Box of style

PRIVACY POLICY

Last updated May 25, 2018

Introduction

This Privacy Policy applies to information that Zoe Media Group, LLC and its parent, subsidiary and affiliate entities worldwide (individually referred to herein as the “Rachel Zoe” or “the Company” or “we” or “us” or “our”) collects about you on or through BoxOfStyle.com or one of our other website, applications or other services from which you are accessing this Privacy Policy (each referred to herein as a “Site” and collectively, the “Sites”).

Box of Style, under Zoe Media Group, LLC, is a luxury subscription service delivered four times per year. Each season, the Box of Style contains fashion and beauty products from curated brands to create a cohesive look for our members to enjoy. In addition, we offer a marketplace for members to purchase additional products to be received with their Box of Style. Box of Style is an ongoing subscription service and each member acknowledges the activation of their subscription upon purchase.

This Privacy Policy describes how we collect such information, how we use it and to whom and under what circumstances we may disclose it. Personal Information includes, but is not limited to, your name, postal address, zip or postal code, email address, telephone number, date of birth, payment information, demographic information, details on items purchased, and other information you choose to provide us, and for purposes of the EU’s General Data Protection Regulation (GDPR), any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (“Personal Information”).The Personal Information we collect is stored and/or controlled by Rachel Zoe Creations, Inc. in Los Angeles, CA, USA and/or the relevant local corporate affiliate(s).

We may share and use your Personal Information with our parent, subsidiary and affiliate entities for use in connection with their websites, including www.thezoereport.com, and their services.  We may share your Personal Information with third parties for their direct marketing purposes as further described in our Information Disclosure and Your Choices/Your Privacy Rights sections below.  If Rachel Zoe becomes involved in a merger, acquisition, asset sale, or similar transaction, such as a sale of a particular product line or division of our business, Rachel Zoe may share or transfer your Personal Information in connection with the transaction and your Personal Information may become subject to the privacy policy of another entity.

Note: This statement applies solely to information collected at or through the Web Site. However, we will frequently link to other glamorous online destinations, so we advise you carefully review their respective privacy policies. Please be aware that Rachel Zoe is not responsible for the contents and the privacy practices of such other sites.

California Privacy Rights

Section 1798.83 of the California Civil Code provides that residents of California can obtain certain information about their personal information (as defined under Section 1798.83(e)(6) of the California Civil Code) that companies have shared with third parties for direct marketing purposes during the preceding calendar year, as well as the identity of those third parties. Personal information, as defined under the California Civil Code, includes, but is not limited to, data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller. To request a copy of your personal information maintained by us, please contact us at boxofstyle@thezoereport.com.

INFORMATION YOU PROVIDE TO US

In compliance with our mission statement to glamorize your internet and e-mail experience, Rachel Zoe collects Personal Information through the Web Site at several points.

For instance, to subscribe to Box of Style, we require your e-mail address and zip code. Rest-assured, Rachel Zoe does not collect any Personal Information that you do not expressly provide and will not sell, rent, or share your Personal Information to any third party for marketing purposes without your consent.

We (or our service providers) collect information from you when you: (1) purchase products from us on our Sites; (2) create an account with us (the “Account”), or otherwise sign up for a subscription, service or feature; (3) complete a survey; (4) participate in a sweepstakes, contest or other promotion; (5) communicate with us via third-party social media sites; (6) apply for a job with us; or (7) contact us, or otherwise communicate with us or provide information to us.

When you visit our Site, we also collect anonymous information such as your IP address or domain name to analyze Site traffic, but this information is not personally identifiable. We will use this information to help diagnose problems with our server, to administer our Site, or to display the content according to your preferences. Traffic and transaction information may also be shared with business partners and advertisers on an aggregate and anonymous basis. 

The special categories of Personal Information concerned are: Racial, Ethnic Origin, and Other

In some cases, you may provide information to us about another person, such as when you purchase a gift card for someone and request that we deliver it to that person, when you share Site content or send a message to a friend through a Site or otherwise, or when you decide to ship products you purchase to someone else. In such cases, you represent that you have the authorization of such person to provide us with such information.

We may combine your (and others’) information that we’ve collected from you (or others) with information we may receive from other sources, such as third-party social media platforms (e.g., when you choose to log in to our Sites through a third-party social media platform, subject to your actions and settings thereon), address update services and co-promotion partners. By accessing our Sites, you signify your consent to the above collection of your Personal Information.

When you are creating an Account for the first time on a Site with an email address that you have previously provided to us in another circumstance (e.g., when signing up for our emails, by entering one of our sweepstakes or other promotions), we may recognize that email address and, once you have completed the account set-up process, you may be able to see your contact information already included in your new online Account. This is happening because we have recognized your email address and, for your convenience, have added your information to your Account.

If you do not want us to collect your Personal Information, please do not provide it to us. You can update your information or change marketing and subscription settings by accessing your Account via the Site.  In addition, you can revoke your consent in accordance with the procedures set forth below. 

If you receive an email or other correspondence requesting that you provide any sensitive information (including your Site password or credit card information) via email or to a web site that does not seem to be affiliated with the Site, or that otherwise seems suspicious to you, please do not provide such information, and report such request to us at boxofstyle@thezoereport.com.

Site Information & Other Information Collected Automatically

As part of the standard operation of the Sites, certain information is collected automatically or passively from or about you in connection with your visit to the Sites. Our servers may automatically gather some of the Site Usage Information (as defined below), or we (or our service providers) may use cookies and other tracking technologies to collect and track such information.

Site Usage Information includes, but is not limited to: (i) your browser type, device type, carrier (if applicable), device address, operating system, operating system address, IP address and the domain name from which you accessed a Site; (ii) information about your region, continent, country, city, zip code, time zone, and general location; and (iii) information about your browsing activities on and through a Site (also known as “Click Stream” data), such as (a) the date and time you visit one of the Sites, (b) the areas or pages of a Site that you visit, (c) the amount of time you spend viewing a Site or specific areas of a Site, (d) the number of times you return to a Site or a specific area of a Site, (e) the web sites or pages you visited prior to visiting a Site, (f) the websites or pages you visit after you leave a Site; (g) searches you have performed on a Site and on other websites that led you to our Sites; (h) social plug-ins with which you have interacted on our Sites; and (j) other similar Site usage data (collectively, the “Site Usage Information”).

If you provide or connect your third-party account credentials to an account with our Site, some content and/or information in those accounts may be transmitted into your account with us. For example, when you connect with Facebook, we receive and collect your name, email address and profile photo.

We consider this Site Usage Information, on its own, to be non-personal in nature, unless required otherwise by applicable law. However, we may combine Site Usage Information about you with Personal Information about you, and we would consider the combined information to be “personally identifiable” or Personal Information for the purposes of this Privacy Policy.

Cookies and Other Tracking Technologies

We and our service providers may use cookies, pixel tags, web beacons, Adobe Flash Technology and other similar technologies, which allow us to, among other things, optimize our Sites and to understand traffic and usage patterns. Additionally, if the settings on your location-aware devise allow us to receive geo-location data or information, we may collect that information automatically.

A Cookie is a small data file that is sent to your web browser and placed on your computer or device when you access a website. Cookies allow parties (including us, our service providers and other) to: (i) track your activities on the Sites, (ii) track clicks, purchases and conversion; (iii) recognize your computer or device so that you are able to save your preference and stay logged in to the Sites without having to re-enter your Account credentials; (iv) deliver customized content, messages and advertising to you; (v) preserve the contents of your shopping cart; (vi) and otherwise enhance and personalize your experience on the Sites. If you do not want information collected through the use of cookies, most devices allow you to decline the use of cookies. We recommend that you leave cookies turned on because if you elect not to allow them, you may not be able to use or to enjoy all of the services and features of the Sites.

We may use Flash cookies and other similar technologies, which allow a website to store certain information locally on an individual’s computer or device and then access and use that information to enhance and facilitate certain Site experiences, processes and functionality. Flash cookies are different from other cookies and may not be removed in the same manner. More information about both kinds of cookies is available at www.allaboutcookies.org.

We also use web beacons (also known as “clear GIFs” or “pixel tags”) for similar purposes as cookies. These beacons are typically one-pixel images that are embedded in the Site or in a communication, such as an email message. These technologies help us to verify when a certain page of a Site is viewed, when a message is opened and when links or other content in a message are clicked or viewed.

We may use third party web analytics services, such as Google Analytics and Adobe services, to help us track and analyze the use of our Site and to measure the effectiveness of our advertising, Site content, and communications. These service providers’ tools, including, for example, cookies, tags and web beacons, help us to gain this understanding.

DO NOT TRACK

We currently do not participate in any “Do Not Track” frameworks that would allow us to respond to signals or other mechanisms from you regarding the collection of your information. We may engage third parties, such as marketing or analytics partners, who may collect information about your online activities over time and across different websites when you use our website.  To learn more about browser tracking signals and “Do Not Track,” please visit http://allaboutdnt.org.

THIRD PARTY ADVERTISING

Some of the window dressing appearing on our Site may be delivered to you by our Web advertising partner or partners. Information about your visit to a partner site or sites, such as number of times you have viewed an ad (but not your name, e-mail, or other Personal Information), is used to serve ads to you.

We also work with service providers and partner with advertising companies that use cookies, web beacons and other tools to collect information about your visits to and behavior on the Sites and other websites, and then use that information to deliver targeted advertisements to you across the Internet. The information collected and used in this manner is generally, on its own, anonymous and not personally identifiable.

INFORMATION USE

We may use the information we collect from and about you (including both Personal Information and Site Usage Information) for a variety of purposes, including but not limited to the following:

(i) To fulfill your requests for products and services and to keep you informed about your orders; (ii) to provide you with targeted offers and advertising on and at the Sites; (iii) subject to your communications preferences and, where required by applicable law, subject to your consent, to contact you (via postal mail, email and the like) with promotional materials about us, our products, our services and our events, as well as about select partners; (iv) to contact you when necessary or appropriate; where appropriate, for market research and to review and improve our merchandise selections, customer service, online and offline operations and overall shopping experience; (v) to protect the security or integrity of the Sites and our business; (vi) and otherwise, with your permission or as permitted by law.

If you provide us with information about another person (as described above in the “Information You Provide To Us” section), where permitted applicable by law, we use that information to fulfill your requests and treat such information in accordance with this Privacy Policy.

We (and our service providers) also analyze and use Site Usage Information and information collected through cookies, web beacons and other tracking technologies, alone and in combination with Personal Information, to assess the behavior of our users, to measure the interest in and use of the Sites and communications, and to customize the Sites and our communications with you. We do this both on an individual basis and in the aggregate.

This table shows you a description of all the ways we plan to use personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

PAYMENT CARD INFORMATION

To use certain aspects of our e-commerce Services, such as subscribing to our membership services, we may require credit or debit card account information. By submitting your credit or debit card account information through the Services, you expressly consent to the sharing of your information with third party merchants, subscription and billing processors, and payment processors. These third parties may store your credit or debit card account information so you can use our Services in the future. We do not have your complete credit or debit card account information, store your credit or debit card account information, or have direct control over or responsibility for your credit or debit card account information. While we require that such third party merchants, subscription and billing processors, and payment processors use reasonable procedures to help protect your credit or debit card information, we cannot guarantee that transmissions of your credit or debit card account information or Personal Information will always be secure or that unauthorized third parties will never be able to defeat the security measures taken by us or our third-party service providers. We assume no liability or responsibility for disclosure of your information due to errors in transmission, unauthorized third-party access, or other causes beyond our control.

INFORMATION DISCLOSURE

We may disclose information we collect (including Site Usage Information and Personal Information) in the following ways to third parties, to the extent permitted by law:

  • To our service providers and suppliers, who collect or use such information for us or on our behalf (such as website or database hosting companies, address list hosting companies, email service providers, analytics companies, distribution companies, fulfillment companies, and other similar entities that help us to operate the Site and/or provide functionality, content and services);
  • The Rachel Zoe companies and affiliated entities;
  • Auditors and professional advisers like bankers, lawyers, accountants and insurers;
  • As necessary, if we believe that there has been a violation of the Sites’ Terms of Use or any other policy of the Sites, or if we have reason to believe that our rights or property, or the rights or property of any third party, may be or have been harmed;
  • To respond to subpoenas or other judicial processes, or to provide information as requested by law;
  • In the event that Rachel Zoe or substantially all of its assets are acquired by one or more third parties as a result of an acquisition, merger, sale, consolidation, bankruptcy, liquidation or other similar corporate reorganization, where your information may be one of the transferred assets;
  • To third party marketers, as permitted by law;
  • When you contribute to a social, community or other publicly available area or feature of the Sites, the information and content that you post may be made available to the general public, depending on your settings (which is why we recommend that you do not submit or post any sensitive Personal Information, such as your full name, home address, phone number or other information that would enable others to contact or locate you); and
  • As otherwise, with your permission or as permitted by law.

Content and information that you submit on or through Facebook, Twitter, Instagram, Tumblr and other third-party platforms may appear on the Site through feeds from and other interfaces with those platforms. We are not responsible for the information, content and/or privacy practices of any such third-party platforms.

We may also share data with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.

YOUR CHOICES / YOUR PRIVACY RIGHTS / HOW TO UNSUBSCRIBE

If you would like to opt out of receiving direct mail from us, please contact us at boxofstyle@thezoereport.com. Please understand that if you opt out of receiving promotional correspondence from us, we may still contact you in connection with your Account, relationship, activities, transactions and communications with us.

If you would like to opt out of receiving promotional emails from us, please follow the unsubscribe instructions located in each such email or contact us at boxofstyle@thezoereport.com. Please understand that if you opt out of receiving promotional correspondence from us, we may still contact you in connection with your Account, relationship, activities, transactions and communications with us.

If you would prefer that we not share your Personal Information with third-party marketers, please contact us at boxofstyle@thezoereport.com. Please understand that if you do request that we stop sharing your Personal Information with third parties for their direct marketing purposes, such request will only apply as of the date of your request, and we will not be responsible for any communications that you may receive from third parties that received your Personal Information prior to that request. In these cases, please opt out from or contact the third party directly.

Consent

By consenting to this privacy notice you are giving us permission to process your Personal Information specifically for the purposes identified.

Where we are asking you for sensitive Personal Information we will always tell you why and how the information will be used.

You may withdraw consent at any time by contact us at boxofstyle@thezoereport.com.  We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Maintenance and Processing of Information in the U.S. and Other Countries

Your personal and other information may be stored, transferred and processed in and to the United States. By providing Personal Information to us, you consent to the collection, maintenance, processing and transfer of such information in and to the United States and other countries and territories, pursuant to the laws of the United States or such other jurisdictions, which may provide lesser privacy protection than the laws of other countries, and you acknowledge that your information may thus be subject to U.S. laws and accessible to the U.S. government, courts, law enforcement and regulatory agencies.

Access to Your Personal Information

At any point while we are in possession of or processing your Personal Information, you, the data subject, have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: in the event that Rachel Zoe refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below.

All of the above requests will be forwarded on should there be a third party involved in the processing of your Personal Information.

Security

We have implemented measures in an effort to safeguard the Personal Information in our custody and control. Such measures include, for example, limiting access to Personal Information only to employees and authorized service providers who need to know such information for the purposes described in this Privacy Policy, as well as other administrative, technical and physical safeguards. Additionally, our service providers are not authorized to use or disclose your Personal Information for any purpose other than providing the services to us or on our behalf, or as otherwise may be required by applicable law. While we endeavor to always protect our systems, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others, such as hackers.

To provide you with increased security, access to certain Personal Information stored in your Account is protected with your username and password. You are responsible for maintaining the confidentiality of your Account credentials, and we strongly recommend that you do not disclose your account username or password to anyone. We will never ask you for your password in any unsolicited communication. Please notify us immediately of any unauthorized use of your Account credentials or any other suspected breach of security.

Children’s Privacy

The Sites are not directed to children under the age of thirteen (13). If you are under thirteen (13), do not provide your Personal Information on or to the Site. We do not knowingly collect on the Sites any Personal Information from children under thirteen (13). Users outside of the United States who are below the age of eighteen (18) (or the age of the majority in the applicable jurisdiction) should not use the Sites without authorization from a parent or legal guardian.  If a parent or guardian becomes aware of his or her child has provided us with Personal Information without their consent, please contact us at: boxofstyle@thezoereport.com.

Third-Party Websites

The Sites may contain links (which may take the form of hyperlinks, widgets, clickable logos, plug-ins, images or banners) to websites and services operated by entities other than us. This Privacy Policy does not apply to such websites or services, so we recommend that you review their posted privacy policies so that you understand the relevant information collection, use and disclosure practices.

Changes to This Privacy Policy

We may change this Privacy Policy from time to time and the amended policy will be posted to the Sites. We reserve the right to update, change, amend or modify this Policy at any time and from time to time without prior notice. When we post changes to this Privacy Policy, we will revise the “Last Updated” date at the top of the Privacy Policy. Your continued use of the Sites after any changes or revisions to this Privacy Policy become effective shall indicate your agreement with the terms of such revised and then-current Privacy Policy.

Retention

We will process Personal Information for twelve years and will store the Personal Information for those twelve years, based on the renewal term of three successive annual memberships.

How We Use the Personal Information Collected About You

We will process (collect, store and use) the information you provide in a manner compatible with the GDPR. We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary. Rachel Zoe is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of Personal Information should be kept may also be governed by specific business-sector requirements and agreed practices.  Personal Information may be held in addition to these periods depending on individual business needs.

How To Find Out Personal Information Held By Rachel Zoe

Rachel Zoe at your request, can confirm what information we hold about you and how it is processed. If Rachel Zoe does hold Personal Information about you, you can request the following information:

  • Identity and the contact details of the person or organization that has determined how and why to process your data. In some cases, this will be a representative in the EU.
  • Contact details of the data protection officer, where applicable.
  • The purpose of the processing as well as the legal basis for processing.
  • If the processing is based on the legitimate interests of Rachel Zoe or a third party, information about those interests.
  • The categories of Personal Information collected, stored and processed.
  • Recipient(s) or categories of recipients that the data is/will be disclosed to.
  • If we intend to transfer the Personal Information to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending Personal Information to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
  • How long the data will be stored.
  • Details of your rights to correct, erase, restrict or object to such processing.
  • Information about your right to withdraw consent at any time.
  • How to lodge a complaint with the supervisory authority.
  • Whether the provision of Personal Information is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the Personal Information and the possible consequences of failing to provide such data.
  • The source of Personal Information if it wasn’t collected directly from you.
  • Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.

Rachel Zoe accepts the following forms of ID when information on your personal data is requested: Passport, Driver’s License, or other valid photo ID.

Complaint

In the event that you wish to make a complaint about how your Personal Information is being processed by Rachel Zoe or third parties, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Rachel Zoe’s data protection representatives Data Protection Officer (DPO).

To contact our Data Protection Officer:

Email: dataprotection@zoemg.com

Write
Data Protection Officer

8380 Melrose Ave., 3rd Floor

Los Angeles, CA 90069

Dispute Resolution/Arbitration

By using the Sites, you agree that any dispute in any manner arising out of or relating in any way to the Privacy Policy, shall be submitted to binding arbitration with Judicial Arbitration and Mediation Services, Inc. (“JAMS”) pursuant to JAMS’ arbitration rules, held before a single neutral arbitrator in the Los Angeles, California area. The parties to arbitration may use legal counsel at their own expense, and the prevailing party shall be entitled to its reasonable attorney’s fees. All costs of arbitration (including arbitrator fees) shall be paid by Rachel Zoe, except only that if you bring the arbitration, you may be charged an initial filing fee that shall not exceed the filing fees that you would incur for bringing an action in court. This provision will not affect any claimant’s rights to seek relief from small claims court. Claims brought on behalf of or allegedly representing or including other persons or entities, including but not limited to any class, consolidated, representative, collective or private attorney general action, shall be a “Class Action.” Notwithstanding anything else in the Privacy Policy or the JAMS rules, any parties subject to this arbitration provision shall be barred from bringing or participating in any Class Action related to a dispute covered by this arbitration provision. However, if these Class Action restriction are ever deemed illegal or unenforceable, they shall be severed from this arbitration provision. In that event, any Class Action shall by exempted from this arbitration provision and brought in court. This arbitration provision is subject to the Federal Arbitration Act, and may be enforced in any court of competent jurisdiction.

Contact Us

If you have any questions about this Privacy Policy, please contact us via email at boxofstyle@thezoereport.com.