Privacy policy

PRIVACY POLICY

Last Modified: October 27, 2025

1. INTRODUCTION

Fitria Beauty LLC, a California limited liability company (“Company”, “we”, or “us”), respects your privacy and we are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit our website or mobile application, use any of our products or services, shop in our online store, or when you interact with us, including email and electronic communications and social media channels (collectively, the “Sites”), and describes our practices for collecting, using, maintaining, protecting, and disclosing that information. Company is the data controller for information processed through this Sites.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, do not use our Sites. By accessing or using our Sites, you agree to this privacy policy. This policy may change from time to time (see Section 10, Changes to our Privacy Policy). Your continued use of the Sites after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

2. INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT

We collect several types of information from and about users of our Sites, including information: (i) by which you may be personally identified, such as name, postal address, e-mail address, telephone number, or any other identifier by which you may be contacted online or offline (“personal data”); (ii) that is about you but individually does not identify you; and/or (iii) about your internet connection, the equipment you use to access our Sites and usage details.

We collect this information: (i) directly from you when you provide it to us; (ii) automatically as you navigate through the site, which include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies; and (iii) from third parties, for example, our business partners.

2.1. Information You Provide to Us. The personal data we collect on or through our Sites may include:

• Account and Contact Information. When you create an account or make a purchase, you provide us with information such as your name, username, password, address, email, and phone number.

• Purchasing Data. When you make a purchase through our Sites, you will provide payment information, including credit card or debit card information and information about the payment methods and services you use in connection with the Sites. We will also collect details about what was purchased, the date of purchase, and the price.

• Reviews. If you choose to review a products, you may provide information in that review and you may be able to upload photographs and videos.

• Marketing. If you choose to participate in contests, promotions, events, surveys, market studies, or campaigns sponsored by us, you will provide us with information to process your participation and your responses.

• Customer Support. When you contact us, you provide us with information to support your inquiry. If you contact us, we will also keep records and copies of your correspondence (including email addresses).

2.2. Information We Collect Through Automatic Data Collection Technologies. As you navigate through and interact with our Sites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:

• Usage Details. Details of your visits to our Sites, including traffic data, location data, logs, and other communication data and how you interact with the services and other users, including features you use, actions taken, and ads you interact with.

• Device Information. Information about your device, including your IP address, device identifiers, operating system, browser type and settings, and app crashes.

• Cookies and Similar Technology. When you access or use our Sites, we may collect personal data from you automatically by using cookies or similar technology. For more information about cookies and your choices, see Section 3, Cookies and Similar Online Tracking Technologies.

2.3. Information We May Received from Third Parties. We may collect additional information about you from others such as affiliates, other companies, third-party websites, and/or sources providing publicly available information to help us provide services to you, help prevent fraud, and for marketing and advertising purposes.

3. COOKIES AND SIMILAR ONLINE TRACKING TECHNOLOGIES

We, along with our third-party partners and service providers, such as advertising networks, analytics providers, and social media platforms, use a variety of online tracking technologies, including pixels, web beacons, software development kits (SDKs), third-party libraries, cookies, and similar tools (collectively, “online tracking technologies”) to collect information when you interact with our Sites or with our email communications.

Some of these technologies are essential for ensuring the security and functionality of our Sites, such as helping to prevent crashes, fix bugs, maintain your account security, store your preferences, and support core site features.

We also allow certain third parties and service providers to use online tracking technologies on our Sites for analytics and advertising purposes. This includes serving and managing ads, tailoring advertisements based on your interests, and sending reminders, such as for abandoned shopping carts, based on your communication preferences. These third parties may display interest-based ads on our Sites, across the web, or in our emails using their own tracking tools.

To the extent that the use of these technologies constitutes a “sale” or “sharing” of personal information under applicable U.S. state privacy laws (including the use of data for cross-context behavioral or targeted advertising), you may opt out by submitting a request to info@fitriabeauty.com. Please note that opting out may impact certain features or functionality of the Sites.

To specifically opt out of Google Analytics, you may visit tools.google.com/dlpage/gaoptout or download the Google Analytics Opt-out Browser Add-on. You can also manage your Google ad settings at adssettings.google.com.

4. HOW AND WHY WE USE YOUR INFORMATION

We use information that we collect about you or that you provide to us, including any personal data, primarily to deliver our Sites and improve them over time. We will use this information:

• To provide you with the Sites and any contents, features, information, products, or services that we make available through the Sites.

• To fulfill and manage subscriptions, purchases, and payments.

• To provide you with information, products, or services that you request from us.

• To fulfill any other purpose for which you provide it.

• To provide you with notices about your account or subscriptions, including expiration and renewal notices.

• To improve our Sites, including by analyzing your information and creating aggregated data derived from your information, to develop, maintain, analyze, improve, optimize, measure, and report on our Sites and their features and how users interact with them.

• To carry out our obligations and enforce our rights arising from any contracts entered into between you and us.

• To promote our Sites, business, and offerings by publishing advertising on our own Sites and by placing ads on third parties’ services.

• To notify you when updates to any of the Sites are available and about changes to any products or services we offer or provide through them.

• To comply with our legal and regulatory obligations.

• To help us quickly and efficiently respond to inquiries and requests.

• To resolve disputes, troubleshoot problems, and enforce our Terms of Service.

• To allow you to participate in interactive features on our Sites.

• In any other way we may describe when you provide the information.

• For any other purpose with your consent.

The usage information we collect, whether connected to your personal data or not, helps us improve our Sites and deliver a better and more personalized experience by enabling us to:

• Estimate our audience sizes and usage patterns.

• Store information about your preferences, allowing us to customize the Sites according to your individual needs and interests.

• Speed up your searches.

• Recognize you when you return to our Sites.

We may also use your information to contact you about goods and services that may be of interest to you. If you do not want us to use your information in this way, please adjust your user preferences in your account profile. For more information, see Section 6, Choices About How We Use and Disclose Your Information.

5. DISCLOSURE OF YOUR INFORMATION

We may disclose personal data that we collect or you provide as disclosed at the time you provide it, as set forth in this privacy policy, and in the following circumstances:

• Other Members. You share your personal data with other customers when you voluntarily disclose information on or through the Sites, including by posting reviews.

• Third-Party Service Providers. We share your information with trusted service providers who help us operate, promote, and improve our Sites. They provide services such as processing payments, managing data, supporting customers, marketing, hosting, advertising, legal support, and security. They can only use your personal information to provide these services for us. The type of information we share to these service providers depends on the service or function they are providing and can include any personal data discussed in this privacy policy.

• Subsidiaries and Affiliates. We may share your personal data with our subsidiaries and affiliates. Our subsidiaries and affiliates will use and distribute your information in accordance with the terms of this privacy policy. We may share this information to make the Sites safer, provide each other with services, and to improve the Sites.

• Business Transfers. We may transfer your personal data to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data held by Company about our Sites users is among the assets transferred. The types of personal data shared will be determined by the type of corporate transaction, and it may include all personal data, or a subset of it.

• Legal and Administrative. We may disclose your Information when required by law or to comply with a court order, subpoena, search warrant or other legal process or as part of any internal or external audit, investigation or inquiry, or to establish, exercise or defend legal claims, or other legitimate business need, including protecting the safety of any person, addressing fraud or security issues, or protecting a person’s rights or property. The type of personal data shared will depend on the specific circumstances or request, and can include any persona data discussed in this privacy policy.

• Aggregated Information. We may share aggregated information about our users, or data that cannot be linked to any individual, without any restrictions.

6. CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION

6.1. Your Rights. We strive to provide you with choices regarding the personal data you provide to us. You generally have the following rights regarding your personal data, depending on the specific circumstances and where you live, you may not have the same rights.

• Right to know. Your right to know what personal data we collect, use, and share your personal data.

• Right to access. Your right to request a copy of the personal data we hold about you.

• Right to rectify. Your right to correct or update any inaccurate or incomplete personal data.

• Right to erase. Your right to request that we delete your personal data.

• Right to restrict or object. Your right to ask us to limit the way we use your personal data or object to processing of your personal data in certain situations.

• Right to data portability. Your right to receive your personal data from us in a format that it can be easily transferred to another location.

• Rights related to automated decision-making. Your right not to be subject to a decision based solely on automated processing, including profiling, that produces legal or similarly significant effects.

• Right to withdraw consent. Your right to withdraw consent you’ve provided us to process your personal data for a specific purpose.

• Right to complain. Your right to contact a data protection authority if you have concerns about how we handle your personal data.

6.2. How to Exercise Your Rights. You may exercise your rights or request more information by emailing us at info@fitriabeauty.com. To protect you and others, we may ask you for specific information to help us confirm your identity before we answer your request.

7. CALIFORNIA PRIVACY NOTICE FOR CALIFORNIA RESIDENTS

This notice supplements the information contained in this privacy policy and applies only to California residents.

This California Privacy Notice sets forth the disclosures and rights for California residents regarding their personal data, as required by the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively “CCPA”), and supplements the information in the rest of this privacy policy. Any terms defined in the CCPA have the same meaning when used in this policy.

The Company is collection your personal data to support its business operations, including to offer you the Sites and fulfil your requests to use and access the Sites, and as more fully described in this privacy policy.

7.1. Personal Information we Collect.

We collect and information that identifies, relates to, describes, references, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household, or device (“personal information”). CCPA personal data does not include:

• Publicly available information from government records.

• Deidentified or aggregated consumer information.

• Information excluded from the CCPA’s scope, like:

- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA), clinical trial data, or other qualifying research data;

- personal data covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.

7.2. Personal Information Categories Chart. The chart below identifies which categories of personal information we collected from our consumers, the sources of collection, categories of third parties with whom we disclosed the personal information for a business purpose, and the business purposes for with the personal information was collected, within the last 12 months. Note: The categories of data below stem from a statutory list set forth under the CCPA, and not all categories will be relevant to you.

Category Sources of Collection Disclosures Business Purpose

Identifiers:

A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.

From you (e.g. when you create an account or make a purchase).

From our partners and affiliates. Other customers as part of our services, for example if you leave a review.

Our affiliates.

Our payment processors.

Service providers who assist us in for a business purpose. Performing services (e.g. customer service, fulfilling transactions, verifying customer information, payment processing, advertising and marketing, analytics, storage, security, or similar services.

Managing our relationships with vendors and consultants.

Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (“California Customer Records”):

A name, signature, Social Security number, physical characteristics or description, photograph, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, membership in professional organizations, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.

Some personal information included in this category may overlap with other categories. From you.

From our affiliates. Other users as part of our services.

Our affiliates.

Our payment processors.

Managing our relationships with vendors and consultants.

Protected classification characteristics under California or federal law (“Protected Classes”):

Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, reproductive health decisionmaking, military and veteran status, or genetic information (including familial genetic information). From you.

From consumer reporting agencies.

From our affiliates.

Other users as part of our services.

Our affiliates.

Our payment processors.

Managing our relationships with vendors and consultants.

Commercial information:

Records of personal property, products, or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. From you. Our payment service providers.

Managing our relationships with vendors and consultants.

Biometric information:

Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. N/A N/A N/A

Internet or other similar network activity:

Activity on our websites, mobile apps, or other digital systems, such as internet browsing history, search history, system usage, electronic communications with us, postings on our social media sites. From you.

From users of our services.

From our partners and affiliates. Service providers who assist us in for a business purpose Performing services (e.g. customer service, fulfilling transactions, verifying customer information, payment processing, advertising and marketing, analytics, storage, security, or similar services.

Managing our relationships with vendors and consultants.

Geolocation data:

Physical location or movements, and GPS location data from mobile devices of consumers who visit our websites or use our mobile apps. From your device (if you choose to share it) Service providers who assist us in for a business purpose Performing services (e.g. customer service, fulfilling transactions, verifying customer information, payment processing, advertising and marketing, analytics, storage, security, or similar services.

Managing our relationships with vendors and consultants.

Sensory data:

Audio, electronic, visual, thermal, olfactory, or similar information. N/A N/A N/A

Professional or employment-related information:

Current or past job history N/A N/A N/A

Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) (“FERPA Information”):

Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. N/A N/A N/A

Inferences drawn from other personal information:

Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. From data you share. Other uses as part of our Sites.

Our affiliates.

Our payment processors.

Managing our relationships with vendors and consultants.

7.3. Sensitive Personal Information. Sensitive personal information is a subtype of personal information consisting of the specific information categories listed in the chart below. Importantly, the CCPA only treats this information as sensitive personal information when we collect or use it to infer characteristics about a consumer. We do not use personal information we collect for purposes other than providing and improving our services to you and protecting our services and our community, and we do not use personal information to infer characteristics about you.

7.4. Additional Categories or Other Purposes. We will not collect additional categories of personal information or use the personal information we collected for materially different, unrelated, or incompatible purposes without providing you notice. If required by law, we will also seek your consent before using your personal information for a new or unrelated purpose. We may collect, process, and disclose aggregated or deidentified consumer information for any purpose, without restriction. When we collect, process, or disclose aggregated or deidentified consumer information, we will maintain and use it in deidentified form and will not to attempt to reidentify the information, except to determine whether our deidentification processes satisfies any applicable legal requirements.

7.5. Your Rights and Choices.

The CCPA provides consumers (California residents) with specific rights regarding their CCPA personal data. This section describes your CCPA rights and explains how to exercise those rights.

• Right to Know and Data Portability: You have the right to request that we disclose certain information to you about our collection and use of your personal data over the past twelve (12) months (the “right to know”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete, below), we will disclose to you:

o The categories of personal data we collected about you.

o The categories of sources for the personal data we collected about you.

o Our business or commercial purpose for collecting or selling that personal data.

o The categories of third parties with whom we share that personal data.

o If we sold or disclosed your personal data for a business purpose, two separate lists disclosing:

- sales, identifying the personal data categories that each category of recipient purchased; and

- disclosures for a business purpose, identifying the personal data categories that each category of recipient obtained.

- The specific pieces of personal data we collected about you (also called a data portability request).

• Right to Delete: You have the right to request that we delete any of your personal data that we collected from you and retained, subject to certain exceptions (the “right to delete”). Once we receive your request and confirm your identity (see Exercising Your Rights to Know or Delete, below), we will review your request to see if an exception allowing us to retain the information applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

o Complete the transaction for which we collected the personal data, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.

o Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

o Debug products to identify and repair errors that impair existing intended functionality.

o Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

o Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

o Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.

o Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

We will delete or deidentify personal data not subject to one of these exceptions from our records and will direct our service providers to take similar action.

• Exercising Your Rights to Know or Delete

To exercise your rights to know or delete described above, please submit a written request by emailing us at info@fitriabeauty.com.

Only you, or someone legally authorized to act on your behalf, may make a request to know or delete related to your personal data.

You may only submit a request to know twice within a 12-month period. Your request to know or delete must:

Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data or an authorized representative.

o Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

o We cannot respond to your request or provide you with personal data if we cannot verify your identity or authority to make the request and confirm the personal data relates to you.

You do not need to create an account with us to submit a request to know or delete.

We will only use personal data provided in the request to verify the requestor’s identity or authority to make it.

• Response Timing and Format

We will confirm receipt of your request within ten (10) business days. If you do not receive confirmation within the 10-day timeframe, please email us at info@fitriabeauty.com.

We endeavor to substantively respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to another 45 days), we will inform you of the reason and extension period in writing.

We will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal data that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

• Personal data Sales Opt-Out and Opt-In Rights

We do not “sell” or “share” your personal information as those terms are defined under the CCPA This means that we do not sell or share your personal information for monetary or other valuable consideration, or for purposes of cross-context behavioral advertising (also known as targeted advertising across different websites or services). Because we do not sell or share your personal information, there is no need to provide an opt-out option under California law.

7.6. Non-Discrimination.

We will not discriminate against you for exercising any of your CCPA rights.

8. RETENTION OF PERSONAL DATA

We may retain information as required or permitted by applicable laws and regulations, including to honor your choices, for our billing or records purposes and to fulfill the purposes described in this policy. Specifically, we retain information for our legitimate interests and essential business purposes, such as operating, maintaining and improving our services; complying with our legal obligations; and exercising our legal rights and remedies. Our retention of information is based on many factors such as your relationship with the Company; the nature of the information; compliance with our legal obligations; defending or resolving actual or anticipated legal claims. We take reasonable measures to destroy or de-identify personal data in a secure manner when it is no longer required.

9. CHILDREN

Our Sites are restricted to individuals who are 18 years of age or older, and we do not knowingly collect personal data from children. If you suspect that a member is under the age of 18, please contact us at info@fitriabeauty.com.

10. CHANGES TO OUR PRIVACY POLICY

We reserve the right to amend this privacy policy at our discretion and at any time. When we make changes to this privacy policy, we will post the updated notice on the Sites and update the notice’s effective date. Your continued use of our Sites following the posting of changes constitutes your acceptance of such changes.

11. CONTACT INFORMATION

If you have any questions or comments about this notice, the ways in which we collect and use your information described in this policy, your choices and rights regarding such use, or wish to exercise your rights under applicable law, please do not hesitate to contact us at info@fitriabeauty.com.

If you need to access this policy in an alternative format due to having a disability, please contact us at the email above.

Your cart is empty

All Products

All Products

Your cart

Estimated total

Privacy policy

Country/region