Privacy Policy

This Privacy Policy was last updated [December 2019].

Protecting your personal information is important to Lush Internet Inc. and its related parties and affiliates doing business as Lush or Lush Fresh Handmade Cosmetics (“Lush”, “we”, “our” or “us”). We strive to maintain our customers’ trust. 

When does this Privacy Policy apply?
This Privacy Policy explains our practices in collecting, using and disclosing your personal information in the course of operating our business in Canada and/or the United States, including at our retail stores, online through Lush’s websites www.lush.cawww.lush.com and mobile applications (collectively, “Websites”), our social media accounts, and in other ways you engage with us.

For your convenience, the Websites may contain links to other sites and advertisements that are not controlled or operated by Lush. This Privacy Policy does not apply to those sites or advertisements. We are not responsible for, and this Privacy Policy does not apply to, the privacy practices or policies of other websites or third parties. Lush encourages you to review the privacy policies of any third parties before disclosing your personal information to such parties or when visiting such third party websites.

What We Collect
 

The types of information we collect depend on the nature of your interaction with us. We may collect personal information such as:
 

  • contact information such as your name, billing address, shipping address, telephone number, email address;
     
  • account information such as username, password; 
     
  • order and refund history;
     
  • payment information such as method of payment, credit and debit card information, amount paid, signature;
     
  • demographic information such as age, language preferences and other demographic information;
     
  • information about your interests and preferences such as wish lists and marketing consent; 
     
  • information about the devices you use to shop online;
     
  • certain information and data that may be collected when you visit a Website, such as pages viewed, your IP address, browser information, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, connection speed, read time, display time, and number of clicks, cookies and other online identifiers, or information collected when you interact with us on social media sites or through our electronic communications such as e-newsletters;
     
  • your image with cameras used in our stores to track store traffic or otherwise administer our loss prevention program and promote security; and
     
  • certain personal information contained in a resume, cover letter or similar employment-related materials, or any applicable pre-screening questions, if you apply for an employment opportunity with us.
     

You may choose not to provide us with your personal information. However, if you make this choice we may not be able to provide you with the product, service, or information that you requested. 
 

In some cases, such as when you ask us to ship an order or you purchase a gift or gift certificate, we may collect information about someone other than you, such as the name, address, telephone number and email address of the recipient. You represent and warrant that you have the right and authority or have obtained all necessary consents to provide any information, including personal information of another individual, that is provided by you to Lush.
 

How We Collect Your Personal Information
 

We collect personal information from you in a variety of ways when you interact with Lush. Some examples include but are not limited to situations when you:
 

  • create an account on our Website;
     
  • order, purchase, exchange, return, or cancel an order for, any of our products or services, whether through a Website or in our retail stores;
     
  • contact us, make an inquiry about any of our products or services or otherwise request information or assistance from us;
     
  • communicate with our customer service representatives;
     
  • sign up to receive catalogs and/or emails and information about new and limited edition products, special offers, events or other news;
     
  • register and participate in our customer forums or other programs;
     
  • provide feedback or make other submissions to Lush;
     
  • participate in a contest, sweepstake or other promotions;
     
  • participate in or respond to consumer survey or requests for consumer opinions, concerns or preferences regarding our products and services;
     
  • apply for employment with Lush;
     
  • engage with us on social media; or
     
  • use features of a Website that may be offered from time to time and may require such information in order to use the feature (including but not limited to submitting user-generated content as described in the Terms of Use).
     

How We Use Your Personal Information
 

Lush uses your personal information to offer and provide products and services (including to confirm, process and track orders, shipping, payment, etc.), manage our relationship with you, verify your identity and address, carry on our business operations and as may otherwise be required or permitted by law or described in this Privacy Policy. Some examples of how we may use your personal information include (without limitation):
 

  •  to develop, enhance, improve, personalize, market, sell, or otherwise provide products, services or information;
     
  • to administer your account;
     
  • to conduct commercial transactions including to process and administer purchases, exchanges, returns or other transactions that you may engage in with Lush, including at our stores or through our Websites, and to communicate with you about those transactions;
     
  • to contact you and respond to any requests or other communications that you may have had with us, including claims or requests for customer service;
     
  • to provide you with catalogs and emails about products, special offers, events or other news (more information regarding our use of your email address is provided below in the section regarding “E-Newsletters and other Electronic Communications”);
     
  • to conduct and administer surveys and contests, sweepstakes and other promotions in which you have participated;
     
  • to summarize in an aggregate format for statistical and research purposes, including, without limitation, to provide portions of this aggregated information to vendors, service providers or consultants to, for example, gauge the level of interest in our Websites, advertising campaigns and electronic communications, plan for Website infrastructure improvements and/or plan and evaluate marketing initiatives;
     
  • to perform data analysis and help us improve and customize our product and service offerings, Websites and customers’ experience;
     
  • to troubleshoot problems with the Websites;
     
  • to enforce our Terms of Use or comply with this Privacy Policy;
     
  • to protect the security and integrity of our Websites and our business;
     
  • to detect and protect against error, theft, fraud and other illegal activity and to otherwise administer our loss prevention program;
     
  • to process and respond to applications for employment; and
     
  • to comply with any legal or regulatory requirements.
     

From time to time we may supplement information you give us with information from other sources, such as information validating your address or other information you have provided to us. This is to help us maintain the accuracy of the information we collect and to help us provide better service.
 

E-Newsletters and other Electronic Communications
 

In certain circumstances, for example, if you sign-up or are subscribed to receive such information, we may send you communications about our products, services, special offers, events, new website features, changes to this Privacy Policy or other terms and conditions, changes to any of our programs in which you might be enrolled, or other news. 
 

You can change your preferences or opt to not receive email marketing communications from us by clicking the unsubscribe link in any email communication from us, or by contacting us using the contact information in the section below regarding “How to Contact our Privacy Officer”. Please allow up to ten (10) days for your preferences to be processed. Even if you opt out of receiving email marketing messages, we may still contact you by email for transactional or account-related purposes like confirming or following up on a purchase, order or service request, responding to customer service inquiries, or notifying you of product recall information.
 

Cookies and Similar Technologies
 

We may use tracking tools like cookies, web beacons and pixel tags that collect data while you browse and maintain a record of your visit. These technologies help us improve the Websites and deliver more personalized service based on your online behavior. We also use cookies to assist with anonymous site traffic analysis, which includes tracking the time/date of visits, pages viewed, and referring URLs. 
 

Most web browsers automatically accept cookies. If you would prefer to prevent your device from accepting our cookies, you may follow your internet browser’s steps for doing so on each device you use. Please note, however, that if you do disable cookies, you may not be able to shop on or access certain sections of our Websites. Also, your mobile device may not give you the ability to control cookies. If you wish to block cookies on our mobile applications, you will need to delete the application from your mobile device. 
 

How We Disclose Your Personal Information
 

Lush does not sell or rent our customers’ personal information to any third party. However, in the normal course of business we may share some of your personal information with our related parties and affiliates and with third parties acting on our behalf or as permitted or required by applicable law.
 

Related Parties and Affiliates
 

We may share personal information that we collect within our affiliated group of companies for the purposes identified in this Privacy Policy.
 

Service Providers
 

We may disclose or otherwise make available personal information to third party service providers for processing or other purposes that support or facilitate our business operations or provide services on our behalf, such as for shipping, payment card processing, supporting the content, operation and maintenance of our Websites, facilitating and collecting customer reviews, and conducting surveys, contests, sweepstakes and other promotions. We contractually require all such service providers to keep your information confidential and secure, and to have privacy policies and practices with respect to personal information that are comparable to ours.
 

Sale of Business
 

Lush may disclose personal information we have about you in connection with a potential or actual purchase, sale, lease, merger, amalgamation or other type of acquisition, disposition or financing of all or part of our business or assets.
 

Legal Disclosure
 

Lush may disclose your personal information as required or permitted by law, including, without limitation, to comply with a subpoena, warrant or other legally valid inquiry or order or applicable law, or to report improper or unlawful activity.
 

Consent
 

By submitting personal information to Lush or its service providers, you agree that Lush may collect your personal information and you consent to the use and disclosure of your personal information in accordance with this Privacy Policy and as permitted or required by law.
 

Storage, Retention and Security of Your Personal Information
 

Storage
 

Our related parties and affiliates and third party service providers may be located outside of Canada or the United States and this may result in personal information collected by Lush being stored or processed outside of Canada or the United States and, as a result, your personal information may be accessible to law enforcement, courts and regulatory authorities in accordance with the laws of such foreign jurisdictions.
 

Retention
 

Lush will retain personal information for as long as necessary for the purposes identified, or as otherwise required or permitted by law. Lush has retention standards to satisfy legal requirements, including to destroy, erase or render anonymous personal information that is no longer required for the purposes identified or as otherwise required by law.
 

Security
 

Lush takes reasonable steps to protect personal information in our control against loss, theft, and unauthorized access, disclosure or misuse with administrative, technical and physical safeguards appropriate to the sensitivity of the personal information.
 

Unfortunately, despite these efforts, no security measures are perfect and hackers and other malicious actors may attempt to intercept or access the personal information described in this Privacy Policy. If you have any reason to believe that your account, transaction or information is no longer secure, please contact us using the contact information in the section below regarding “How to Contact our Privacy Officer”. In the wrong hands, your personal information could be used to commit identity theft, steal from you, or cause you other harms. It may also reveal information about your spending habits and other sensitive personal attributes.
 

Internet or wireless communications are never completely private or secure and there is always a risk that any messages or information you send to or through a website or by email may be intercepted by others.
 

If you create an account on a Website, you will need to set a password to access your online account. We strongly recommend that you set a strong password including a combination of letters (including a mix of upper and lower case), numbers and special characters, and do not disclose your password to anyone. Lush will never ask you for your password in any unsolicited communication (including unsolicited correspondence such as letters, phone calls or email messages).
 

You should also be aware that certain aspects of the Websites are not confidential and are available for public viewing. For example, any submissions that you post to any publicly available online forum or blogs or other publicly available features of the Websites are not confidential and may be viewed by other users of the Websites. By making personal information publicly available where the Websites allow you to do so, you consent to such publication by Lush or its service providers. Please refer to the Terms of Use for additional provisions relating to user submissions that may apply to you.
 

Accuracy of Personal Information and Your Privacy Preferences
 

If any of your personal information in our records is inaccurate or incomplete, we will amend that information at your request, subject to any exceptions prescribed by law. Requests for correction of your personal information should be directed to the Lush Privacy Officer using the contact information set out below in the section regarding “How to Contact our Privacy Officer”. 
 

If you created an account on one of our Websites, you can access and change your online account profile yourself. If you are not a registered Website user, you can contact us to update your information using the contact information in the section below regarding “How to Contact our Privacy Officer”.
 

Access to Personal Information
 

At your request, we will provide you a statement outlining the personal information we have about you in our records and how that information has been used or disclosed by us. You may also request access to your personal information in our custody or control. In order to verify that the information is being released to the proper individual, you may be asked to provide suitable identification or to otherwise identify yourself. In certain circumstances, access to personal information may be denied. If we deny your request for access, we will advise you of the reason for the refusal. Requests for access should be directed to the Lush Privacy Officer using the contact information set out below in the section regarding “How to Contact our Privacy Officer”.
 

Changes to this Privacy Policy
 

Lush may revise this Privacy Policy at any time and from time to time. The revised Privacy Policy will be posted to the Website. We will provide additional notice of any material changes to our Privacy Policy. We encourage you to check this Privacy Policy regularly for changes. 
 

How to Contact our Privacy Officer
 

If you have any questions, comments or concerns about this Privacy Policy or our privacy practices, please contact Lush’s Privacy Officer using the contact information below. All complaints will be investigated. 
 

In Canada and the USA:
 

Lush Fresh Handmade Cosmetics
 

8680 Cambie Street, Vancouver, British Columbia, Canada V6M 6P9
 

Attention: Privacy Officer
 

customercare@lush.com
 

1-888-733-5874

For additional information regarding the use of our website please see our Terms of Use posted on the website.