This Privacy Notice applies to you if you are a Customer or Consumer of ours – this is where you engage with us as a Customer when buying directly from us, signing up to one of our brand-led newsletters, entering a competition or joining a membership or an affiliate scheme. You may also contact us as a Consumer about our products – whether you bought products from us directly or via a retailer.
We set out below information on the personal data we might collect or hold about you, how and why we use it, who we share it with, how we protect it and keep it secure, and your rights around your personal data.
You must be at least 18 years old or older to use our services and sign up to promotional content unless the local laws where you are based or the terms for a specific service or marketing sign-up state otherwise. Not all the information set out below may apply to you. We have detailed many possible scenarios how we may interact with each other, but this notice may apply to scenarios that are not listed, too.
“Huda Beauty”, “us”, “our” or “we” means any company within the Huda Beauty Group of Companies. A list of the operating companies are below:
COMPANY NAME | COUNTRY OF INCORPORATION |
---|---|
Huda Beauty DMCC | United Arab Emirates |
Huda Beauty FZ-LLC | United Arab Emirates |
HB UK Hold Co | United Kingdom |
Huda Beauty LLC | United Arab Emirates |
HB USA Holdings Inc | United States of America |
HB FR SAS | France |
Kayali DMCC | United Arab Emirates |
Kayali Beauty Products Trading DWC FZ LLC | United Arab Emirates |
H B Beauty Products Trading DWC FZ LLC | United Arab Emirates |
All those Huda Beauty Group of Companies are jointly responsible for the personal data that you share with us as we are the “controller” for the purposes of applicable data protection laws.
This Privacy Notice does not apply to Huda Beauty employees and shareholders. It does not cover other companies or organisations (which advertise our products and services and use cookies, tags and other tracking technologies) collecting and using your personal data to offer relevant online advertisements to you. You should review their cookie and privacy policies before giving them your personal information.
We want to provide you with certainty that your personal information is being treated with care and safety, and feel comfortable to share information with us. We therefore promise to:
“Personal data” means any information or pieces of information that could identify you either directly (e.g. your name) or indirectly (e.g. through pseudonymised data, such as a unique ID number). This means that personal data includes things like email/home addresses, usernames, profile pictures, personal preferences and shopping habits, User Generated Content, financial information, and health information. It could also include unique numerical identifiers like your computer’s IP address, as well as cookies.
Our aim is to give you a personalised experience as much as possible when you engage with us. This could be while scrolling our website, placing orders, signing up for rewards programmes or even completing surveys or entering competitions.
How do we collect or receive your personal data?
There are many ways we may collect or receive your personal data, including via our websites, forms, apps, devices, third party sellers or our brand pages on social media. Sometimes you give this to us directly (e.g. when you create an account, when you contact us, when you purchase from our websites or stores or when you enter a competition or promotion), sometimes we collect it (e.g. using cookies to understand how you use our websites and apps) or sometimes we receive your personal data from other third parties including other Huda Beauty Group entities (e.g. when you mention Huda Beauty products or services on non-Huda Beauty pages or social media platforms or smart devices, e.g. voice assistant platform providers).
The table below sets out which legal basis we rely on when processing your personal data.
To explain what a ‘legal basis’ is – under data protection laws, the legal basis for the processing of your personal data can be:
When we collect personal data, we will indicate which types of personal data are mandatory via asterisks (eg.mandatory information to allow us to create your account or deliver the goods you have purchased on our websites/apps). If you do not provide the personal data marked with an asterisk, this may affect the goods and services that we can provide.
What ways could we collect your personal data? | What data may we hold about you? | How and why we may use it? | What is the legal basis for being able to process this data? |
---|---|---|---|
Account creation and management Where we collect your personal data while creating or managing your account on Huda Beauty websites or through a social media login or in store. |
|
To:
|
|
Newsletter and marketing subscription and Your Profile Where your personal data is collected when you subscribe to receive our marketing communications and in building Your Profile to personalise our communications to you. |
|
To:
|
|
Purchases and order management Where your personal data are collected during the purchase process made on Huda Beauty websites/apps, in store or on voice assistant platforms. |
|
To:
|
|
Online browsing Where your personal data are collected by cookies or similar technologies (“cookies”*) when you browse Huda Beauty websites/apps or on third-party websites/apps where we have cookies. *cookies are small text files stored on your device (computer, tablet or mobile) when you are on the Internet, including on Huda Beauty websites |
|
We use cookies, together with other personal data you have already shared with us (such as previous purchases, or whether you’re signed up to our email newsletters)
You can opt out of targeted advertising in your browser settings. For opting out of targeted advertising on social media platforms, please visit the relevant social media platform to explore the options they may provide.
Please note that we only track your navigation on the website/app (e.g. mouse movements) to ensure our websites/apps function properly, for troubleshooting, and to improve user experience, as explained above. We do so in a way that does not identify you and use encryption mechanisms to ensure that the personal data provided on the website/app is always masked and never recorded.
|
|
Social Media Platforms Where your personal data are collected from your activity on social media platforms. |
We may get information you publicly post on social media platforms (e.g. TikTok) and use it to better understand how consumers view our products/services and interact with us. For example, we may use public posts to identify beauty trends. Where possible, we do this in a way that we are unable to directly identify you. We may also collect your personal data when you mention us on social media platforms. The personal data we collect may include:
If we want to re-use any content you post on social media platforms, we will always ask your permission first. |
To:
|
Our legitimate interests:
|
Promotions Where your personal data are collected during a competition, prize draw, game, contest, promotional offer, sample request, survey etc. |
Depending on the frequency of your interactions with us, this personal data may include:
|
To:
|
|
User Generated Content Where your personal data are collected when you submit content (for example images or ratings and reviews) on one of our websites (including our Communities)/apps/social media platforms, or accept our re-use of any content you posted on social media platforms. |
|
To:
|
|
App & Device Use Where your personal data are collected in connection with your use of our websites/apps and/or devices (for example when you provide your personal data when completing online forms or trying on our products virtually |
|
To:
|
|
Enquiries Where your personal data are collected when you ask questions (via customer service) relating to our brands, our products and their use, or your purchases, account or rights. |
|
To:
|
|
Our Premises Where your personal data are collected when you visit our premises (e.g. our store(s) or our hairdressing academy). |
|
To:
|
|
A Note on Sensitive Personal Data
The processing of special categories of personal data (or ‘sensitive personal data’) is limited to data made public by you or a third party on your behalf, or where you have given us consent to use such information. For example, we may need to understand your health, including dietary requirements, when preparing access and catering for an event you are attending, or when handling a query or complaint made by you. We will always check such requirements with you and you only need to provide the information you are comfortable with us using.
Automated Decision Making
Automated decision making means the ability to make decisions using technology, without human involvement.
We may use automated decision-making techniques for the purposes of securing transactions placed through our websites/apps and/or devices against fraud. In addition, we may use a third-party provider’s solution to protect our systems, assets, etc. against fraud.
The method of fraud detection is based on several different data prediction and data intelligence techniques that may change over time, to keep up with technological advancements. These may include, for example, simple comparisons, or association, clustering, prediction and outlier detections using intelligent agents, data fusion, and data mining techniques. This fraud detection process may be completely automated or may involve some human intervention where the final decision is taken by a person. In all cases, we take all reasonable precautions and safeguards to limit access to your data.
Tailoring Interests to You
To be able to send or display personalised communications or content, we may use a technique known as insights. This means we use automated processing of personal data to evaluate certain personal aspects about an individual, such as to analyse or predict aspects concerning personal preferences, interests, economic situation, reliability, behaviour, location or movements.
We do this to build Insights about you (‘Your Insights’). Your Insights include things such as: what you like, dislike, are passionate about and interested in, in addition to the information we know about you through your relationship with us, for example, products you have bought from us or been interested in, events and competitions you have attended or entered, and campaigns you have been interested in. We may collect personal data about you in the different scenarios mentioned in the table above and use this data to send or display communications and/or content specifically tailored to your interests and/or needs – both directly to you or through our use of social media platforms such as Facebook, Instagram and TikTok.
We ensure that we have an appropriate legal basis to process your personal data when conducting profiling activities. You may have the right to object at any time to the use of your personal data for insights purposes.
Joint Controllers
We are always responsible for personal data that we collect about you. In some cases, for example, when we collaborate with our trusted partners, we may be jointly responsible with those partners for protecting your personal data.
Our data protection commitments as joint controllers are as follows:
Where we work jointly with another party, we will inform you about your rights and other important information at the point we ask for your personal data.
Selling Personal Data
We would not sell your personal data for Huda Beauty’s financial gain except in the case of a potential sale of the whole or part of the business. However, California law may characterise our sharing of personal information with companies that provide services to us, such as companies that help us to market or advertise our products and services to you, as "sales”. We may “sell” or may have “sold” the following categories of personal information for valuable consideration in instances where we offer you financial incentives such as discounts and special offers when you provide us with contact information and identifiers such as your name and email address. When you sign up for our loyalty or professional programs, email list or other discounts and special offers, you opt-in to a financial incentive. You may withdraw from a financial incentive at any time by opting out from our emails or closing your loyalty or professional member account. Generally, we do not assign monetary or other value to personal information; however, California law requires that we assign such value in the context of financial incentives. In such context, the value of the personal information is related to the estimated cost of providing the relevant financial incentive(s) for which the information was collected.
Sharing Personal Data Within the Huda Beauty Group of Companies
Where appropriate, we may share your personal data between our Group of Companies to build a central record, keep the information we hold about you up to date (for example, you may be a Customer of more than one of our brands), tailor our communications with you and to run analytics and perform statistics. This includes sharing your profile.
Access within the Huda Beauty Group will always be controlled on a need-to-know basis to fulfil our contractual obligation with you (such as to refund you), or to allow us to perform any necessary or legitimate functions. This may include sending you marketing communications about other brands but only where we have marketing permission to do so.
We may also share your personal data in a pseudonymised way (which de-identifies all personal information about you so it is undetectavle) within the Huda Beauty Group of Companies to develop new products, marketing campaigns, including those located outside of your country, for research and innovation purposes.
Sharing Personal Data With Our Third-Party Service Providers
We only provide them with the information they need to perform the service they are providing. We require them to keep it secure and tell them not to use it for any other purpose. For example, we may trust third parties to deliver services that require the processing of your personal data as follows:
We may also disclose your personal data to third parties beyond those that provide services to us, such as:
Sharing Personal Data With Our Own Trusted Partners
Your information may be shared with our trusted parties if they are co-creating content with us for an event. We will each use your personal data for our own purposes and as such your personal data will be used by the partner acting also as a controller, and its privacy policy shall govern the use of your personal data for its purposes.
We may share your User Generated Content such as ratings and reviews with our partners so it may be displayed on their websites.
We may publish content created by third parties. Where we do this, the third party may place a cookie on your device if you read this content. Please consult the third party’s cookie policy or cookie consent management platform for details on what information they may gather from the cookie, and how it is used.
We may also share personal data to display Huda Beauty content (for example recommended products/services) on our partners’ sites where you have agreed to receive advertising that is tailored to you (either by accepting our or our partners’ cookies, or by agreeing to receive our marketing). Where you accept our cookies from our partners, they may store a cookie on your device so you should read their privacy and cookies policy or consult their cookie consent management platform. In the other cases, we only share data that does not directly identify you with our partners. Our partners will then determine which of our products/services to display to visitors of their websites.
When we use advertising services from Google on our websites, apps and/or devices, Google will access and use your personal data when we utilise their services. If you would like to learn more about how Google uses your personal data in this context, please review their Google Privacy & Terms available here.
All Meta features and services available on our websites, apps and/or devices are governed by Meta’s privacy and security information (available here). Please visit Meta’s Privacy Center here if you would like more information on your privacy rights and settings options.
When you use any Meta features, we collect your data to help us to:
We may also use any personal data you provide us with on our websites, apps and/or devices (e.g. your name, email address, gender, and phone number), to identify you on Facebook or any of Meta’s other services (Instagram, Messenger etc.), in order to show you ads that are more relevant for you. While doing this, Meta will not share your personal data and will delete the information promptly after the matching process is complete.
We may publish content created by third parties. Where we do this, the third party may place a cookie on your device if you read this content. Please consult the third party’s cookie policy or cookie consent management platform for details on what information they may gather from the cookie, and how it is used.
We may also share personal data to display Huda Beauty content (for example recommended products/services) on our partners’ sites where you have agreed to receive advertising that is tailored to you (either by accepting our or our partners’ cookies, or by agreeing to receive our marketing). Where you accept our cookies from our partners, they may store a cookie on your device so you should read their privacy and cookies policy or consult their cookie consent management platform. In the other cases, we only share data that does not directly identify you with our partners. Our partners will then determine which of our products/services to display to visitors of their websites.
When we use advertising services from Google on our websites, apps and/or devices, Google will access and use your personal data when we utilise their services. If you would like to learn more about how Google uses your personal data in this context, please review their Google Privacy & Terms available here.
All Meta features and services available on our websites, apps and/or devices are governed by Meta’s privacy and security information (available here). Please visit Meta’s Privacy Center here if you would like more information on your privacy rights and settings options.
Where we store your personal data
The personal data that we collect from you may be transferred to, accessed in, and stored at a destination outside your home country. It may also be processed by staff operating outside your home country who work for us or for one of our service providers.
Where Huda Beauty transfers personal data outside of your home country, this will be done in a secure and lawful way. As some countries may not have laws governing the use and transfer of personal data, we will take steps to ensure that third parties adhere to the commitments set out in this Privacy Notice (e.g. reviewing their privacy and security standards and subjecting them to appropriate contractual obligations).
When we transfer your personal data outside of your home country, we:
For further information, please contact us as per the “Contact us” section below.
How long do we keep your personal data and how do we keep it secure?
We will keep your personal data for as long as we need it subject to the different use cases described above. For example, we retain certain personal data for the following periods:
We are committed to keeping your personal data secure and taking all reasonable steps to do so. We contractually require that trusted third parties who handle your personal data for us do the same. However, as no sharing of information via the Internet is completely secure, we cannot guarantee the security of your personal data transmitted to our site. Any sharing is therefore at your own risk.
Links to Third Party Sites and Social Accounts Used for Login Purposes
Our websites/apps may, from time to time, contain links to the websites of our partner networks, advertisers and/or affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you share any personal data with these websites.
We may also offer you the opportunity to use your social media login when interacting with our websites/apps. If you do so, please be aware that you will be sharing your social profile information with us. The personal data that is shared will depend on your social media platform settings. Please visit the relevant social media platform and review its privacy policy to understand how your personal data is shared and used in this context.
Social Media and User Generated Content
Some of our websites and apps allow users to submit their own content. Please remember that any content submitted to our social media platforms can be viewed by the public, and you should be cautious about providing certain personal data (e.g., financial information or address details). We are not responsible for any actions taken by other individuals if you post personal data on a social media platform or one of our websites (e.g., via a Community) and we recommend that you do not share such information.
Huda Beauty respects your right to privacy: it is important that you are able to control your personal data. You may have certain rights and choices over the personal data we collect from you. These rights may be limited depending on our rights as a business and/or the legal basis on which we use the data, but we will always explain where this is the case. We will take reasonable steps to verify your identity before granting access or making corrections to the information we hold about you. You may exercise these rights by contacting us using the details provided below.
Email Opt-Out
You can opt-out from our email marketing at any time by contacting us (see the ‘Contact Us’ section below). We will act on your request as quickly as we can, but it can take about 30 days to take effect due to system updates. We will add your email address to our opt-out list to make sure we continue to exclude you from future marketing communications.
Withdrawing Your Consent
You may also withdraw any consent you previously provided to us at any time by contacting us using the details provided below. This will not affect the lawfulness of our use of your personal data based on your consent before its withdrawal.
Reviewing, Correcting, Updating, Restricting, Objecting to Our Use of or Deleting Your Personal Data
You have the right to request access to and correction or erasure of the personal data we hold about you, or to request our use of this information to be restricted, as appropriate. You also have the right to object at any time to the use of your personal data for direct marketing purposes, including the profiling we do related to direct marketing and generating and maintaining your profile. Please note, if we cannot hold sufficient information in your profile or your account, we may have to reconsider how we engage with you, but we will always explain why.
These rights may be limited depending on our rights as a business and/or the legal basis on which we use the data, but we will always explain where this is the case.
Other Rights
You have the right to receive, in a structured, commonly used, and machine-readable format, the personal data that you have provided to us about you, with your consent or based on your contract with us. You also have the right to have this information transferred to another data controller, where it is technically feasible. You may exercise this right by contacting us using the details provided below. You may also lodge a complaint with a data protection authority about our use of your personal data, but we do ask that you contact us first and try to resolve any issues or causes for concern you may have.
How to Turn On/Off Cookies
The settings from the Internet browsers are usually programmed by default to accept cookies, but you can easily adjust them by changing the settings of your browser or, where available, by using the tools on our websites.
Many cookies are used to enhance the usability or functionality of a website; therefore, disabling some types of cookies may prevent you from using certain parts of our websites.
If you wish to manage your preferences regarding the cookies and other similar technologies that are set by our websites, you can navigate to the “Cookies Settings” link available in the footer of our websites or refer to the Help function within your browser to learn how to manage your settings within your browser. For more information, please consult the following link: https://www.aboutcookies.org/.
We may make changes to this Privacy Notice from time to time. Changes may be due to, for example, amendments to applicable laws, regulations, and industry practices, or due to changes we make to our services. We encourage you to review our Privacy Notice to stay informed.
If we make material changes that may affect your rights, we may provide additional notice, such as via email or via a notice on our website. If you continue to use our services after we publish or send a notice about any changes to our Privacy Notice, it will mean that you have read and understood the updated Privacy Notice.
If you have any questions or concerns about how we treat and use your personal data, or would like to exercise any of your rights as outlined above, please contact us at privacy@hudabeauty.com.