Privacy policy

Privacy Policy – Best Cosmetics Brands

Last Updated: October 21, 2025

1. General

Welcome to BestCosmeticsBrands.com (hereinafter: "the website" or "we").

We respect our users' privacy and are committed to protecting it in accordance with applicable laws and regulations. This policy outlines how we collect, use, store, and protect the information collected on the website.

Business Information:

  • Business Name: Best Cosmetics Brands
  • Contact Email: bestcosmetics@emacaribbean.com
  • Physical Address: [Your business address including country]

2. Information Collection

We may collect the following types of information:

2.1 Information You Provide Directly

When you interact with our website, we collect:

  • Full name
  • Email address
  • Phone number
  • Shipping and billing address
  • Purchase preferences and order history
  • Communications you send to us

2.2 Technical Information Automatically Collected

  • IP address
  • Browser type and version
  • Operating system
  • Pages viewed and time spent on pages
  • Referring website addresses
  • Device identifiers

2.3 Payment Information

Important: We do not store, collect, or have access to your complete credit or debit card information. All payment processing is handled securely by our PCI-DSS Level 1 certified payment processor, Stripe, Inc.

Information that may be collected during checkout includes:

  • Cardholder name
  • Billing address
  • Last four digits of card number (for your reference only)
  • Payment method type

Please note: Stripe may begin collecting information you enter into checkout forms even if you do not complete the purchase, for fraud prevention purposes.

2.4 Cookies and Analytics

We use cookies and similar technologies from:

  • Google Analytics (website analytics)
  • Stripe (payment processing and fraud prevention)
  • Advertising and marketing platforms

You can manage cookie preferences through your browser settings, though disabling cookies may limit some website functionality.

3. Use of Information

The information we collect is used for:

  • Order Processing: Fulfilling your purchases, processing payments, and managing returns
  • Customer Service: Responding to inquiries, providing support, and handling complaints
  • Fraud Prevention: Protecting you and us from unauthorized transactions and fraudulent activity
  • Legal Compliance: Meeting regulatory requirements including tax, accounting, and financial regulations
  • Marketing: Sending promotional offers, newsletters, and product updates (with your consent)
  • Website Improvement: Analyzing usage patterns to enhance user experience
  • Communication: Order confirmations, shipping notifications, and account updates

4. Payment Card Security

4.1 Payment Processing

All payment transactions are processed by Stripe, Inc., a PCI-DSS Level 1 certified payment service provider. We have chosen Stripe because they maintain the highest level of payment security certification in the industry.

4.2 What We DO NOT Do

  • We DO NOT store complete credit or debit card numbers
  • We DO NOT have access to your full payment card details
  • We DO NOT process payments on our own servers
  • We NEVER request payment card information via email – email is not a secure method for transmitting sensitive financial data

4.3 How Payment Data is Protected

During Transmission:

  • All payment data is encrypted using SSL/TLS (Secure Sockets Layer/Transport Layer Security) technology with AES-256 encryption
  • Data is transmitted directly from your browser to Stripe's secure servers
  • We use secure, encrypted connections for all payment pages

While in Service:

  • Payment information is stored and processed exclusively on Stripe's PCI-DSS compliant infrastructure
  • Stripe maintains enterprise-grade security controls including firewalling, intrusion detection, and 24/7 monitoring
  • Multiple layers of authentication protect access to payment data

At Our Physical Location:

  • We do not maintain any physical records of complete payment card information
  • Access to partial payment data (such as last 4 digits) is restricted to authorized personnel only
  • Our systems and premises follow strict security protocols

4.4 3D Secure Authentication

For your added protection, we utilize 3D Secure technology for eligible card transactions:

Verified by Visa – For Visa cardholders Mastercard ID Check (formerly SecureCode) – For Mastercard holders

How 3D Secure Works: When you make a purchase, if your card is enrolled in 3D Secure, you will be redirected to your card issuer's secure authentication page. You may be asked to:

  • Enter a one-time password sent to your phone
  • Use your bank's mobile app for biometric authentication
  • Enter a password you've previously set up with your bank

This additional layer ensures that you are the authorized cardholder making the purchase, significantly reducing the risk of fraudulent transactions.

4.5 PCI-DSS Compliance

Our payment infrastructure meets the requirements of the Payment Card Industry Data Security Standard (PCI-DSS). Through our partnership with Stripe, we ensure:

  • Secure network architecture
  • Regular security testing and monitoring
  • Strong access control measures
  • Encrypted transmission of cardholder data across public networks

CRITICAL SECURITY REMINDER: Never send credit card numbers, CVV codes, or complete payment information via email, text message, or any unsecured communication channel. We will never ask you to provide this information outside of our secure checkout process.

5. Third-Party Service Providers

5.1 Payment Processing

Stripe, Inc. (https://stripe.com)

  • Purpose: Payment processing, fraud detection, and transaction management
  • Data Shared: Name, email, billing address, transaction details, device information
  • Privacy Policy: https://stripe.com/privacy
  • Location: United States (with international processing capabilities)

5.2 Other Service Providers

We work with trusted third-party providers for:

  • Shipping and Logistics: To deliver your orders
  • Email Services: To send transactional and marketing communications
  • Analytics: Google Analytics for website performance analysis
  • Customer Support: Help desk and ticketing systems
  • Fraud Prevention: Additional security verification services

All third-party providers are contractually obligated to protect your information and use it only for the specified purposes.

5.3 International Data Transfers

Some of our service providers, including Stripe, may process data outside of your country of residence. When we transfer data internationally, we rely on:

  • EU-U.S. Data Privacy Framework
  • UK Extension to the EU-U.S. Data Privacy Framework
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Other legally approved data transfer mechanisms

6. Data Sharing

We will never sell your personal information to third parties for their marketing purposes.

We may share your information with:

Business Partners:

  • Payment processors (Stripe)
  • Shipping companies (to deliver your orders)
  • Financial institutions (for payment verification)

Legal Requirements:

  • Law enforcement or regulatory authorities when required by law
  • In response to valid legal processes (court orders, subpoenas)
  • To protect our rights, property, or safety, or that of our users

Business Transfers:

  • In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity

7. Data Security

7.1 Security Measures

We implement industry-standard security measures to protect your personal information:

  • Encryption: SSL/TLS encryption for all data transmission
  • Access Controls: Restricted access to personal data on a need-to-know basis
  • Secure Infrastructure: Firewalls, intrusion detection systems, and security monitoring
  • Regular Security Audits: Ongoing assessment of our security practices
  • Employee Training: Staff are trained on data protection and privacy requirements

7.2 Security Limitations

While we take extensive precautions, no online system is completely secure. We cannot guarantee absolute protection against all security threats. In the unlikely event of a data breach affecting your information, we will notify you as required by applicable law.

8. Data Retention

We retain your personal information for as long as necessary to:

  • Fulfill the purposes described in this policy
  • Comply with legal, regulatory, tax, and accounting requirements
  • Resolve disputes and enforce our agreements

Retention Periods:

  • Transaction records: Minimum 7 years (for tax and accounting compliance)
  • Account information: Duration of your account plus 7 years
  • Marketing communications: Until you unsubscribe or object
  • Analytics data: Typically 26 months

Even after you request deletion, we may retain certain information as required by law or for legitimate business purposes (such as fraud prevention).

9. Your Rights and Choices

You have the following rights regarding your personal information:

9.1 Access and Portability

  • Request a copy of the personal information we hold about you
  • Receive your data in a commonly used, machine-readable format

9.2 Correction

  • Request correction of inaccurate or incomplete personal information

9.3 Deletion

  • Request deletion of your personal information (subject to legal retention requirements)

9.4 Restriction and Objection

  • Object to processing of your personal information for marketing purposes
  • Request restriction of processing in certain circumstances

9.5 Marketing Communications

  • Unsubscribe from marketing emails at any time using the unsubscribe link
  • Opt out of SMS marketing by following the instructions in the message

9.6 Cookies

  • Manage cookie preferences through your browser settings
  • Opt out of analytics tracking through browser extensions or opt-out tools

9.7 How to Exercise Your Rights

To exercise any of these rights, contact us at: bestcosmetics@emacaribbean.com

We will respond to your request within 30 days. Some rights may be limited by applicable laws or our legitimate business needs.

10. Return, Refund, and Cancellation Policies

10.1 Returns

  • Returns are accepted within [X] days of delivery
  • Products must be unused, in original packaging
  • Return shipping costs: [Specify who pays]

10.2 Refunds

  • Refunds will be processed within [X] business days of receiving the returned item
  • Refunds will be issued to the original payment method
  • Shipping costs are non-refundable unless the return is due to our error

10.3 Cancellations

  • Orders can be cancelled within [X] hours of placement
  • Once an order is shipped, it cannot be cancelled but may be returned upon delivery

For detailed return and refund information, please visit [Link to Returns Policy Page] or contact bestcosmetics@emacaribbean.com

11. Children's Privacy

Our website and services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete that information.

12. Cookies Policy

12.1 What Are Cookies

Cookies are small text files placed on your device to help websites function properly and collect analytics.

12.2 Types of Cookies We Use

  • Essential Cookies: Required for website functionality (shopping cart, checkout)
  • Analytics Cookies: Help us understand how visitors use our site
  • Marketing Cookies: Used to deliver relevant advertisements
  • Fraud Prevention Cookies: Used by Stripe to detect and prevent fraudulent transactions

12.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may impact website functionality.

13. Privacy Policy for California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to know what personal information is collected
  • Right to know if personal information is sold or shared
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising your rights

We do not sell personal information to third parties.

To exercise your California privacy rights, email us at: bestcosmetics@emacaribbean.com

14. Privacy Policy for European Residents (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

14.1 Legal Basis for Processing

We process your personal data based on:

  • Contract: To fulfill our agreement with you
  • Legitimate Interests: For fraud prevention, analytics, and business operations
  • Consent: For marketing communications (which you can withdraw at any time)
  • Legal Obligation: To comply with tax, accounting, and regulatory requirements

14.2 Data Protection Officer

For privacy inquiries, contact: bestcosmetics@emacaribbean.com

14.3 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority.

15. Frequently Asked Questions (FAQ)

Q: Do you store my credit card information?

A: No. All payment card information is handled exclusively by Stripe, our PCI-DSS Level 1 certified payment processor. We never see or store your complete card details.

Q: What is 3D Secure and why do I need it?

A: 3D Secure (Verified by Visa and Mastercard ID Check) is an additional authentication step that confirms you are the authorized cardholder. It significantly reduces fraud and protects your account from unauthorized purchases.

Q: Can I send you my credit card details via email?

A: Absolutely not. Email is not secure. We will never ask for payment card information via email. Always use our secure checkout page.

Q: How do I know my payment is secure?

A: Look for the padlock icon in your browser's address bar and ensure the URL begins with "https://". This indicates a secure, encrypted connection. All payments are processed through Stripe's secure infrastructure.

Q: What happens if there's a data breach?

A: In the unlikely event of a data breach affecting your personal information, we will notify you promptly as required by law and take immediate steps to mitigate any harm.

Q: How long do you keep my information?

A: We retain information for as long as necessary to provide services and comply with legal requirements, typically 7 years for financial records.

16. Contact Information

For privacy-related questions, requests, or concerns:

Email: bestcosmetics@emacaribbean.com Phone: [Your phone number] Address: [Your physical business address]

Customer Service Hours: [Specify your hours of operation]

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email if you have an account with us
  • Display a prominent notice on our website

Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

18. Terms and Conditions Acceptance

By using BestCosmeticsBrands.com, you acknowledge that you have read, understood, and agree to this Privacy Policy and our Terms and Conditions.

Privacy Seal of Approval

This privacy policy complies with:

  • PCI-DSS Requirements for payment security
  • GDPR (General Data Protection Regulation)
  • CCPA/CPRA (California Consumer Privacy Act)
  • AZUL E-Commerce merchant requirements
  • Visa and Mastercard data security standards

For Stripe's privacy practices, please visit: https://stripe.com/privacy