We are now shipping to your country! You can navigate to your local site.

Privacy Notice

 

WHO THIS NOTICE APPLIES TO?

+

This Privacy Notice applies to you if you are a Customer or Consumer of ours – this is where you engage with us as a Customer when buying directly from us, signing up to one of our brand-led newsletters, entering a competition or joining a membership or an affiliate scheme. You may also contact us as a Consumer about our products – whether you bought products from us directly or via a retailer.

We set out below information on the personal data we might collect or hold about you, how and why we use it, who we share it with, how we protect it and keep it secure, and your rights around your personal data.

You must be at least 18 years old or older to use our services and sign up to promotional content unless the local laws where you are based or the terms for a specific service or marketing sign-up state otherwise. Not all the information set out below may apply to you. We have detailed many possible scenarios how we may interact with each other, but this notice may apply to scenarios that are not listed, too.

WHO IS HUDA BEAUTY?

+

“Huda Beauty”, “us”, “our” or “we” means any company within the Huda Beauty Group of Companies. A list of the operating companies are below:

COMPANY NAME COUNTRY OF INCORPORATION
Huda Beauty DMCC United Arab Emirates
Huda Beauty FZ-LLC United Arab Emirates
HB UK Hold Co United Kingdom
Huda Beauty LLC United Arab Emirates
HB USA Holdings Inc United States of America
HB FR SAS France
Kayali DMCC United Arab Emirates
Kayali Beauty Products Trading DWC FZ LLC United Arab Emirates
H B Beauty Products Trading DWC FZ LLC United Arab Emirates

All those Huda Beauty Group of Companies are jointly responsible for the personal data that you share with us as we are the “controller” for the purposes of applicable data protection laws.

WHAT IS NOT COVERED BY THIS NOTICE

+

This Privacy Notice does not apply to Huda Beauty employees and shareholders. It does not cover other companies or organisations (which advertise our products and services and use cookies, tags and other tracking technologies) collecting and using your personal data to offer relevant online advertisements to you. You should review their cookie and privacy policies before giving them your personal information.

OUR PRIVACY UNDERTAKINGS TO YOU

+

We want to provide you with certainty that your personal information is being treated with care and safety, and feel comfortable to share information with us. We therefore promise to:

  1. Respect your privacy and your choices.
  2. Make sure that privacy and security are embedded in everything we do.
  3. Give you full control over receiving communications from us. You can change your mind at any time.
  4. Remain committed to keeping your personal data safe and secure. This includes only working with trusted partners.
  5. Be open and transparent about how we use your personal data.
  6. Use your personal data only in ways that have a legitimate interest, it is required by law, or where we have your consent.
  7. Respect your rights and will always try to accommodate your requests as far as is possible, in line with our own legal and operational responsibilities.

WHAT IS PERSONAL DATA?

+

“Personal data” means any information or pieces of information that could identify you either directly (e.g. your name) or indirectly (e.g. through pseudonymised data, such as a unique ID number). This means that personal data includes things like email/home addresses, usernames, profile pictures, personal preferences and shopping habits, User Generated Content, financial information, and health information. It could also include unique numerical identifiers like your computer’s IP address, as well as cookies.

WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU AND HOW DO WE USE IT?

+

Our aim is to give you a personalised experience as much as possible when you engage with us. This could be while scrolling our website, placing orders, signing up for rewards programmes or even completing surveys or entering competitions.

How do we collect or receive your personal data?

There are many ways we may collect or receive your personal data, including via our websites, forms, apps, devices, third party sellers or our brand pages on social media. Sometimes you give this to us directly (e.g. when you create an account, when you contact us, when you purchase from our websites or stores or when you enter a competition or promotion), sometimes we collect it (e.g. using cookies to understand how you use our websites and apps) or sometimes we receive your personal data from other third parties including other Huda Beauty Group entities (e.g. when you mention Huda Beauty products or services on non-Huda Beauty pages or social media platforms or smart devices, e.g. voice assistant platform providers).

The table below sets out which legal basis we rely on when processing your personal data.

To explain what a ‘legal basis’ is – under data protection laws, the legal basis for the processing of your personal data can be:

  • Your consent – where we ask for your agreement to use your personal data for a specific purpose.
  • The performance of a contract – where we need to process your personal data to provide you with a service or something under an agreement we have with you, or as part of preparing to enter into an agreement with you. An example of this would be the purchase of a product.
  • Our legitimate interests – where the use of your personal data is in our legitimate business interests, e.g., tailoring experiences for you based on your shopping preferences, responding to customer service requests.
  • To comply with a legal obligation – where we need to use your personal data for our own legal and regulatory compliance reasons (e.g., to comply with our tax and financial reporting obligations).

When we collect personal data, we will indicate which types of personal data are mandatory via asterisks (eg.mandatory information to allow us to create your account or deliver the goods you have purchased on our websites/apps). If you do not provide the personal data marked with an asterisk, this may affect the goods and services that we can provide.

What ways could we collect your personal data? What data may we hold about you? How and why we may use it? What is the legal basis for being able to process this data?

Account creation and management

Where we collect your personal data while creating or managing your account on Huda Beauty websites or through a social media login or in store.

  • First name and surname
  • Gender
  • Email address
  • Address
  • Phone number
  • Photo
  • Birthday or age range
  • ID/username and password
  • Personal description or preferences
  • Order and/or appointment details
  • Social media profile (where you use your social media login or share this personal data with us)
  • Loyalty code
  • User Generated Content
  • Other information you have shared with us about yourself (e.g. via your “My Account” page, by contacting us, a question via the chat function available on some websites, or by participating in a contest, game, survey etc.)

To:

  • Manage your account, orders and/or appointments
  • Send you marketing communications
    • (i) by direct means (email, SMS, postal mail)
    • (ii) by advertising display when you browse third-party sites
  • Give you better insights to tailor these communications to your interests, which may be tailored to your “profile” (i.e. based on the personal data we know about you and your preferences)
  • Offer and manage a loyalty program
  • Offer personalised services based on your beauty characteristics
  • Allow you to manage your preferences
  • Monitor and improve our websites
  • Run analytics or collect statistics
  • Secure our websites and protect you and us against fraud
  • Display ads on Huda Beauty websites to create a unique experience when you visit our websites
  • Respond to your questions and otherwise interact with you
  • Manage any competitions, promotions, surveys or contests you enter
  • The performance of a contract: so you can create and manage your account, and provide you with the services that you request
  • Our legitimate interests:
    • (i) to improve our products and services
    • (ii) better engage with you
    • (iii) send or display personalised communications or content
    • (iv) prevent fraud or criminal activity
    • (v) maintain the security of our websites/apps
  • Consent, where we ask for consent (we don’t always rely on consent) to send you marketing messages

Newsletter and marketing subscription and Your Profile

Where your personal data is collected when you subscribe to receive our marketing communications and in building Your Profile to personalise our communications to you.

  • First name and surname
  • Email address
  • Gender
  • Address
  • Phone number
  • Birthday or age range
  • ID/username and password
  • Personal description or preferences
  • Order details
  • Social media profile (where you use your social media login or share this personal data with us)
  • User Generated Content
  • Other information you have shared with us about yourself
    • (e.g. via your “My Account” page, by contacting us via the customer service portal or our social media accounts, or by participating in a contest, game, survey, etc.)

To:

  • Send you marketing communications (where you have asked us to) which may be tailored to Your Profile based on the personal data we know or learn about you and your preferences
  • Personalise our marketing and advertising campaigns and create a unique experience when visiting our websites or mobile apps and our shops
  • Show you marketing communications on other websites, including social media platforms. Note that you may also see our ads on other websites, including on social media sites, but these may not be tailored to you
  • Keep an up-to-date suppression list if you have asked not to be contacted
  • Run analytics or collect statistics
  • Send content on your behalf to your friends and/or family
  • Consent (we don’t always rely on consent – see below) - so you can receive marketing communications from us
  • Our legitimate interests:
    • (i) to improve our products and services
    • (ii) better engage with you
    • (iii) send or display personalised marketing communications or content (profiling) both directly to you and online via third parties such as social media platforms like TikTok, Facebook, and Instagram
  • Legal obligation: maintain your contact information on a suppression list if you have asked us to stop sending you marketing messages

Purchases and order management

Where your personal data are collected during the purchase process made on Huda Beauty websites/apps, in store or on voice assistant platforms.

  • First name and surname
  • Email address
  • Address
  • Phone number
  • Personal description or preferences
  • Gender
  • Social media profile (where you use your social media login or share this personal data with us)
  • Transaction information including purchased products
  • Payment information
  • Purchase history

To:

  • Contact you to finalise your order where you have saved your shopping cart or placed products in your cart without completing the checkout process
  • Inform you when a product you wanted to purchase is available
  • Process your order including delivering the product to the address you indicated
  • Manage payment. Please note that your payment information (credit card number/PayPal/bank account details) are not collected by us directly, but by secure payment service providers
  • Manage any contact you have with us about your order and/or contact you to request feedback on our products/services
  • Secure your transactions against fraud. We may use a third-party provider’s solution to detect fraud and make sure that payment is completed
  • If you place a purchase using a registered account, we will add this transaction to Your Profile so we can understand your interests and preferences and you will see a record of your transactions with us within your account (where applicable)
  • Manage any dispute relating to a purchase
  • Run analytics or collect statistics
  • To send you commercial communications
    • (i) by direct means (email, SMS, postal mail)
    • (ii) by advertising display when you browse third-party sites
  • To enrich Your Profile to personalise these communications according to your interests
  • To display ads on Huda Beauty websites to create a unique experience when you visit our websites
  • The performance of a contract: so you can make a purchase and we can manage the associated logistics
  • Our legitimate interests:
    • (i) to improve our products and services
    • (ii) better engage with you
    • (iii) send or display personalised communications or content to you (profiling)
    • (iv) prevent fraud or criminal activity
    • (v) secure our tools
  • To comply with a legal obligation: to keep information we are required to
  • Consent (we don’t always rely on consent – see below) - so you can receive marketing communications from us

Online browsing

Where your personal data are collected by cookies or similar technologies (“cookies”*) when you browse Huda Beauty websites/apps or on third-party websites/apps where we have cookies.

*cookies are small text files stored on your device (computer, tablet or mobile) when you are on the Internet, including on Huda Beauty websites

  • Data related to your use of our websites, including:
    • Where you came from
    • Login details
    • Location
    • Data related to your navigation on our apps/websites, incl. scroll/mouse movement (but in a manner that does not identify you)
    • Videos you watched
    • Pages/ads/content you looked at, clicked or tapped on
    • Duration of your visit
    • Products you searched for and/or selected to create your basket
  • Technical information:
    • Your IP address
    • Browser information
    • Device information
    • Your unique ID which is given to each visitor, and the expiration date of the ID
    • Your visitor ID

We use cookies, together with other personal data you have already shared with us (such as previous purchases, or whether you’re signed up to our email newsletters)

  • To deliver targeted advertising, and show you:
    • online advertisements for products which may be of interest to you, based on your previous behaviour
    • ads and content on social media platforms or other websites

You can opt out of targeted advertising in your browser settings. For opting out of targeted advertising on social media platforms, please visit the relevant social media platform to explore the options they may provide.

  • To tailor our services for you to:
    • show you recommendations, marketing, or content based on Your Profile and interests
    • display our websites in a tailored way, for example, show you products we think you might like
  • To allow our websites/apps to function properly, that is to:
    • ensure the proper display of content
    • create and remember your shopping cart
    • create and remember your account login details
    • interface personalisation, such as language, or any user-interface customisation (i.e. parameters attached to your device including your screen resolution or font preference)
    • perform troubleshooting
    • improve user experience and our websites/apps, for example, by testing new ideas or layouts

Please note that we only track your navigation on the website/app (e.g. mouse movements) to ensure our websites/apps function properly, for troubleshooting, and to improve user experience, as explained above. We do so in a way that does not identify you and use encryption mechanisms to ensure that the personal data provided on the website/app is always masked and never recorded.

  • To ensure our websites/apps are secure and safe, and to protect you against fraud or misuse of our websites/apps or services
  • To run statistics, that is to:
    • avoid visitors being recorded twice
    • know users’ reactions to our advertising campaigns
    • improve our offers
    • understand how you discovered our websites/apps
  • To allow sharing of our content on social media platforms
  • To recognize returning users across all touchpoints using fingerprinting device intelligence technology
  • Our legitimate interest: to ensure that we provide you with websites/apps, advertisements, and communications that function properly, and to continuously improve cookies that are
    • (i) fundamental to the operation of our websites
    • (ii) used to ensure the protection and security of our websites
  • Consent for all other cookies

Social Media Platforms

Where your personal data are collected from your activity on social media platforms.

We may get information you publicly post on social media platforms (e.g. TikTok) and use it to better understand how consumers view our products/services and interact with us. For example, we may use public posts to identify beauty trends. Where possible, we do this in a way that we are unable to directly identify you.

We may also collect your personal data when you mention us on social media platforms. The personal data we collect may include:

  • Social media handle
  • Photo
  • Any comments mentioned in your post

If we want to re-use any content you post on social media platforms, we will always ask your permission first.

To:

  • Monitor and improve our websites and apps
  • Run analytics or collect statistics

Our legitimate interests:

  • (i) to improve our products and services;
  • (ii) better engage with you.

Promotions

Where your personal data are collected during a competition, prize draw, game, contest, promotional offer, sample request, survey etc.

Depending on the frequency of your interactions with us, this personal data may include:

  • First name and surname
  • Email address
  • Phone number
  • Birthday or age range
  • Gender
  • Address
  • Personal description or preferences
  • Social media profile (where you use your social media login or share this personal data with us)
  • User Generated Content
  • Other information you have shared with us about yourself
    • (e.g. via your “My Account” page, by contacting us, a question via the chat function available on some of our websites, or by participating in a contest, game, survey, etc.)

To:

  • Complete tasks that you have asked us to, for example, to manage your participation in the promotion or prize draw, taking into account your feedback and suggestions
  • Run analytics and statistics
  • Add your participation to Your Profile so we can understand your interests and preferences
  • Send you samples
  • The performance of a contract: so you may enter into the competition or prize draw and we can deliver the prize
  • Our legitimate interests: to send you communications related to your request, and to help us better understand your needs and expectations and thus improve our services, products, and brands
  • Consent: to provide you with the samples you have requested

User Generated Content

Where your personal data are collected when you submit content (for example images or ratings and reviews) on one of our websites (including our Communities)/apps/social media platforms, or accept our re-use of any content you posted on social media platforms.

  • First name and surname or alias
  • Email address
  • Photo
  • Personal description or preferences
  • Social media profile (where you use your social media login or share this personal data with us)
  • Other information you have shared with us about yourself
    • (e.g. via your “My Account” page, by contacting us, or by providing your own content such as photos or reviews, or a question via the chat function available on some websites)

To:

  • Use the content you have created and/or shared in accordance with the specific terms and conditions accepted by you (e.g., to post your review/content and to promote our products)
  • Contact you to request feedback on our products and/or services
  • Syndicate your ratings and reviews across our brand websites in other countries where we operate
  • Run analytics and compile statistics
  • Send you marketing communications, where you have asked us to, (via email, SMS, WhatsApp, social media platforms, etc.) which may be tailored to your “profile” based on the personal data (including your social media ‘handle’) we know or learn about you, and your preferences
  • Deliver social media targeted advertising, to show you:
    • online advertisements for products that may be of interest to you, based on your previous behaviour
    • ads and content on social media platforms such as Google, Meta, Snapchat, Amazon, Pinterest, TikTok, or other websites
    • Add your content to Your Profile so we can understand your interests and preferences
  • Consent: to reuse the content you've uploaded
  • Our legitimate interests: to help us better understand your needs and expectations and, in doing so, improve and promote our services, products, and brands

App & Device Use

Where your personal data are collected in connection with your use of our websites/apps and/or devices (for example when you provide your personal data when completing online forms or trying on our products virtually

  • First name and surname
  • Gender
  • Email address
  • Phone number
  • Photo
  • Location
  • Birthday and/or age range
  • Personal description or preferences, including characteristics such as skin tone, skin/hair type (e.g., your beauty profile)
  • Recordings of online consultations
  • Application or device usage data
  • Consultation data (pictures, attributes, scores, survey answers, products recommended)
  • Allergy alert test results
  • Answers to health and safety-related questions

To:

  • Provide you with the service(s) you requested (e.g., test our products virtually, enable you to purchase our products, provide you with online consultations to speak with an expert about your skin and receive bespoke skincare recommendations, advice, and notifications regarding your sun exposure, skin/hair routine, etc.)
  • Analyse your personal characteristics and recommend appropriate products (including bespoke products) and routines
  • Conduct research and innovation by scientists within the Huda Beauty Group
  • Monitor and improve our apps and devices
  • Run analytics and statistics
  • Send you commercial communications
    • directly (by email, SMS, postal mail)
    • by advertising display when you browse third-party sites
  • Enrich Your Profile to tailor these communications to your interests. For more details see the section on “Your Profile” following this table
  • Display advertisements on Huda Beauty websites to create a unique experience when you visit our websites
  • Consent: to send you commercial prospecting messages
  • The performance of a contract: to deliver the service you have requested (e.g., to enable you to try on products virtually)
  • Our legitimate interests: to improve our products and services to meet your needs and expectations, and advance research and innovation; to publish content

Enquiries

Where your personal data are collected when you ask questions (via customer service) relating to our brands, our products and their use, or your purchases, account or rights.

  • First name and surname
  • Phone number
  • Email address
  • Other information you have shared with us about yourself in relation to your enquiry (which may include welfare, health data, and call recordings)

To:

  • Answer and manage your enquiries – connect you with the appropriate service if necessary
  • Send you satisfaction surveys as a result of interactions with us (e.g., after a purchase or customer service contact)
  • Compile statistics
  • Add your questions or concerns to Your Profile so we can understand your interests and preferences
  • Monitor and prevent any adverse reactions related to the use of our products
  • Carry out studies concerning the safety or use of our products
  • Carry out and follow up on corrective actions taken, if necessary
  • The performance of a contract: to respond to your enquiries
  • Our legitimate interests:
    • (i) to improve our products and services
    • (ii) better engage with you
    • (iii) secure our tools
  • Consent: to process your request
  • Legal obligation: to comply with the legal obligation to monitor the adverse effects of our products

Our Premises

Where your personal data are collected when you visit our premises (e.g. our store(s) or our hairdressing academy).

  • Photo/Video captured via CCTV
  • Attendance/visitor forms (which may include the collection of welfare and health data)

To:

  • Assist in the prevention and detection of crime and manage enquiries
  • Help ensure the health, safety, and security of our employees and visitors
  • Help ensure the security of information located or stored within our premises or assets
  • Our legitimate interests:
    • (i) prevent fraud and criminal activity
    • (ii) secure our tools
  • Legal obligation: to meet health and safety requirements

A Note on Sensitive Personal Data

The processing of special categories of personal data (or ‘sensitive personal data’) is limited to data made public by you or a third party on your behalf, or where you have given us consent to use such information. For example, we may need to understand your health, including dietary requirements, when preparing access and catering for an event you are attending, or when handling a query or complaint made by you. We will always check such requirements with you and you only need to provide the information you are comfortable with us using.

Automated Decision Making

Automated decision making means the ability to make decisions using technology, without human involvement.

We may use automated decision-making techniques for the purposes of securing transactions placed through our websites/apps and/or devices against fraud. In addition, we may use a third-party provider’s solution to protect our systems, assets, etc. against fraud.

The method of fraud detection is based on several different data prediction and data intelligence techniques that may change over time, to keep up with technological advancements. These may include, for example, simple comparisons, or association, clustering, prediction and outlier detections using intelligent agents, data fusion, and data mining techniques. This fraud detection process may be completely automated or may involve some human intervention where the final decision is taken by a person. In all cases, we take all reasonable precautions and safeguards to limit access to your data.

Tailoring Interests to You

To be able to send or display personalised communications or content, we may use a technique known as insights. This means we use automated processing of personal data to evaluate certain personal aspects about an individual, such as to analyse or predict aspects concerning personal preferences, interests, economic situation, reliability, behaviour, location or movements.

We do this to build Insights about you (‘Your Insights’). Your Insights include things such as: what you like, dislike, are passionate about and interested in, in addition to the information we know about you through your relationship with us, for example, products you have bought from us or been interested in, events and competitions you have attended or entered, and campaigns you have been interested in. We may collect personal data about you in the different scenarios mentioned in the table above and use this data to send or display communications and/or content specifically tailored to your interests and/or needs – both directly to you or through our use of social media platforms such as Facebook, Instagram and TikTok.

We ensure that we have an appropriate legal basis to process your personal data when conducting profiling activities. You may have the right to object at any time to the use of your personal data for insights purposes.

Joint Controllers

We are always responsible for personal data that we collect about you. In some cases, for example, when we collaborate with our trusted partners, we may be jointly responsible with those partners for protecting your personal data.

Our data protection commitments as joint controllers are as follows:

  • We will agree on the respective roles and responsibilities of each party involved;
  • We will make sure that both parties are transparent about the joint purposes for processing your personal data, and explain how your personal data is used for these purposes;
  • We will make sure that you are always able to exercise your legal rights.

Where we work jointly with another party, we will inform you about your rights and other important information at the point we ask for your personal data.

SHARING YOUR PERSONAL DATA

+

Selling Personal Data

We would not sell your personal data for Huda Beauty’s financial gain except in the case of a potential sale of the whole or part of the business. However, California law may characterise our sharing of personal information with companies that provide services to us, such as companies that help us to market or advertise our products and services to you, as "sales”. We may “sell” or may have “sold” the following categories of personal information for valuable consideration in instances where we offer you financial incentives such as discounts and special offers when you provide us with contact information and identifiers such as your name and email address. When you sign up for our loyalty or professional programs, email list or other discounts and special offers, you opt-in to a financial incentive. You may withdraw from a financial incentive at any time by opting out from our emails or closing your loyalty or professional member account. Generally, we do not assign monetary or other value to personal information; however, California law requires that we assign such value in the context of financial incentives. In such context, the value of the personal information is related to the estimated cost of providing the relevant financial incentive(s) for which the information was collected.

Sharing Personal Data Within the Huda Beauty Group of Companies

Where appropriate, we may share your personal data between our Group of Companies to build a central record, keep the information we hold about you up to date (for example, you may be a Customer of more than one of our brands), tailor our communications with you and to run analytics and perform statistics. This includes sharing your profile.

Access within the Huda Beauty Group will always be controlled on a need-to-know basis to fulfil our contractual obligation with you (such as to refund you), or to allow us to perform any necessary or legitimate functions. This may include sending you marketing communications about other brands but only where we have marketing permission to do so.

We may also share your personal data in a pseudonymised way (which de-identifies all personal information about you so it is undetectavle) within the Huda Beauty Group of Companies to develop new products, marketing campaigns, including those located outside of your country, for research and innovation purposes.

Sharing Personal Data With Our Third-Party Service Providers

We only provide them with the information they need to perform the service they are providing. We require them to keep it secure and tell them not to use it for any other purpose. For example, we may trust third parties to deliver services that require the processing of your personal data as follows:

  • To provide digital and e-commerce services;
  • To review social media and public profiles as well as ratings and reviews;
  • To provide CRM, identity management, web analytics, and search engine tools;
  • To provide community platform management and User Generated Content curation tools;
  • As required to deliver a product to you, for example, postal/delivery services;
  • Payment service providers and credit reference agencies to assess your credit score and verify your details where this is a condition of entering into a contract with you;
  • Advertising, marketing, digital, and social media agencies to help us deliver advertising, marketing, and campaigns, to analyse their effectiveness, and to manage your contact details, questions, and our relationship;
  • Third parties that assist us with customer care, product queries, and complaints;
  • To provide us with IT services such as website hosting and platform management services; and/or
  • To help us provide training, seminars, and events, such as training providers, travel agencies, and event management companies.

We may also disclose your personal data to third parties beyond those that provide services to us, such as:

  • If we sell any or part of our business or assets, we may disclose your personal data to the prospective buyer of such business or assets. Your personal data will usually be processed by the buyer acting as the new controller, and its privacy policy will govern the processing of your personal data;
  • If we are under a duty to disclose or share your personal data to comply with a legal obligation, or in order to enforce or apply our terms of use/sales or other terms and conditions you have agreed to, or to protect the rights, property, or safety of Huda Beauty, our customers, or others; and/or
  • In other circumstances if we have your consent or we are permitted to do so by law.

Sharing Personal Data With Our Own Trusted Partners

Your information may be shared with our trusted parties if they are co-creating content with us for an event. We will each use your personal data for our own purposes and as such your personal data will be used by the partner acting also as a controller, and its privacy policy shall govern the use of your personal data for its purposes.

We may share your User Generated Content such as ratings and reviews with our partners so it may be displayed on their websites.

We may publish content created by third parties. Where we do this, the third party may place a cookie on your device if you read this content. Please consult the third party’s cookie policy or cookie consent management platform for details on what information they may gather from the cookie, and how it is used.

We may also share personal data to display Huda Beauty content (for example recommended products/services) on our partners’ sites where you have agreed to receive advertising that is tailored to you (either by accepting our or our partners’ cookies, or by agreeing to receive our marketing). Where you accept our cookies from our partners, they may store a cookie on your device so you should read their privacy and cookies policy or consult their cookie consent management platform. In the other cases, we only share data that does not directly identify you with our partners. Our partners will then determine which of our products/services to display to visitors of their websites.

When we use advertising services from Google on our websites, apps and/or devices, Google will access and use your personal data when we utilise their services. If you would like to learn more about how Google uses your personal data in this context, please review their Google Privacy & Terms available here.

All Meta features and services available on our websites, apps and/or devices are governed by Meta’s privacy and security information (available here). Please visit Meta’s Privacy Center here if you would like more information on your privacy rights and settings options.

  • When using any of our websites/apps and/or devices, you may be able to sign-in with your Facebook login. If you do so, you consent to share some of your public profile information with us.
  • Use the Meta social plug-ins (Instagram, Messenger, etc.), such as “like” or “share” to share our content, or your User Generated Content on the Meta platform.
  • Accept cookies from our websites/apps (also known as “Meta Pixels”). These types of cookies help us understand your activity including for example, information about your device, how you use our services, any purchases you make and the ads you see, whether or not you have a Facebook account or are logged into Facebook.

When you use any Meta features, we collect your data to help us to:

  • Show you ads you might be interested in on Meta or any of its other services (Instagram, Messenger etc.); and
  • Measure and analyse the effectiveness of our websites, apps and/or devices.

We may also use any personal data you provide us with on our websites, apps and/or devices (e.g. your name, email address, gender, and phone number), to identify you on Facebook or any of Meta’s other services (Instagram, Messenger etc.), in order to show you ads that are more relevant for you. While doing this, Meta will not share your personal data and will delete the information promptly after the matching process is complete.

We may publish content created by third parties. Where we do this, the third party may place a cookie on your device if you read this content. Please consult the third party’s cookie policy or cookie consent management platform for details on what information they may gather from the cookie, and how it is used.

We may also share personal data to display Huda Beauty content (for example recommended products/services) on our partners’ sites where you have agreed to receive advertising that is tailored to you (either by accepting our or our partners’ cookies, or by agreeing to receive our marketing). Where you accept our cookies from our partners, they may store a cookie on your device so you should read their privacy and cookies policy or consult their cookie consent management platform. In the other cases, we only share data that does not directly identify you with our partners. Our partners will then determine which of our products/services to display to visitors of their websites.

When we use advertising services from Google on our websites, apps and/or devices, Google will access and use your personal data when we utilise their services. If you would like to learn more about how Google uses your personal data in this context, please review their Google Privacy & Terms available here.

All Meta features and services available on our websites, apps and/or devices are governed by Meta’s privacy and security information (available here). Please visit Meta’s Privacy Center here if you would like more information on your privacy rights and settings options.

  • When using any of our websites/apps and/or devices, you may be able to:
    • sign-in with your Facebook login. If you do so, you consent to share some of your public profile information with us.
    • Use the Meta social plug-ins (Instagram, Messenger, etc.), such as “like” or “share” to share our content, or your User Generated Content on the Meta platform.
    • Accept cookies from our websites/apps (also known as “Meta Pixels”). These types of cookies help us understand your activity including for example, information about your device, how you use our services, any purchases you make and the ads you see, whether or not you have a Facebook account or are logged into Facebook.
  • When you use any Meta features, we collect your data to help us to:
    • Show you ads you might be interested in on Meta or any of its other services (Instagram, Messenger etc.); and
    • Measure and analyse the effectiveness of our websites, apps and/or devices.
  • We may also use any personal data you provide us with on our websites, apps and/or devices (e.g. your name, email address, gender, and phone number), to identify you on Facebook or any of Meta’s other services (Instagram, Messenger etc.), in order to show you ads that are more relevant for you. While doing this, Meta will not share your personal data and will delete the information promptly after the matching process is complete.

Where we store your personal data

The personal data that we collect from you may be transferred to, accessed in, and stored at a destination outside your home country. It may also be processed by staff operating outside your home country who work for us or for one of our service providers.

Where Huda Beauty transfers personal data outside of your home country, this will be done in a secure and lawful way. As some countries may not have laws governing the use and transfer of personal data, we will take steps to ensure that third parties adhere to the commitments set out in this Privacy Notice (e.g. reviewing their privacy and security standards and subjecting them to appropriate contractual obligations).

When we transfer your personal data outside of your home country, we:

  • review and/or enter into appropriate contracts (including adding the European Commission’s standard contractual clauses which may include the UK’s Addendum to the standard contractual clauses); or
  • rely on the applicable European Commission adequacy decision which finds the third country to which we may transfer your personal data offers an adequate level of data protection (copies of adequacy decisions available here).

For further information, please contact us as per the “Contact us” section below.

How long do we keep your personal data and how do we keep it secure?

We will keep your personal data for as long as we need it subject to the different use cases described above. For example, we retain certain personal data for the following periods:

  • For the duration of our contractual relationship and for a reasonable period after it ends in case of a query or claim;
  • Where you create an account, we keep your personal data until you request we delete it or after a period of inactivity (i.e., where you have not interacted with us for a period of time). This period is defined in accordance with local regulations and our internal operating procedures;
  • We keep User Generated Content for a reasonable period necessary to achieve the purpose we collected it for (e.g., for the duration of a campaign) and otherwise for a period defined in accordance with local regulations and guidance;
  • Where cookies are placed on your browser, they are stored for as long as necessary to achieve their purposes (e.g., statistics on your social media post) and otherwise for a period defined in accordance with local regulations and guidance.

We are committed to keeping your personal data secure and taking all reasonable steps to do so. We contractually require that trusted third parties who handle your personal data for us do the same. However, as no sharing of information via the Internet is completely secure, we cannot guarantee the security of your personal data transmitted to our site. Any sharing is therefore at your own risk.

Links to Third Party Sites and Social Accounts Used for Login Purposes

Our websites/apps may, from time to time, contain links to the websites of our partner networks, advertisers and/or affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you share any personal data with these websites.

We may also offer you the opportunity to use your social media login when interacting with our websites/apps. If you do so, please be aware that you will be sharing your social profile information with us. The personal data that is shared will depend on your social media platform settings. Please visit the relevant social media platform and review its privacy policy to understand how your personal data is shared and used in this context.

Social Media and User Generated Content

Some of our websites and apps allow users to submit their own content. Please remember that any content submitted to our social media platforms can be viewed by the public, and you should be cautious about providing certain personal data (e.g., financial information or address details). We are not responsible for any actions taken by other individuals if you post personal data on a social media platform or one of our websites (e.g., via a Community) and we recommend that you do not share such information.

YOUR RIGHTS AND CHOICES

+

Huda Beauty respects your right to privacy: it is important that you are able to control your personal data. You may have certain rights and choices over the personal data we collect from you. These rights may be limited depending on our rights as a business and/or the legal basis on which we use the data, but we will always explain where this is the case. We will take reasonable steps to verify your identity before granting access or making corrections to the information we hold about you. You may exercise these rights by contacting us using the details provided below.

Email Opt-Out

You can opt-out from our email marketing at any time by contacting us (see the ‘Contact Us’ section below). We will act on your request as quickly as we can, but it can take about 30 days to take effect due to system updates. We will add your email address to our opt-out list to make sure we continue to exclude you from future marketing communications.

Withdrawing Your Consent

You may also withdraw any consent you previously provided to us at any time by contacting us using the details provided below. This will not affect the lawfulness of our use of your personal data based on your consent before its withdrawal.

Reviewing, Correcting, Updating, Restricting, Objecting to Our Use of or Deleting Your Personal Data

You have the right to request access to and correction or erasure of the personal data we hold about you, or to request our use of this information to be restricted, as appropriate. You also have the right to object at any time to the use of your personal data for direct marketing purposes, including the profiling we do related to direct marketing and generating and maintaining your profile. Please note, if we cannot hold sufficient information in your profile or your account, we may have to reconsider how we engage with you, but we will always explain why.

These rights may be limited depending on our rights as a business and/or the legal basis on which we use the data, but we will always explain where this is the case.

Other Rights

You have the right to receive, in a structured, commonly used, and machine-readable format, the personal data that you have provided to us about you, with your consent or based on your contract with us. You also have the right to have this information transferred to another data controller, where it is technically feasible. You may exercise this right by contacting us using the details provided below. You may also lodge a complaint with a data protection authority about our use of your personal data, but we do ask that you contact us first and try to resolve any issues or causes for concern you may have.

How to Turn On/Off Cookies

The settings from the Internet browsers are usually programmed by default to accept cookies, but you can easily adjust them by changing the settings of your browser or, where available, by using the tools on our websites.

Many cookies are used to enhance the usability or functionality of a website; therefore, disabling some types of cookies may prevent you from using certain parts of our websites.

If you wish to manage your preferences regarding the cookies and other similar technologies that are set by our websites, you can navigate to the “Cookies Settings” link available in the footer of our websites or refer to the Help function within your browser to learn how to manage your settings within your browser. For more information, please consult the following link: https://www.aboutcookies.org/.

Changes to This Privacy Policy

+

We may make changes to this Privacy Notice from time to time. Changes may be due to, for example, amendments to applicable laws, regulations, and industry practices, or due to changes we make to our services. We encourage you to review our Privacy Notice to stay informed.

If we make material changes that may affect your rights, we may provide additional notice, such as via email or via a notice on our website. If you continue to use our services after we publish or send a notice about any changes to our Privacy Notice, it will mean that you have read and understood the updated Privacy Notice.

Contact Us for Further Privacy Related Information

+

If you have any questions or concerns about how we treat and use your personal data, or would like to exercise any of your rights as outlined above, please contact us at privacy@hudabeauty.com.