Last Updated: November 14, 2016
1. Collection of Information by Rodan + Fields
Rodan + Fields collects two basic types of information through the Site: "Personally Identifiable Information" ("PII") and "Non-Personally Identifiable Information" ("Non-PII"). Personally Identifiable Information is information about an identified individual, or an individual who is reasonably identifiable, and can include names and addresses. In addition, Rodan + Fields may collect a subset of PII, known as “sensitive information,” which may include health information about an individual. Non-Personally Identifiable Information is aggregated information, demographic information, IP addresses and any other information that does not reveal your specific identity.
You do not have to provide PII to use the Site. You are able to visit our Site anonymously and, on some occasions, you may be able to interact with us anonymously or by using a pseudonym. However, to take advantage of particular opportunities provided through the Site (for example, to sign up for newsletters), or to place orders for Rodan + Fields products, we may require that you furnish PII. We collect PII from you through the Site only when you voluntarily provide it to us. For example, if you decide to complete a user registration form, complete an online survey or make a purchase, you may be asked to provide certain information such as your contact information (name, email address, mailing address and telephone number). If you decide to place an order, we will also need to know your delivery and billing address, credit card number and expiration date. To protect PII, users registering at the Site must also enter a user name/email address and password. By making a purchase, you become a registered user of rodanandfields.com.au. Once you are a registered user, information needed to make a purchase is stored in your account—such as your credit card number, shipping and billing addresses. If you change your mind about storing this information, you can email Sales Support at email@example.com to amend or delete this information. If you would prefer that we not collect any PII from you, please do not provide us with any such information.
When you visit and interact with the Site, Rodan + Fields and third parties with whom Rodan + Fields has contracted to provide services may collect Non-PII (for example, a catalogue of the Site pages you visit). Non-PII is generally collected through the Site from five different sources: (i) server log files; (ii) environmental variables; (iii) cookies; (iv) pixel tags and other similar technologies; and (v) information that you voluntarily provide.
i. Server Log Files. Your Internet Protocol (IP) address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). This number is identified and logged automatically in our server log files whenever you visit the Site, along with the time(s) of your visit(s) and the page(s) that you visited. We use your IP address, and the IP addresses of all users, for purposes such as calculating Site usage levels, helping diagnose problems with the Site's servers, administering the Site, analysing trends, administering the Site, tracking traffic patterns, and gathering demographic information for aggregate use. Collecting IP addresses is standard practice on the Internet and is done automatically by many websites. If you access a Rodan + Fields website or application via a mobile device such as a smartphone, the collected information may also include your phone’s unique device ID, location, and other similar mobile device data.
ii. Environmental Variables. We and our service providers may also collect certain environmental variables, such as your MAC address, computer type (Windows or Macintosh), screen resolution, OS version, Internet browser, and Internet browser version. These environmental variables are collected by most browsers, and can be used to optimise your experience on the Site.
iv. Pixel Tags. We and our service providers may also use so-called "pixel tags," "web beacons," "clear GIFs" or similar means (collectively, "Pixel Tags") in connection with some Site pages and HTML-formatted email messages to, among other things, compile aggregate statistics about Site usage and response rates. A Pixel Tag is an electronic image, often a single pixel (1x1), that is ordinarily not visible to Site visitors and may be associated with Cookies on the visitors’ hard drives. Pixel Tags allow us to count users who have visited certain pages of the Site, to deliver branded services, and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, Pixel Tags can tell the sender whether and when the email has been opened.
2. Use of Personally Identifiable Information by Rodan + Fields
ii. Payment of Commissions and Other Consultant Business. Rodan + Fields may use your PII for business purposes. Such uses may include the payment of commissions to Consultants, recognition and awards or communications to Consultants regarding their account status.
Likewise, if you have contacted us with a product or health concern and have elected to provide us with sensitive information, we may use this information to respond to your query and track any reported issues relating to product concerns, or any other purpose that was disclosed to you at the time of collection.
v. Purchases. When you make a purchase through the Site, we may collect your credit card number or other payment account number, billing address and other information related to your purchase (collectively, "Payment Information") from you, and may use your Payment Information in order to fulfil your purchase.
vi. Emails to Friends. We may provide functionality to permit you to send messages regarding Site-related content to a friend through the Site. If you wish to use this feature, you may provide us with your friend’s email address so that we can facilitate your sending of such messages to your friend.
viii. Internal Business Purposes. We may also use your PII for our internal business purposes, such as data analysis, audits and so forth.
b. Non-Personally Identifiable Information. We may use the information that you provide in aggregate (Non-PII) form for internal business purposes, such as generating statistics and developing marketing plans. We may collect, store or accumulate certain Non-PII concerning your use of the Site, such as information regarding which of our pages are most popular. We may share or transfer Non-PII with or to our Consultants, licensees and partners and we reserve the right to share such Non-PII, which does not personally identify you, with Consultants and other third parties, for any purpose.
c. In some instances, we may combine Non-PII with PII (such as embedding email addresses in cookies). If we do combine any Non-PII with PII, the combined information will be treated by us as PII as long as it is so combined (see Section 2(a) above).
In addition, Rodan + Fields will share Consultant PII with other Consultants, including a Consultant's upline up to ten levels in the Consultant's upline or six levels in any pre-enrolee's upline (if applicable) for the purpose of conducting business related to the Rodan + Fields program. For example, such disclosures may be for the purposes of enrolling a new Consultant, reporting on sales or for the purposes of recognition, incentives and rewards.
By enrolling as a Consultant, you agree that R+F may share your PII, in the manner indicated above.
We will not provide your PII to third parties for their use in marketing third-party products or services to you without your consent.
Please note that any PII that you provide in connection with sending messages regarding Site-related content to a friend through the Site, such as your name and your email address, will of course be disclosed to your friend.
We reserve the right to transfer any and all information that we collect from Site users to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of the business, assets or stock (including without limitation in connection with any bankruptcy or similar proceedings) of Rodan + Fields or any of its subsidiaries or affiliates.
We realise that our customers trust us to protect their personal information. We take that task seriously. We maintain physical, electronic and procedural safeguards to protect your personal information. We implement various security measures and tools, such as firewalls, to help protect against the loss, misuse and alteration of the information under our control. For example:
- We use industry-standard Secure Sockets Layer (“SSL”) authentication to guarantee the confidentiality of online transactions made on our site. SSL authentication and encryption of the information that you send to us over the Internet help protect your online transaction information from third-party interception.
- We never display your full credit card number once it is entered. We will only reveal the last four digits of your credit card for verification purposes.
Data transmission over the Internet or data storage system cannot be guaranteed to be 100% secure. There is always a risk that third parties may unlawfully intercept transmissions. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account that you might have with us has been compromised), please notify us of the problem by emailing us at firstname.lastname@example.org.
6. Measures You Can Take
It is important for you to play a role in keeping your information safe and secure. When signing up for an online account, please be sure to choose an account password that is hard for others to guess and never to reveal it to anyone else. If you use a shared or public computer, never choose to have your login ID or password remembered and make sure to log out of your account every time you leave the computer.
7. Other information
The Site is controlled and operated by Rodan + Fields from the United States, and is not intended to subject Rodan + Fields to the laws or jurisdiction of any state, country or territory other than that of the United States. Rodan + Fields does not represent or warrant that the Site, or any part thereof, is appropriate or available for use in any particular jurisdiction. Those who choose to access the Site do so on their own initiative and at their own risk, and are responsible for complying with all local laws, rules and regulations. We may limit the Site's availability, in whole or in part, to any person, geographic area or jurisdiction we choose, at any time and in our sole discretion.
8. Transfer of Information Outside Your Home Country
9. Updating and Accessing Your Information
You have the ability to change and/or correct the PII that you provide us by emailing us at email@example.com. You also have the right to ask in writing whether we hold any personal information about you, to see that information, and how we collect, use or disclose your personal information. We may not be able to provide you with all the information that you request, depending on the circumstances, and there may be a charge for any copy of personal information requested. Where we do not correct your PII or grant you access to your PII, we will provide you with a written notice setting out the reasons for our refusal and the mechanisms you can use to complain about the refusal. You may request that we deactivate your account by emailing us at firstname.lastname@example.org.
Please note that we will retain your information for as long as necessary to effectuate the purpose for which it was collected, or if required, to comply with our legal obligations.
We will endeavour to comply with your request as soon as reasonably practicable. Please note that if you opt-out as described above, we will not be able to remove PII from the databases of Consultants or third parties with which we have already shared PII (i.e., to which we have already provided PII about you as of the date that we implement your opt-out request). If you wish to cease receiving marketing-related emails from such Consultants or third parties, please contact such Consultants or third parties directly or utilise any opt-out mechanisms set forth in their respective privacy policies or marketing-related emails.
12. Social Commerce and Other Third Parties
We work with trusted third parties, including social network sites such as Facebook, and with applications and developers who specialise in social commerce, so that we can connect to your social networks. Other social networks we use include Twitter, Pinterest, Instagram, Vine and YouTube. All of these companies operate Third-Party Sites. We provide access to our Site by third parties and business partners so that we can generate interest in our products among members of your social networks and to allow you to share product interests with friends in your network.
The use of any features made available to you on our Site by a third party may result in information being collected or shared about you by us or by the third party. If you do not want us to be able to access information about you from Third Party Sites, you must instruct Third-Party Sites not to share the information. We cannot control how your data is collected, stored, used or shared by Third-Party Sites or to whom it is disclosed. Please be sure to review the privacy policies and privacy settings on your social networking sites to make sure you understand the information they are sharing. If you do not want a Third-Party Site to share information about you, you must contact that site and determine whether it gives you the opportunity to opt-out of sharing such information. Rodan + Fields is not responsible for how these third parties may use information collected from or about you. However, we do identify any areas on our Site where third parties share information about you.
If you have any concerns about your privacy or believe that your privacy may have been compromised, please contact us by email at email@example.com. A member of our privacy team will contact you within 10 business days to confirm receipt of your compliant. We will then investigate your complaint and provide you with our response within a reasonable time. If you still consider that your privacy complaint remains unresolved, you may then take your complaint to the Office of the Australian Information Commissioner (“OAIC”). Further information is available at the OAIC’s website www.oaic.gov.au.
If you have any questions or comments about the Site's privacy practices, please contact us by email at firstname.lastname@example.org. Please note that email communications will not necessarily be secure; accordingly you should not include credit card information or other sensitive information in your email correspondence with us.