Protecting your personal information is important to Lush Internet Inc. and its related parties and affiliates doing business as Lush or Lush Fresh Handmade Cosmetics (“Lush”, “we”, “our” or “us”). We strive to maintain our customers’ trust.
What We Collect
The types of information we collect depend on the nature of your interaction with us. We may collect personal information such as:
- contact information such as your name, billing address, shipping address, telephone number, email address;
- account information such as username, password;
- order and refund history;
- payment information such as method of payment, credit and debit card information, amount paid, signature;
- demographic information such as age, language preferences and other demographic information;
- information about your interests and preferences such as wish lists and marketing consent;
- information about the devices you use to shop online;
- certain information and data that may be collected when you visit a Website, such as pages viewed, your IP address, browser information, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, connection speed, read time, display time, and number of clicks, cookies and other online identifiers, or information collected when you interact with us on social media sites or through our electronic communications such as e-newsletters;
- your image with cameras used in our stores to track store traffic or otherwise administer our loss prevention program and promote security; and
- certain personal information contained in a resume, cover letter or similar employment-related materials, or any applicable pre-screening questions, if you apply for an employment opportunity with us.
You may choose not to provide us with your personal information. However, if you make this choice we may not be able to provide you with the product, service, or information that you requested.
In some cases, such as when you ask us to ship an order or you purchase a gift or gift certificate, we may collect information about someone other than you, such as the name, address, telephone number and email address of the recipient. You represent and warrant that you have the right and authority or have obtained all necessary consents to provide any information, including personal information of another individual, that is provided by you to Lush.
How We Collect Your Personal Information
We collect personal information from you in a variety of ways when you interact with Lush. Some examples include but are not limited to situations when you:
- create an account on our Website;
- order, purchase, exchange, return, or cancel an order for, any of our products or services, whether through a Website or in our retail stores;
- contact us, make an inquiry about any of our products or services or otherwise request information or assistance from us;
- communicate with our customer service representatives;
- sign up to receive catalogs and/or emails and information about new and limited edition products, special offers, events or other news;
- register and participate in our customer forums or other programs;
- provide feedback or make other submissions to Lush;
- participate in a contest, sweepstake or other promotions;
- participate in or respond to consumer survey or requests for consumer opinions, concerns or preferences regarding our products and services;
- apply for employment with Lush;
- engage with us on social media; or
How We Use Your Personal Information
- to develop, enhance, improve, personalize, market, sell, or otherwise provide products, services or information;
- to administer your account;
- to conduct commercial transactions including to process and administer purchases, exchanges, returns or other transactions that you may engage in with Lush, including at our stores or through our Services, and to communicate with you about those transactions;
- to contact you and respond to any requests or other communications that you may have had with us, including claims or requests for customer service;
- • to provide you with catalogues and emails about products, special offers, events or other news (more information regarding our use of your email address is provided below in the section regarding “E-Newsletters and other Electronic Communications”);
- to conduct and administer surveys and contests, sweepstakes and other promotions in which you have participated;
- to summarize in an aggregate format for statistical and research purposes, including, without limitation, to provide portions of this aggregated information to vendors, service providers or consultants to, for example, gauge the level of interest in our Services, advertising campaigns and electronic communications, plan for Website infrastructure improvements and/or plan and evaluate marketing initiatives;
- to perform data analysis and help us improve and customize our product and service offerings, Services and customers’ experience;
- to troubleshoot problems with the Services;
- to protect the security and integrity of our Websites and our business;
- to detect and protect against error, theft, fraud and other illegal activity and to otherwise administer our loss prevention program;
- to process and respond to applications for employment; and
- to comply with any legal or regulatory requirements.
From time to time, we may supplement information you give us with information from other sources, such as information validating your address or other information you have provided to us. This is to help us maintain the accuracy of the information we collect and to help us provide better service.
E-Newsletters and other Electronic Communications
You can change your preferences or opt to not receive email marketing communications from us by clicking the unsubscribe link in any email communication from us, or by contacting us using the contact information in the section below regarding “How to Contact our Privacy Officer”. Please allow up to ten (10) days for your preferences to be processed. Even if you opt out of receiving email marketing messages, we may still contact you by email for transactional or account-related purposes like confirming or following up on a purchase, order or service request, responding to customer service inquiries, or notifying you of product recall information.
Cookies and Similar Technologies
Most web browsers automatically accept cookies. If you would prefer to prevent your device from accepting our cookies, you may follow your internet browser’s steps for doing so on each device you use. Please note, however, that if you do disable cookies, you may not be able to shop on or access certain sections of our Websites. Also, your mobile device may not give you the ability to control cookies. If you wish to block cookies on our mobile applications, you will need to delete the application from your mobile device.
How We Disclose Your Personal Information
Lush does not sell or rent our customers’ personal information to any third party. However, in the normal course of business we may share some of your personal information with our related parties and affiliates and with third parties acting on our behalf or as permitted or required by applicable law.
Related Parties and Affiliates
We may disclose or otherwise make available personal information to third party service providers for processing or other purposes that support or facilitate our business operations or provide services on our behalf, such as for shipping, payment card processing, supporting the content, operation and maintenance of our Websites, facilitating and collecting customer reviews, and conducting surveys, contests, sweepstakes and other promotions. We contractually require all such service providers to keep your information confidential and secure, and to have privacy policies and practices with respect to personal information that are comparable to ours.
Sale of Business
Lush may disclose personal information we have about you in connection with a potential or actual purchase, sale, lease, merger, amalgamation or other type of acquisition, disposition or financing of all or part of our business or assets.
Lush may disclose your personal information as required or permitted by law, including, without limitation, to comply with a subpoena, warrant or other legally valid inquiry or order or applicable law, or to report improper or unlawful activity.
Storage, Retention and Security of Your Personal Information
Our related parties and affiliates and third party service providers may be located outside of Canada or the United States and this may result in personal information collected by Lush being stored or processed outside of Canada or the United States and, as a result, your personal information may be accessible to law enforcement, courts and regulatory authorities in accordance with the laws of such foreign jurisdictions.
Lush will retain personal information for as long as necessary for the purposes for which we originally collected it, or for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations.
Lush takes reasonable steps to protect personal information in our control against loss, theft, and unauthorized access, disclosure or misuse with administrative, technical and physical safeguards appropriate to the sensitivity of the personal information.
Internet or wireless communications are never completely private or secure and there is always a risk that any messages or information you send to or through a website or by email may be intercepted by others.
If you create an account on a Website, you will need to set a password to access your online account. We strongly recommend that you set a strong password including a combination of letters (including a mix of upper and lower case), numbers and special characters, and do not disclose your password to anyone. Lush will never ask you for your password in any unsolicited communication (including unsolicited correspondence such as letters, phone calls or email messages).
Accuracy of Personal Information and Your Privacy Preferences
If any of your personal information in our records is inaccurate or incomplete, we will amend that information at your request, subject to any exceptions prescribed by law. Requests for correction of your personal information should be directed to the Lush Privacy Officer using the contact information set out below in the section regarding “How to Contact our Privacy Officer”.
If you created an account on one of our Services, you can access and change your online account profile yourself. If you are not a registered Website user, you can contact us to update your information using the contact information in the section below regarding “How to Contact our Privacy Officer”.
Access to Personal Information
At your request, we will provide you a statement outlining the personal information we have about you in our records and how that information has been used or disclosed by us. You may also request access to your personal information in our custody or control. In order to verify that the information is being released to the proper individual, you may be asked to provide suitable identification or to otherwise identify yourself. In certain circumstances, access to personal information may be denied. If we deny your request for access, we will advise you of the reason for the refusal. Requests for access should be directed to the Lush Privacy Officer using the contact information set out below in the section regarding “How to Contact our Privacy Officer”.
Your California Privacy Rights
Consumers residing in California are afforded certain rights with respect to their personal information under the California Consumer Privacy Act (“CCPA”). If you reside in California, this section applies to you.
In the preceding 12 months, we have collected the following categories of personal information: identifiers; characteristics of protected classifications under California or U.S. law (such as demographic information); commercial information; internet or other electronic network activity; audio, electronic, visual or similar information; and professional or employment-related information. For examples of the precise data points we collect and the sources of such collection, please see “How We Collect Your Personal Information” above. We collect personal information for the business and commercial purposes described in “How We Use Your Personal Information” above. We may share your personal information with third parties as described in the “How We Disclose Your Personal Information” section above. In the preceding 12 months, we have disclosed the following categories of personal information for business or commercial purposes: identifiers; characteristics of protected classifications under California or U.S. law (such as demographic information); commercial information; internet or other electronic network activity; audio, electronic, visual or similar information; and professional or employment-related information. Lush does not, and will not, sell personal information to third parties.
You have the right to request (1) more information about the categories and specific pieces of personal information we have collected and disclosed for a business purpose in the last 12 months, (2) deletion of your personal information, and (3) to opt out of sales of your personal information, if we engage in that activity in the future. You may make these requests by calling 1-888-733-5874 or via our website chat. We will take steps to verify your identity before fulfilling your request. Please note that you may designate an authorized agent to exercise these rights on your behalf by providing a notarized power of attorney or other evidence that the agent has valid written authority to submit requests on your behalf. We will not discriminate against you if you exercise your rights under the CCPA.
How to Contact our Privacy Officer
In Canada and the United States:
Lush Fresh Handmade Cosmetics
8680 Cambie Street, Vancouver, British Columbia, Canada V6M 6P9
Attention: Privacy Officer