This Privacy Policy describes how Haim International (“Haim,” “we,” “us,” or “our”) collects, uses, discloses, and protects your Personal Information when you visit or make a purchase from our website (http://www.haimaesthetics.com, the “Site”). We are committed to safeguarding your privacy and handling your data responsibly, in compliance with applicable laws, including the General Data Protection Regulation (GDPR), the South Korean Personal Information Protection Act (PIPA), the California Consumer Privacy Act (CCPA), and other relevant data protection regulations. This policy applies to all users, including healthcare professionals, patients, and customers.

 

1. Collecting Personal Information

We collect certain information about you when you visit our Site, make a purchase, or interact with our services. We refer to any information that can uniquely identify an individual (including the categories below) as “Personal Information.” Below is a detailed overview of the types of Personal Information we collect, the purposes for collection, the sources, and how we may disclose this information.

1.1 Device Information

• Examples of Personal Information Collected: Version of web browser, IP address, time zone, cookie information, pages or products viewed, search terms, and how you interact with the Site.  
  
  
• Purpose of Collection: To ensure the Site loads accurately for you, optimize Site performance, perform analytics to improve user experience, and enhance our services.  
  
  
• Source of Collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.  
  
  
• Disclosure for a Business Purpose: Shared with our service providers, including Shopify (our e-commerce platform provider—see Section 4 for more details) and other analytics or technology vendors (e.g., Google Analytics). You can read Shopify’s privacy policy at https://www.shopify.com/legal/privacy and Google’s privacy policy at https://policies.google.com/privacy?hl=en.
  
  

1.2 Order Information

• Examples of Personal Information Collected: Name, billing address, shipping address, payment information (e.g., credit card numbers, processed securely via encrypted channels), email address, and phone number.  
  
  
• Purpose of Collection: To provide products or services to you, fulfill our contractual obligations, process payments, arrange shipping, provide invoices or order confirmations, communicate with you, screen orders for potential risk or fraud, and, with your consent, send information or advertising about our products or services (e.g., medical aesthetics treatments, dermatological solutions).  
  
  
• Source of Collection: Collected directly from you during the purchase process.  
  
  
• Disclosure for a Business Purpose: Shared with our service providers, including Shopify, payment processors, shipping couriers (e.g., DHL, UPS, FedEx, TNT, Aramex), and, if necessary, regulatory or legal authorities (see Section 4).
  
  

1.3 Customer Support Information

• Examples of Personal Information Collected: Information you provide when contacting us for support, such as your name, order details, email address, phone number, and description of your inquiry. This may include sensitive health-related information (e.g., skin conditions, treatment history) if relevant to your inquiry, which we handle with heightened care under applicable health data regulations (e.g., HIPAA principles, PIPA).  
  
  
• Purpose of Collection: To provide timely and effective customer support, resolve issues, and improve our services.  
  
  
• Source of Collection: Collected directly from you via email, phone, or our Site’s contact forms.  
  
  
• Disclosure for a Business Purpose: Shared with our customer support team and, if necessary, third-party service providers assisting with support (e.g., CRM platforms), ensuring compliance with data protection laws.
  
  

1.4 Minors

• Policy on Minors: Our Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us at haim@haimintl.com to request deletion. We will respond promptly and take appropriate action to remove the data, in compliance with GDPR, PIPA, and other applicable laws.
  
  

2. Using Personal Information

We use your Personal Information to deliver our services, which include offering medical aesthetics and dermatological products for sale, processing payments, shipping and fulfilling orders, providing customer support, and keeping you informed about new products, services, or offers (with your consent, where required). Our use of your data is guided by the following principles: 

• Providing Services: Fulfilling your orders and ensuring seamless interaction with our Site.  
  
  
• Improving User Experience: Optimizing Site functionality, performance, and content based on analytics.  
  
  
• Marketing and Communications: Sending promotional materials or updates, subject to your preferences and applicable laws (e.g., opt-in consent under GDPR, PIPA, or CCPA).  
  
  
• Fraud Prevention and Security: Screening for potential risks or fraudulent activity to protect you and us.
  
  

2.1 Lawful Basis for Processing (GDPR)

If you are a resident of the European Economic Area (EEA), we process your Personal Information under the following lawful bases, as required by the GDPR:  

• Your Consent: For marketing communications or optional data collection (e.g., cookies for behavioral advertising).  
• Contractual Necessity: To fulfill our contract with you (e.g., processing orders, shipping products).  
• Legal Obligation: To comply with applicable laws, such as tax regulations or data protection requirements.  
• Vital Interests: To protect your health or safety in rare cases (e.g., urgent medical product issues).  
• Public Interest: For tasks carried out in the public interest, such as health-related reporting (if applicable).  
• Legitimate Interests: For purposes like fraud prevention, Site optimization, or business operations, provided these do not override your fundamental rights and freedoms.

You may withdraw consent at any time by contacting us (see Section 8), but this will not affect the lawfulness of processing based on consent before withdrawal.

 

3. Sharing Personal Information

 

We share your Personal Information with trusted service providers to help us provide our services and fulfill our contracts with you, as described above. Examples include:  

• Shopify: Our e-commerce platform provider powers our online store. You can read more about Shopify’s use of your Personal Information at https://www.shopify.com/legal/privacy.  
  
  
• Shipping Couriers: Partners like DHL, UPS, FedEx, TNT, and Aramex handle delivery of your orders, requiring access to shipping addresses and order details.  
  
  
• Payment Processors: Secure payment gateways process your payment information, ensuring encryption and compliance with PCI-DSS standards.  
  
  
• Analytics and Advertising Partners: We may share anonymized or aggregated data with partners like Google Analytics to understand Site usage and deliver targeted ads (see Section 5 for details).  
  
  
• Legal Compliance: We may disclose Personal Information to comply with applicable laws, respond to lawful requests (e.g., subpoenas, search warrants), or protect our rights, property, or safety.  
  
  
• Other Service Providers: [Insert any additional vendors, e.g., CRM tools, IT support, or marketing platforms, with their privacy policies linked if applicable.] 
  
  We do not sell your Personal Information to third parties for monetary gain, except as described under the CCPA (see Section 6.2).
  
  

4. Behavioral Advertising

We use your Personal Information to deliver targeted advertisements or marketing communications we believe may interest you, such as promotions for our medical aesthetics products or services. For example:  

• Google Analytics: We use Google Analytics to analyze how customers use our Site. You can learn more about Google’s privacy practices at https://policies.google.com/privacy?hl=en and opt out of Google Analytics at https://tools.google.com/dlpage/gaoptout.  
  
  
• Advertising Partners: We share information about your Site usage, purchases, and interactions with our ads on other websites with advertising partners. This may occur directly or through cookies, web beacons, or similar technologies (subject to your consent, depending on your location).

For more information on targeted advertising, visit the Network Advertising Initiative’s (NAI) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work. You can opt out of targeted advertising by adjusting your browser settings, using opt-out tools provided by NAI (http://www.networkadvertising.org/choices/), or contacting us (see Section 8).

5. Retention

 

• Data Retention: When you place an order or interact with our Site, we retain your Personal Information for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. Unless you request erasure (see Section 6), we will retain order information for our records for a period of [specify duration, e.g., 7 years, per South Korean tax laws or GDPR requirements].  
  
  
• Health-Related Data: Sensitive health information (e.g., skin conditions shared via customer support) is retained only as long as necessary for the specific purpose, with additional safeguards under HIPAA principles and PIPA, and deleted securely upon request or when no longer needed.

 

6. Your Rights

 

6.1 GDPR Rights (EEA Residents)

If you are a resident of the European Economic Area (EEA), you have the following rights under the GDPR:  

• Access: Request a copy of the Personal Information we hold about you.  
  
  
• Portability: Request that we transfer your Personal Information to another service provider.  
  
  
• Correction: Ask us to correct or update inaccurate or incomplete Personal Information.  
  
  
• Erasure: Request deletion of your Personal Information (“right to be forgotten”), subject to legal obligations.  
  
  
• Restriction: Limit how we process your Personal Information in certain circumstances.  
  
  
• Objection: Object to processing based on legitimate interests or for direct marketing purposes.  
  
  
• Automated Decision-Making: Object to decisions based solely on automated processing (including profiling) that have legal or significant effects, where applicable. We do not engage in fully automated decision-making with legal or significant effects using customer data, but Shopify uses limited automated decision-making for fraud prevention (e.g., temporary IP or credit card denylists—see Section 1 for details).

To exercise these rights, contact us at haim@haimintl.com or use the contact details in Section 8. Your Personal Information may be initially processed in Ireland (Shopify’s primary data center) and transferred outside Europe (e.g., to Canada, the U.S.) for storage and processing. For details on GDPR-compliant data transfers, refer to Shopify’s GDPR Whitepaper at https://help.shopify.com/en/manual/your-account/privacy/GDPR.

 

6.2 CCPA Rights (California Residents)

If you are a resident of California, you have the following rights under the CCPA:  

• Right to Know: Request access to the Personal Information we collect, use, disclose, or sell about you.
   
• Right to Portability: Request a copy of your Personal Information in a portable format.
   
• Right to Deletion: Ask us to delete your Personal Information, subject to certain exceptions.
   
• Right to Opt-Out of Sale: We do not sell your Personal Information for monetary gain. However, if we engage in activities that may be considered a “sale” under the CCPA (e.g., sharing data with advertising partners for targeted ads), you can opt out by contacting us at haim@haimintl.com or using the opt-out mechanisms described in Section 4.
   
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights (e.g., by denying services or offering different pricing).
  
  

To exercise these rights or designate an authorized agent, contact us at haim@haimintl.com or the address in Section 8. We do not sell Personal Information of minors under 16 without affirmative authorization, and we do not offer financial incentives for not selling information.

 

6.3 PIPA Rights (South Korean Residents)

If you are a resident of South Korea, you have rights under PIPA, including access, correction, deletion, and restriction of your Personal Information. To exercise these rights, contact us at haim@haimintl.com or the address in Section 8.

 

7. Cookies

• What Are Cookies?: A cookie is a small data file stored on your device when you visit our Site. We use cookies to enhance your browsing experience, remember your preferences (e.g., login, region), and analyze Site usage. Cookies may be functional, performance, advertising, or social media/content-related.  
  
  
• Types of Cookies We Use:

  •    Cookies Necessary for Site Functionality:  
  •    _ab: Used for admin access.  
  •    _secure_session_id: Facilitates navigation through the storefront.  
  •    cart, cart_sig, cart_ts: Support shopping cart and checkout processes.  
  •    checkout_token, secret: Used for secure checkout.  
  •    secure_customer_sig, storefront_digest: Enable customer login.  
  •    _shopify_u: Facilitates updating customer account information.
  
  
• Reporting and Analytics:  
  •    _tracking_consent: Stores tracking preferences.  
  •    _landing_page, _orig_referrer: Track landing pages.  
  •    _s, _shopify_fs, _shopify_s, _shopify_sa_p, _shopify_sa_t, _shopify_y, _y: Shopify analytics for understanding customer behavior and marketing.
  
  
• Cookie Duration: Session cookies last until you stop browsing, while persistent cookies remain on your device for 30 minutes to two years (or until deleted).  
  
  
• Managing Cookies: You can control cookies via your browser settings, often found in “Tools” or “Preferences.” Blocking or deleting cookies may impact your experience, potentially limiting access to certain Site features. For more information, visit www.allaboutcookies.org or consult your browser’s help file. Note that blocking cookies may not prevent all data sharing with third parties (e.g., advertising partners); see Section 4 for opt-out options.  
  
  
• Do Not Track: We do not alter our data collection practices in response to “Do Not Track” signals, as there is no consistent industry standard for handling these signals.

 

8. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or operational needs. Any updates will be posted on our Site with the revised “Effective Date.” We encourage you to review this policy regularly. Your continued use of our Site after changes constitutes acceptance of the updated policy.

 

9. Contact Us

For more information about our privacy practices, questions, complaints, or to exercise your rights (e.g., access, erasure, correction), please contact us:  

• Email: haim@haimintl.com
• Telephone: +82-2-2135-9117
• Mail: Haim International, 10, Seolleung-ro 90 gil, Gangnam-gu, Seoul, South Korea

 

Last Updated: February 18, 2025