PRIVACY POLICY

CALIFORNIA CONSUMERS: If you are a California resident and wish to exercise your rights under the California Consumer Privacy Act, click below.

Rex Black, Inc. (“Rex Black”, “our” or “we”) has developed this privacy policy ("Privacy Policy") to explain how Rex Black collects, uses, and discloses certain information. It applies to individuals (“users,” “you” or “your”) who visit rexblack.com (the “Site”), set up an account through the Site, and/or make purchases through the Site or other sites, apps or services that link to this Policy (collectively, along with other functionalities of the Site, the “Services”). This Privacy Policy does not apply to any information collected by websites other than the Site.

We encourage you to read this Privacy Policy carefully to understand how we handle your information. By using the Services, you acknowledge that you have read and understand this Policy and that we collect, use, and disclose your information as set forth below. If you do not agree to this Privacy Policy, do not use the Services. If you have any questions regarding this Privacy Policy or our privacy practices, please email us at privacy@rexblack.com.

 

INFORMATION WE COLLECT ABOUT YOU

Rex Black may collect the following information from and about you:

Information You Provide to Us. We may collect information that you provide to us when you use the Services, for example, you create an account, make a purchase, input information into a form on our Site, email us, or engage with us on social media. This information may include:

  • Contact Information such as your name, email address, and telephone number;

  • Transactional & Payment Information such as your order information, your billing and shipping address, and payment information (e.g., financial information which is processed by our respective third party payment processors);

  • Demographic Information such as birthday and age group;

  • Profile Information such as information about your skincare needs, such as skin conditions;

  • Inquiries and Feedback including comments and questions you submit through customer service interactions with us (via email, phone, or online chat) or through surveys;

  • User Generated Content certain parts of the Services may enable you to post comments, reviews or other content, that, depending on where you post them, may be publicly viewable.
     

Information Collected Automatically.
When you interact with the Services or communications from us (such as emails), we may automatically collect:

  • Device information and related identifiers, including: your IP address, browser type and language, browser type, browser language, operating system, device identifiers, the state or country from which you accessed the Services, and software and hardware attributes. From your IP address, we may be able to infer your general location (e.g., city/state or postal code).

  • Usage Information including domain names, access times, referring website addresses, landing pages, the links you click, and the amount of time you spend on the Sites. Some of this data is collected using cookies and similar technologies. To learn more about these technologies and your choices regarding them, please see the section below titled Your Information Choices.

  • Information From Other Sources.

  • We may receive social media information (such as profile picture, gender, demographics, interests, and likes) if you choose to login via social media or interact with us over social media (subject to your social media account settings).

  • We sometimes collect information about you from other sources, including marketing and demographic data, analytics information, and other information such as updated delivery and address information from carriers or third parties; which enables us to correct our records and deliver your next purchase from this Site or future communications more easily; account information, purchase information, and page-view information from some merchants with which we operate co-branded businesses or for which we provide technical, fulfillment, advertising, or other services; search terms and search result information from some searches conducted through the Site’s search features; and search results and links including paid listings (such as Sponsored Links from Google).

 

HOW WE USE THE INFORMATION WE COLLECT

We may use the information we collect from and about you for the following purposes:

  • To provide, maintain, and improve the Services;

  • To allow you to set up an account and profile;

  • To provide customer support and respond to your questions or requests;

  • To personalize the Services, including by providing custom content;

  • To conduct sweepstakes or contests;

  • To communicate with you, including to provide you with information, updates, and offers, subject to any preferences you have communicated to us;

  • To research and analyze the functioning and use of the Services;

  • To process orders and payments;

  • To verify your identity and prevent fraud;

  • To advertise and market our Services to you, including on third-party websites, subject to any preferences you have communicated to us;

  • To comply with legal requirements and enforce our policies;

To protect the safety, rights, property or security of Rex Black, our users, employees, third parties, members of the public and/or our Services; and

For any other purpose for which you have provided your consent.

For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Privacy Policy.

We may aggregate or anonymize any information we collect so that such information is no longer reasonably capable of being associated with you and use such information for any purpose. We may also share such information for any purpose with any third parties, at our discretion.

The laws in some jurisdictions require companies to tell you about the legal grounds they rely on to process your information. Our legal bases for processing your information as described in this Privacy Policy are as follows:


• Where use of your information is necessary to perform our obligations under a contract or commitment to you. For example, to provide the services you’ve requested from us, such as fulfilling a purchase, or to comply with our Terms of Service.

• Where use of your information furthers our legitimate interests or the legitimate interests of others. For example, to provide security for our Services, defend our legal rights, and prevent fraud.

• Where we use your information to comply with applicable legal obligations. For example, keeping track of purchases for tax and auditing purposes.

• Where you have consented to our processing of your information for a particular purpose.

 

WITH WHOM WE SHARE YOUR INFORMATION

We may share your information with:

Subsidiaries and Affiliates. We may share your information with our subsidiaries and affiliates.

Service Providers: We may share your information with entities that perform certain services on our behalf, such as processing orders, processing credit card payments, delivering products and services, providing customer service and marketing assistance, performing business and sales analysis, supporting our website functionality, and supporting other features and promotions offered through our Site (“service providers”). We will only provide these service providers with the information that they need to provide such services, and service providers are not permitted to share or use such information for other purposes.

Business Transfers: We may share your information if another entity acquires us or our assets in connection with a merger, acquisition, reorganization, sale of assets or similar transaction, or in the event of bankruptcy. If your information is among those assets, we may disclose your information as one of the transferred assets.

Business Partners: From time to time, we may offer promotions, sweepstakes or third-party offerings on our Site. If you make purchases, engage in these services and/or products, offered through our Site or our services, we may share personal information with the businesses with which we partner to offer you those products, services, promotions, contests and/or sweepstakes. When you elect to engage in a particular merchant's offer or program, you authorize us to provide your email address and other information to that merchant.

Legal Obligations: Rex Black may disclose your information to third parties in good faith in response to a subpoena, court order, or other legal process from law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us, in our sole discretion.

Other Users of the Services: We may provide areas on the Services where you can communicate with others, upload content, and post comments or reviews. If you choose to share information in this way, you share such information with all individuals capable of viewing it. For example, if you post a comment on a publicly viewable area of the Services, you choose to share the information you post with the public. We encourage you to exercise discretion and caution with respect to sharing your information.

 

YOUR INFORMATION CHOICES

We provide several ways for you to exercise control over how we use information about you and how we communicate with you, described below.

Marketing Communications: Consistent with your choices and in compliance with applicable law, we may send you marketing and promotional emails. You may opt out of continuing to receive these emails through your account settings or by using the opt out link at the bottom of our marketing emails. It may take up to 10 days for us to process an opt-out request. You will still receive transactional communications from us, such as confirmation of your purchase with us. We process requests to be unsubscribed from future marketing communications, as required by applicable law.

“Do Not Track” Signals: “Do Not Track” (“DNT”) is a setting that users can enable in certain web browsers. DNT signals do not have a commonly agreed up meaning and we do not currently recognize or respond to DNT signals.

Social Media: To control the information you share with us when you follow us, like our posts, or otherwise interact with us on social media, you can adjust your social media account settings related to how your information is shared.

Analytics: We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

If you receive email from us, we may use certain analytics tools, such as tracking pixels, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.

Online Advertising: The Services may allow third-party advertising technologies (e.g., ad networks and ad servers such as Bing Ads and others) to place cookies or other tracking technologies on your computer, mobile phone, or other device to collect information about you to assist in the delivery of relevant advertising about the Services on other websites you visit and other services you use.

We neither have access to, nor does this Privacy Policy govern, the cookies or other tracking technologies that may be placed on the device you use to access the Services by such non-affiliated third parties. For more information about tailored advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, please visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link, or Your Online Choices to opt out of receiving tailored advertising from companies that participate in those programs. To opt-out of Google Analytics for display advertising or customize Google display network ads, visit the Google Ads Settings page. Please note that these opt-outs apply per device, so you will have to opt-out for each device through which you access our Services. For more information on how to manage mobile device settings related to tailored advertising, please visit the Network Advertising Initiative’s mobile choice page at https://www.networkadvertising.org/mobile-choice.

Modifying your mobile device or browser settings may have different results depending on the type of device or browser you are using and the version of the device operating system you are running. Opting out of tailored advertising does not prevent you from seeing advertising online; instead, the ads you see are less likely to be customized to your interests.

Any third-party practices are not governed by this Privacy Policy.

Data Retention
We will retain your information for as long as your account is active, as long as necessary to provide you with our Services, as long as necessary for our legitimate business interests, and/or as long as necessary to comply with our legal obligations.

In accordance with routine record keeping practices, and subject to any requirements of applicable law, we may delete records that contain your information. We are under no obligation to store your information indefinitely and disclaim any liability arising out of, or related to, deletion of your information.

Protecting Your Information
Rex Black maintains appropriate security measures (including physical, electronic and procedural measures) to help safeguard your information. However, we cannot guarantee the security of such information because no security measures are perfect. We are not responsible for third-party circumvention of any of our privacy settings or security measures.

You can also take steps to safeguard your information. If you create an account on our Site, you will be required to select a password which should be kept confidential and be of appropriate complexity. You should also limit access to your devices and account to avoid unwanted access to your information. For example, you should always log out of your account after using it on a shared device. You should think carefully about how you handle and disclose your information.

Third-Party Sites
The Services may link to third-party websites not owned or operated by Rex Black. We do not control, recommend or endorse such websites. We are not responsible for and make no representations about such websites or their content, services, or practices. This Privacy Policy does not govern any third-party websites. Thus, we encourage you to review the privacy policies of any third-party websites you choose to visit to understand how those websites collect, use and share your information.

Children's Privacy
Our Services are not directed to or intended for children under the age of 13, and we do not knowingly collect “personal information” (as defined in the U.S. Children’s Online Privacy Protection Act, or “COPPA”) from children under the age of 13 without the verifiable consent of the child’s parent or guardian.

Notice to International Users
The Services are operated in the United States and are subject to U.S. law. We may store and process information data in the United States. If you are accessing the Services from outside the United States, please be advised that U.S. law may not offer the same privacy protections as the law of your country. By using the Services, you acknowledge the transfer, processing, and/or storage of your information in the United States.

Information for Residents of the European Economic Area
If you reside in the European Economic Area (“EEA”), you have certain rights with regard to the Personal Data (as defined in the General Data Protection Regulation, or “GDPR”) that we collect about you. You have the right to request the following with respect to the Personal Data we hold about you:


• Access to and certain information about the Personal Data;

• Correction of inaccurate Personal Data;

• Deletion of the Personal Data, subject to any legal or other rights we have to retain certain Personal Data;

• Restrict and/or object to the processing of the Personal Data in certain circumstances; and

• Receive a machine-readable copy of the Personal Data.


Where we collect, use, or share Personal Data on the basis of your consent, you have the right to withdraw that consent at any time.

To request to exercise any of these rights, please email us at privacy@rexblack.com.

We encourage you to contact us directly and allow us to work with you to address your concerns. Nevertheless, you have the right to lodge a complaint with a competent data protection supervisory authority, in particular in the EU Member State where you reside or work, or the place of the alleged infringement. You have the right to do so if you consider that the processing of Personal Data relating to you infringes applicable data protection laws.

No Rights of Third Parties
To the extent permitted by applicable law, this Privacy Policy does not create rights enforceable by third parties or require disclosure of any information relating to users of the Sites.

Changes to This Privacy Policy
We will occasionally update this Privacy Policy. When we post changes to this Privacy Policy, we will revise the "Last Updated" date at the bottom of the Policy and, if applicable notify you as required by applicable law. Please note, we may change information on the Sites and/or this Privacy Policy at any time and any changes to this Privacy Policy are effective immediately upon publication, and your continued use of the Services indicates your consent to these changes. We recommend that you check our Site from time to time to inform yourself of any changes in this Privacy Policy.

Text Terms and Conditions

Each privacy statement required by these Terms must describe that Company and third-party partners may use information collected via the Site(s) to send marketing and support messages including, with the end user’s consent, marketing and support text messages. For Company’s convenience, Wunderkind provides the following sample privacy statement disclosure, but strongly encourages Company to work with its own counsel to ensure these disclosures accurately represent Company’s practices:

  • You may elect to receive text messages from us. When you sign up to receive text messages, we will send you information about promotional offers and more These messages may use information automatically collected based on your actions while on our sites and may prompt messaging such as cart abandon messages (IE Cookies). To the extent you voluntarily opt to have Text notifications sent directly to your mobile phone, we receive and store the information you provide, including your telephone number or when you read a text message. You may opt out of receiving text messages at any time by texting “STOP” to our text messages. For more information about text messages, see our Terms and Conditions. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties, excluding aggregators and providers of the Text Message services.

CALIFORNIA CONSUMER PRIVACY POLICY

The California Consumer Privacy Act (CCPA) gives certain consumers who are California residents specific rights regarding their personal information. This section describes your rights as a California consumer and how you can submit your request(s) to us. Please note, Rex Black does not sell your personal information.

To exercise your rights as a California based consumer, please email us at privacy@rexblack.com.

If you are not a California consumer, this policy will not apply to you (please refer to Rex Black Privacy Policy).

Access to Your Information If you are a California based consumer, you have certain rights with respect to Rex Black’s use and disclosure of your Personal Information. California consumers have the right to request that we disclose information about our collection and use of their personal information collected over the past 12 months, including:

• The categories of personal information we have collected about you and the specific personal information we may have collected.
• The categories of sources from which personal information has been collected and the entity or individual we may collect this information from.
• Our business purpose(s) for collecting and storing this information and how we could use it.
• The categories of third parties with whom we may share that personal information.
• The categories of personal information we have shared and the reasons we shared it.

Identifiers: First and last name, address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
Personal Information: First and last name, physical characteristics or description, address, telephone number, bank account number, credit card number, debit card number, or any other financial information, personal medical information. (Some personal information included in this category may overlap with other categories.)
Protected Classifications: Age (40 years or older), race, color, ancestry, national origin, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression), pregnancy or childbirth and related medical conditions, genetic information (including familial genetic information).
Commercial Transactions: Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
Internet or Network Activity: Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
Geolocation Data: Physical location.

Please note, personal information does not include:

• Publicly available information from government records.
• De-identified or aggregated consumer information.
• Information excluded from the CCPA's scope: personal information covered by certain sector-specific privacy laws; health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA); or clinical trial data.


Sources of Personal Information
We may obtain personal information as listed above from the following categories of sources:
• Directly from you as voluntarily provided or indirectly from our interactions with you, such as information that we may collect in the course of providing our services.
• Directly and indirectly from activity on our Sites. For example, from creating an account on our website, submissions on or through our Sites, or website usage details collected automatically.
• From third parties that interact with us in connection with the services we perform, such as order processing and credit card processing.

Purposes for Collecting Personal Information
Our everyday business practices fall under the “Business Purposes” definition (as further defined in the CCPA) and the following related purposes for which personal information may be used:
• To provide the information, product or service requested by the consumer or as reasonably expected given the context in which with the personal information was collected (such as providing our products or services, customer service, product and service offering updates, or recalls).
• To make back-up copies for business continuity and disaster recovery, as well as to protect the security of our Sites and associated systems, databases, networks, applications and data, including detecting, analyzing and resolving security threats.
• For corporate audit, analysis and reporting, as well as for fraud detection and prevention.
• To comply with applicable tax, health and safety, labor and employment, and anti-discrimination laws.
• For legal and regulatory compliance, including disclosures of personal information that are required by law including legal investigations, subpoenas, or summons or regulatory agency inquiries.
• To de-identify data or create aggregated datasets, in order to utilize for consolidating reporting, research or analytics.
• For corporate governance, including mergers, acquisitions and divestitures.

Deletion
California based consumers have the right to request that Rex Black delete any of your personal information that we may have collected from you and/or retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless there is an applicable exception. We may deny a deletion request where retaining the information is necessary for us or our service providers. For example, data may need to be kept to:
• Process an existing order or provide scheduled services for which we collected the personal information.
• Track consumer complaints or product issues.
• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or to comply with a legal obligation.
• To be used internally in a lawful manner that is compatible with the context in which you provided the information.

Exercising Your Rights
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information, or a legally appointed authorized representative of a California resident who wishes to make a request. To exercise any of your rights, please submit our CCPA electronic request form HERE. When you submit a CCPA related request through our form functionality, we will use the information you submit and the information we have in our systems to try to verify your identity and to match the personal information we have collected, if any, to your identity. Information provided to submit a request will only be used for request purposes.

Timing
If we are successful in validating your identity, we will endeavor to respond to a verified consumer request within 45 days and in the manner required by CCPA. If we require more time, we will inform you of the reason and extension in writing. If we cannot validate your identity, we will attempt to contact you to inform you of this issue.

Non-Discrimination
Rex Black will not discriminate against you for exercising any of your CCPA rights. Should you choose to exercise any of your privacy rights as a California based consumer, we will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of services, based solely upon your request. However, in some circumstances, for example where you have requested or consented to our services that use your personal information to provide the service, we may not be able to provide this service if you choose to delete your personal information, such as maintaining your account on our Sites.

Children
Rex Black does not knowingly collect, use or disclose personally identifiable information from anyone under the age of 13. If we determine upon collection that a user is under the age of 13, we will make reasonable efforts to delete such information from our records.

If you believe that we might have any information from or about a child under the age 13, please submit our CCPA electronic request form HERE.

Third Parties
California law requires website and online service operators to disclose whether third parties may collect personal information about California based consumers’ online activities over time and across different sites when utilizing the operator’s website or service. We do not knowingly permit such third parties to collect any personal information from our Sites, however third parties that have content or services on our Sites such as social media functionality, data analytics services, or an advertising partner, may obtain information about your browsing or usage habits if you interact with our Site.

CONTACT US
If you have any further questions regarding the data Rex Black collects, or how we use it, then please feel free to contact us by email at: privacy@rexblack.com, via phone at +1 (830) 438-4830.



Last Updated: September 2, 2023