Beauty talk club logo
Search icon

Privacy Policy

At Beauty Talk Club we are committed to protecting your Personal Data and to being clear and transparent about what data is collected and used. This Privacy Policy explains how we process Personal Data that you provide or that is collected when you visit our website at www.beauty-talk.club.

Who we are and how to contact us

We are B-Enhance OÜ (doing bussiness as Beauty Talk Club) of Estonia, Harju maakond, Kuusalu vald, Pudisoo küla, Männimäe/1 , 74626, and in the case of your direct use of our website or our services, we act as the data controller in accordance with Estonia’s Personal Data Protection Act (“PDPA”) and the EU`s General Data Protection Regulation (“GDPR”).

If you have any questions about the processing of your Personal Data by us or about data protection in general, you can reach us at support@beauty-talk.club.

How do we use your Personal Data?

All Personal Data that we obtain from you via the website will only be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned above or only with your consent. In particular, we only process and collect Personal Data if:

  • you have given your consent,
  • the data is necessary for the fulfillment of a contract / pre-contractual measures,
  • the data is necessary for the fulfillment of a legal obligation, or
  • the data is necessary to protect the legitimate interests of our company, provided that your interests are not overridden.

In doing so, we only collect and process the data that is absolutely necessary to maintain and use the website. Personal Data may be collected in two ways, that is directly when you for example volunteer it to us or automatically for example when you install and use our website.

We process and store your Personal Data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

Personal Data you provide to us directly

a) Contacting us

If you contact us, we process the data that you share with us for the purpose of processing and handling your request. This may include your first name, last name, e-mail address, and, if applicable, other information, if you have provided it. The legal basis for the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations and/or our overriding legitimate interest in processing your request.

b) Sign Up and Sign In

If you sign up, we process your username, and e-mail address and your chosen password to create your account and if you sign in to allow you access to your account. Within your account you can upload a profile picture, share the city you are based in and publish your bio. You may also link your social media accounts. We store this data as long as you are registered with us. If you delete your account, we will delete your data unless there is a legal retention period on our part. In this case, we must store your data for longer. The details provided are processed on the basis of our legitimate interests and our contractual obligations to you.

Alternatively, you are able to sign up using the convenience log in and sign up from Facebook or Google. For Facebook and Google log in and sign up, you will be asked to provide your basic information (i.e., name, email address, and display picture) linked to your account. If granted, your username and password will be auto generated to fill in the rest of required user data. When registering via Facebook`s and Google`s connect function, you agree to the relevant terms and conditions and consent to certain data from your respective profile of being transferred to us.

c) Creating a Post

When you create a post, you may be able to display certain profile information, share certain details, exchange knowledge and insights etc. It’s your choice whether to include personal data in your post and to make that data public. Please do not post or add Personal Data to your post that you would not want to be available online.

Some of the data you choose to provide may also be considered “special” or “sensitive” Personal Data, for example your racial or ethnic origins, sexual orientation, and religious beliefs. By choosing to provide this data, you consent to our processing of that data.

Where any Personal Data relates to a third party, you represent and warrant that the Personal Data is up-to-date, complete, and accurate and that you have obtained the third party’s prior consent for our collection, use and disclosure of their Personal Data for the purposes. You agree that you shall promptly provide us with written evidence of such consent upon demand by us.

The legal basis for the data processing is the fulfillment of our contractual obligations and, in individual cases, the fulfilment of our legal obligations as well as your Consent.

You may withdraw your consent and request us to stop using and/or disclosing your personal and special category data by submitting your request to us in writing to support@beauty-talk.club.

Personal Data you provide to us automatically

a) Cookies

To improve the services provided on the website, we use cookies that collect information about your usage behavior. Cookies are files that your web browser stores on your hard drive when you visit a website. Cookies may, under certain circumstances, personally identify you either directly (for example, with an e-mail address) or indirectly (for example, with a unique identification code of a cookie, an IP address or the identification code of a device). The data stored may include the pages you visit, the date and time of your visit, and other tracking information. For more information, please refer to our Cookie Policy.

b) Access data and log files

We also collect data on every access to our website. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing website.

c) Advertising

Advertisers and third parties also may collect information about your activity on our website, on devices associated with you, and on third-party sites and applications using tracking technologies. Tracking data collected by these advertisers and third parties is used to decide which ads you see both on our website and on third-party sites and applications.

You can opt out on the Digital Advertising Alliance (DAA) if you wish not to receive targeted advertising. You may also be able to choose to control targeted advertising on other websites and platforms that you visit. In addition, you may also choose to control targeted advertising you receive within applications by using the settings and controls on your devices.

d) Hosting

The hosting services used by us for the purpose of operating our website is Amazon Web Services (AWS). In doing so AWS processes content data, contract data, usage data, meta data of users, interested parties and visitors of our website and services, on the basis of our legitimate interests in an efficient and secure provision of the website and services in conjunction with the provision of contractual services and the conclusion of the contract for our services.

Google Services

We use the below listed services from Google LLC of 1600 Amphitheatre Pkwy, Mountain View, CA 94043, USA and Google Ireland Ltd of Gordon House, Barrow Street, Dublin 4, Ireland on our website.

a) Google Analytics

We use Google Analytics to evaluate your use of our website, to compile reports on the activities and to provide other services related to the use of our website in order to improve the user experience. When Google Analytics is used, interactions of website visitors are primarily recorded and systematically evaluated with the help of cookies. This represents a legitimate interest but also requires your consent due to the data transfer in the USA and the analytical functionality.

b) Google Tag Manager

We also use Google Tag Manager. This service allows website tags to be managed via an interface. The Google Tag Manager only implements tags. No cookies are set, and no Personal Data is collected. The Google Tag Manager triggers other tags that may collect data. The Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains in place for all tracking tags, insofar as these are implemented with the Google Tag Manager. More information on the Google Tag Manager can be found at the following link: http://www.google.com/tagmanager/use-policy.html. This represents a legitimate interest.

c) Google AdSense

Further, we use Google AdSense. Google AdSense uses so-called "DoubleClick DART Cookies" ("Cookies"). In addition, Google AdSense also uses so-called "web beacons" (small invisible graphics) to collect information, through the use of which simple actions such as user traffic on our online offer can be recorded, collected and evaluated. The information generated by the cookie and/or web beacon (including your IP address) about your visit to this website will be transmitted to and stored by Google on servers in the United States.

Google uses the information thus obtained to carry out an evaluation of user behavior with regard to the AdSense ads. The IP address transmitted by your browser as part of Google AdSense will not be merged with other Google data. The information collected by Google may be transferred to third parties where required to do so by law, and/or where such third parties process the information on Google's behalf. The legal basis for this processing is our legitimate interest.

Disclosure to third parties

We will not disclose or otherwise distribute your Personal Data to third parties unless this:

  • is necessary for the performance of our services,
  • you have consented to the disclosure,
  • or the disclosure of data is permitted by relevant legal provisions.

However, we are entitled to outsource the processing of your Personal Data in whole or in part to external service providers acting as processors within the framework of the respective legal regulations mentioned above. External service providers support us, for example, in the technical operation and support of the website (see above), data management, the provision and performance of services, marketing, as well as the implementation and fulfillment of reporting obligations.

The service providers commissioned by us however will process your data exclusively in accordance with our instructions and we remain in accordance with the respective legal regulations mentioned above responsible for the protection of your data. Doing so we always make sure that service providers commissioned by us are carefully selected, follow strict contractual regulations, technical and organizational measures, and additional controls by us.

We may also disclose Personal Data to third parties if we are legally obliged to do so e.g., by court order or if this is necessary to support criminal or legal investigations or proceedings at home or abroad or to fulfill our legitimate interests.

Automated decision-making

Automated decision-making including profiling does not take place at Beauty Talk Club.

Data of Children

Our services are aimed at people aged 18 and over. We will not knowingly collect, use, or disclose Personal Data from minors under the age of 18 without first obtaining consent from a legal guardian through direct offline contact.

Do Not Sell

We do not sell Personal Data to third parties.

Data Security

Technical and organizational measures have been implemented by us to ensure the protection, security and integrity of your Personal Data. Access to Personal Data is restricted to those who have a need to know and who have been trained to comply with confidentiality requirements.

Appropriate mechanisms include, for example, SSL encryption (so that data is unreadable by others) during the collection and transmission of data. Said data is used only for the purpose it was collected for and we assure you that we will do our utmost to ensure that your Personal Data is not altered or corrupted and is not accessed by unauthorized third parties.

Nonetheless, databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of the action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Your rights under data protection legislation

Under the PDPA and GDPR, you can exercise the following rights:

  • Right to information
  • Right to rectification
  • Right to object to processing
  • Right to deletion
  • Right to information
  • Right to data portability
  • Right of objection
  • Right to withdraw consent
  • Right to complain to a supervisory authority
  • Right not to be subject to a decision based solely on automated processing.
Updating your information

If you believe that the information, we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us using support@beauty-talk.club.

Access Request and updating your Personal Data

In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same using support@beauty-talk.club.

We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the respective legal regulations mentioned above).

The Supervisory Authority

The competent data protection authority is:

The Data Protection Inspectorate

Tatari 39,

Tallinn 10134

Estonia

http://www.aki.ee/
Does this policy change?

We may update our Privacy Policy from time to time. This might be for a number of reasons, such as to reflect a change in the law or to accommodate a change in our business practices and the way we use cookies. We recommend that you check here periodically for any changes to our Privacy Policy. This Privacy Policy was last updated on Monday, 02 January 2023.

Who should I contact for more information?

If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using support@beauty-talk.club.