Radi-Ence Privacy Policy

Below is a full-length privacy policy tailored to a small-batch skincare brand in Dracut, MA that sells nationwide via Squarespace and relies on Meta/Facebook Pixel, Google Analytics, email marketing, and standard payment processors. It reflects U.S. federal rules (FTC, CAN-SPAM, COPPA), Massachusetts data-breach law, the California Consumer Privacy Act (CCPA), the EU/UK GDPR, and 2025 updates to the Modernization of Cosmetics Regulation Act (MoCRA). Replace bracketed text with your specifics, drop the page into Squarespace, and add the link to your footer.

1. Who We Are

Radi-Ence LLC (“Radi-Ence,” “we,” “our,” “us”) operates www.radi-ence.com from [STUDIO ADDRESS, Dracut MA 01826]. We craft small-batch skincare products regulated as cosmetics under U.S. law. For privacy questions, email info@radi-ence.com.

2. Scope of This Policy

This policy explains how we collect, use, disclose, and safeguard personal information when you: (a) visit the Site, (b) purchase products, or (c) interact with our ads, emails, or social channels. By using the Site, you consent to these practices unless a stricter local law applies.

3. Information We Collect

Category Examples Source Identifiers name, postal address, email, phone you provide at checkout or signup Payment Data last four digits of card, tokenized transaction ID Stripe/Square; we never store full card numbers, per PCI DSS v4.0 Device & Usage IP address, browser type, pages viewed, clicks Squarespace cookies; Google Analytics Marketing Data Facebook Pixel event info, email-open rates Meta Pixel; Squarespace Email Campaigns Health & Allergy Notes (optional) skin sensitivities you volunteer in order notes you provide

We do not intentionally collect data from children under 13; see § 12.

4. How We Use Your Information

  • Order fulfillment & customer service (GDPR “contract” basis).

  • Email newsletters or SMS alerts with your consent; you may unsubscribe any time (CAN-SPAM compliant).

  • Personalised ads & analytics to improve the Site and measure campaigns (legitimate interest/consent where required).

  • Legal compliance & fraud prevention including MoCRA record-keeping for cosmetic safety.

5. Cookies & Similar Tech

We and our partners use first- and third-party cookies, pixels, and scripts to:

Tool Purpose Opt-Out Squarespace Core Cookies Site security & cart functionality Browser settings Google Analytics 4 Traffic insights; GA4 requires consent in the EEA/UK [cookie banner auto-loads] Meta/Facebook Pixel Ad attribution & retargeting; joint-controller under GDPR Adjust Ad Settings / cookie banner

Your first visit triggers a consent banner where required (GDPR/UK GDPR/ePrivacy). Declining non-essential cookies will not affect checkout.

6. Sharing & Disclosure

We share data only with:

  1. Service Providers (payment processors, shipping carriers, email platforms) bound by contract to process data solely on our instructions.

  2. Advertising & Analytics Partners listed above, to the extent you consent.

  3. Legal Authorities when required to comply with law, court orders, or to enforce our Terms.

We never sell personal information for monetary consideration. For California residents, we honour “Do Not Sell or Share” requests via the “Your Privacy Choices” link in the footer (CCPA).

7. Data Retention

  • Order records: 7 years (tax & accounting).

  • Email marketing lists: until you unsubscribe or after 24 months of inactivity.

  • Analytics & pixel data: 26 months or the shortest period allowed by the platform settings.
    We periodically anonymise or delete data that is no longer needed.

8. Your Rights & Choices

8.1 United States

  • Access / Deletion / Correction—email us; Massachusetts consumers may also complain to the AG’s Office.

  • CCPA (California): request to know, delete, or correct personal info; opt out of sharing.

  • Email Opt-Out: every marketing email contains an “unsubscribe” link, per CAN-SPAM.

8.2 EU/UK GDPR

If you are in the EEA, UK, or Switzerland you have rights to access, erase, restrict, port, or object to processing, and to lodge a complaint with your local Data Protection Authority.

9. Security

We use TLS encryption, secure server hosting, and industry-standard safeguards; payment data is processed only by PCI-DSS-compliant providers.

If we discover a breach involving Massachusetts residents, we will notify affected users and Massachusetts regulators without unreasonable delay, per M.G.L. c. 93H.

10. International Transfers

We may transfer information to the United States and other countries. Where required, we rely on Standard Contractual Clauses or your explicit consent.

11. Email & SMS Marketing

All promotional messages identify us, include our mailing address, and offer a one-click opt-out, satisfying the CAN-SPAM Act. We do not send SMS without prior express written consent as defined by the TCPA.

12. Children’s Privacy

Our Site is not directed to children under 13 and we do not knowingly collect their personal information. If we learn that a child under 13 has provided data, we will delete it as required by COPPA.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in law or our practices. The “Last Updated” date will change; revisions apply only to data collected after the new date.

14. Contact Us

Email info@radi-ence.com, use our Contact form, or write to [STUDIO ADDRESS, Dracut MA 01826].

Last Updated: May 26, 2025