Privacy Policy for Oliva Beauty

Last updated: September 17, 2025

This Privacy Policy explains how Oliva Beauty (“Oliva Beauty,” “we,” “us,” or “our”) collects, uses, discloses, and protects your personal information when you visit our websites, contact us, make a purchase, subscribe to our marketing, or otherwise interact with us. By using our services, you agree to the practices described below, as well as any additional terms referenced in our Terms of Service and Return & Refund Policy.

1) Who we are & scope

Oliva Beauty is a skincare brand dedicated to natural, effective, confidence-building products and experiences. This Policy applies to personal information processed in connection with:

  • Our websites and online stores

  • Customer service and sales channels (email, phone, social media)

  • In-person events or promotions

  • Marketing subscriptions and surveys

This Policy does not cover third-party websites or services we do not control. Those have their own privacy policies.

2) What we collect

The personal information we collect depends on how you interact with us. We collect:

A. Identifiers & contact details
Name, email address, telephone number, billing/shipping address, account login details.

B. Order & payment information
Products purchased, cart contents, order history, transaction identifiers, last four digits of card (full card data is handled by our PCI-compliant payment processors and not stored by us).

C. Device & usage data
IP address, device type, browser type/version, operating system, general location (derived from IP), pages viewed, session duration, referring/exit pages, cookies and similar technologies.

D. Preferences & communications
Marketing preferences, survey responses, product reviews, messages to customer support, and any content you choose to submit (e.g., photos in reviews).

E. Social media & third-party sign-in (if used)
Public profile info and tokens necessary to authenticate your login, as permitted by that platform’s settings.

F. Sensitive information
We do not seek to collect sensitive personal information (e.g., government IDs, precise geolocation, health records). If you voluntarily provide such information (e.g., skin concerns in a support message), we will use it only to assist you and then minimize/limit retention.

3) How we obtain information

  • Directly from you: When you create an account, place an order, contact us, or subscribe.

  • Automatically: Via cookies, pixels, and similar technologies when you browse our sites.

  • From service providers: Payment processors, analytics, advertising partners, fraud-prevention, logistics and delivery partners.

  • From publicly available sources or social platforms: As permitted by law and your settings.

4) Why we use your information (purposes)

We use your information to:

  • Fulfil purchases and provide our services (process orders, payments, shipping, returns, support).

  • Operate and improve our websites, apps, and business (debugging, analytics, personalization, quality assurance).

  • Communicate with you (order updates, security alerts, customer service).

  • Marketing & promotions (with your consent where required): newsletters, offers, referrals, and loyalty programs.

  • Security & fraud prevention: Detect, prevent, and investigate suspicious or illegal activity.

  • Legal compliance: Tax/VAT, accounting, regulatory reporting, and to enforce our terms.

Legal bases for UK/EU visitors

Where GDPR/UK GDPR applies, our legal bases include: contract performance, legitimate interests (e.g., fraud prevention, service improvement), consent (e.g., email marketing), and legal obligations.

5) Cookies and similar technologies

We use cookies, pixels, and SDKs to keep you signed in, remember preferences, analyze traffic, measure campaign performance, and personalize content. You can manage cookies through our cookie banner (where provided) and your browser settings. Blocking some cookies may impact site functionality.

6) How we share information

We do not sell your personal information. We share it only as needed to provide and improve our services, including with:

  • Service providers/processors: Payment processors, hosting, cloud storage, analytics, advertising partners (for measurement and limited ad personalisation), email/SMS platforms, fulfilment and carriers, customer-support tools.

  • Business transfers: In connection with mergers, acquisitions, or asset sales (your data remains protected and notice will be provided as required).

  • Legal & safety: To comply with applicable law, lawful requests, or to protect rights, safety, and property of you, us, or others.

Cross-context behavioral advertising / “sharing”

Where applicable state laws use the term “share” for targeted advertising, we may allow advertising partners to use cookies or pixels that help deliver more relevant ads. You can opt out via our cookie controls or by contacting us (see §13).

7) International data transfers

If you access our services from outside the country where our servers or partners are located, your data may be transferred internationally. Where required (e.g., transfers from the UK/EU), we use appropriate safeguards such as Standard Contractual Clauses and supplementary measures.

8) Data retention

We keep personal information only as long as necessary for the purposes described in this Policy, including to comply with legal, tax, and accounting obligations, resolve disputes, and enforce agreements. Typical examples:

  • Orders and invoices: 7 years (accounting/record-keeping)

  • Customer support records: 2 years after last interaction

  • Marketing consent and preference logs: until you withdraw consent or your account is deleted

  • Web analytics: 12–26 months (varies by provider settings)

9) Security

We use administrative, technical, and physical safeguards to protect personal information, including TLS encryption in transit, access controls, and vendor due diligence. No method of transmission or storage is 100% secure; please use strong, unique passwords and notify us promptly if you suspect any unauthorized access.

10) Your privacy choices & rights

Global choices

  • Opt out of marketing: Use the unsubscribe link in emails or contact us.

  • Cookie controls: Adjust preferences via our cookie banner (where available) or your browser.

  • Do Not Track: We currently do not respond to DNT signals due to industry standards variability.

UK/EU/EEA residents (GDPR/UK GDPR)

You may have rights to access, rectify, erase, restrict, object, port your data, and withdraw consent at any time without affecting prior lawful processing.

U.S. state privacy laws (e.g., California, Virginia, Colorado, Connecticut, Utah)

Depending on your state, you may have the right to know/access, correct, delete, opt out of targeted advertising and certain profiling, and (in some states) limit use of sensitive data. California residents also have the right to know categories of personal information collected/disclosed, and to use an authorized agent. If we deny your request, some states allow you to appeal—instructions will be provided in our response.

“Do Not Sell or Share My Personal Information”

We do not sell personal information for money. Where “sharing” for targeted advertising applies, you can opt out through our cookie settings or by contacting us (see §13).

Exercising your rights

Submit a request using the contact methods in §13. We will verify your identity (e.g., via your account or by requesting certain details). Authorized agents must provide proof of authorization. We will not discriminate against you for exercising your rights.

11) Children’s privacy

Our services are not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child provided us information, contact us so we can delete it.

12) Third-party links and services

Our sites may contain links to third-party websites, plug-ins, or services. We are not responsible for their privacy practices. Review their policies before providing personal information.

13) How to contact us

For questions, privacy requests, or complaints, contact our privacy team:

📧 Email: zenhato@gmail.com
📞 Phone: 414-223-5165
🏢 Address: 4545 Trouser Leg Road, Milwaukee, Wisconsin