Privacy Policy

Gemma Privacy Policy

Last Updated: May 16, 2019

Please review the following Privacy Policy (the “Privacy Policy”). This Privacy Policy outlines how Gemma Labs Inc. (“Gemma”, “we”, or “us”) collects, uses, and shares personal information about you through the Gemma websites (www.gemmahaircare.com, www.gemmalabs.com, www.mygemma.com) (the “Sites”), any Gemma mobile applications that provide a link to this Privacy Policy, and all related services (the Sites, applications, and services are referred to collectively as the “Services”). If you don’t want us to collect or process your personal information as described in this Privacy Policy, you should not use the Services.

1. Scope of the Privacy Policy. This Privacy Policy applies to information that we collect when you use or interact with the Services. This Privacy Policy does not apply to third-party websites over which we have no control, although links to such websites may be presented through the Services. We are not responsible for the privacy policies or practices of third parties or third-party websites.

2. Changes to Privacy Policy. We reserve the right to make changes to this Privacy Policy at any time in our sole discretion. If we do so, we will post the revised version of the Privacy Policy on the Sites and will indicate when the Privacy Policy was last revised. If we make material changes to this Privacy Policy, you will be notified via the email address you’ve provided to us or through a prominent notice posted on the Sites or through the Services. Please review our Privacy Policy periodically so that you remain informed about our information practices.

3. Types of Information We Collect

3.1 Personal Information and Non-Personal Information. The information that is collected about you includes information that is considered “Personal Information,” which means any information that could reasonably be used to directly identify a natural person. Personal Information does not include aggregated or anonymized information, any publicly-available information about you, or information about you that is provided by third parties (“Non-Personal Information”).Examples of Non-Personal Information include physical location information, demographic information, or any other information that has been anonymized, aggregated or de-identified so that it cannot be used, directly or indirectly, to identify you. Nothing in this Privacy Policy restricts the sharing of Non-Personal Information, which may be shared with third parties at our discretion.

3.2 Information You Submit Directly. We collect personal information that you provide directly to us when you use the Services, including information that you submit to us when you: create a Gemma account, place an order, update your information through your account settings, email us, submit inquiries or information through mechanisms on the Sites, respond to quizzes, or interact with us via social media. The personal information that we collect directly from you includes, but is not limited to:

    • Contact information (e.g., name, address, email address, phone number)
    • Billing information (e.g., credit/debit card information, billing address)
    • Account information (e.g., username, password, security questions and answers)
    • Gender
    • Date of Birth
3.3 Information We Collect Automatically. We also collect information from you automatically during your use of the Services. We receive and record information from your browser or your mobile device when you visit the Sites or use the Services, such as your IP address or unique device identifier, operating system, cookies, date and time of visit, length of visit, pages viewed, and referring URLs. We store this information in log files. We may combine this information collected from your browser or mobile device with other information that we or our partners collect about you, including across your devices.
3.4 Cookies and Tracking Technologies. Technologies such as pixels, cookies, beacons, tags, and scripts may be used by us and our third-party marketing partners, affiliates, and analytics or service providers (e.g. user interaction and marketing analytics). These technologies are used in analyzing trends, administering the Services, tracking users’ movements through the Services, and gathering demographic information about the Services’ user base. We may receive reports based on the use of these technologies from the third parties on an individual or aggregated basis. In addition, third-party service providers, including Google, may use these technologies in order to better provide you with advertisements relevant to your interests. The Services also use cookies to remember your settings or for authentication (e.g., log-in credentials). Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use the Services, but your ability to use some features or areas of the Services may be limited.
3.5 Social Media. When you access the Services through a social network, such as Facebook or Instagram, we may collect information from the social network where permitted by the settings of your social media account. If you interact with us on social media, we will collect information about those interactions. The information we may collect includes your name, picture, and email address. We may also collect information about you from third parties, including mailing list providers and publicly available sources, or persons that refer you to Gemma.
4. How We Use Your Information. By creating a Gemma account, engaging with features of the Sites or Services, or otherwise using the Services, you consent to our use of your information as described herein. In addition to uses described elsewhere in this Privacy Policy, we may use your information to:
  • process and fulfill orders you place for Gemma products;
  • provide targeted, or location-based content, services, and advertising through the Services and from third parties;
  • aggregate data regarding your use of the Services, and generate reports relating to such use, which reports may be produced by third-party service providers;
  • contact you with promotional materials and other information of interest (if you decide at any time that you no longer wish to receive such communications from us, you may unsubscribe through the link provided in any of the communications or through your account settings);
  • provide you with personalized content and services offered by us;
  • moderate, display, and disseminate any information and other content you have submitted through the Services;
  • customize, modify and improve the features, performance, and support of the Services;
  • offer and conduct surveys, sweepstakes, contests and other promotions;
  • assist with our internal operations, including troubleshooting, data analysis, testing, research, and service improvement;
  • detect, identify, investigate, and respond to fraud or illegal activities; and
  • communicate with you or initiate communication with you on behalf of third parties through your account or through other means such as email, telephone (including mobile phone), or postal mail, including through the use of contact information that you provide to us or (where it is lawful for us to do so) that we otherwise obtain from third-party resources.

Information you post to public areas of the Sites and Services (including any areas that may be viewed by other users of the Sites) may be accessed, used, and stored by third parties around the world. We cannot control how others may use information you choose to post to public areas of the Sites or Services.

5. How We Share Your Personal Information. We do not sell your Personal Information to any third party, but your Personal Information may be shared with third parties either directly by you through the features of the Services (within your control) or by Gemma in the circumstances described below.

5.1 With Your Consent: When you expressly consent to allow us to share your Personal Information for specific uses, this includes through accepting any notices on the Sites or through the Services.

5.2 With Our Service Providers and Vendors: As reasonably needed to operate the Services, including without limitation, the processing and fulfillment of order, your Personal Information may be shared with certain third-party service providers, vendors, agents, and other persons who assist us in providing the Services. Such third parties may access your information as necessary to perform their functions and such parties will be required to adhere to confidentiality obligations. The Services may also share aggregated information with third parties to allow such third parties to serve advertisements online. Some examples of third-party service providers and vendors that Gemma currently uses are:

5.2.1 We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
5.2.2 We use Google Analytics to help us understand how our customers use the Sites and Services. You can read more about how Google uses your Personal Information here: https://policies.google.com/technologies/partner-sites You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
5.2.3 We use Facebook Pixels to reach Sites visitors after they have left the Sites. Visitors to the Sites may be shown Gemma advertisements while using Facebook. You can read more about how Facebook uses your Personal Information here: https://www.facebook.com/about/privacy.
5.2.4 We use a third-party payment processor, Stripe, for Gemma subscription payments. Gemma does not store credit/debit card details. You can read more about how Stripe uses your Personal Information here: https://stripe.com/us/privacy.
5.3 In Order to Comply with Applicable Law: We will disclose your Personal Information if legally required to do so, or at our discretion, pursuant to a request from a government entity or if we believe in good faith that such action is necessary to: (i) meet legal requirements or comply with legal process; (ii) protect our rights or property, or that of affiliated companies, or the rights or property of others; (iii) prevent a crime; or (iv) protect the personal safety of other users or the public.
5.4 With Affiliates: We may share your Personal Information with business entities that we control or that are under our common control with us, who may use and share your Personal Information on the same terms as disclosed in this Privacy Policy.
5.5 In Connection with the Purchase of Our Business: We may transfer your Personal Information to an acquirer (and its affiliates or agents) as part of any sale of the business, whether such acquisition is by way of merger, consolidation, or purchase of all or a substantial portion of our or our assets. You will be notified of such an event by email or through a prominent notice posted on the Sites. This may also include as part of an insolvency proceeding or dissolution. Personal Information will not be sold independently as an asset of our business.
5.6 How We Store Information. We may retain certain information about you (including Personal Information) in an effort to make repeated use of the Services more efficient and practical. As a user of the Services, you can change or remove certain information by accessing, reviewing, correcting, updating, changing, or deleting such information through your account settings. However, we may retain all historical records of information that you have provided to us and we may continue to use it to the extent that it is anonymized and no longer personally identifying. If you do not sign into your account or use the Services for an extended period of time, your account may be terminated in our sole discretion, and all your user information may be made inaccessible. If your account information is deleted, either by us or you, we may retain copies of deleted information, which will remain subject to this Privacy Policy in all respects, including permitted sharing of such information.
5.7 Security of Your Information. You are responsible for keeping your account information and relevant passwords secure and private. We follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. Do not share your password or username with anyone else.
6. Information About Children. Our Services are not designed for children and we do not knowingly collect personal information from children. If a parent or guardian becomes aware that his or her child has provided us with personal information without their consent, he or she should contact us at: support@gemmalabs.com. If we become aware that a child under 21 years of age has provided us with personal information, we will delete such information from our files and terminate the child’s account.
7. Your California Privacy Rights. California Civil Code Section 1798.83 permits customers of the Gemma Sites who are California residents to request, once a year, certain information regarding Gemma’s disclosure of personal information, if any, to third parties for their direct marketing purposes. To make a request, please send an email to legal@gemmalabs.com with “Your CA Privacy Rights” in the subject line or write to us at: Gemma Labs Inc., 240 Second Avenue South, #300, Seattle, WA 98104.
8. Contact Us. If you have any questions about this Privacy Policy, please email us at: legal@gemmalabs.com.