics.

You may opt out from sale/share by using Your Privacy Choices, resetting advertising identifiers on your device, limiting ad tracking in device settings, or contacting us.

How to Contact Us

If you wish to exercise any of the aforementioned rights, or receive more information, contact: [email protected].

Maelys EU representative information:
MAELYS EU COSMETICS 2017 LTD
2A Cheilonos str.
The Riverside Forum
Nicosia, Cyprus

Updates to This Policy

This Privacy Policy is subject to change from time to time, in our sole discretion. The most current version will be posted on our website (as reflected in the "Last Updated" heading). You are advised to check for updates regularly.

By continuing to access or use our Services after revisions become effective, you agree to be bound by the updated Privacy Policy.

Introduction

When you visit or access our website, or when you interact or engage with our content ("Services"), we use (and authorize third parties to use) web beacons, cookies, pixel tags, scripts, tags, API and other technologies ("Tracking Technologies").

The Tracking Technologies allow us to automatically collect information about you and your online behavior, as well as your device (for example your computer or mobile device), in order to enhance your navigation on our Services, improve our Services performance and customize your experience on our Services.

We also use this information to collect statistics about the usage of our Services, perform analytics, deliver content tailored to your interests and administer services to our users, advertisers, publishers, customers and partners.

We also allow third parties to collect information about you through Tracking Technologies.

What Are Cookies?

Cookies are small text files (composed only of letters and numbers) that a web server places on your computer or mobile device when you visit a webpage.

When used, a cookie can help make our Services more user-friendly, for example by remembering your language preferences and settings.

Cookies are widely used to make websites work efficiently. They allow navigation between pages, remember preferences, improve interaction with the Services and help ensure that advertisements shown online are relevant to you and your interests.

Storing Tracking Technologies

We store Tracking Technologies when you visit or access our Services (for example when visiting our websites). These are called "First Party Tracking Technologies".

In addition, Tracking Technologies are stored by third parties (for example analytics providers, business partners and advertisers) that run content on our Services. These are called "Third Party Tracking Technologies".

Both types may be stored either for the duration of your visit or for repeat visits.

What Types of Tracking Technologies Do We Use?

There are five main types of Tracking Technologies:

  • Strictly necessary Tracking Technologies.
  • Functionality Tracking Technologies: remember choices you make (such as language), support authentication and provide personalized features.
  • Performance Tracking Technologies: collect information about online activity (for example visit duration, behavioral data and engagement metrics) for analytics, research and statistics.
  • Marketing or Advertising Tracking Technologies: deliver tailored offers/ads, support marketing campaigns, cap ad frequency and measure campaign effectiveness.
  • Social media Tracking Technologies: support social features (for example Facebook "Like" or "Share") and are governed by third-party platform privacy statements.
Tracking Technology Type Purpose
Functional cookies First and Third party, Strictly necessary / Functionality Customize and simplify user experience, remember choices and login credentials, and support secure purchases and information handling.
Analytics cookies First party, Performance Collect interaction and attribution information (for example referral URL), compile reports, improve Services, and personalize products/content.
Intercom Third party, Functionality Provide support through live chat and communicate with users. May also be used for marketing messages.
Google Analytics Third party, Performance Collect data on how visitors use Services, including visitor numbers, traffic sources and pages visited, to compile reports and improve Services.
Google Tag Manager Third party, Performance Load scripts into website pages and support measurement tools.
Hotjar Third party, Performance Aggregate data on site usage and interactions, including pages visited, interaction patterns, device/browser type and country.
Wistia Third party, Performance Collect data on visitor interaction with website video content to improve relevance.
Yotpo Third party, Performance Support feedback/review services that allow customers to publish comments regarding products.
Segment Third party, Performance Track visitor engagement and analyze traffic.
Convert Experiences Third party, Performance Run A/B testing to improve browsing experience.
Taboola Third party, Marketing/Advertising Collect data used for recommending relevant related content.
Outbrain Third party, Marketing/Advertising Collect data used for recommending relevant related content.
Google AdWords Third party, Marketing/Advertising Measure ad effectiveness by tracking actions after ad clicks and improve campaign performance.
Bing Third party, Marketing/Advertising Show personalized ads and measure campaign performance based on actions after ad clicks.
Facebook Custom Audience Third party, Marketing/Advertising Use pixel data and lookalike audiences to reach users similar to visitors who took actions on our websites.
X (Twitter) Third party, Marketing/Advertising Allow sharing content and support ad delivery through websites and apps.
Facebook Connect Third party, Social media Enable social sharing and account recognition across social networks.
Pinterest Conversion Tracker Third party, Marketing/Advertising Build audiences, target Pinterest users based on on-site actions and gather conversion insights.