Notice To California Residents – Your Privacy Rights
We collect information from you on this Site to provide a meaningful, safe, efficient, and customized experience. We use this information to:
make it easier for you to use this Site,
communicate with you about your orders, billing and payment,
verify your identity when you make a purchase on our Site,
help you more quickly find information on ipsy's products and services,
provide targeted online marketing for the Site,
create content on this Site that's more relevant to you, and
alert you to new products, services and special offers that might specifically interest you.
When You Join ipsy. In order to join ipsy you must complete a beauty quiz that asks for beauty profile information like your skin tone, eye color, hair color, beauty brands and products you love, and where you usually shop for beauty products (your "Beauty Profile"). We use the Beauty Profile information to personalize your experience. If you subscribe to our Glam Bag program then we will use the Beauty Profile information to send you Glam Bag items that fit your unique profile, alerts about ipsy products, services, and other beauty news that might interest you.
At the end of the beauty quiz, in order to join ipsy you must choose a username and password. Your username will be visible to other ipsters when they visit the Site, so please choose carefully. You also must provide a valid email address and your date of birth. We use your email to communicate with you about our Site and your registration. We ask for your date of birth to make sure you're old enough to use our Site and services. And, of course, we also like to wish you a happy birthday.
If you provide us your email address but choose not to become a member, then we will retain your email address for a period of time to invite you back to the Site.
We use the this information, along with your email, for billing purposes, to fulfill your orders, and to communicate with you about your orders.
We collect your credit card information through our Site. The credit card information is encrypted, and transmitted for storage to a high security vault according to strict industry standards. Once the data reaches the vault it is "tokenized". That means no credit card information is retained in ipsy's own systems. Instead we retain a token associated with your account that has no intrinsic value. Your credit card information is not exposed anywhere in our own systems. Please do not send your credit card information to our team directly, for example by emailing this information to an ipsyCare representative. Please use our secure, online system to enter your credit card information.
When You Request Information from Us. If you want us to notify you regarding particular products or special offers, including Giveaways, or if you sign up for our emails, you'll need to give us your email address. We use it to honor your requests, whether that's emailing you information about certain products or emailing you to tell you about an ipsy Giveaway.
When You Post Public Content. We use this content to bring our community of fabulous ipsters to life.
Public information you post on the Site. Information you post publicly on our Site is intended for public consumption. Please be aware that your username and profile image will be publicly displayed. The date you joined ipsy and some information from your Beauty Profile (such as skin tone, hair color and eye color) will may be publicly displayed under your user name, as well as reviews, photos, looks, videos and comments you choose to post. In addition, postings you make on our Site may appear when Internet users execute searches on the subject of your posting. If you do not want this information to be displayed, you may terminate your account at any time. Please note that if you are a minor, living in California, and you have posted information publicly that you cannot remove yourself, you have the right to request it be hidden from public view. If you wish to have this information removed, please email us at firstname.lastname@example.org and request removal. We may request additional information from you in order to complete your request.
Site visitors may be able to identify you or associate you with your ipsy account if you include personal information in your account profile or in any content you post. We cannot control who reads your postings or what other users may do with the information you voluntarily post, so we encourage you to exercise discretion and caution with respect to your personal information.
You can reduce the risk of being personally identified by choosing a username and profile image that do not identify you and by taking care to exclude any personal information in your comments, reviews, looks, or videos. You can change your username and profile picture at any time by logging into your account.
Public information you post on other sites. We also may collect information you post publicly on third-party sites, but only if you choose to follow instructions we provide. For example, we may collect pictures you post publicly on Instagram and re-post them on our Site, but only if you choose to use the hash tag "#ipsy" inside your Instagram post. You can always have us remove the information from our Site by emailing us using this link: help.ipsy.com/customer/portal/emails/new.
When You Share Information about Your Contacts. You may choose to share personal information about friends, relatives or colleagues with ipsy, such as the person's name, shipping address and email address. Please do not do so without their express permission.
You may choose to manually invite your friends to ipsy by using the "Invite with Email" button on the Site or by uploading data about your contacts to the Site. You also may grant ipsy permission to access your contacts list and pull the email addresses of your contacts to invite them to the Site.
When You Connect to Us with a Third-Party Service. You can connect to your ipsy account using external third-party services. The Site collects personal information about you from your social media accounts, but only if you opt-in and permit us to do so. When you connect to us through a third-party service like Facebook, Twitter, Google Plus, and Instagram, we receive information from that third party identifying your account. We collect and store this information and use it to help you connect to our Site and to share your public content. Connecting your ipsy account to a third-party service is completely optional, and you will have the opportunity to grant permission when you attempt to connect. You can revoke permission by logging into the third party service and disconnecting the ipsy application from there, and through the native applications on your smart phone. We may retain the information we collected previously from you.
Information We Automatically Collect or Receive.
Log Files. Like most sites, ipsy automatically receives and stores in log files certain information from your browser when you visit the Site. This information includes your Internet protocol ("IP") address, browser type, Internet service provider, the referring/exit pages, your operating system, and the date/time stamp of your Site visit. We use this information, which doesn't identify individual Site visitors, to analyze and understand how the Site works for you so we can improve it, to administer the Site, and to gather demographic information about Site visitors for targeted online marketing purposes. We may link this automatically collected information to your personal information.
Cookies and Other Tracking Technologies Policy.
We use a variety of technologies to help us understand how you use ipsy.com our ipsy apps, and our services (collectively, "ipsy"). This guide explains the tracking technologies ipsy uses and is part of our commitment to a high standard of transparency in our privacy practices.
Types of tracking technologies
Cookies. This is a small data file sent from a server to your web browser that is stored in your browser and sent back to the server each time the browser makes a request to the server. Cookies can improve a site user's experience by, for example, allowing the site to keep a user logged in while browsing, saving a user's site preferences, and allowing a user to add items to a shopping cart and preserve cart contents between site visits, even when the user is not logged in.
Clear gifs, web beacons, tracking pixels. These are tiny graphics with a unique identifier. They function similarly to cookies and are used to track the online movements of web users. Unlike cookies which are stored on a user's computer hard drive, clear gifs are embedded on web pages and are single pixel wide. ipsy does not tie information gathered by clear gifs to your personally identifiable information.
If you have turned on location services in your mobile device, we may collect information about your geolocation. If you do not want us to collect this information, you may turn off location services on your smart phone. Turning off location services will not affect your ability to access the app, but you may not be able to access certain geolocation based promotions that ipsy may offer from time to time.
Tracking Technology Lifespans
Single-session tracking technology: lasts only as long as your site visit. Single-session cookies expire and delete themselves when you leave the site or close your browser. They are used for technical purposes such as enabling better navigation through a site or generating aggregated statistics about how a site is used. Single-session cookies do not publicly expose your personal information.
Multi-session or persistent tracking technology: remains on your browser or mobile device until you choose to delete it or the cookie expires. Persistent cookies are used to recognize a computer that has previously visited a site. This can improve the user's experience, for example by continuing preference settings from previous visits and by allowing users to login without entering a password with every site visit.
We use tracking technologies for these general purposes:
Because it is strictly necessary. This tracking is needed to make ipsy work properly.
For performance. This tracking helps ipsy understand how the Site is functioning so ipsy can improve the Site.
For functionality. This tracking retains your personal preferences as you use the Site.
For advertising. This tracking gathers data to help deliver advertising to you that interests you.
Cookies ipsy currently uses
Single session cookies are used to ensure the Site displays correctly on your device.
Persistent cookies are used to measure Site metrics such as which pages are popular, how often people visit the Site, whether people are visiting the Site for the first time, and whether visitors make purchases on the Site. They also are used to enhance Site functionality, for example to allow returning users to use the Site without logging in.
Cookies for email subscribers
Third Party Cookies
ipsy partners with third-party service providers who set cookies and tracking pixels for Site visitors and members on our behalf in order to deliver their services. These services include targeted online marketing and analysis of data collected through cookies. These technologies allow a partner to recognize your computer or mobile device each time you visit ipsy.com or other sites that also utilize the third party's services, but do not allow access to personally identifiable information from ipsy.
Third parties may choose to include ipsy widgets on their sites. When you load a site that has chosen to include our widgets, we receive analytics information through a cookie that may be used to enhance our data or to improve our services.
You can delete cookies stored in your browser at any time. You also can choose not to accept cookies from any site, including ipsy.com, by changing the settings of your browser. If you reject or block all cookies in your browser settings, then you will not be able to fully use ipsy's services.
ipsy does not currently act on "do not track" request headers.
Created: February 9, 2015
Information collected automatically. We automatically collect information from your browser or device when you visit the Site. This information includes your IP address, device ID, your browser type and language, access times, the content of any undeleted cookies that your browser previously accepted from us, and the referring site address.This information also includes your operating system or application, your location, and your activities voluntarily have submitted to us (for example, your email address). If you are accessing our third party Affiliate’s stores through the ipsy shopper app, this information is automatically collected, too.
Information collected from your mobile device When visiting any of our mobile applications, we may use an advertising identifier created by your mobile operating system to store information on our servers and later retrieve it. The Android Advertising ID and Apple iOS IDFA are examples of advertising identifiers. For more information about advertising identifiers, please check the settings of your mobile device.
If you're not an ipsy member but we contacted you, then we may have received your contact information from one of your friends. An ipsy member may give us your name and email address so ipsy can send a personalized invitation to you to join ipsy. We also may send you personalized email ‘reminders' about ipsy from your friends. Similarly, an ipsy member may provide your personal information to us so we can ship a gift or other merchandise to you. We ask your contacts to share your personal information only with your permission, and you may unsubscribe from any marketing email you receive by following the unsubscribe link contained at the bottom of the communication.
Information we collect from you may be either personal or aggregate. Personal information is identifiable to you, like your name, email address, shipping and billing addresses, credit card information, and phone number. Aggregate information is summary data of the behaviors and interests of groups or categories, so it won't identify you.
Aggregate Information. We use aggregate information for the purposes of internal business research, sales and business development and reporting back to our brand partners. We may share aggregated information about our visitor and user base with third parties such as our advertising partners. This information may include the number of daily visitors to our Site and the number of orders placed on a certain date. We also may share Beauty Profile information with brand partners. We do not link aggregated data with our ipsters' personal information.
Personal Information. We do not sell, rent, trade, license, or otherwise disclose your personal information to third parties, except in these limited circumstances:
Disclosures to ipsy Agents, Consultants and Related Third Parties. Like most Internet retailers, we use third parties to help ensure our business runs smoothly. We disclose your information to these third-party companies so they can perform their specific functions for us. For example, we may provide your name, shipping address, email and phone number to third-party shippers like the U.S. Postal Service and the United Parcel Service to deliver our products to you. We also may provide your credit card information to third-party credit card processors and issuers to help us process your orders from us. ipsy’s third party vendors may recognize a tracking code used by your browser or application to enable you to receive customized content, or to enable you to use other technologies such as tags and scripts. The tracking code may reflect de-identified demographic or other data linked to data you. When we employ other companies to perform functions of this nature, we only disclose the information that they need to perform their requested function. We do not authorize them to retain, share, store, or use personal information provided by us for any other purpose.
If you visit or make a purchase from ipsy Shop or our ipsy shopper app, we disclose to our Retail Partners your name, and shipping address so that they may fulfill your order and ship products directly to you. We also share your email address with the Retail Partners whose product you purchase in case they need to contact you about that product. We may also disclose to our Retail Partners information about the frequency with which you purchased or accessed a product, which may in turn result in you receiving an email or push notification about that product or service.
Disclosures Required by Law or Otherwise. We may disclose your personal information if we believe, in good faith, that it's necessary to: (1) comply with a legal obligation such as in response to a court order or subpoena; (2) protect the safety of fellow ipsters or the public; (3) protect against legal liability; or (4) protect and defend ipsy's rights or property.
Disclosures of Giveaway Winners. We post the ipsy user names or social media handles of our lucky Giveaway winners on our site or social media pages such as Facebook page.
Disclosures through Social Media. Remember that you control the privacy settings on each of your social media platforms. We allow you to share information from the Site to social media. In order for this to happen you first must opt-in. You can revoke permission to do this by logging into the social media service and disconnecting the ipsy application from there.
Log Into Your Account. You can change the personal information you provide to us and remove any content you post publicly on our Site, including reviews, looks and videos, by logging into your ipsy account and making the appropriate changes.
Opt-Out. You can always "opt-out" of having your personal information used for certain purposes. At your request, we will stop sending you certain emails or even deactivate your account to prevent any future purchases through it. You can submit these requests at any time by emailing us at help.ipsy.com/customer/portal/emails/new.
Block Cookies and Targeted Advertising. You can prevent ipsy and its third-party partners from setting and accessing cookies on your computer by setting your Internet browser to block cookies. You also may remove yourself from the targeted advertising of companies participating in the Digital Advertising Alliance program by opting out here: aboutads.info/choices/
Our Site does not act on "do not track" request headers, but you can still limit tracking by taking these steps.
Cancel Your Subscription or Deactivate Your Account. You may cancel your Glam Bag subscription by logging into your account, clicking on "My Account" and choosing "cancel subscription" under "Subscription & Purchases." You may deactivate your ipsy account by emailing us at help.ipsy.com/customer/portal/emails/new with the subject line: "Account Deactivation Request."
Contact Our Retail Partner Our Retail Partners each have their own privacy policies and methods for you to opt-out of having your personal information used for certain purposes. Please contact the Retail Partner directly for more information. You may find a list of the Retail Partners here.
At ipsy, we take data security seriously. We use technical, physical and administrative safeguards. Online, we encrypt your personal information using Transport Layer Security (“TLS”). TLS allows for a private, reliable Site connection where your identity is authenticated with cryptography. Offline, we restrict access to your personal information to only those ipsy employees who need it to perform a specific job function. And we require all ipsy employees with access to your personal information to follow specific practices concerning its proper handling. We also hold our vendors who need access to your personal information to strict confidentiality requirements. Third-party service providers assist us with the physical security of some of our computer hardware. When you visit our Site, you access servers that we backup constantly. Our servers are hosted at locations which are private and secure data center facilities, behind physical and virtual firewalls.
But please remember, while we use industry-standard precautions to safeguard your personal information, we can't guarantee absolute security. We wish we could, but 100% security just doesn't exist anywhere online or off.
We share personal information with others outside of ipsy, such as third party shipping companies, so that they may fulfill orders for product you may purchase from ipsy.com or through ipsy Shop. We also share personal information with Retail Partners if you purchase the Retail Partner’s product through ipsy Shop or the ipsy shopper app. Please see How We May Disclose The Information We Collect Or Receive.
ipsy will retain your information as long as we deem necessary. If you no longer want ipsy to use your information to provide you Services, you may close your account. If you close your account then your profile and the content you posted to the Site will no longer appear on the Site.
You may inform us of any changes or requests about your personal data, and in accordance with our obligations under local data protection law, we will use all reasonable means to update or delete your personal data accordingly. Please email ipsyCare using this link: help.ipsy.com/customer/portal/emails/new. You should not expect that all of your information will be completely removed from our databases in response to your request. ipsy will retain and use your information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
Created: January 1, 2012
Last Updated: April 10, 2017