Privacy policy

1. INTRODUCTION

2Square Professional ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.2squareprofessional.com (the "Site") or make a purchase from us.

Please read this Privacy Policy carefully. By using the Site, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Site.

We reserve the right to make changes to this Privacy Policy at any time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

2. INFORMATION WE COLLECT

2.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

- Create an account

- Place an order

- Contact our customer service team

- Subscribe to our email list

- Use our Digital Concierge Service

- Apply for a professional/distributor account

This information may include:

- Contact Information**: Name, email address, phone number, shipping address, billing address

- Professional Credentials: Professional license number, salon name, business address, license verification documents

- Account Information: Username, password (encrypted)

- Payment Information: Credit card numbers, billing information (processed securely through our payment processors)

- Hair Profile Information: Hair type, hair concerns, product preferences (when using our Digital Concierge Service)

- Communication Data: Information contained in emails, chat messages, or phone conversations with our customer service team

2.2 Information Automatically Collected

When you visit our Site, we automatically collect certain information about your device and browsing behavior, including:

- Device Information: IP address, browser type and version, operating system, device type

- Usage Data: Pages visited, time spent on pages, links clicked, referring website, date and time of visit

- Location Data: General geographic location based on IP address

- Cookies and Tracking Technologies**: See Section 6 for details

2.3 Information from Third Parties

We may receive information about you from third parties, including:

- Payment Processors: Transaction confirmation and payment status

- Shipping Carriers: Delivery status and tracking information

- Social Media Platforms: If you interact with us on social media

- Marketing Partners: If you interact with our advertising or promotions on third-party sites

3. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

3.1 Order Processing and Fulfillment

- Process and complete your orders

- Communicate with you about your orders (confirmations, shipping updates)

- Handle returns, exchanges, and refunds

- Verify professional licensing for restricted products

- Prevent fraudulent transactions

3.2 Account Management

- Create and maintain your account

- Authenticate your identity

- Provide customer support

- Manage your preferences and settings

3.3 Product Recommendations

- Provide personalized product recommendations through our Digital Concierge Service

- Suggest products based on your hair type and concerns

- Improve product selection and inventory

3.4 Marketing and Communications

- Send promotional emails about new products, special offers, and sales (with your consent)

- Provide information about our professional programs

- Send educational content about hair care and product usage

- Conduct surveys and gather feedback

You may opt out of marketing emails at any time by clicking the "unsubscribe" link in any promotional email or by contacting us at sales@2squareprofessional.com.

3.5 Site Improvement and Analytics

- Analyze how users interact with our Site

- Improve Site functionality and user experience

- Develop new products and services

- Conduct research and analytics

- Monitor and prevent technical issues

3.6 Legal and Security

- Comply with legal obligations

- Enforce our Terms of Use

- Protect against fraud and security threats

- Resolve disputes

- Protect our rights and property

4. HOW WE SHARE YOUR INFORMATION

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

- Payment Processors: To process transactions securely (e.g., Stripe, PayPal, Square)

- Shipping Carriers: To fulfill and deliver orders (e.g., USPS, UPS, FedEx)

- Email Service Providers: To send marketing and transactional emails (e.g., Mailchimp, Klaviyo)

- Web Hosting and Cloud Storage: To host our Site and store data

- Analytics Providers: To analyze Site usage (e.g., Google Analytics)

- Customer Service Platforms: To manage customer support

These service providers are contractually obligated to use your information only as necessary to provide services to us and are required to maintain the confidentiality and security of your information.

4.2 Professional Verification Services

For professional account applications, we may share license information with third-party verification services to confirm your professional credentials.

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the successor entity. We will notify you of any such change and any choices you may have regarding your information.

4.4 Legal Obligations

We may disclose your information if required by law or in response to:

- Court orders, subpoenas, or other legal processes

- Requests from law enforcement or government agencies

- Protection of our rights, property, or safety

- Prevention of fraud or illegal activity

- Enforcement of our Terms of Use

4.5 With Your Consent

We may share your information for other purposes with your explicit consent.

5. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Specifically:

- Account Information**: Retained while your account is active and for a reasonable period thereafter

- Order Information**: Retained for at least 7 years to comply with tax and accounting regulations

- Marketing Data**: Retained until you unsubscribe or request deletion

- Professional License Verification**: Retained for compliance and fraud prevention purposes

When information is no longer needed, we will securely delete or anonymize it.

6. COOKIES AND TRACKING TECHNOLOGIES

6.1 What Are Cookies

Cookies are small text files placed on your device by websites you visit. They help websites remember your preferences and improve your experience.

6.2 Types of Cookies We Use

Essential Cookies**: Necessary for the Site to function properly (e.g., shopping cart, account login). These cannot be disabled.

Analytics Cookies**: Help us understand how visitors use our Site (e.g., Google Analytics). We use this data to improve Site performance and user experience.

Marketing Cookies**: Used to track visitors across websites to display relevant advertisements and measure campaign effectiveness.

Preference Cookies**: Remember your settings and preferences (e.g., language, region).

6.3 Third-Party Cookies

We may use third-party services that place cookies on your device, including:

- Google Analytics (website analytics)

- Facebook Pixel (advertising)

- Google Ads (advertising)

These third parties have their own privacy policies governing their use of your information.

6.4 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to:

- View what cookies are stored

- Delete cookies

- Block cookies from specific sites

- Block all cookies

Note that disabling cookies may affect Site functionality and your user experience.

6.5 Do Not Track

Some browsers have a "Do Not Track" feature. Our Site does not currently respond to Do Not Track signals.

7. DATA SECURITY

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

7.1 Security Measures Include:

- Encryption**: All payment information is encrypted using SSL/TLS technology

- Secure Servers: Data is stored on secure servers with restricted access

- Access Controls: Limited employee access to personal information on a need-to-know basis

- Regular Security Audits: Ongoing monitoring and testing of our security systems

- Secure Payment Processing: We do not store complete credit card numbers; payment processing is handled by PCI-DSS compliant third parties

7.2 Your Responsibility

You are responsible for maintaining the confidentiality of your account password. Do not share your password with others. If you believe your account has been compromised, contact us immediately at contact@2squareprofessional.com.

7.3 No Guarantee

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

8. YOUR PRIVACY RIGHTS

8.1 Access and Correction

You have the right to:

- Access the personal information we hold about you

- Request correction of inaccurate or incomplete information

- Update your account information at any time by logging into your account

8.2 Deletion

You may request deletion of your personal information by contacting us at sales@2squareprofessional.com. Please note:

- We may retain certain information as required by law or for legitimate business purposes

- Deletion requests may take up to 30 days to process

- Some information may remain in backup systems for a limited time

8.3 Marketing Opt-Out

You may opt out of marketing communications by:

- Clicking "unsubscribe" in any promotional email

- Adjusting your account email preferences

- Contacting us at sales@2squareprofessional.com

Note: Even if you opt out of marketing emails, we will still send transactional emails related to your orders and account.

8.4 California Privacy Rights (CCPA & "Shine the Light")

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and California's "Shine the Light" law.

CCPA Rights:

Right to Know: You may request information about the personal information we have collected about you in the past 12 months, including:

- Categories of information collected

- Sources of information

- Business purposes for collection

- Categories of third parties with whom we share information

- Specific pieces of personal information we collected

Right to Delete: You may request deletion of your personal information, subject to certain exceptions (e.g., legal compliance, fraud prevention, order fulfillment).

Right to Opt-Out of Sale: We do not sell personal information as defined by the CCPA. We do not sell your data to data brokers or third parties for monetary consideration. If our practices change, we will update this policy and provide an opt-out mechanism.

Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights. We will not:

- Deny you goods or services

- Charge different prices or rates

- Provide different levels of quality

- Suggest you will receive different pricing or quality

California "Shine the Light" Law: California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes.

How to Exercise Your California Rights:

- Email: sales@2squareprofessional.com

- Subject Line: "California Privacy Request"

- Include: Your name, email, account information (if applicable), and specific request

We will verify your identity before processing your request. We will respond within 45 days (may extend up to 90 days for complex requests).

Authorized Agents: You may designate an authorized agent to make requests on your behalf. The agent must provide proof of authorization.

California Data Categories Collected (in the past 12 months):

- Identifiers (name, email, address, IP address)

- Commercial information (purchase history, product interests)

- Internet/network activity (browsing behavior, Site interactions)

- Geolocation data (general location based on IP)

- Professional information (license number, salon name)

- Inferences (hair type, product preferences from Digital Concierge Service)

Business Purposes for Collection:

- Order fulfillment and customer service

- Marketing communications (with consent)

- Site improvement and analytics

- Fraud prevention and security

- Legal compliance

Categories of Third Parties We Share With:

- Service providers (payment processors, shipping carriers, email platforms)

- Professional verification services

- Analytics providers

- Advertising platforms (for marketing attribution only, not data sale)

8.5 European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing: We process your data based on:

- Contract performance (order fulfillment)

- Consent (marketing communications)

- Legitimate interests (fraud prevention, site improvement)

- Legal obligations (tax compliance)

Your GDPR Rights:

- Right to access your data

- Right to rectification of inaccurate data

- Right to erasure ("right to be forgotten")

- Right to restrict processing

- Right to data portability

- Right to object to processing

- Right to withdraw consent

- Right to lodge a complaint with a supervisory authority

To exercise these rights, contact contact@2squareprofessional.com.

8.6 Colorado Privacy Rights (CPA)

If you are a Colorado resident, you have rights under the Colorado Privacy Act (CPA), effective July 1, 2023:

Right to Access: You may request confirmation of whether we are processing your personal data and access to that data.

Right to Correct: You may request correction of inaccuracies in your personal data.

Right to Delete: You may request deletion of personal data you provided to us.

Right to Data Portability: You may request your personal data in a portable and readily usable format.

Right to Opt-Out: You may opt out of:

- Targeted advertising (we do not currently engage in targeted advertising as defined by CPA)

- Sale of personal data (we do not sell personal data)

- Profiling in furtherance of decisions that produce legal or similarly significant effects (we do not engage in such profiling)

How to Exercise Your Colorado Rights:

- Email: contact@2squareprofessional.com

- Subject Line: "Colorado Privacy Request"

- Include: Your name, email, account information, and specific request

We will respond within 45 days (may extend up to 90 days for complex requests). If we deny your request, you may appeal by replying to our response email with "Appeal" in the subject line.

9. CHILDREN'S PRIVACY

Our Site and products are intended for professional use and are not directed to children under the age of 18. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately at contact@2squareprofessional.com, and we will delete the information.

10. INTERNATIONAL DATA TRANSFERS

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws than your country.

When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

- Standard contractual clauses

- Privacy Shield certification (where applicable)

- Adequacy decisions by relevant authorities

By using our Site, you consent to the transfer of your information to the United States and other countries where we operate.

11. THIRD-PARTY WEBSITES

Our Site may contain links to third-party websites (e.g., social media platforms, payment processors, shipping carriers). This Privacy Policy does not apply to those third-party sites. We are not responsible for the privacy practices of third parties. We encourage you to review the privacy policies of any third-party sites you visit.

12. EMAIL COMMUNICATIONS

12.1 Types of Emails

We may send you:

- Transactional Emails: Order confirmations, shipping notifications, password resets (you cannot opt out of these)

- Marketing Emails: Promotions, new product announcements, educational content (you may opt out)

- Service Emails: Account updates, policy changes (you cannot opt out)

12.2 Unsubscribe

To unsubscribe from marketing emails, click "unsubscribe" at the bottom of any promotional email or contact sales@2squareprofessional.com.

13. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

- Posting the updated policy on this page

- Updating the "Last Updated" date

- Sending an email notification (for significant changes)

Your continued use of the Site after changes are posted constitutes acceptance of the updated Privacy Policy.

14. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

2Square Professional