Privacy Policy

MOROCCANOIL U.S. PRIVACY POLICY

Effective Date: July 14, 2020
Last Updated: July 07, 2020

Moroccanoil ® (“we,” “us,” or “our”) is sensitive to the concerns regarding the private
information of our visitors and recognizes that our visitors may become concerned
about the information they provide to Moroccanoil and how this information is later
used.

This Privacy Policy sets out how we use and protect any information that you, the user, provide
when you visit our website, www.moroccanoil.com (“Website”). Except as otherwise provided
herein, this Privacy Policy applies to all services offered by us on this Website. Except as
otherwise provided herein, this Privacy Policy applies to information collected offline and
through our Website.

This Privacy Policy does not cover the information practices of third parties, including other
companies that may advertise on this Website. In addition, the Website may contain links to third
party websites. Please note that once you click on such a link, you will have left our Website and
should be aware that we do not have any control over third party websites. Use of third party
websites, and collection of information by those parties, are governed by their privacy policies.
We encourage you to exercise caution and review their privacy policies before using their
websites. Nonetheless, we seek to protect the integrity of our Website and welcome any feedback
about these third party websites.

Please read this Privacy Policy carefully to understand our policies and practices regarding your
information and how we will treat it. If you do not agree with our policies and practices, do not
use our Website. By accessing or using this Website, you agree to this Privacy Policy. We may
revise and update our Privacy Policy from time to time, and all updates will be posted on this
page. Unless otherwise required by law, your continued use of this Website after we make
changes is deemed to be acceptance of those changes, so please check the Privacy Policy
periodically for updates.

Please also visit our Terms and Conditions establishing the use, disclaimers and limitations of
liability governing the use of our Website here:
https://www.moroccanoil.com/us_en/about/terms/ .

CONTENT

1. Information We Collect
2. How We Use the Information We Collect
3. How Long We Keep Your Personal Information
4. How We Protect And Store Your Information
5. Do Not Track (DNT) Signals1. Information We Collect
6. Cookies
7. Disclosure to Third Parties
8. Magento
9. California Consumer Privacy Act (CCPA)
10. Nevada Online Privacy Law
11. California Minors Who Are Registered Users
12. Protecting Children’s Privacy
13. Changes to Our Privacy Policy
14. Contact Us

1. Information We Collect

We collect the following categories of personal information: Identifiers such as a real name, alias, signature, address, telephone number, unique personal identifier, online identifier, Internet Protocol address, email address, account name, and other similar identifiers (“Identifiers”); payment information; Internet or other electronic network activity information; geolocation data; audio, electronic, visual or similar information; professional or employment-related information; and inferences drawn from any of the above-identified information to create a profile about a consumer reflecting the consumer’s preferences.

2. How We Use the Information We Collect

Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company without your consent, other than as specified in this Privacy Policy.

We will use your Personal Information for our legitimate interests, meaning our interests in conducting our business, fulfilling orders and processing transactions, and managing and providing services to you, which include the following:

• Providing, maintaining and improving our business;
• Fulfilling orders and processing transactions;
• Managing and providing services to you;
• Responding to your questions, concerns, and other requests for assistance;
• Customizing your browsing and shopping experience on the Website. We use information about your browsing and shopping activities to bring you a custom shopping experience, by offering products and advertisements tailored to your interests (please see our Cookies
section below);
• Keeping you informed of administrative changes to our Website, including changes to our terms and conditions and other policies, and other information regarding the Website;
• Analyzing Website statistics, such as usage and experiences impacting your browsing experience. We use this information to patch bugs and resolve other issues to present you with the best possible browsing experience. We also use cookies and other technologies to analyze how our customers interact with the Website, which helps us improve its functionality;

• Conducting market research, which informs our marketing strategy and enables us to present you with a browsing experience tailored to your interests. For example, we create user profiles to enable personalized direct marketing communications;
• Maintaining basic records, so that we may respond to and honor your requests to delete your data and prohibit future unwanted processing;
• Preventing fraud, criminal activity, and misuses of our Website. We also use this information to block prohibited resellers from accessing our website and to safeguard the security of this Website, as well as our infrastructural security;
• Complying with legal obligations and process, and to safeguard our rights, privacy, safety, and property, as well as your rights, privacy, safety, and property, and that of our affiliates and third parties;
• Administering special offers, including contests, promotions, surveys, and other interactive Website experiences;
• Enabling us to publish your reviews and other content;
• Applications for employment and employment-related purposes;
• Communicating with you, including through email. We may use the email address which you provide for order processing to send you information and updates about your orders, as well as occasional news, updates, and information about our company and related products and services. If at any time you would like to unsubscribe from receiving future emails, please refer to the detailed unsubscribe instructions at the bottom of each email;
• Notifying you about special offers and products or services available from us, our affiliates or our partners that may be of interest to you.

3. How Long We Keep Your Personal Information

We will keep your Personal Information for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is longer.

To determine the appropriate retention period for your Personal Information, we will consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we use your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements. When we no longer need to retain your Personal Information, it will be deleted or be anonymized so that you can no longer be identified from it.

4. How We Protect And Store Your Information

We are committed to making sure your privacy is protected when you use our Website and when we collect information from you. We take the security of your information seriously, and implement a variety of security measures to maintain safety of all Personal Information you
provide. We also make sure that third parties we use to process your Personal  Information also use appropriate security measures to protect your data.

When we collect sensitive information like your credit card information, social security numbers, financials, etc., that information is encrypted and securely transmitted. For example, we use a secure server for transmitting sensitive information. All supplied sensitive/credit card information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. You can verify that this sensitive information is being transmitted securely by looking for “https” at the
beginning of the address of the webpage.

After a transaction is completed, your sensitive information (credit cards, social security numbers, financials, etc.) will not be stored on our servers. The safety and security of your information also depends on you. We urge you to be careful about entering information on public computers or on public networks.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted to or stored on our Website.

5. Do Not Track (DNT) Signals

We only have access to or collect information that you provide us through your use of the Website. We do not track users over time and across third party websites. Accordingly, this Website does not respond to Do Not Track (DNT) signals.

6. Cookies

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser. Cookies enable websites or service providers’ systems to recognize your browser and capture and remember certain information. For example, you may use our cookies to stay logged in when you exit a browser window. You may read more about cookies at https://www.allaboutcookies.org/.

We use cookies and other technologies for different purposes. First, we use these technologies to operate and run our site (“Strictly Necessary Cookies”). Second, we use cookies to understand how users arrive to and use our site (“Analytics Cookies”). Third, we use cookies to make our site more user-friendly and give you greater options for using our website (“Functional Cookies”). Finally, we use cookies to facilitate our direct marketing (“Marketing Cookies”).

Some cookies (Strictly Necessary Cookies) are so essential to the functioning of our website that you cannot opt out of them. However, you can choose to accept, decline, or withdraw consent to other cookies. Be aware that disabling cookies may prevent you from using certain features or services on our Website.

Strictly Necessary Cookies: Carry out essential services of our website, including tracking sign- ups and processing payments. Because our website cannot function without use of these cookies, you may not opt out of them.
• Magento – More information here.

Analytics Cookies: Provide information about how visitors arrive at and use our site. You may
opt out of these cookies by visiting the opt out links provided, or by modifying your browser
settings as explained below.
• Google Analytics – More information here; opt out here.
• Inspectlet – More information here.

Functional Cookies: Give visitors a better browsing experience, such as the opportunity to leave
product reviews. You may opt out of these cookies by modifying your browser settings as
explained below.
• Youtube.com – More information here.

Marketing Cookies: Facilitate targeted and affiliate marketing. You may opt out of these cookies
by visiting the opt out links provided, or by modifying your browser settings as explained below.
• Instagram – More information here.
• Facebook – More information here; opt out here.
• Pinterest.com – More information here.
• Twitter – More information here;
• Youtube.com – More information here.
• Google Tag Manager – More information here; opt out here.
• Google Ads – More information here; you may opt out on that page.
• Kenshoo – More information here.
• Number – More information here.
• Reddit – More information here.
• Taboola – More information here.

Browser Opt-Out: Most browsers have a “help” button or section on the toolbar. If you click on this button or section, you will find information about turning on and off cookies and how to receive notifications when a new cookie is received.
Internet Explorer
Mozilla Firefox
Google Chrome
Apple Safari

Additionally, many advertising services allow you to opt out of targeted advertising. You may find more information in the resources available at the Network Advertising Initiative, http://www.networkadvertising.org.

Mobile devices: Note that these resources may not work to turn off cookies on mobile devices.
Every mobile device is different. Here are some resources for turning off cookies for popular
mobile browsers:
• Mozilla Firefox (Android)
• Google Chrome
• Apple Safari

7. Disclosure to Third Parties

Other than as described herein, we do not sell, trade, or otherwise transfer to third parties your personally identifiable information. We may share your Personal Information with our affiliated companies (Moroccanoil Israel, Moroccanoil Canada), as well as with trusted third parties who assist us in operating our Website, conducting our business and servicing you, including providers of hosting, cloud services and other information technology services providers for the management or hosting of the Website; payment processors; order and subscription management and fulfillment services; e-commerce platforms; rating and reviews platforms; email communication and customer support services; and web analytics, marketing and digital advertising services, so long as those parties agree not to use the information for their direct marketing purpose, to keep this information confidential and use appropriate security measures to protect your data. We may also disclose your information as required under applicable law, to enforce our Website policies, or to protect our or others’ rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses. In the event of a merger, acquisition, reorganization, bankruptcy, receivership, or sale or transfer of all or a portion of our assets, your Personal Information may be transferred to a successor or affiliate or other entity surviving out of the event.

8. Magento

Our online store is hosted on Magento, Inc., which provides us with the online e-commerce platform that allows us to sell our products and services to you. We encourage you to review Magento’s Terms of Service available at https://magento.com/legal/terms/website, and Privacy
Policy available at https://magento.com/sites/default/files/Magento-Privacy-Policy-CCPA-Updates.pdf.

9. California Consumer Privacy Act (CCPA)

Effective January 1, 2020, if you are a California resident, then you have the following rights:

1. You have the right to request that we disclose to you, not more than twice in a 12-month period, the personal information about you that we collect, use, and disclose during the 12-month period preceding your request, which shall include as follows:

• The categories of personal information that we have collected about you
• The categories of sources from which the personal information is collected
• The business or commercial purpose for collecting or selling that personal information
• The categories of third parties with whom we share that personal information
• The specific pieces of personal information we have collected about you

2. You have the right to request the deletion of the personal information that we have collected from you.

3. You have the right not to be discriminated against because you exercised your rights under this section of the Privacy Policy, and we will not discriminate against you for doing so.

For purposes of exercising your rights above, please note the following regarding how we collected and used your personal information during the 12 month period preceding the effective date of this Privacy Policy:

• We collect the categories of personal information as recited in this Privacy Policy in the section entitled “Information We Collect.”
• We disclose the following categories of personal information for a business purpose: Identifiers such as your first and last name, alias, postal address, IP address, and email address; payment information; commercial information; professional or employment-related information; Internet of other electronic network activity information; geolocation data; audio, electronic, visual or similar information.

We use the above categories of personal information for our legitimate interests, meaning our interests in conducting our business, fulfilling orders and processing transactions, and managing and providing services to you, which include the activities set forth in the above section of this privacy policy entitled “How Moroccanoil Uses Information.”

Effective January 1, 2020, if you wish to contact us to submit a request under the California Consumer Privacy Act, please contact us by email at privacy@moroccanoil.com or submit this form. You may have an authorized agent contact us to submit a request under the California Consumer Privacy Act; however, to do so, we require You (1) provide the authorized agent with signed permission to do so and (2) verify Your own identity. If the authorized agent is not an individual having power of attorney, We also require (3) You directly confirm that You provided the authorized agent permission to submit the request.

We may need to verify your identity to enable us to process your request. The verification process will include your receipt of an email with a secured link asking You provide us with the personal information requested and which we have on file for You. Such personal information
may include your name, your mailing address, date of birth, purchased items, and corresponding purchase totals. Disclosure and deletion is subject to our receipt of a verifiable consumer request and exceptions or limitations established by applicable laws and regulations. Disclosure and/or deletion will not be completed if a consumer request cannot be verified.

We offer our customers membership to the Moroccanoil Beauty Circle Loyalty Program (“Loyalty Program”), a loyalty program that provides certain perks such as exclusive gifts with purchase, early access to purchase new products, and free shipping on all orders. For a full list of benefits, please visit the Moroccanoil Beauty Circle website https://www.moroccanoil.com/us_en/beauty-circle .

In order to provide you with the perks described above, we use personal information about you including your name, phone number, email address, birthdate, purchase history, etc. to identify you as a member of the program and provide you with relevant messaging, experiences, and deals. These financial incentives are reasonably related to the value of the data you provide. Our Loyalty Program is considered a Financial Incentive Program pursuant to the CCPA. The value of your personal information to us is related to the value of the free or discounted products or services, or other benefits that you obtain or that are provided as part of the applicable Program. This value is based on the expense related to offering those products, services, and benefits to Program participants.

10. Nevada Online Privacy Law

If you are a Nevada resident, you have the right to submit a request directing us not to make any sale of personally identifiable information we have collected or will collect about you.  We do not sell your personal information.  To request confirmation that we do not sell your personal
information, please send an email to privacy@moroccanoil.com with “Nevada Privacy Information” in the subject line of your message.

11. California Minors Who Are Registered Users

If you are under the age of 18, reside in California and are a registered user of the Website, you have the right to request that we remove content or information you posted on the Website. Please send an email to privacy@moroccanoil.com with “California Minors Content Removal” in the subject line of your message.  Please note that our removal of content or information you posted may not ensure complete or comprehensive removal of the content or information.

12. Protecting Children’s Privacy

We are a general audience site. Our Website, products, and services are all directed to people who are at least 16 years of age or older. We do not knowingly collect, use or disclose any information from anyone under 16 years of age. We understand and are committed to respecting
the sensitive nature of children’s privacy online. If we discover that we have inadvertently collected information from anyone under 16 years of age, any information regarding that user will be promptly deleted. If you believe we might have any information from or about anyone
under 16 years of age, please contact us by using the information below.

13. Changes to Our Privacy Policy

Unless otherwise required by law, it is our policy to post any changes we make to our Privacy Policy on this page with a notice that the Privacy Policy has been updated on our Website home page. If we make material changes to how we treat the information collected from our users, we
will notify you through a notice on our Website home page. The date the Privacy Policy was last revised is identified at the top of the page. We may also notify you of any material changes by sending an email to you. You are responsible for periodically visiting our Website and this
Privacy Policy to check for any changes.

14. Contact Us

If you have any questions or concerns regarding this Privacy Policy or data processing, if you would like to change or access the Personal Information we have collected from you, or if you would like to make a complaint, you may contact us using the information below. You may also be able to refer a complaint to your local data protection regulator if you are not satisfied with
the way we handled your complaint.

Email: privacy@moroccanoil.com
Mailing Address: Legal Department; 5742 Ferrier Street, Montreal, QC. Canada H4P 1M7