Privacy policy

Privacy Statement

Effective as of November 11, 2023

This "Privacy Policy" outlines the privacy practices and protocols of TheMillionScentsByRose, including its affiliates and subsidiaries (collectively referred to as "TheMillionScentsByRose," "us," "we," or "our"), in connection with TheMillionScentsByRose's website (www.themillionscentsbyrose.com), TheMillionScentsByRose mobile application, any other website or mobile application that we may operate, own, host, or provide, which is linked to this Privacy Policy (the "Sites"), including TheMillionScentsByRose retail stores and associated services (collectively, the "Service"). This Privacy Policy addresses individual rights regarding their personal information.

CALIFORNIA RESIDENTS: Please see Section 11 - Notice To California Residents below.

Section 1- Data We Gather

The personal information you may furnish to us through the Service, either directly or by other means, includes:

1. Contact Information: This may encompass your first and last name, email address, billing address, mailing address, phone number, job title, and your organization's name.

2. Registration Details: Information you provide for account registration, including your birthdate (month and day).

3. Data About Gift Recipients: If you purchase an item for someone else, we may collect their name, mailing address, and contact number.

4. Profile Information: This consists of your chosen username and password for setting up an online account with us, along with your specific preferences.

5. Communications: Information you provide when contacting us with queries, feedback, survey responses, or any other correspondence.

6. Marketing Information: This includes your email address or contact details used for sending marketing communications and your preferences for receiving specific types of communications from us (e.g., events, store openings, sales, etc.).

7. Purchase History: Details regarding your order history, order specifics, billing address, and mailing address.

8. Additional Information: Other data collected from time to time that is not explicitly mentioned in this Privacy Policy, but is utilized in accordance with this Privacy Policy or as disclosed at the point of collection.

Other Sources We may also collect information related to you from:

1. Business Partners (e.g., advertising/marketing partners).

2. Data Providers (e.g., information/database services and data suppliers).

Information Obtained from Third-Party Services and Platforms If you log in to the Sites using a third-party service or platform (e.g., Facebook, Google, etc.) or link your third-party service or platform account to your account on the Sites, we may collect information from that network, service, or platform. You may also be asked to provide us with additional information through the third-party service, such as a list of your contacts and connections, as well as your email address, which you may choose to decline at your discretion. For more details on your privacy choices, please refer to Section 13 - Your Choices below.

       1. Automatic Data Collection. We, in conjunction with some or all of our service providers, may automatically gather specific information about you, your computer, and/or mobile device, including your activity and actions on the Sites. This information includes:

      2. Online Activity (non-exhaustive list): URLs and/or landing screens you viewed, time spent on a specific screen or page, your navigation paths between screens or pages, access times, and duration of access.

       3. Device Data (non-exhaustive list): Your computer, mobile device, or other access point's operating system; the type and version of the operating system, the browser you are using, your IP address, the website you visited prior to landing on our site, and general geographic information, such as your region, city, state, and/or country.

     4. Cookies and Similar Technologies. Some of our automatic data collection is facilitated by cookies and/or similar technologies. For additional information, please refer to our Cookie Policy.

Section 2 – TheMillionScentsByRose's Utilization of Your Personal Information

Your personal data may be put to use for the following purposes, as elaborated below and as may be additionally delineated in this Privacy Policy or during the information collection process.

A. Provision of Our Services. We may employ your personal information to:

• Facilitate, run, and enhance our Service, including enabling you to make acquisitions of scenting equipment, oils, accessories, and other products available for purchase on the Sites.
• Create and maintain your account on our Service.
• Manage your account on our Service.
• Communicate with you regarding our Service, which may encompass specific notifications, alerts, and support and administrative messages.
• Offer customer support and service maintenance for our Service.

B. Research & Development (R&D). Your personal information may be employed for R&D objectives, which can encompass data analysis to enhance our Service, Sites, and business.

C. Adherence to Laws and Regulations. We may utilize your personal data to comply with applicable laws, legal requests, and legal procedures (e.g., subpoenas or government authorities' requests).

D. Direct Marketing. If you have previously engaged with Aroma360 as a customer (e.g., you have placed an order with us), we may utilize certain Personal Data you provided to dispatch marketing communications regarding Aroma360 services or products, unless restricted by applicable law (or unless you have opted out). In certain cases, we may seek your consent to transmit promotional and/or marketing information to you. Additionally, we may make use of the information you provide, as well as data from other Aroma360 products or services, such as your interaction with Aroma360's website and/or apps, to personalize advertisements or other communications related to our services and products that may be of interest to you. For registered users, this information might include data gathered from your interactions with our websites or apps linked to your account. YOU WILL HAVE THE OPTION TO OPT-OUT OF OUR PROMOTIONAL AND MARKETING COMMUNICATIONS, AS OUTLINED BELOW IN THE "YOUR CHOICES" SECTION.

E. Anonymous Data. We may create aggregated, de-personalized, or other anonymous records from your personal information and the personal information of other individuals we collect data from. Personal information is converted into anonymous data by excluding details (e.g., your name) that would identify the data as specifically linked to you. We may utilize this anonymous data and share it with third parties for business purposes, such as Service improvement and business marketing and promotional endeavors.

F. Compliance, Fraud Prevention, and Safety. Your personal data may be utilized and disclosed to law enforcement, government authorities, and private entities when we believe it is necessary or suitable to (a) safeguard our, your, or others' rights, privacy, safety, or property (including initiating and defending legal claims); (b) scrutinize our internal processes for compliance with legal and contractual obligations; (c) enforce the terms and conditions governing the Service; and (d) safeguard, investigate, and avert fraudulent, harmful, unauthorized, unethical, or illegal activities, including cyber-attacks and identity theft.

E. Interest-Based Advertising. We may collaborate with third-party advertising companies and social media platforms to deliver ads on our Service and affiliated websites. These partner entities may utilize cookies and similar technologies to gather data about you (e.g., online activity data, device data, and/or geolocation data) over time, encompassing interactions with marketing emails, and utilize this information to present ads they believe will pique your interest. These ads are recognized as "interest-based advertisements." To find out more about your options for limiting interest-based advertising, consult the “Your Choices” section below and our Cookie Policy.

G. Adherence to Laws and Regulations. We may utilize your personal data to comply with applicable laws, legal requests, and legal procedures (e.g., subpoenas or government authorities' requests).

H. With Your Consent. On occasion, we may expressly seek your consent to collect, employ, or share your personal information (e.g., as required by law).

Section 3 – Disclosure of Your Personal Information

On occasion, we might disseminate your personal data to the following third parties, or as otherwise outlined in this Privacy Policy, or during data collection:

A. Partners. Our affiliated companies and partners, consistent with our Privacy Policy.

B. Marketing Collaborators. Third-party advertising firms gather data about your Site activity and other online services to support the promotion of our services, and/or use "hashed" customer lists shared for advertising similar users on their platforms.

C. Service Providers. Entities, businesses, and/or individuals providing services on our behalf or aiding our operations and logistics (e.g., order fulfillment, shipping, payment processing, customer support, hosting, analytics, email delivery, marketing, database management, returns, and fraud prevention/mitigation).

D. External Platforms. Social media and other third-party platforms linked to the Service (e.g., using Instagram or Facebook to access our Service or site). Please note that we lack control over any third party's utilization of your personal information.

E. Authorities and Others. Law enforcement, government authorities, and private entities when deemed necessary to comply with applicable laws or for the purposes of compliance, fraud prevention, and safety, as detailed above.

F. Public Domain. Other Service users and the general public when you disclose personal information for public use. For example, you may be able to review a product you've purchased, and your review, along with your name, will be visible. We cannot manage how other users or third parties employ the personal information you provide to them. Keep in mind that publicly posted information may be saved, cached, copied, captured (e.g., screenshots or photos), or stored elsewhere by others (e.g., Google, Yahoo, Bing) before you can edit or delete it.

G. Professional Advisors. Professionals (e.g., lawyers, accountants, auditors, and insurers) where required for the professional services they offer us.

Section 4 – Your Options

This section provides a comprehensive overview of the rights and choices accessible to all users.

A. Accessing or Modifying Your Account Data. If you've registered an account with us, you can review and modify specific personal information in your account profile by logging into your account.

B. Privacy Settings and Location Data. Users of our app can disable our access to their device's precise geolocation through their mobile device settings.

C. Opting out of Marketing Communications. You can decline marketing-related emails by following the opt-out or unsubscribe instructions located at the email's bottom. You may still receive service-related and other non-marketing emails. If you receive marketing SMS messages from us, you can opt out of further marketing text messages by replying STOP to the SMS message.

D. Managing Cookies. Most browsers allow you to remove and/or block cookies from the websites you visit. Refer to your browser settings for guidance. For more details, consult the "Your Choices" section in our Cookie Policy.

E. Electing Not to Share Personal Information. If you fail to provide the necessary information for us to provide the Service, we may be unable to offer you the Service or specific Service features. We will notify you of the requisite information needed to access a Service at the point of request.

F. Advertising Preferences. You have the option to opt out of interest-based advertising. Further information is available in the "Your Choices" section of our Cookie Policy.

G. Third-party Platforms or Social Media Networks. If you choose to create an account through or connect the Service with another third-party platform, you may have the ability to restrict the information we obtain from the third party when logging in to the Service using their authentication service or when linking your account. You may also have the option to adjust your settings through the third party's platform or service after connecting your account.

Section 5 – External Websites, Mobile Apps, and Services

The Sites may include links to other domains, websites, and online services operated by third parties. Please note that these links do not constitute an endorsement or confirmation of any affiliation with third parties. Furthermore, our content might appear on web pages or online services unrelated to our organization. It's important to understand that we do not oversee third-party websites or online services. Consequently, we cannot be held responsible for the actions of third parties. Different procedures and policies for collecting, using, and sharing personal information may apply to other websites, platforms, and online services you utilize. We encourage you to carefully review the privacy policies of these external websites and services.

Section 6 – Shopify

Our online store is powered by Shopify Inc., which provides us with the e-commerce platform to sell our products and services to you. Shopify stores your data, including information in their data storage, databases, and their general application, all of which are securely hosted. Data is stored on a protected server behind a firewall.

Payment:

If you select a direct payment gateway to complete your purchase, Shopify will store your credit card information securely. This information is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is retained only for as long as necessary to complete the purchase. Once the transaction is finalized, your purchase information is deleted. All direct payment gateways adhere to the PCI-DSS standards, which are governed by the PCI Security Standards Council—a collaborative effort involving major brands like Visa, MasterCard, American Express, and Discover. These PCI-DSS requirements help ensure the secure management of credit card data by our store and its service providers. For more detailed information, you may also refer to Shopify's Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).

Section 7 - Amendments To This Privacy Policy

We retain the right to amend this Privacy Policy as needed. In the event of substantial alterations to this Privacy Policy, we will inform you by revising the date of this Privacy Policy and publishing it on the Sites. If required by law, we will also use alternative methods, such as email or other means through the Service, to notify you of changes.

Any changes to this Privacy Policy become effective once we post the revised version (or as otherwise indicated at the time of posting). In all instances, your continued use of the Service following the posting of any modified Privacy Policy demonstrates your acceptance of the modified Privacy Policy terms.

Section 8 - Consent Age

The Service is not intended for use by individuals under the age of sixteen (16), and we do not knowingly collect information from individuals under the age of sixteen (16) through the Service. If we discover that we have inadvertently collected personal information from a minor without the necessary consent from the minor's parent or guardian as stipulated by law, we will promptly delete it. By utilizing the Service, you affirm that you are either of the legal age of majority in your state or province of residence or that you are of legal age in your state or province of residence and have secured the requisite consent to permit any of your minor dependents to access this site.

Section 9 - Security Measures

We prioritize the security of your personal information and have implemented a comprehensive array of organizational, technical, and physical safeguards to safeguard the personal data we gather. Nonetheless, it's essential to recognize that there are inherent security risks in internet and data technologies, and, as a result, we cannot provide an absolute guarantee regarding the security of your personal information in situations that may be beyond our control.

 

 

 

Section 10 - How To Reach Us

Should you have any questions or comments regarding this Policy or our privacy procedures, please reach out to us at info@themillionscentsbyrose.com. 

Section 11 - Notification for California Residents

In compliance with the California Consumer Privacy Act of 2018 ("CCPA"), we are obligated to furnish California residents with an explanation of how we collect, use, and share their Personal Information and to outline the rights and choices offered to California residents concerning that Personal Information. For the purpose of this section, "Personal Information" carries the definition stipulated in the California Consumer Privacy Act of 2018 ("CCPA").

Personal information collection, usage, and sharing. We do not sell personal information. As we elucidate in this Privacy Policy, we employ cookies and other tracking tools to analyze website traffic and facilitate advertising. We also collaborate with third-party advertising and social media companies such as Google and Facebook that gather device data and online activity data from website visitors to assist in delivering interest-based advertisements to you. Please consult the Interest-based advertising section above and our Cookie Policy for more details.

The table below provides an overview of how we collect, use, and share Personal Information, categorized according to CCPA specifications. It delineates our practices during the 12 months preceding the effective date of this Privacy Policy.

Category of personal information (PI)	Category of personal information (PI)	Source of PI
Identifiers	Contact data Registration data Data about others Profile data Communications Marketing data Purchase data	You Business partners Data providers Public sources Third-party platforms
Commercial Information	Contact data Registration data Purchase data Communications Marketing data Device data Online activity data	You Business partners Data providers Public sources Automatic collection
Financial Information	Purchase data	You Business partners
Online Identifiers	Device data Online activity data	Automatic collection
Internet or Network Information	Device data Online activity data	Automatic collection
Inferences	Device data Online activity data
Protected Classification Characteristics	We do not intentionally collect this information but it may be revealed in profile data or other information we collect.
Sensory Information	Security data, such as security camera footage collected at our retail stores and office locations	Automatic collection

 

The business and commercial purposes for collecting this information are expounded upon in the section titled How We Use Your Personal Information above. Details regarding the categories of third parties with whom we share this information are available in the section titled How We Share Your Personal Information.

Your California Privacy Rights. The CCPA grants California residents the following rights. However, it's essential to note that these rights are not absolute, and in specific cases, we may decline your request as permitted by law.

1. Information: You may request information about how we have collected, used, and shared your Personal Information over the past twelve (12) months, which includes:

• The categories of Personal Information we have collected.
• The sources from which we collected Personal Information.
• The business or commercial purposes for collecting and/or selling Personal Information.
• The categories of third parties with whom we share Personal Information.
• Whether we have disclosed your Personal Information for business purposes, and if so, the categories of Personal Information received by each category of third-party recipient.
• Whether we have sold your Personal Information, and if so, the categories of Personal Information received by each category of third-party recipient.

1. Access: You have the right to request a copy of the Personal Information collected about you during the previous 12 months.

2. Deletion: You may ask us to delete the Personal Information we have collected from you.

You are entitled to exercise the rights mentioned above without facing any discrimination in the form of price increases or quality reductions that are legally prohibited in relation to our Service.

For information on how you can opt out of the use of your data for interest-based advertising, please refer to the "Your Choices" section in our Cookie Policy.

How to exercise your California rights. You can exercise your California privacy rights as described above through the following means:

Right to information, access, and deletion: To exercise your right to access, delete, or receive information about your data, please email info@themillionscentsbyrose.com. We reserve the right to verify your California residence to process your requests and may need to confirm your identity to fulfill your requests regarding your data. This process may require government identification. In accordance with California law, you may appoint an authorized agent to make requests on your behalf. To designate an authorized agent, you must provide a valid power of attorney, the requester's valid government-issued identification, and the authorized agent's valid government-issued identification. We cannot process your request without sufficient information to understand and respond effectively.

Request for a list of third-party marketers: According to California's "Shine the Light" law (California Civil Code § 1798.83), residents can request certain information about companies' sharing of specific personal information with third parties for direct marketing purposes during the preceding year. To submit such a request, please send an email to info@themillionscentsbyrose.com with "California" in the subject line. Your request must include your current name, street address, city, state, zip code, and confirmation of California residency.

We cannot process your request without sufficient detail to enable us to understand and respond to it.

Section 12 - TheMillionScentsByRose Cookie Policy

This Cookie Policy elucidates how TheMillionScentsByRose, LLC ("TheMillionScentsByRose," "we," "us," or "our") utilizes cookies and akin technologies concerning the www.themillionscentsbyrose.com website and any other website under our ownership or control, linked to this Cookie Policy (collectively, the "Sites"). It also applies to TheMillionScentsByRose's mobile application and any additional mobile applications under our ownership or control, connected to or linked to this Cookie Policy (collectively, the "Apps").

A. What do Cookies Represent?

Cookies are small data files deposited on your computer or mobile device when you visit a website. They serve various purposes, such as helping us comprehend the usage of a site, enabling efficient navigation between pages, storing your preferences, and generally enhancing your browsing experience.

We utilize two primary categories of cookies: (1) first-party cookies, which we directly serve to your computer or mobile device, enabling us to recognize it when revisiting our Sites; and (2) third-party cookies, delivered by service providers or business partners on our Sites. These third-party cookies can be employed for purposes like site analytics, advertising, and integrating social media features.

B. What Cookie and Tracking Technologies Does TheMillionScentsByRose Utilize on the Sites?

On our Sites, we employ cookies and other tracking technologies categorized as follows:

Type	Description	Who serves the cookies	How to control them
Advertising	These cookies are used by advertising companies to collect information about how you use our Sites and other websites over time. These companies use this information to show you ads they believe will be relevant to you within our Service and elsewhere, and to measure how the ads perform.	Google Facebook Sailthru Horizon Criteo Bounce Exchange Klaviyo	See 'your choices' below.
Analytics	These cookies help us understand how our Service is performing and being used. These cookies may work with web beacons included in emails we send to track which emails are opened and which links are clicked by recipients.	Google Analytics Signifyd Flow.io	Google Analytics uses its own cookies. You can find out more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our Sites by downloading and installing a browser plugin available here. See 'your choices' below.
Essential	These cookies are necessary to allow the technical operation of our Service (e.g., they enable you to move around on a website and to use its features).	Google Tag Manager	See ‘your choices’ below.
Functionality/ Performance	Enhance the performance and functionality of our Sites.	ThreatMetrix	See ‘your choices’ below.

C. Additional Technologies

In addition to cookies, our Sites may employ other technologies, including Flash technology and pixel tags, to automatically collect information.

D. Web Beacons

We may also utilize web beacons (also known as pixel tags and clear GIFs) on our Sites and within HTML-formatted emails to track user actions on our Sites and interactions with our emails. Unlike cookies, which are stored on your computer or mobile device's hard drive, pixel tags are discreetly embedded within web pages or HTML-formatted emails. They serve to confirm the access of a webpage or the viewing of specific content. Typically, pixel tags are used to evaluate the success of our marketing campaigns, engagement with our emails, and to compile usage statistics for effective content management.

E. Mobile Application Software Development Kits (SDKs)

Within our Apps, we may integrate third-party software development kits ("SDKs"). SDKs are third-party code that serves various purposes, such as offering analytics on mobile application usage, connecting with social media platforms, adding features to our Apps, or supporting online advertising. These SDKs may enable third parties to directly collect information through our Apps.

Section 13 - Your Options

Similar to numerous other companies providing online services, we utilize solutions offered by Google, Meta, and other entities employing tracking technologies. You have various choices to opt out of the utilization of your personal data for Interest-Based Advertising by these entities, which include:

1. Disabling cookies in your web browser: Most web browsers enable you to delete or decline cookies, encompassing those employed for interest-based advertising. You can perform this action by following your browser settings. Typically, browsers accept cookies by default, but you can change these settings. For comprehensive details about cookies, such as how to identify, manage, and remove them from your device, visit allaboutcookies.org.

2. Preventing the use of advertising IDs on your mobile settings: Your mobile device settings may offer the option to restrict the use of your mobile device's advertising ID for interest-based advertising.

3. Utilizing privacy plugins or privacy-focused browsers: You can prevent our websites from installing cookies utilized for interest-based advertisements by adopting a browser equipped with privacy features like Brave or by installing browser extensions such as Privacy Badger, Ghostery, or uBlock Origin, and configuring them to block third-party cookies and trackers.

4. Platform-specific opt-outs: Several advertising partners provide opt-out choices that enable you to abstain from using your data for interest-based advertising through their platforms:

   • Google: Opt-out link - https://adssettings.google.com
   • Facebook: Opt-out link - https://www.facebook.com/about/ads
   • Criteo: Opt-out link - https://www.criteo.com/privacy/disable-criteo-services-on-internet-browsers/
   • Bounce Exchange: Opt-out link - https://www.bouncex.com/privacy/your-ad-choices/

5. Advertising industry opt-out tools: Some of our business associates who collect information regarding user activities on our Sites or Apps may be affiliated with associations or programs that offer users options for controlling their browsing behavior and mobile application usage for targeted advertising purposes. You can avail yourself of the following opt-out selections to restrict the usage of your data for interest-based advertising by collaborating companies:

   • Digital Advertising Alliance: Opt-out link - http://optout.aboutads.info
   • Network Advertising Initiative: Opt-out link - http://optout.networkadvertising.org/?c=1

6. European users may decline receiving targeted ads on websites by utilizing the services of the European Interactive Digital Advertising Alliance. Select your country, and then click on "Choices" or a similarly named link.

7. Users of our Apps can opt out of receiving targeted mobile app ads by utilizing the AppChoices mobile application, available here, and choosing your preferences.

Please be aware that we may collaborate with companies providing their own opt-out methods, which may not be part of the opt-out mechanisms linked above.

Opting out of targeted advertisements does not eliminate all online ads; however, they might become less pertinent to your interests. Even if you opt-out, it's important to note that not all companies engaged in online behavioral advertising are included in this list. As a result, you may still receive some cookies and personalized ads from companies that are not listed here.

For further insights into how we collect, utilize, and share your data, please refer to our Privacy Policy.

Section 14 - Revisions

Information about the cookies we employ may be periodically modified. We encourage you to revisit this section regularly for potential updates.

Section 15 - Queries & Contact Information

For any requests regarding accessing, rectifying, modifying, or deleting your personal information, filing a complaint, or seeking additional information, please contact our Privacy Compliance Officer at support@themillionscentsbyrose.com.