Privacy Policy

This Privacy Policy explains how RATISKIN ("we", "us", or "our") collects, uses, discloses, and safeguards your personal information when you visit ratiskin.com (the "Site"), make a purchase, sign up for marketing, or otherwise interact with us. We operate primarily in Australia and New Zealand, and we also serve customers in other regions.

If you do not agree with this policy, please do not use the Site or our services. Where required by law, we will ask for your consent (opt‑in) before processing your information for specific purposes (e.g., marketing).

1) Information We Collect

Information you provide directly

  • Account, order, and support details (name, billing/shipping address, email, phone number, order contents, notes).

  • Payment information (handled by our payment providers; we do not store full card numbers).

  • Marketing preferences (email/SMS opt‑ins, survey responses, reviews/UGC you submit).

Information collected automatically

  • Device and usage data (IP address, browser type/version, time zone, language, cookie IDs, pages viewed, referring/exit pages, and interaction data).

  • Approximate location from IP (country/region level) to localize experience and detect fraud.

Information from third parties

  • Payment providers, analytics/advertising partners, and logistics partners may send us limited data necessary to complete your order, detect fraud, measure performance, or deliver marketing (if you’ve consented).

2) How We Use Your Information

We use your information to:

  • Provide the Service: process and deliver orders, returns, customer support, and account management.

  • Payments & Fraud Prevention: verify identity, detect, prevent, and investigate fraud or misuse.

  • Communications: send transactional emails (order confirmations, shipping updates) and respond to your inquiries.

  • Marketing (with consent where required): send email/SMS campaigns, personalized offers, and show ads on and off our Site.

  • Analytics & Improvement: understand how our Site is used, improve our products, services, and user experience.

  • Legal & Compliance: comply with applicable laws, enforce our Terms, protect our rights.

Legal bases (EEA/UK only): performance of a contract, legitimate interests (e.g., site security, analytics, fraud prevention), consent (e.g., email/SMS marketing), and compliance with legal obligations.

3) Consent & Your Choices

  • Transactional purposes: When you provide information to place an order or request a service, you consent to its use for that specific purpose.

  • Marketing emails: We send only if you opt‑in (or as permitted by law). You can unsubscribe anytime via the link in the email.

  • SMS/text marketing: Sent only with your explicit opt‑in. Message & data rates may apply. Frequency varies. Reply STOP to cancel and HELP for help. Consent is not a condition of purchase.

  • Withdraw consent: You may withdraw marketing consent or object to certain processing at any time; see Contact Us below.

4) Sharing & Disclosure

We share information with:

  • Service providers: e‑commerce platform (Shopify), payment gateways, fraud prevention tools, email/SMS platforms, analytics/advertising partners, fulfilment and shipping carriers, customer support tools—only to the extent necessary for their services and under appropriate safeguards.

  • Legal and safety: if required by law, lawful requests, to enforce our Terms, or to protect our rights, users, or the public.

  • Business transfers: in connection with a merger, acquisition, financing, or sale of all/part of the business, subject to standard confidentiality safeguards.

We do not sell your personal information. Where required (e.g., California), we offer choices regarding sharing for cross‑context behavioral advertising (see Your Rights below).

5) Platform & Payments (Shopify)

Our store runs on Shopify. Your data may be stored through Shopify’s secure infrastructure and is protected by industry standards and a firewall. For more details, see Shopify’s Privacy Policy and Terms.

If you choose a direct payment method, your card details are processed by our payment gateway(s) and Shopify Payments as applicable. Card data is encrypted and handled in compliance with PCI‑DSS. We retain only limited payment metadata required for records, refunds, and fraud prevention.

6) International Data Transfers

We may process and store data in countries outside your own (for example, the United States, Canada, the EU/UK, Australia, or New Zealand). Where required, we use lawful transfer mechanisms (e.g., Standard Contractual Clauses) and implement technical and organizational measures to protect your data.

7) Data Retention

We keep personal information only as long as necessary for the purposes described in this Policy (e.g., tax/audit, fraud prevention, warranty/returns). Typical retention: 7 years for order records (subject to local law). When no longer needed, we de‑identify or securely delete data.

8) Security

We follow industry best practices to protect your information against unauthorized access, alteration, disclosure, or destruction. Transmission of information over the internet is not completely secure; however, we apply safeguards including TLS/SSL, access controls, and encryption at rest where appropriate.

9) Cookies & Similar Technologies

We use cookies, pixels, and similar technologies to run the Site, measure performance, and personalize content/ads. Categories include:

  • Strictly necessary (e.g., session, cart, checkout).

  • Performance/Analytics (e.g., Shopify analytics, Google Analytics).

  • Advertising/Personalization (e.g., Meta/Google ads pixels).

You can manage cookies via your browser settings and (where available) our cookie banner preferences. Disabling some cookies may impact Site functionality.

Illustrative Shopify cookies: _session_id, _shopify_visit, _shopify_uniq, cart, _secure_session_id, storefront_digest.

10) Your Rights

Depending on your location, you may have rights to access, correct, update, delete, or port your personal information; to object to or restrict certain processing; and to withdraw consent.

  • Australia/New Zealand: You may request access/correction under the Privacy Act 1988 (AU) and the Privacy Act 2020 (NZ). You may complain to the OAIC (AU) or OPC (NZ) if unresolved.

  • EEA/UK (GDPR/UK GDPR): Rights of access, rectification, erasure, restriction, portability, objection, and the right to withdraw consent and lodge a complaint with your supervisory authority.

  • California (CPRA): Rights to know, delete, correct, and opt‑out of "sharing" for cross‑context behavioral advertising. We do not sell personal information. To exercise CPRA rights or opt‑out of sharing, contact us or use site controls where available.

We will respond to verifiable requests within the timeframes required by law.

11) Age of Use

By using the Site, you confirm you are at least the age of majority in your place of residence, or you are the age of majority and have consented to a minor’s use of the Site. We do not knowingly collect data from children.

12) Changes to This Policy

We may update this Policy from time to time. The updated version will be indicated by an updated date at the top and is effective when posted. If we make material changes, we will take reasonable steps to notify you (e.g., banner, email).

13) Contact Us

For questions, to exercise your rights, or to withdraw consent, contact our Privacy Officer:

Email: support@ratiskin.com
Postal: RatiSkin – Privacy Officer, [Add your business address]

If you are in the EEA/UK and wish to contact a supervisory authority, please see: https://edpb.europa.eu/about-edpb/board/members_en

Region‑Specific Notes

  • AU/NZ: We follow the Australian Privacy Principles and NZ Information Privacy Principles. Your data may be processed outside AU/NZ; where applicable, we take reasonable steps to ensure comparable safeguards.

  • EEA/UK: Where we rely on legitimate interests, we balance our interests against your rights and freedoms; you may object at any time. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

  • California: If you are a California resident, you may designate an authorised agent to submit requests on your behalf subject to verification.

Note for customers: For SMS marketing: "Reply STOP to cancel" and "Reply HELP for help" will appear in program messages; message frequency varies; message & data rates may apply.