PRIVACY POLICY
[Last Modified: August 26, 2019]
Erika Carmel Ltd. (“Company”, or “we”, or “us”), respects your privacy and is committed to protect the privacy of our customers that either visit our website or purchase any of our B-Cure Laser medical devices (“Devices”).
This privacy policy (“Privacy Policy”) details the way we process, use and share your information and our legal basis for processing the data. The Privacy Policy is an integral part of our Terms of Use available at: [Note to B-Cure: Please implement the relevant link here.](“Terms”) which governs your use of the website or any related services therein. The defined terms herein shall have the same meaning as defined in the Terms.
Lawful Basis
We have included below information regarding which data is collected while you visit our website or purchase a Device, and how we process and use your data, however before we get into that we would like to explain the basis for such processing:
- If you purchase any of our Devices, we process your Personal Data (as defined below) in order to perform our contract with you;
- If we have a legitimate interest in processing data, such as online identifiers (i.e., IP addresses) required in order to provide and operate our website; or
- We will also process your Personal Data where you have provided us your consent to do so.
Amendments
We reserve the right to periodically amend or revise this Privacy Policy at our sole discretion; such changes will be effective immediately upon the display of the revised Privacy Policy. The last revision date will be reflected in the “Last Modified” heading. Your continued use of this website and Services following the amendments constitutes your acknowledgement of such amendments. In the event of a material change we will make a reasonable effort to provide you with a written notification of such change. We recommend that you periodically review this Privacy Policy, as it may be subject to amendments from time to time.
Types of Data We Collect and Purpose of Processing
When you access our website or purchase our Device/s we may collect certain information about you. Such information can be defined as “Personal Data”, meaning information that identifies an individual or may with reasonable effort identify an individual, or “Non-Personal Data”, meaning technical and aggregated data about you that are non-identifiable (i.e., cannot identify you). If we combine Personal with Non-Personal Data, we will treat the combined data as Personal Data for as long as it remains combined.
Please see below a table which specifies the data we collect and how we use it:
Data We Collect | Purpose of Collection and Use | |
Contact Information: When placing an order you will need to provide us with your full name, email address, phone number (optional), shipping address and billing address. | We collect and use this information solely for the purpose of processing your order and delivering the Device. We may also use your email address and phone number to keep you updated and send you service-related messages (e.g., invoices, order confirmation, shipment status, etc.) by text or email, shipment status, etc. | |
Payment Information: During checkout you will be required to provide your payment details. The payment is processed by our third party partners; we do not store or process any of your payment information. | We use third party payment processors which may include BlueSnap and PayPal. Consequently, all transactions are governed by their privacy policies and terms which we recommend that you review. You can find BlueSnap’s privacy policy here and Paypal’s privacy policy here. | |
Information Provided Voluntarily by you: If you contact us (e.g., send us an email, fill out our online form etc.), you may provide us with your contact information such as your name, phone number, address, email, etc. Furthermore, if you use our live chat feature, you may be sharing additional information, including sensitive information concerning your health with the representative assisting you through the chat. | We will use your information in order to respond to your inquiry, provide you with support, assistance or any other service requested by you. We will retain our correspondence with you for as long as needed, subject to applicable law. | |
Shopping History: We store your shopping history. | We use this information in order to process returns, offer additional products and services or handle any other inquiry you may have. Furthermore, we may use this data in order to analyze customers’ preferences, enhance and personalize your shopping experience and improve our services. | |
Newsletter Registration: If you agree to receive our newsletter, you will be required to provide us with your email address and name. You can unsubscribe at any time through the “unsubscribe” link within the email or by contacting us directly. | We use this information solely to provide you with the content you have requested. | |
IP Address: When you access the website, we, or third parties on our behalf (such as Google Analytics) collect your Internet Protocol (“IP”) address. | We use the IP address in order to: maintain and manage the website; customize and improve our website and the content and services provided therein, as well as enhance your experience; in order to perform research, analytic and statistic activities regarding traffic flow and users’ interaction with our website; detect fraud, detect and resolve security or technical issues; We also use IPs for remarketing purposes, as detailed in the “Cookies” section below. | |
Technical Data: We collect information about your interaction with the website. This may include your aggregated usage information and technical information transmitted by your device, including but not limited to: type of browser and settings, operating system, type of device, pages viewed within the website, Devices viewed, date and time stamp, duration of your visit on each page, approximate geographical location, and the path taken in the website. | We use this technical data in order to enable your use of the website. The technical data is required for functionality purposes. | |
How We Collect Information
According to the nature of your interaction with the website, we may collect information as follows:
- Automatically – we may use cookies and similar tracking technologies (as elaborated in the Cookies Section below) to gather some information automatically when you access the website.
- Provided by you voluntarily – we will collect information if and when you choose to provide us with information, such as through a checkout process, contact us form or chat.
Cookies & Opt-Out
When you access the website we may use “cookies” (or similar technologies). The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are very helpful and can be used for various different purposes. These purposes include allowing you to navigate between pages efficiently, enable automatic activation of certain features (i.e., shopping cart), remembering your preferences, your interest in products, and making the interaction quicker and easier. Cookies are also used to help customize your experience and for advertising purposes. You can find more information about cookies at: www.allaboutcookies.org.
There are several types of cookies we use:
- Essential, Functionality, Operation & Security Cookies. These cookies are essential for enabling user movement around the website, for the website to function properly, and for security purposes (i.e., used to authenticate users, prevent fraudulent use, and protect user data from unauthorized parties). This category of cookies either cannot be disabled, or if disabled, certain features of the website may not work.
- Analytics, Measurement & Performance Cookies. These cookies are used to collect information about how users use our website, in order to improve our services and website. These cookies enable us, for example, to assess the number of users who have viewed a certain page or product, as well as their country of origin.
- Targeting & Advertising Cookies. These cookies are set through our website by our advertising partners. They may be used by those companies to profile your interests and show you relevant ads on other sites. They work by uniquely identifying your browser and device. If you do not allow these cookies, you will not experience our targeted advertising across different websites.
We use the following third-party cookies and their integration applications on our website:
For additional information on our use of Google products, click here. Please note that most browsers will allow you to erase cookies from your device, block acceptance of cookies, or receive a warning before a cookie is stored through your device or browser settings. However, if you choose to disable cookies, some features of our Services may not operate properly and your online experience may be limited. For more information about cookies and your controls in this regard, please review your browser settings. We have included the settings of the major browsers below for your convenience:
You may also opt-out directly from third party retargeting cookies or other ad-technology trackers through self-regulator services like the Network Advertising Initiative’s (“NAI”) website – NAI consumer opt-out page or the Digital Advertising Alliance’s (“DAA”) website – DAA opt-out page;
Who We Share Your Data With:
Except as set forth in this Privacy Policy and below we do not share any Personal Data collected from you:
- Law Requirements– we will fully cooperate with any law enforcement authority or court order requesting or directing us to disclose the identity, behavior or digital content of any user suspected to have engaged in illegal or infringing behavior and thereby we may also release your information when we believe release is appropriate to comply with the law, or protect ours or others’ rights, property, or safety;
- Policy Enforcement and Our Rights– we will share your information solely to the extent needed to enforce our policies, including investigations of potential violations thereof or to detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues, as well as to the extent needed to establish or exercise our rights to defend against legal claims;
- Corporate Transactions– we may share Personal Data, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). In such case, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy;
- Authorized Disclosures – we may disclose your Personal Data to third parties when you consent to a particular disclosure, or in order to perform our contract with you (e.g., with the delivery services). Please note that once we share your information with another company, that information becomes subject to the other company’s privacy practices.
We may share or use aggregated or Non-Personal Data with third parties in any of the above circumstances, as well as for the purpose of providing and improving our service as detailed above.
User Rights
We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make informed decisions about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your information, according to applicable data protection and privacy laws. The principal rights are, among others:
- the right to access your Personal Data;
- the right to ensure your Personal Data is accurate, complete and up-to-date;
- the right to have your Personal Data amended (by correction, deletion, or addition of information);
- the right to withdraw consent, subject to legal or contractual restrictions and reasonable notice;
- the right to object to processing of your Personal Data;
- data portability; and
- the right to file a complaint to a supervisory authority (in the event you are EEA resident).
Please review our Data Subject Rights Overview to learn more.
If you wish to exercise any or all of the above rights, please fill in the data subject request (“DSR”) form available here and send it to our privacy team at: [email protected]. Please include the rights that you wish to exercise in the DSR form and if applicable, what Personal Data you would like to receive.
Where we are not able to provide you with the information you have asked for, we will endeavor to explain the reasoning for this and inform you of your rights. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable laws. In addition, the process of locating and deleting the data may take up to thirty (30) days (following the receipt of the validation proof we require) in accordance with applicable laws. Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.
Retention
We retain the information we collect for as long as needed to provide the Services, carry out our business purpose, perform our contract with you, comply with our legal obligations, resolve disputes and enforce our agreements, subject to, in accordance and in compliance with applicable laws. We are entitled to rectify, replenish or remove incomplete or inaccurate information, at any time and at our sole discretion.
The table below sets forth our retention policy with regards to Personal Data:
Data Sets | Retention Period |
IP address | 60 Days. |
Contact Details | For as long as required subject to applicable laws. |
Billing and Shipping information | For as long as needed to perform the services and comply with our legal obligations. |
Where Do We Store Your Data, Safeguards and Data Transfers
We take great care in implementing and maintaining the security of the website and your information. We employ industry standard procedures and policies and implement technical and administrative security measures to ensure the safety of our users’ Personal Data and prevent unauthorized access or use of any such information. For more information regarding our security measures, please click here.
Our website is based on the WooCommerce platform, meaning your information will be processed by WooCommerce servers and systems. WooCommerce privacy policy is available here. Furthermore, we use JetServer services which are located in Israel, details regarding the security measures taken by JetServer are available here.
We may store or process your Personal Data outside of your jurisdiction. If you are a resident of a jurisdiction where transfer of your Personal Data requires your consent, then your use of our website and the services available therein includes your consent for such transfer of your information. If you are a resident of the European Economic Area (“EEA“) we will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer outside of the EEA.
If you feel that your privacy was not treated in accordance with our Privacy Policy, or if any person attempted to abuse our website or acted in an inappropriate manner, please contact us directly at [email protected]. Furthermore, in the event of a data breach, in which we discover your Personal Data is at risk, we will notify you through the website or, if technically possible, by sending you an email, and the applicable authorities, subject to applicable law requirements.
Do Not Track Disclosure
We do not respond to Do Not Track signals. For more information about Do Not Track signals, please see http://www.allaboutdnt.com/.
Children Information
The website or Devices are not appropriate or intended for individuals under the age of 18 (or minors as otherwise defined in the applicable jurisdiction), and the Company does not knowingly collect or maintain information from users who it positively knows are children. If we later obtain actual knowledge that a user is considered as a child under the applicable law, we will take steps to immediately delete his/her Personal Data. We request that such individuals do not provide Personal Data through the website. If a parent or guardian becomes aware of Personal Data we have collected from a child, we invite him/her to contact us at: [email protected]. Additionally, if you become aware or have any reason to believe that a child has shared any information with us, please contact us (as detailed below) and we will take reasonable steps to ensure that such information is immediately deleted from our files.
Contact Us
If you have any questions or comments about this Privacy Policy, or any concerns with respect to how your privacy any information are handled, please contact our privacy team at: [email protected]. or through the designated forms available on the website.