Skip to content

Privacy Policy

Updated: October 30, 2022

1. Introduction.

This notice describes what information we collect, how we use and disclose this information, and the steps we take to protect your Personal Information (see below for the information we collect).  By visiting this Site, you are accepting the practices described in this Privacy Policy (“Policy”). This privacy statement applies to ELSI SKIN HEALTH, Inc. and to our controlled affiliates and subsidiaries (“ELSI”). References to our “services” in this Policy include our websites, apps, kits, devices, and other products and services. This Policy applies to our services that display or reference this statement.

For the convenience of our visitors, this website may contain links to a number of sites that we believe may offer useful information. This Policy does not apply to those sites. We suggest contacting those sites directly for information on their privacy, security, data collection, and distribution policies.

 2. What Personal Information is Collected.

(a) Personal Information You Provide to Us includes:

We collect any information you enter on our Site or that you give us in any other way. For example:

  • Contact information. We collect name, username or alias, email address, postal address, phone number, fax number.
  • Demographic data. In some cases, such as when you register or participate in surveys, we request that you provide age, gender, and similar demographic details.
  • Health and beauty information. We collect health, beauty, and skin-related information when you respond to a skin or health survey, use our microbiome test kit, or otherwise provide us with information about your skincare routine.
  • Payment information. If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.
  • Content and files. We collect the photos, documents, or other files you upload to our services; and if you send us email messages or other communications, we collect and retain those communications.

(b) Your Usage of Our Services:

We automatically track certain information about you based upon your use of our service, as well as from your interaction with emails that we send to you. For example:

  • Identifiers and device information. When you visit our websites, our web servers automatically log your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address); device type; and your device’s operating system, browser, and other software including type, version, language, settings, and configuration. As further described in the Cookies section below, our websites and online services store and retrieve cookie identifiers, mobile IDs, and other data.
  • Geolocation data. Depending on your device and app settings, we collect geolocation data when you use our apps or online services.
  • Usage data. We automatically log your activity on our websites, apps, and connected products, including the URL of the website from which you came to our sites, pages you viewed, how long you spent on a page, access times, and other details about your use of and actions on our website.

(c) Information we create or generate.

We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address. In addition, we generate information about your skin’s microbiome based on the sample you provide through our test kit.

(d) Information we obtain from third-party sources.

We also obtain information from third parties. These third-party sources include, for example:

  • Third-party partners. Third-party applications and services, including social networks you choose to connect with or interact with through our services.
  • Co-branding/marketing partners. Partners with which we offer co-branded services or engage in joint marketing activities
  • Service providers. Third parties that collect or provide data in connection with work they do on our behalf, for example, companies that determine your device’s location based on its IP address.

When you are asked to provide Personal Information, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.

(e) Cookies.

We use cookies, web beacons, mobile analytics, and advertising IDs, and similar technologies to operate our websites and online services and to help collect data, including usage data, identifiers, and device information.

What are cookies and similar technologies?

Cookies are small text files placed by a website and stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server.

Web beacons are electronic images (also called single-pixel or clear GIFs) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. We also include web beacons in our email messages or newsletters to tell us if you open and act on them.

Mobile analytics and advertising IDs are generated by operating systems for mobile devices (iOS and Android) and can be accessed and used by apps in much the same way that websites access and use cookies. Our apps contain software that enables us and our third-party analytics and advertising partners to access these mobile IDs.

How do we and our partners use cookies and similar technologies?

We, and our analytics and advertising partners, use these technologies in our websites, apps, and online services to collect Personal Information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) when you use our services, including Personal Information about your online activities over time and across different websites or online services. This information is used to store your preferences and settings, enable you to sign in, analyze how our websites and apps perform, track your interaction with the site or app, develop inferences, deliver, and tailor interest-based advertising, combat fraud, and fulfill other legitimate purposes.

We and/or our partners also share the information we collect or infer with third parties for these purposes.

To learn about their privacy practices and how to opt-out of their use of cookie data for targeted advertising purposes, click on the links above. You may also use the advertising and cookie controls described below.

What controls are available?

These choices are specific to the browser you are using. If you access our services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.

  • Browser cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.
  • Mobile advertising ID controls. iOS and Android operating systems provide options to limit tracking and/or reset the advertising IDs.
  • Email web beacons. Most email clients have settings that allow you to prevent the automatic downloading of images, including web beacons, which prevent the automatic connection to the web servers that host those images.
  • Do Not Track. Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is no common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use a range of other tools to control data collection and use, including the cookie controls and advertising controls described above.

3. How and When the Information is Used.

We may use your information to provide basic functionality on our Site, such as displaying appropriate product recommendations, processing, and fulfilling your subscription, analyzing your microbiome, communicating about orders and their status, and personalizing the customer experience where possible.

We may also use your information to contact you for informational or promotional purposes and provide customer service to you.

We may use information collected to determine user demographics, interests, and behavior and may market ELSI products using this information, or by sharing it with partners.

We will use your information in order to maintain a safe and secure service, including using your information to prevent and mitigate fraud or other harms and perform quality control.

We may use your personal and health information, including your sample and microbiome results, for product and scientific research and development. This includes improving existing product offerings, developing new products, partaking in scientific, generalizable research, or developing and commercializing the results of our research.

Your Personal Information may be combined with other Personal Information from other sources. This information may be shared with service providers that perform analytics to help us improve our products and site, process our test kits, market our services, and identify new potential customers. Our marketing service providers may share your name and contact information with their partners, but they will not identify you as an ELSI customer. We may also share this Personal Information with third parties with whom we offer co-branded or joint product and service promotions, but will be done so only under a confidentiality agreement at least as restrictive as the privacy provisions contained in this Privacy Policy. If you prefer that we do not use and share your information for third-party marketing, please email us at [email protected]

ELSI may share de-identified, non-Personal Information with third parties, as permitted under applicable law.

ELSI reserves the right to determine the form and means of providing notifications to our users, such as by phone, text, email, or mail. By providing ELSI with your email, phone number, and postal address, you consent to our use of such contact information to send you notices. You may opt-out of certain notifications by using the unsubscribe link found at the bottom of the email to opt-out of receiving future emails, replying STOP to text messages, emailing us a request at [email protected], or changing your account settings. To stop receiving notices, you can also send us a request by mail to:

953 Indiana St
San Francisco CA 94107

4. Sharing Your Information.

We share Personal Information with your consent or as necessary to complete your transactions or provide the services you have requested or authorized.  In addition, we share Personal Information for the following purposes:

  • Public information. You may select options available through our services to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content, files, or geolocation data.
  • Service providers. We share Personal Information with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we’ve hired to provide customer service support or assist in protecting and securing our systems and services may need access to Personal Information to provide those functions.
  • We may disclose Personal Information to our partners who conduct joint activity with us. This information will be used solely for the purpose of personalization of the products and services by our partners, such as for product recommendations, ingredient recommendations, or recommendations for microbiome-friendly routines.
  • Financial services & payment processing. When you provide payment data, for example, to make a purchase, we will share payment and transactional data with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services.
  • Corporate transactions. We may disclose Personal Information as part of a corporate transaction or proceeding such as a merger, financing, acquisition, bankruptcy, dissolution, or a transfer, divestiture, or sale of all or a portion of our business or assets.
  • Legal and law enforcement. We will access, disclose, and preserve Personal Information when we believe that doing so is necessary to comply with applicable law or respond to valid legal processes, including from law enforcement or other government agencies.
  • Security, safety, and protecting rights. We will disclose Personal Information if we believe it is necessary to:
    • protect our customers and others, for example, to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone; 
    • operate and maintain the security of our services, including preventing or stopping an attack on our computer systems or networks; or 
    • protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.

5. How We Protect Your Personal Information.

The security of your Personal Information is important to us. When you provide sensitive information (such as a credit card number), we encrypt that information using secure socket layer technology (SSL). We follow generally accepted industry standards to protect the Personal Information submitted to us, both during transmission and once we receive it.

However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee the absolute security of such information. If you have any questions about security on our Site, please contact us at [email protected]

6. California Privacy Notice

California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, email us a request at [email protected]

Please be aware that your request does not guarantee the complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. 

Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided Personal Information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed Personal Information to any third parties for the third parties’ direct marketing purposes. 

We comply with this law by offering our customers a choice about the disclosure of Personal Information to third parties for their direct marketing purposes, and you can make or change such a choice by emailing us at [email protected]

7. Changes to Privacy Policy.

If our Privacy Policy or procedures change, we will immediately post those changes to our website. Any such changes will be effective 30 days from the time such new policies are posted unless otherwise stated in the change.

8. Effective Date

This Privacy Policy is effective as of August 1, 2022.

9. Contact

If you have any questions, please contact us at [email protected]