Privacy policy
Glossier Privacy Policy
LAST UPDATED: July 20, 2024
This Privacy Policy describes how Glossier, Inc. and our subsidiaries and affiliates (collectively, “Glossier,” “we,” “us,” and/or “our”) collect, use, disclose, and otherwise process information about you. This Privacy Policy applies when you access or use our websites, shop in our stores or pop-ups, communicate with us through our customer support channels or via social media, and otherwise interact with us. We may provide different or additional notices of our privacy practices for certain products, services, or activities, in which case those notices will supplement or replace the disclosures in this Privacy Policy. For instance, depending on where you reside, our U.S. State Privacy Notice may apply in addition to this Privacy Policy.
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this policy. If we make material changes, we will provide you with additional notice (such as by adding a statement to our websites or sending you a notification). We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.
Click on the links below to jump to the different sections of our Privacy Policy.
Information We Collect
How We Use Your Information
Targeted Advertising and Analytics
Disclosure of Information
Transfers of Information to the United States and Other Countries
Children
Your Privacy Choices
Additional Information for Individuals in Specific Jurisdictions
Contacting Glossier
Information We Collect
The information we collect about you depends on how you interact with us. In this section, we describe the categories of information we collect and the sources of this information.
Information We Collect Directly from You
We collect information you provide directly to us, such as when you open an account, place an order, ask to receive emails or text messages, contact customer service, submit comments or reviews, respond to surveys or quizzes, enter into sweepstakes or other programs, or interact with us on social media. The types of personal data we may collect directly from you include:
- Contact information, such as your name, email address, mailing address, and phone number;
- Account information, such as your username and password; and
- Optional information you may choose to provide, such as your social media handles, makeup and color preferences, age range, gender, product reviews, comments to articles, responses to surveys or quizzes, and the content of communications with our customer support team.
If you make a purchase from us, we work with a third-party payment processor to collect and process your payment information.
Information We Collect from Other Sources
We may collect information about you from other sources, including from:
- Other customers who provide information about you, such as to send you a gift or when they sign up for a refer-a-friend program.
- Online booking partners, such as companies we partner with to handle online reservations for retail store appointments.
- Order processing partners, such as fraud prevention and fulfillment partners.
- Unaffiliated third parties, such as marketing and advertising partners, market research companies, and sample distributors.
The types of personal data we collect from other sources include your name, email address, websites you visited, product preferences, and product purchases.
Information We Collect Automatically
We automatically collect certain information about your interactions with us when you purchase our products, access or use our websites, interact with our communications, or visit our stores, including:
- Transaction information, such as product details, purchase price, and the date and location of the transaction.
- Device and usage information, such as your IP address, browser type, device information, operating system, access times and length of stay, items you place in a cart, information about your activity on a specific page such as mouse movements and keystrokes, the websites you visited before navigating to our websites, specific pages accessed, search terms you used to reach our websites, and links clicked.
- Information about your activity in our stores, such as through closed circuit TVs for security monitoring or geofencing to identify traffic in our stores.
- Information collected by cookies, pixels, session replay, and similar tracking technologies to understand your interactions with our websites, including your browsing behavior, purchase behavior, and other engagement with our websites. Cookies are small data files stored on your hard drive or in device memory that help us improve our websites and your experience, see which areas and features of our websites are popular, collect identifiers and other information, and count website visits. Web beacons (also known as “pixel tags” or “clear GIFs”) are electronic images that we use on our websites and in our emails to help deliver cookies, count visits, and understand usage and campaign effectiveness. For more information about cookies and other tracking technologies we use and how to disable them, see the Targeted Advertising and Analytics and the Cookies and Similar Tracking Technologies sections below.
Information We Derive or Infer
We may derive information or draw inferences about you based on the information we collect. For example, we may draw inferences about your approximate location based on your IP address or infer that you are interested in certain products based on your browsing behavior and past purchases.
How We Use Your Information
We use the information we collect to provide the products and services you request. We also use the information we collect to:
● Create and manage your online accounts and profiles;
● Communicate with you, including to tell you about products and services that may be of interest to you and to respond to your requests, inquiries, comments, and suggestions;
● Complete the transactions you request, perform our contractual obligations, send cart reminders, and use as otherwise anticipated within the context of our ongoing business relationship;
● Facilitate your engagement with us, including to enable you to post comments and reviews on our websites, to engage with other customers, and to post on social media;
● Offer contests, sweepstakes, or other promotions;
● Tailor the content and information that we send or display to you, offer location customization and personalized recommendations, help, and instructions, and otherwise personalize your experience while using our products and services;
● Target ads to you on third-party platforms and websites (for more information and to opt out, please see the Targeted Advertising and Analytics section below);
● Conduct surveys and market research and monitor, audit, and analyze trends, usage, and activities in connection with our websites, stores, products, services, and advertisements;
● Carry out short-term activities and other internal uses related to the products or services you purchase from us or your ongoing relationship with us;
● Conduct internal research and development;
● Detect, investigate, and respond to, prosecute, and help protect against security incidents and other malicious, deceptive, fraudulent, illegal, or objectionable activities, including the unauthorized use of our websites, and protect the rights and property of Glossier and others;
● Debug, identify, and repair errors that impair existing intended functionality of our websites; and
● Comply with our legal obligations, including those required for you to benefit from rights recognized by law, or any regulatory requirements or provisions.
Targeted Advertising and Analytics
We engage others to provide analytics services, serve advertisements, and perform related services across the web and in mobile apps. These entities may use cookies, web beacons, pixels, SDKs, device identifiers, and other technologies to collect information about you and your use of our websites and other websites and applications, including your IP address, device ID, web browser, mobile network information, pages viewed, time spent on pages or in apps, links clicked, search queries, conversion information, and order history. This information is used to analyze and track data, determine the popularity of content, deliver advertising targeted to your interests on our websites and other websites, and better understand your activity. If you have previously created an account or made a purchase through our websites and you are browsing our websites without logging in, we may engage vendors that use cookies to better tailor advertising and marketing based on your prior visits.
You can opt out of having your personal information used or disclosed for these purposes via cookies and similar technologies by clicking here. Your opt-out choice will be linked to your browser only; therefore, you will need to renew your opt-out choice if you visit our website from a new device or browser, or if you clear your browser’s cookies.
In addition to cookie-based ad targeting, we may disclose identifiers, like email addresses and phone numbers, to some of our advertising partners. These advertising partners translate that information into a unique identifier that can then be used to show ads that are more relevant to you. Depending on where you reside, you may opt out of these disclosures by filling out our online form.
You can also learn more about interest-based ads or opt out of having your web browsing information used for behavioral advertising purposes by companies that participate in the Digital Advertising Alliance, by visiting www.aboutads.info/choices if you reside in the United States, www.youronlinechoices.eu if you reside in Europe, or https://youradchoices.ca/ if you reside in Canada.
Disclosure of Information
We disclose information as described in the Targeted Advertising and Analytics [1] section and in the following ways:
● Vendors and Service Providers: We make personal data available to our service providers, contractors, agents, and consultants who complete transactions and perform services on our behalf, such as companies that assist us with web hosting, payment processing, shipping and delivery, surveys, events, personalization, market research, analytics, marketing, advertising, fraud prevention, and customer service.
● For Marketing and Advertising Purposes: We disclose personal data to third parties for marketing and advertising purposes and to expand the reach and effectiveness of our marketing campaigns. This information does not identify you personally, but may be used by those marketing partners and other third parties to enable them to recognize you on other sites and services you visit even if you don’t login.
● Professional Advisors: We disclose information about you to our professional advisors, including accountants, auditors, lawyers, insurers, and bankers, where necessary to obtain advice or otherwise protect and manage our operations and business interests.
● Law Enforcement Authorities and Individuals Involved in Legal Proceedings: We disclose personal data in response to a request for information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements.
● To Protect the Rights of Glossier and Others: We disclose personal data if we believe that your actions are inconsistent with our user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Glossier, our customers, the public, or others.
● Corporate Transactions: We disclose personal data in connection with, or during negotiations of, certain corporate transactions, including the merger, sale of company assets, financing, bankruptcy, or acquisition of all or a portion of our business by another company.
● Corporate Affiliates: We disclose personal data to our subsidiaries and corporate affiliates for the purposes described in the Use of Information section above.
● With Your Consent and at Your Direction: We disclose personal data to third parties when we have your consent or you intentionally direct us to do so. For example, if you decide to submit a product review or you direct us to post the personal data you provide with your review publicly on our websites.
We also disclose aggregated or de-identified information that cannot reasonably be used to identify you. Glossier processes, maintains, and uses this information only in a de-identified fashion and will not attempt to re-identify such information, except as permitted by law.
Transfers of Information to the United States and Other Countries
Glossier is based in the United States, and we and our service providers process and store personal data on servers located in the United States and other countries. Where required by law, we provide adequate protection for the transfer of personal data in accordance with applicable law, such as by obtaining your consent, relying on the European Commission’s adequacy decisions, or executing Standard Contractual Clauses. Where relevant, you may request a copy of these Standard Contractual Clauses by contacting us at Privacy@glossier.com.
Children
Our websites are not designed for children under the age of 18. If you are a parent or legal guardian and you believe that a child has provided personal data to us without your consent, please contact us at Privacy@glossier.com.
Your Privacy Choices
Account Information
You can access, correct, or delete certain information stored within your online account, including your profile, contact, payment, and shipping information, at any time by logging into your Glossier account. You can also deactivate your Glossier account by emailing gTeam@glossier.com.
Promotional Communications
You may opt out of receiving promotional emails or text messages at any time by following the instructions included in those communications. If you opt out of receiving such communications, note that we may continue to send you non-promotional messages (such as order confirmation emails or emails about changes to our legal terms). With your consent, we may also send promotional and non-promotional push notifications or alerts to your browser. You can deactivate these messages at any time by changing the notification settings on your browser.
Cookies and Similar Tracking Technologies
Glossier uses cookies and similar tracking technologies to analyze visits to our websites and interactions with our marketing communications and to help us improve our website, services, and marketing campaigns. As described in the Targeted Advertising and Analytics section above, we also use cookies and similar tracking technologies to serve you ads on third-party properties. You can turn off cookie-based ad targeting by clicking here. Note that most web browsers are set to accept cookies by default. You can usually adjust your browser settings to remove or reject all or some browser cookies. Please note that removing or rejecting cookies could affect some of the functionality of our websites.
Additional Information for Individuals in Specific Jurisdictions
Individuals in Certain U.S. States
California, Colorado, Connecticut, Montana, Oregon, Texas, Utah, and Virginia have enacted consumer privacy laws that grant their residents certain rights and require additional disclosures. See our U.S. State Privacy Notice [2] for these state-specific requirements and our California notice at collection.
Individuals in Europe
If you are located in the European Economic Area, United Kingdom, or Switzerland, this section applies to you.
Legal Basis for Processing
When we process your personal data as described above, we do so in reliance on the following lawful bases:
● We need to use your personal data to perform our responsibilities under our contract with you (e.g., processing payments for and providing the Glossier products you have ordered).
● We have a legitimate interest in processing your personal data. For example, we may process your personal data for performance marketing activities, to conduct data analytics and to provide, secure, and improve our products and services.
● We need to do so to comply with a legal obligation to which we are subject.
● We have your consent to do so, which you may withdraw at any time.
Data Subject Requests
You have the right to (1) request to know more about and access your personal data, including in a portable format, (2) request deletion of your personal data, (3) request correction of inaccurate personal data, (4) request restriction of processing of your personal data, and (5) object to the processing of your personal data for certain purposes. To exercise any of these rights, please fill out our online form.
Questions or Complaints
If you are a European Resident and have a concern about how we process personal data that we are not able to resolve, you have the right to lodge a complaint with the data privacy authority where you live. Contact details of your relevant local Data Protection Authority may be found using the links below:
● For individuals in the EEA: https://edpb.europa.eu/about-edpb/board/members_en
● For individuals in the UK: https://ico.org.uk/global/contact-us/
● For individuals in Switzerland: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/contact.html
Data Retention
Our retention periods for personal data are based on business needs and legal requirements. We store personal data for as long as is necessary for the processing purpose(s) for which the data was collected, and any other permissible purpose. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired. When we no longer need to use your personal data, we remove it from our systems and records or anonymize it so that you can no longer be identified from it.
Individuals in Canada
If you reside in Canada, this section applies to you.
Your Rights
You may exercise your rights to access and correct the personal data we hold about you by filling out our online form. By submitting personal data to us or our service providers, you consent to the collection, use, disclosure, and transfer of your personal data in accordance with this Privacy Policy and as permitted or required by law. You may withdraw your consent at any time by contacting us at Privacy@glossier.com. If you withdraw your consent (or if you decide not to provide certain personal data), you acknowledge that we may not be able to provide you with certain products, services, or information.
Data Retention
Our retention periods for personal data are based on business needs and legal requirements. We store personal data for as long as is necessary for the processing purpose(s) for which the data was collected, and any other permissible purpose. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired. When we no longer need to use your personal data, we remove it from our systems and records or anonymize it so that you can no longer be identified from it.
Contacting Glossier
If you have questions or concerns regarding this Privacy Policy, please contact us using the information provided below.
Customers in the United States or Canada:
Glossier, Inc.
233 Spring Street, Floor 10
New York, NY 10013
Privacy@glossier.com
Customers in Europe:
Phase EU Limited
5 New Street Square
London, United Kingdom, EC4A 3TW
Privacy@glossier.com