Privacy Policy
Last Modified: 1/17/2025
Purpose
Celestial Aesthetics by Ciara (hereinafter “we,” “our,” “us”) is committed to protecting your
privacy and maintaining a quality online experience for our website users.
This Privacy Policy describes the type of personal information we may collect from you or that
you may provide when you visit www.celestialaestheticsomaha.com (hereinafter “Website”) and
our practices for handling, storing, and protecting that information as well as your rights in
relation to your personal information and how you can contact us and supervisory authorities in
the event you have questions about how we handle your personal information.
Privacy Policy Consent
Please read this Privacy Policy carefully and in its entirety before using our Website. If you do
not agree with our policies and practices regarding your personal information and how we will
treat it, your choice is to not use our Website. Your use of our Website constitutes your voluntary
acceptance to be bound by this Privacy Policy, whether you have read it or have had the
opportunity to read it and have chosen not to.
This Privacy Policy applies to the information we collect:
On this Website.
In email, text, and other electronic messages between you and this Website.
When you interact with our advertising on third party websites and services, if that
advertising includes links to this Privacy Policy.
It does not apply to information that is collected by:
Us offline or through any other means, including on any other website operated by any
third party (including our affiliates).
Any third party (including our affiliates) through any content (including advertising) that
may link to or be accessible from (or on) the Website.
Children’s Online Privacy Protection Act (COPPA)
This Website and any products and services offered herein are not intended for persons under the
age of 18.
We prohibit children under the age of 18 from using any and all interactive portions of this
Website, including leaving any comments, filling out forms, or otherwise submitting
information. A child’s parent or guardian should contact us if we have inadvertently collected
any information or content from that child without the parent or guardian’s authorization, so that
we may delete that information from our records.
CAN-SPAM Act of 2003
We have taken the necessary steps to ensure that we are in compliance with the Controlling the
Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act of 2003 and will not
send misleading information.
Personal Information We Collect
The type of personal information we collect depends on how you are interacting with us. We
generally collect the following categories of personal information:
Contact information, such as first and last name, email address, postal address, phone
number, and other similar contact data;
Medical History for required client intake forms;
Records and copies of your correspondence (including email address) if you contact us;
Details of transactions you carry out through our Website and of the fulfillment of your
orders. You may be required to provide financial information before placing an order
through our Website and we will use a third-party payment processor to process the
payment. We do not collect your credit card or debit card number, expiration date, or pin
number;
Comments, feedback, questions and other information you provide to us;
Details of your visits to our Website, including traffic data, location data, logs, and other
communication data and the resources that you access and use on the Website;
Information about your computer and internet connection, including your IP address,
operating system, and browser type.
See the definitions for “sale” and “sharing” referenced below in the How We Use the
Information/Lawful Bases section.
The CPRA has defined “sensitive personal information” as follows:
Social Security, driver’s license numbers, state identification card, and passport numbers;
financial account, debit card, or credit card numbers in combination with required
security or access codes, passwords, or credentials allowing access to an account;
account login in combination with required security or access codes, passwords, or
credentials allowing access to the account;
precise geolocation (i.e., information used or intended to be used to locate a consumer
within a geographic area equal to or less than approximately 1/8 square mile);
information about racial or ethnic origin, religious beliefs, philosophical beliefs, or union
membership;
contents of consumers’ mail, emails, or text messages, unless the business is the intended
recipient of that information;
genetic data;
the processing of biometric information for the purpose of uniquely identifying a
consumer; and
information collected and analyzed concerning a consumer’s health, sex life, or sexual
orientation.
If you process “sensitive personal information” and CCPA/CPRA apply to your business you
must include the following:]
Limit the Use of My Sensitive Personal Information [HYPERLINK TO YOUR INTERNET
WEB PAGE THAT EXPLAINS: (I) THE SENSITIVE PERSONAL INFORMATION YOU
COLLECT; (II) THE PURPOSES FOR COLLECTING IT; (III) WHETHER THE SENSITIVE
PERSONAL INFORMATION IS SHARED OR SOLD; AND (IV) THE LIMITATIONS ON
ITS USE AND DISCLOSURE. BE SURE THIS HYPERLINK IS ALSO INCLUDED ON
YOUR WEBSITE’S HOME PAGE.]
[AS A NOTE, IF YOU PROCESS SENSITIVE PERSONAL INFORMATION AND THE
COLORADO PRIVACY ACT (CPA), CONNECTICUT SB6, DELAWARE PERSONAL
DATA PRIVACY ACT (DPDPA), NEBRASKA DATA PRIVACY ACT (NDPA),
OREGON SB19, TEXAS DATA PRIVACY AND SECURITY ACT (TDPSA), AND/OR
VIRGINIA CONSUMER DATA PROTECTION ACT (VCDPA) APPLIES TO YOUR
BUSINESS (SEE THE TABLE ON THE LAST PAGES OF THIS DOCUMENT), YOU
MUST FIRST OBTAIN A CONSUMER’S CONSENT TO DO SO]
Sources of Personal Information
We collect personal information from you as follows:
You provide personal information to us when you:
Subscribe to or purchase our products and/or services;
Complete a contact or information request form. [OR]; and
We automatically collect personal information when you:
Visit, interact with, or use our Website;
Access, use, or download content from us; and
Open emails or click links in emails from us. [OR]; and
[any additional ways you may automatically collect personal information from a website
user]
[IF YOU USE THIRD PARTY COOKIES LIKE GOOGLE ADSENSE, FACEBOOK PIXEL,
ETC., YOU CAN INCLUDE THE FOLLOWING SENTENCE. IF NOT, THEN YOU CAN
OMIT IT:]
We collect personal information for third party advertisers that use cookies on our Website to
provide interest-based advertising. See the Interest-Based Advertising section below.
How We Use the Information/Lawful Bases
We process personal information about you on one or more of the following bases:
To perform a contract;
With your consent;
For our legitimate interests;
To comply with the law;
To protect someone’s life; and/or
Public Task.
We process personal information to:
Process and fulfill an order, download, subscription, or other transaction;
Carry out our obligations and enforce our rights arising from any contracts entered into
between you and us, including for billing and collection;
Respond to your requests, inquiries, comments, and concerns;
Notify you about changes to our Website or any products or services we offer or provide
through it;
Send marketing emails;
Inform you of and administer promotions, contests, sweepstakes or surveys;
Help us address problems with and improve our Website;
Protect the security and integrity of our Website;
Contact you for other business reasons, if necessary; and
Provide interest-based advertising.
We will not sell or share your personal information and have not done so in the last 12 months.
Use of Cookies
“Cookies” are small text files that are placed on a computer or other device and used to identify
the user or device and to collect information when you visit a website. Cookies may be set by the
website you are visiting (also known as “first party cookies”) or by third parties who provide
advertising or analytics services on the website (also known as “third party cookies”).
We use cookies for several different purposes.
[This Section should be revised to reflect what type of cookies you use, their purposes, a link to
third parties who install cookies as well as a link to their opt out site. Cookies are typically
assigned to one of four categories, depending on their function and intended purpose: absolutely
necessary cookies, performance cookies, functional cookies, and cookies for marketing purposes.
You’ll want to look into the cookies that you use on your website, including third-party cookies
like Google Analytics, Google AdSense, Facebook Pixel, etc. so that you can disclose them here.
You can visit the website for each optional third-party cookie that you use to obtain further
information about the cookie’s function, what information it collects, and how your website user
can opt out of it OR you can use a cookie tracking software that will scan your website and
provide this information for you and you can hyperlink the resulting Cookies Policy here.
Such software is helpful because if you use cookies that track personal information, you will
need to make sure that you are first obtaining your website viewer’s consent before they are
activated under the GDPR by using a cookie opt-in – and the software should provide it.
If you will be hyperlinking your Cookies Policy, you can include this text with “Cookies Policy”
hyperlinked, otherwise be sure to delete it:] Please see our Cookies Policy for more information.
You can disable cookies through your web browser’s settings, but disabling this function may
diminish your experience on our Website as some features may not work as intended.
Profiling
We use the personal information that we collect for profiling (i.e., automated processing of the
information to evaluate certain personal aspects of a natural person to predict their behavior and
make decisions regarding it) if it is authorized by legislation, if you have provided explicit
consent, or if it is necessary for entering into or performance of a contract.
When profiling, we will provide you with further information about the logic involved, your
right to obtain human intervention, the potential consequences of the processing, and your right
to contest the automated profile.
“Do Not Track” (DNT) Signals
Some browsers transmit Do Not Track (DNT) signals to websites.
Due to the lack of a common interpretation of DNT signals throughout the industry, we do not
currently alter, change, or respond to DNT requests or signals from these browsers.
[This Section should be revised to reflect how your website responds to DNT signals.]
How the Information is Shared
Depending on how you interact with us, we share information with our third-party service
providers, agents and representatives, including, but not limited to, [1] eCommerce platform
providers, payment processing providers, email service providers, IT service providers, security
and software service providers, in order to process the information as necessary to complete a
transaction, fulfill your request, or otherwise on our behalf based on our instructions and in
compliance with this Privacy Policy and any other appropriate confidentiality and security
measures.
We also will disclose your personal information if we have a good faith belief that such
disclosure is necessary to:
meet any applicable law, regulation, legal process or other legal obligation;
detect, investigate and help prevent security, fraud or technical issues; and/or
protect the rights, property, or safety of us, our Website, our users, employees, or others.
Our current third-party service providers include:
Information Retention
We retain your personal information for as long as necessary to fulfill the transactions you have
requested, or for other essential purposes such as complying with our legal obligations,
maintaining business and financial records, resolving disputes, maintaining security, detecting
and preventing fraud and abuse, and enforcing our agreements, or until such time as you let us
know you would like for us to delete it or unsubscribe from our marketing contacts.
Information Protection and Security
Our Website uses commercially acceptable security measures to prevent your personal
information from being lost, used, or accessed in an unauthorized way. We use a Secure Sockets
Layer (SSL) certificate and never transmit your credit card information via email. If you receive
an email from us that appears to be a request for personal information, do not respond because it
may be a phishing scam designed to steal your personal information.
Unfortunately, the transmission of information via the internet is not completely secure.
Although we do our best to protect your personal information, we cannot guarantee the security
of your personal information transmitted to our Website. Any transmission of personal
information is at your own risk.
Should there be a data breach, we will notify you when we are legally required to do so.
Your Rights to Control Your Information
You can unsubscribe from our email newsletters or updates at any time through the unsubscribe
links found in the communications you receive from us.
You can unsubscribe from our text message advertisements at any time by replying “Stop”
Local data protection laws may give you rights with respect to personal information if you are
located in or a resident of that country, state, or territory.
THESE RIGHTS ARE NOT GUARANTEED AND IT IS IMPORTANT FOR YOU TO
CONSULT YOUR LOCAL DATA PROTECTION LAWS TO DETERMINE WHAT
RIGHTS MAY BE AVAILABLE TO YOU.
These rights may include the following:
Right May Apply To
Right to disclosure/access (to know the
personal information collected about you and
request a copy)
Residents of California, Colorado,
Connecticut, Delaware, Iowa, Maryland,
Minnesota, Montana, Nebraska, New
Hampshire, New Jersey, Oregon, Texas,
Utah, Virginia, Australia, Canada, the
European Union and/or the European
Economic Area, and the United Kingdom
Right to correct/rectification (to have your
inaccurate personal information corrected)
Residents of California, Colorado,
Connecticut, Delaware, Maryland,
Minnesota, Montana, Nebraska, New
Hampshire, New Jersey, Oregon, Texas,
Virginia, Canada, Australia, Quebec, the
European Union and/or the European
Economic Area, and the United Kingdom
Right to erasure/deletion (to have all or
some of your personal information deleted
upon a verifiable request)
Residents of California, Colorado,
Connecticut, Delaware, Iowa, Maryland,
Minnesota, Montana, Nebraska, New
Hampshire, New Jersey, Texas, Oregon,
Utah, Virginia, the European Union and/or
the European Economic Area, and the United
Kingdom
Right to nondiscrimination (the right to
equal service and price even if you exercise
your rights)
Residents of California, Maryland,
Minnesota, Montana, Oregon, Texas, and
Virginia
Right to obtain a specific list of third
parties your personal information was
shared with
Residents of Minnesota and Oregon
Right to obtain a list of the categories of
third parties to which the business has
disclosed personal information
Residents of Maryland
Right to opt out of sale of personal
information
Residents of California, Colorado,
Connecticut, Delaware, Iowa, Maryland,
Minnesota, Montana, Nebraska, New
Hampshire, Nevada, Oregon, Texas, Utah,
and Virginia
Right to opt out of use of personal
information for the purposes of targeted
Residents of Colorado, Connecticut,
Delaware, Iowa, Maryland, Minnesota,
advertising Montana, Nebraska, New Hampshire, New
Jersey, Oregon, Texas, Utah, and Virginia
Right to opt of use of personal information
for profiling
Residents of Connecticut, Delaware, New
Hampshire, Oregon, and Texas
Right to question the results of profiling,
be informed of the reason that the profiling
resulted in the decision, and be informed of
what actions the consumer might take to
secure a different decision in the future as
well as the right to review the personal
information used in the profiling to correct
such information for the profiling decision
to be reevaluated based on the corrected
information.
Residents of Minnesota
Right to opt out of use of personal
information for profiling in furtherance of
decisions that produce legal or similarly
significant effects
Residents of Colorado, Maryland, Minnesota,
Montana, Nebraska, New Jersey, and Virginia
Right to limit use and disclosure of
sensitive personal information
Residents of California and Connecticut
Right to opt out of sensitive data
processing
Residents of Iowa
Right to data portability (to have your
personal information transferred to you or a
third party in machine-readable format, where
technically feasible)
Residents of Quebec, the European Union
and/or the European Economic Area, and the
United Kingdom
Right to data portability (to have your
personal information transferred to you in a
readily-usable format that lets you transmit
that information to a third party)
Residents of California, Colorado, Iowa,
Maryland, Minnesota, Montana, Nebraska,
New Hampshire, New Jersey, Oregon, Texas,
Utah, and Virginia
Right to data portability (to have your
personal information transferred to you in a
readily-usable format that lets you transmit
that information to a third party where
Residents of Connecticut
processing is carried out by automated
means)
Right to withdraw consent (to withdraw
your consent that we handle your personal
information at any time. The withdrawal of
your consent shall not affect the lawfulness of
processing based on your consent before its
withdrawal)
Residents of Canada, Quebec, the European
Union and/or the European Economic Area,
and the United Kingdom
Right to not identify yourself or of using a
pseudonym
Residents of Australia
Right to restriction of processing (to limit
the purposes that your personal information
may be used for)
Residents of the European Union and/or the
European Economic Area, and the United
Kingdom
Right to object (to object to the processing of
your personal information in cases where our
processing is based on direct marketing)
Residents of the European Union and/or the
European Economic Area, and the United
Kingdom
Right to stop unwanted direct marketing Residents of the European Union and/or the
European Economic Area, and Australia
Right to complain (to lodge a complaint with
competent authorities in the proper
jurisdiction if you are not content with how
we collect, share, and process your personal
information)
Residents of Canada, Australia, Quebec, the
European Union and/or the European
Economic Area, and the United Kingdom
Right to appeal (a decision made regarding
an exercise of rights)
Residents of Montana, Oregon, and Texas
These rights are not absolute and they do not always apply in all cases. We will honor your rights
under applicable data protection laws.
Exercising Your Rights
If you wish to exercise any of the rights specified above, please submit a request via email to:
Celestial.aesthetics@outlook.com
Please be sure to specify which right you want to exercise and provide us with enough
information to verify your identity. If we cannot verify your identity, we may not be able to
fulfill your request.
We will respond to your request within 30-45 calendar days of receipt, depending on where you
reside. We will notify you in writing via email if we need more time to respond.
We may deny your request if certain exceptions in the law apply. We will provide you the
reason(s) for denial in writing via email.
You have the right to appeal our decision with respect to your request to exercise your rights.
You may appeal the decision by emailing the address provided above in this section.
We will respond to your appeal within 30-45 calendar days of receipt, depending on where you
reside. We will notify you in writing via email if we need more time to respond.
Use and Transfer of Your Information Out of the European Economic Area (EEA) or
Canada
This Website is operated in the United States and the third parties with whom we might share
your personal information (as explained above) are also located in the United States or other
countries located outside the EEA and Canada.
If you are located outside of the United States, please be aware that any information you provide
will be transferred to the United States. By using this Website and/or providing your information,
you consent to this transfer.
Contact Us
If you have any questions, comments, complaints, or suggestions in relation to this Privacy
Policy or our privacy practices, please contact us by calling this toll-free telephone number: 402-
658-2801, or by email or postal mail:
Celestial.aesthetics@outlook.com
Ciara Bandars, owner of Celestial Aesthetics by Ciara
8717 Shamrock Road, Omaha, NE 68114
Changes to this Privacy Policy
The date this Privacy Policy was last revised is identified at the top of the page. It is our policy to
post any changes we make to our Privacy Policy on this page. If we make any material changes
to how we treat our Website users’ personal information, we will notify you of any such changes
by email (if you have provided your email to us) and/or by a prominent notice displayed on our
Website’s home page and updating the revised date of our Privacy Policy. We recommend that
you check this Privacy Policy when you visit our Website to be sure that you are aware of our
most current policy.
Please also read our Terms and Conditions of Use.
