This Privacy Policy is for informational purposes. It primarily sets out the principles governing the processing of personal data by the Controller, including the legal bases, purposes, and scope of personal data processing, the rights of data subjects, and information regarding the use of cookies and analytical tools.
The controller of personal data is Beauty Vision LTD, Main Street, Ballisodare, Sligo, Ireland, IE3590754FH, hereinafter referred to as the “Controller”.
Personal data are processed by the Controller in accordance with applicable laws, in particular pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 concerning the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the “GDPR”.
The use of the Controller’s services is voluntary. Likewise, the provision of personal data is voluntary, subject to two exceptions:
The Controller exercises particular care in protecting the interests of data subjects and, in particular, ensures that the collected data are:
Taking into account the nature, scope, context, and purposes of processing, as well as the risks to the rights and freedoms of natural persons of varying likelihood and severity, the Controller implements appropriate technical and organizational measures to ensure that processing is performed in accordance with the GDPR and to demonstrate such compliance. These measures are reviewed and updated where necessary. The Controller applies technical measures to prevent unauthorized persons from acquiring or modifying personal data transmitted electronically.
The Controller processes personal data where:
The purpose, legal basis, retention period, scope, and recipients of personal data processed by the Controller depend on the activities undertaken by a particular Customer.
The Controller may process personal data for the following purposes, on the following legal bases, for the following periods, and within the following scope:
Legal basis: Article 6(1)(b) GDPR (performance of a contract)
Retention period:
Data are processed for the period necessary to demonstrate the conclusion, performance, termination, and settlement of the contract and to defend against any related claims.
Categories of data processed:
Legal basis: Article 6(1)(b) GDPR (performance of a contract)
Retention period:
Data are processed for as long as the account exists in the Service and, after its deletion, for the period necessary to defend against possible claims related to maintaining the account.
Categories of data processed:
Legal basis: Article 6(1)(a) GDPR (consent)
Retention period:
Data are processed for as long as consent to receive the newsletter remains valid.
Categories of data processed:
Legal basis: Article 6(1)(f) GDPR (legitimate interest of the Controller)
Retention period:
Data are processed for the period during which claims may be asserted and are deleted after the applicable limitation period expires.
Categories of data processed:
Legal basis: Article 6(1)(c) GDPR (compliance with a legal obligation)
Retention period:
For the period required by tax and accounting regulations.
Categories of data processed:
For the proper functioning of the Service, including the performance of concluded Agreements, it is necessary for the Controller to use the services of external entities (such as software providers, couriers, or payment service providers). The Controller uses only the services of processors that provide sufficient guarantees of implementing appropriate technical and organizational measures to ensure that processing complies with the requirements of the GDPR and protects the rights of data subjects.
The Controller does not transfer personal data in every case or to all recipients or categories of recipients indicated in this Privacy Policy. Personal data are disclosed only where necessary to achieve a given purpose of processing and only to the extent necessary to achieve that purpose.
Personal data processed in connection with the performance of an agreement may be disclosed to:
a) providers of electronic payment or payment card services – where the Customer uses electronic payment methods or payment cards within the Service, the Controller makes the Customer's collected personal data available to the selected payment service provider acting on behalf of the Controller to the extent necessary to process the payment made by the Customer;
b) providers supplying the Controller with technical, IT, and organizational solutions enabling the Controller to conduct business activities (in particular providers of computer software, email and hosting services, business management software, and technical support services). The Controller discloses the Customer's personal data to such providers only where necessary and only to the extent required to achieve a data processing purpose consistent with this Privacy Policy;
c) providers of accounting, legal, and advisory services supporting the Controller in accounting, legal, or consultancy matters (in particular accounting firms, law firms, or debt collection agencies). The Controller discloses the Customer's personal data to such providers only where necessary and only to the extent required to achieve a data processing purpose consistent with this Privacy Policy.
Information may be processed in an automated manner (including profiling); however, such processing will not produce any legal effects concerning an individual nor similarly significantly affect that individual's rights and obligations.
In the case of profiling:
a) sensitive personal data are not processed;
b) processed data are protected through pseudonymization;
c) where pseudonymization is not applied, only email addresses, IP addresses, or cookies are used.
Profiling is carried out for the following purposes:
a) analysing personal preferences and interests of individuals using the Services, products, or Services, and tailoring content available within the Services or products accordingly;
b) marketing purposes, in particular adapting presented offers to the preferences of recipients.
The data subject has the right to request access to their personal data, rectification, erasure ("the right to be forgotten"), or restriction of processing. The data subject also has the right to object to processing and the right to data portability. Detailed conditions governing the exercise of these rights are set out in Articles 15–21 of the GDPR.
Where personal data are processed by the Controller on the basis of consent (Article 6(1)(a) or Article 9(2)(a) GDPR), the data subject has the right to withdraw consent at any time, without affecting the lawfulness of processing carried out on the basis of consent before its withdrawal.
The data subject has the right to lodge a complaint with the supervisory authority, namely:
Data Protection Commission (DPC)
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
Email: info@dataprotection.ie
Website: https://www.dataprotection.ie
The data subject has the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them based on Article 6(1)(e) (public interest or official authority) or Article 6(1)(f) (legitimate interests pursued by the Controller), including profiling based on those provisions.
In such a case, the Controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defence of legal claims.
To exercise the rights referred to in this section of the Privacy Policy, the data subject may contact the Controller by sending a written request or an email to the Controller's contact details indicated at the beginning of this Privacy Policy or by using the contact form available in the Service.
Cookies are small text files sent by a server and stored on the device of a person visiting the Service (e.g., on the hard drive of a computer or laptop, or in the memory of a smartphone, depending on the device used by the visitor). Detailed information regarding cookies and their history can be found, among other sources, at:
https://en.wikipedia.org/wiki/HTTP_cookie
The Controller may process data contained in cookies while visitors use the Service for the following purposes:
Most web browsers available on the market accept cookies by default. Users may specify the conditions for the use of cookies through their browser settings. This means that users may, for example, partially restrict (including temporarily) or completely disable the storage of cookies. However, disabling cookies may affect certain functionalities of the Service.
Browser settings relating to cookies are important from the perspective of consent to the use of cookies by the Service. Under applicable regulations, such consent may also be expressed through browser settings. If such consent is not granted, the browser settings concerning cookies should be modified accordingly.
Detailed information on changing cookie settings and deleting cookies in the most popular web browsers is available in the help section of the respective browser and on the relevant support pages for:
Personal data may be transferred outside the European Economic Area (EEA). In such cases, transfers shall only take place to countries ensuring a level of personal data protection at least equivalent to that provided within the European Union.
The Service may contain links to other websites. The Controller encourages users, upon leaving the Service, to review the privacy policies adopted by such websites. This Privacy Policy applies solely to the Controller's Service.
This Privacy Policy is reviewed on an ongoing basis and updated whenever necessary.
The current version of this Privacy Policy was adopted and has been effective since 18 March 2026.
To provide the highest level of service, we use cookies.
We use cookies to help users navigate efficiently and perform certain functions. Detailed information about all cookies corresponding to each consent category is provided below.
Cookies classified as "necessary" are stored in the user's browser as they are essential to enable basic site functions.
We also use third-party cookies that help us analyze how users use the site, store user preferences, and provide relevant content and advertisements. These types of cookies will only be stored in the browser with the user's prior consent.
You can enable or disable some or all of these cookies, but disabling some may affect your browsing experience.