www.esmebeautysupply.com is owned and operated by Esme beauty Supply, having its principal office in Cyprus. (“ESME”). ESME is committed to ensuring the confidentiality and privacy of our Subscriber’s personal information. We are guided by the General Data Protection Regulation (GDPR) (EU).
We made good efforts to make it sure that we meet the requirements of GDPR compliance to the best of our knowledge to protect the security of your Personal Information. We will only use and disclose your personal information for the primary purposes of our business when you have given express consent to do so. We do not disclose your personal information to any third party.
User means an individual, who use ESME Services, including, without limitation: (a) an individual who purchases any other products sold by ESME; (b) User who purchases online products;
Personal Information means any information or an opinion about an identified User, or User who is reasonably identifiable, whether that information is true or not and whether recorded in material form or not. This includes name, email address, mailing address, telephone number, billing information, account information, and other information incidental to providing or receiving Products or Services.
Site means any of the following websites (or any other websites that ESME may develop or have developed from time to time): www.esmebeautysupply.com.
By providing your Personal Information to us, you acknowledge and agree that:
If you register or create an account -
If you register or create an account on the Site, we require that you fill out a form to register with us. We collect your name, contact information and other information, and may ask you for other optional information that helps us serve you better.
If you place order for Products -
If you place an order for our products, we collect your contact information as necessary to fulfill the order (such as name, address, email address or telephone number) and optional information if you provide it.
If you pay for an online Services -
When you purchase online products, we do not collect payment information ourselves. Instead, you are redirected to our payment processor’s website, which collects directly your payment information. ESME only receives a notice of the receipt of the payment, a confirmation number (for verification purposes), the name and contact information of the recipient of the Service, and the name and contact information of the cardholder if different from the name of the person receiving the product.
If you pay for an order over the phone or by fax -
If we take an order over the phone or by fax, we collect the payment information directly from the person placing the order, transfer it to the payment card processor, and, after receiving confirmation of the payment from the payment card processor, we retain this payment information in a secured location, with restricted access, and in accordance with our internal record retention policy.
If you participate in a survey -
If you choose to participate in one of our surveys, we may collect Personal Information such as your name, email address (to avoid duplicate responses), as well as any other Personal Information that you may provide in your survey responses.
If you sign up to receive an ESME newsletter -
If you sign up to receive a ESME newsletter, we may collect information on the open rate of the newsletter, and whether a specific individual has clicked on a link contained in a particular issue of our newsletter.
If you participate in our blogs or forums or if you write to us -
We may collect the Personal Information that you provide in your correspondence and communications with us, or through your participation in surveys, blogs and forums.
If you interact with third parties regarding our products or services -
We may receive Personal Information about you from third parties, such as from, websites where we advertise, business partners and service providers. Some of this information pertains to a specific individual; other information can only be linked to an access point or a device.
We use Personal Information in order to provide and enhance the Services that we offer, as explained below:
To facilitate the use of the Site – We may use the Session Data to ease navigation through the Site, to enhance navigation (such as to determine the language of the country where the visitor is located), keep track of the shopping cart or keep track of login name and password in order to avoid requesting identity information when the visitor moves from page to page, and in general, to enhance the quality of our Site and the content provided on the Site.
To provide our Services -
The Personal Information collected from subscriber order forms is used to send to our records department. The limited payment information that we receive from our payment processors is used to verify that a Service has been paid for. We recommend that you read the privacy policies and statements that are posted on the relevant third parties' websites to understand their procedures for collecting, using, storing and disclosing Personal Information.
For research purposes -
We may use aggregated session data to better understand how our Site is navigated, how many visitors arrive at specific pages, which pages or content attract more viewers, the length and frequency of stays at our Site, the different types of searches of our Site content and databases, the types of browsers and computer operating systems that our visitors use, and the IP addresses from which visitors connect to our Site, in order to improve our Site and enhance our content.
We may use IP addresses to collect information -
This information is not associated with any individual and is therefore anonymous. The IP addresses are then disposed of in accordance with our record retention policy.
For maintenance purposes -
We may use IP addresses and session data to diagnose problems with our server and to administer our Site.
For marketing purposes -
Once we have obtained your explicit consent, we may use email addresses or other contact information to send mailings, newsletters. We may use your telephone number to contact you for marketing purposes. We may use pixel tags to monitor the open rate of our communications. This helps us understand the effectiveness of the communications that we send.
From time to time, we may disclose Personal Information to someone other than the individual who provided this information, as follows:
Service providers -
We may engage certain third parties to perform functions and provide services to us, including, without limitation, customer relationship management, contract management, shipment, order fulfillment, payment credit card processing, mass mailing, hosting and maintenance, database storage and management, business analytics, fraud prevention, direct marketing campaigns and survey administration.
To defend or enforce our rights -
ESME may use Personal Information to protect itself or to protect the Site, to respond to a breach of its terms and conditions, to prevent fraudulent activity, or where it is necessary to pursue available remedies.
Related companies -
We may disclose any Personal Information we collect to our related companies or may store or process Personal Information using systems which are shared with our related companies.
Merger, acquisition or bankruptcy -
Law enforcement and litigation -
Certain local, overseas or other government regulations may require that we disclose information that we hold. In such cases, we will use reasonable efforts to disclose only the Personal Information required under applicable law, such as in response to a facially valid court order, warrant or subpoena issued or made by a court, person or body. We may use or disclose Personal Information:
Aggregated data -
Other than as stated above, if ESME provides a third party with Personal Information, it will be in the form of aggregated data and used for product development, research or statistical analysis. Aggregated data is created from records that are stripped of all personal identifiers, such as a combination of thousands of answers to survey questions and instrument responses.
Service providers -
In connection with our general business operations, product/service improvements, to enable certain features, and in connection with our other legitimate business interests, we share your personal data with service providers who provide certain services or process data on our behalf. Service providers include customer relationship management providers, email providers, data storage and hosting providers, our accountants, accounting systems and legal representatives, analytics providers, and customer support system providers.
In certain circumstances, we share your personal data with any of our current or future affiliated entities, subsidiaries, and parent companies in order to streamline certain business operations, improve personalization, and develop products and services that better meet the interests and needs of our customers, and provide you with information we believe will be of interest to you.
Social Media -
In order to improve personalization, deliver more relevant advertisements, and develop better products and services, in certain circumstances and where permitted by applicable law, we share certain personal data with current or future affiliated entities and trusted third parties that provide marketing, advertising, or similar promotional services, and in certain circumstances we will allow third parties (such as Facebook, ad exchanges, data management platforms, or ad servers) to operate on our Site and process data for behavioral advertising.
Corporate Events -
Your personal data will be processed in the event that we go through a business transition, such as a merger, acquisition, liquidation, or sale of all or a portion of our assets. For example, it is possible that personal data will be part of the assets transferred or may be disclosed (subject to confidentiality restrictions) during the due diligence process for a potential transaction.
We retain your responses and the related Report associated with the user ID or transaction number that our Customers provided us in accordance with our internal record retention policy and for at least five (5) years from the date when a Subscriber terminate his/her Subscription. Thereafter, we retain the Subscribers records in an anonymized format for as long as the information is needed for our research, statistical analysis or product development.
We follow generally accepted industry standards such as GDPR to protect personal information, during transmission and once we receive it. We use administrative, physical, and technical measures designed to protect it from unauthorized access, loss, misuse, disclosure, alteration or destruction.
Any data collected by ESME for the purposes of assessments and to provide its Services is protected by encryption. This means we keep data in an unreadable state unless a user or process presents the appropriate key. In accordance with GDPR, this simple control method restricts data processing only for authorized use and restricts the amount of time that you are identifiable by your data. Our data is encrypted at rest and in transit. Encryption prevents unauthorized data manipulation; limits data access to authorized users and monitors key usage to ensure that the data cannot be changed without authorization. ESME’s use of encryption together with our access controls provides users to have confidence in their data’s integrity.
When we need to transfer information out of our firewall, we use encryption methods to protect your data while in transit through the internet. We use encryption and a comprehensive authentication protocol to provide reasonable security. Therefore, while we use the highest standards commercially available to protect your personal information, no method of transmission over the internet or method can ever guarantee its absolute security.
Identity theft -
Identity theft and the practice currently known as 'phishing' are of great concern to us. Please understand that you also have a responsibility in protecting your information. The only time when an ESME associate may contact you (via electronic communication, postal mail, telephone, etc.) about your credit card or payment information is in connection with a transaction that you have initiated. Otherwise, no one from ESME is permitted to contact anyone to request your credit card information, national identification number, or other identifier or sensitive information in a non-secure or unsolicited email or telephone communication.
We will exercise reasonable efforts to keep your Personal Information accurate. However, we need your help in making sure that your Personal Information is correct in our systems. Please notify us of changes to information that you have previously provided by contacting us as indicated in the Contact Us section (below).
Whenever we transfer your personal data out of the European Economic Area (EEA) to countries not deemed by the European Commission to provide an adequate level of personal data protection, the transfer will be based on one of the following safeguards recognized by the European Commission as providing adequate protection for personal data, where required by EU data protection legislation:
Contracts approved by the European Commission which impose data protection obligations on the parties to the transfer. For further details, see European Commission Model contracts for the transfer of personal data to third countries.
Right of access, modification -
In general, you have the right to access your Personal Information and to correct or update the Personal Information that you have provided to ESME. If you wish to do so, please contact us with proof of identity, as provided in the Contact Us section (below). You can expect a response to your request within 5 business days.
If you are Subscriber to the Service and you wish to have access to a copy of your responses to an Assessment or a copy of the Assessment Report that ESME prepared from the evaluation of your responses, please contact the Test Supervisor who is managing your specific Assessment.
Right to be forgotten -
If you wish to cancel your account or request that we no longer use your information to provide you services, please contact us with proof of identity, as provided in the Contact Us section (below). We will accommodate your request to the extent practicable and to the extent that it does not otherwise conflict any of our other obligations. We reserve the right to retain and use your information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
Right to opt-out of the use of your Personal Information -
You may unsubscribe from receiving a newsletter by contacting us as set out in the Contact Us section (below) or clicking on the unsubscribe link provided in the newsletter.
If you wish to opt-out of direct marketing communications, you can always do so by contacting us as set out in the Contact Us section (below). In some cases, we may not be able to remove your Personal Information, in which case we will let you know this and explain why.
Right to Block Cookies -
You have the right to block cookies and pixel tags. Most browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies, or prompt you before accepting a cookie from the Site that you visit. If you decide not to accept our cookies, you will be able to access those parts of our Site that are available to the general public, but you will not be able to access most of our Services.
The ESME Services are not intended for use by children and ESME does not knowingly collect or solicit personal data from children. In the EU, a child is anyone under the age of 16.
If you are a child, you may not attempt to register for the ESME Services or send any information about yourself to ESME, this includes name, email address or phone number. In the event that we confirm that we have collected personal data from children without verification of parental consent, we will delete that information promptly. If you are a parent or legal guardian of a child and believe that we might have any information from or about such child, please contact us at email@example.com.
By email: firstname.lastname@example.org