Privacy & Cookies

Privacy policy

Last revised: January 2025.

This AHAVA Dead Sea Laboratories Ltd. (hereinafter: “AHAVA” or “We” or "Our") Privacy Policy ("Privacy Policy") outlines the types of Personal Data collected from end users and visitors (hereinafter: "you" or "yours") of our website www.ahava.com and related sales and marketing services (collectively, the "Services"), as well as the purpose and method of collection, use, sharing, and retention of such Personal Data.

Please read this Privacy Policy carefully. By using the Services, you agree to our Terms of Service into which this Privacy Policy is integrated and made part of. If you do not agree to this Privacy Policy, please do not use our Services. Your continued use of the Services following the posting of changes to this Privacy Policy will be considered your acceptance of those changes.

1. What types of Personal Data we collect.

“Personal Data” or "Personal Information" means data that identifies you as an individual or relates to an identifiable individual. We collect Personal Data, such as:

· Contact and account information, such as your full name, email address, password, mailing address, phone number, date of birth, ID number, governmental-issued ID

· Geo-Location information, such as your country of residence, delivery address, preferred language and other location-based information.

· Payment information, such as your credit card number or payment account details.

· Communication information, such as information submitted to us via support, or other requests or recommendations, including via our dedicated AI-powered Beauty Advisor available on our website.

· Usage and technical information about your interaction with us, such as IP address, unique device identifiers and information.

“Other Data” means data that does not reveal your specific identity or does not relate to an individual directly. We collect Other Data, such as, browser and device data including data collected through cookies, aggregated data relative to your geographical position and responses to promotional offers (landing pages) and surveys.

In some instances, we may combine Other Data with Personal Data (such as combining your name with your location). If we do so, we will treat the combined data as Personal Data as long as it is combined.

If you submit any Personal Data regarding other people for us or our service providers, you hereby agree that you have the authority to do so and you permit us to use the data in accordance with this Privacy Policy.

2. How We Collect Personal Data and Other Data.

We collect Personal Data and Other Data in a variety of ways:

· Online Services. We collect Personal Data when you register to AHAVA's website, communicate with us by email, send a request, or otherwise connect with us through social media pages, or sign up for a newsletter or participate in marketing campaigns and/or surveys.

Offline channel. We collect Personal Data when you visit in AHAVA's exhibitions and when you attend promotional events that we host or in which we participate.

· Automatic Information: When you use or interact with our website and/or use other online services, we receive and store information generated by your activity and information automatically collected from your browser or mobile device. For example, like many websites, we obtain certain information when your web browser accesses our website including your IP address, device type, browser type, operating system, sites that were accessed during your visit, pages viewed and access dates. This information helps us to communicate with our customers and provide them with our services and products.

· Aggregated Data: We may aggregate data that we collect and this aggregated data will not personally identify you or any other user.

3. Use of Personal Data and Other Data.

Privacy laws require us to have a valid lawful basis in order to process your Personal Data. This section explains for what purposes we may use your Personal Data and outlines the legal bases that underlie our usage.

Purpose	Legal basis
Provision of our Services; support. We use your Personal Data, such as your name and email address, to provide you with our Services and provide customer support. This includes, for example, allowing you to log-in or responding to your inquiries. We may also use your Personal Data for the purposes of planning, performing and managing the contractual relationship with Business Partners, e.g. by performing transactions and orders of products or services, accounting, auditing, billing and collection activities, arranging shipments and deliveries, and facilitating repairs.	The legal bases for processing this data are the performance of our contractual towards you; your consent (for example, when you voluntarily provide your Personal Data); and our legitimate interests. Our legitimate interests in this case are provision of our Services and supporting our customers.
Payments. Certain Services we provide may be provided subject to payment. To the extent applicable to you - we will collect from our third-party payment processors certain information about your payment instruments, for the purposes of fulfilling orders and transaction completion, connecting your payment method to your account on the Services, billing and sending invoices	The legal bases for processing this data are the performance of our contractual obligations; and our legitimate interests. Our legitimate interests in this case are provision of our Services and compliance with legal obligations to which we are subject.
Improve our Services. We collect and analyze information about you and your usage of our Services for the purposes of usability, quality, functionality and effectiveness of our Services, including debugging to identify and repair errors and undertaking internal research for technological development and demonstration.	The legal basis for processing this data is our legitimate interest. Our legitimate interests in this case are providing and improving our Services.
Marketing and Newsletter. We may collect your Personal Data for the purpose of administrating and performing customer surveys, marketing campaigns, market analysis, sweepstakes, contests, or other promotional activities or events. When you sign up to our newsletter or other marketing materials, you will be requested to provide your name and email address. We will use your email address in order to send you our newsletter and other marketing materials.	The legal basis for processing this data is our legitimate interest. Our legitimate interests in this case are providing and improving our Services. Where applicable, we will process such data subject to your consent. You may withdraw consent at any time through the “unsubscribe” link within the email or by contacting us here.
Correspondence Data. We may process information contained in or relating to any communication that you send to us. The correspondence data may include the communication content and metadata associated with the communication (such as groups, meetings and events). The correspondence data may be processed for the purposes of communicating with you and record-keeping. Correspondence data may also be used for communicating with business partners about products, services of AHAVA we think may be of interest to you including sending you important information regarding our website, changes in our terms, conditions, policies, or other administrative issues. (e.g. by responding to requests or providing you with technical information about purchased products);	The legal basis for processing this data is our legitimate interest. Our legitimate interests in this case are providing and improving our Services. Where applicable, we will process such data subject to your consent.
Legal Matters. We may use certain Personal Data to protect the security of our Services prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the Website, to enforce our legal terms and conditions, to protect the security or integrity of our databases, and to take precautions against legal liability.	Such processing is based on our legitimate interests, which in this case are protecting our Services and data, exercising our legal rights, and complying with our legal obligations.
Compliance with Applicable Laws. We process your Personal Information in order to comply with our legal obligation under applicable laws.	The legal bases for processing this data are compliance with our legal obligations and our legitimate interests. Our legitimate interests in this case are compliance with our legal obligations and assisting law enforcement agencies.

We may use some or all of the Personal Data and Other Data in order to perform certain statistical calculations, some of which may be presented on the website or other services; In any case, these calculations shall not include any personally identifiable information or details.

4. With Whom We Share Your Data?

We share your Personal Data as descried below:

With subcontractors and third party service providers who assist us in providing our Services, these include but are not limited to:
Mirage – provides provide IT services to AHAVA and processes such data only for the purpose of such services (e.g., hosting or IT maintenance and support services).
Rakuten Advertising - may collect personal information when you interact with our site. The collection and use of this information is subject to Rakuten’s privacy policy. To submit opt-out requests, please click here.
Saywhatt - We may collect any Personal Data you provide when you interact with our Advisor. This Personal may be shared with the provider of the Advisor, Saywhatt.
We use third party for fulfilment and payment services. Therefore personal data may be shared with the third party for the matter of transactions.
Our marketing and advertisement partners, to provide you with more-relevant ads on our site and to encourage you to return to our site including taking part in our exhibitions.
Companies within our group and other affiliated companies.
We may share your data if we enter into a business transaction such as an investment, merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets. Any party that acquires some or part of our assets as part of such a transaction may continue to use your data in accordance with the terms of this Policy.
We may disclose any data about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.
We may also disclose Personal Data as we believe to be necessary or appropriate: (a) to enforce our terms and conditions; (b) to protect our operations; (c) to protect the rights, privacy, safety or property of AHAVA, of you or of others; and (d) to allow us to pursue available remedies or limit the damages that we may sustain.

5. Cookies and Other Tracking Technologies.

We may use cookies and other technologies or methods of web and mobile analysis (“Tracking Technologies”) to gather, store, and track certain information related with your access to and activity through the Services, including when you visit our Site. We do so to understand site usage and to improve the content and offerings on our Services, and also to personalize your experience at our web pages and to offer you relevant products, programs, or services as well as interest-based or targeted advertising.

A "cookie" is a small piece of information that a website assigns to your device while you are viewing a website. Cookies are very helpful and may be used for various different purposes. These purposes include, among other things, allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences and making the interaction between you and the Services quicker, easier and smoother. Cookies, by themselves, do not expose your personally identifiable information unless you choose to provide this information to us (by, for example, registering for one of our Services). However, once you choose to provide the Site with your personally identifiable information, this information may be linked to the data stored in the cookie.

We use Google Analytics cookies in order to collect information about how visitors use our Site. We use the information to compile reports and to help improve our Services. These cookies collect information, for example determine the number of visitors, from where the visitors come to the Site and what buttons the visitor clicked. To learn more about and manage the Tracking Technologies we use, please click here.

To read Google’s privacy policy in respect of Google Analytics click here to opt out of Google analytics click here. Google cookies also include Google AdWords & DoubleClick cookies for marketing, advertising & remarketing. These enable to recognize visitors on the websites of our advertising partners and to address them with interest-related information or ads. To find out about Googles double-click cookies click here.

Disabling and Managing Cookies

There are various ways in which you can manage and control your Tracking Technologies settings. Please remember that, by deleting or blocking Tracking Technologies, some of the features of the Services may not work properly or as effectively.

Below are some links to some commonly used web browsers. Information about cookies is usually found in the "Help" section of the web browser.

For other browsers, please consult the documentation that your browser manufacturer provides.

Mobile Devices - You can-opt out of certain types of interest-based advertising (or “cross-app” advertising), by accessing the “settings” on your device:

If you're using an Apple device you can configure your device to limit ad tracking to by clicking on "settings" > "privacy" > "advertising" and toggling "limit ad tracking" to ‘on.’

If you're using an Android device you can opt out of most app-based tracking for advertising by opening the "Google Settings" app on your device, selecting "Ads", and then selecting the option to opt-out of interest-based ads.

Please note that the above information may change when the above manufacturers updates their systems. Also note, that your device may use another platform, not described above. In that case, please consult the manufacturer documentation for further instructions.

You can also turn off certain third party targeting and advertising cookies by visiting the following link: Network Advertising Initiative.

In addition, you can change your preferences using our cookie settings tool . However, please note that this tool may only be available in certain jurisdictions.

6. Your Rights

Certain jurisdictions provide individuals with certain statutory rights to their Personal Data. You may have the right to certain actions to your Personal Data such as:

To receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with certain supplementary information.
To receive Personal Data you directly volunteer to us in a structured, commonly used and machine-readable format.
To request rectification of your Personal Data that is in our control.
To request erasure of your Personal Data.
To object to the processing of Personal Data by us.
To request to restrict processing of your Personal Data by us.
To object to the processing of Personal Data for direct marketing.
To object to the processing of Personal Data when such processing is based on our legitimate interests.

However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements. If you wish to raise a complaint on how we have handled your Personal Data, you can contact us at the contact details available below. If you are not satisfied with our response or believe we are collecting or processing your Personal Data not in accordance with applicable laws, you can file a complaint to the applicable data protection authority.

7. US residents.

This part of the Privacy Policy addresses the specific disclosure requirements under the applicable laws pertaining to data privacy, data security, and the protection of Personal Information in the United States, including in California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Florida, Delaware, New Hampshire, New Jersey, Iowa, and Montana (collectively, "State Laws"). .

7.1 What information we process

In the preceding 12 months, we have collected, and or disclosed the following categories of Personal Information:

Category of Personal Information Collected	Personal Information Collected	Categories of recipients to whom Personal Information was disclosed
Identifiers	Full name, email address, social media identifiers, username, birthdate, IP address, MAC, UDID	Affiliated companies Advertising networks Service providers
Personal Information Categories listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e))	Telephone number, debit or credit card number, passport or other government or state ID card number	Affiliated companies Advertising networks Service providers
Internet or Other Electronic Network Activity Information	Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.	Affiliated companies Advertising networks Service providers
Geolocation Data (non-percise)	Geolocation	Affiliated companies Advertising networks Service providers

7.2 Sources of Personal Information

In the 12 preceding months, we have collected the above-mentioned categories of Personal Information from the following categories of sources:

Consumer directly;
Advertising networks;
Social Networks

We do not "sell" or "share" Personal Information about our users (as these terms are defined under State Laws). However, we do disclose Personal Information to allow certain third-party advertising partners to collect information about consumers through our Services for purposes of serving ads that are more relevant, for ad campaign measurement and analytics, and for ad fraud detection and reporting. Please see our "Cookies and Tracking Technologies" section above for more information.

7.3 User rights under State Laws

State Laws provide consumers with specific rights regarding their Personal Information. This section describes the rights you may have under these laws and explains how to exercise those rights.

Access to Personal Information

You may request that we disclose to you the categories and specific pieces of Personal Information that we have collected about you, the categories of sources from which your Personal Information is collected, the business or commercial purpose for collecting your Personal Information, the categories of Personal Information that we disclosed for a business purpose, any categories of Personal Information about you that we sold, the categories of third-parties with whom we have shared your Personal Information, and the business or commercial purpose for selling your Personal Information, if applicable.

Deletion Requests

You have the right to request that we delete any Personal Information collected from you and retained, unless an exception applies.

Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers, subcontractors, and consultants to delete) your Personal Information, unless an exception applies.

Right to Opt-Out of the Selling or Sharing of Personal Information

In the event that we sell or share your Personal Information, you have the right to submit a request to opt-out of the sale of your Personal Information. You may change your decision at any time and permit us to sell your Personal Information.

After you opt-out, we may continue to share some Personal Information with our partners (who will function as our service providers in such instance) to help us perform business-related functions such as, but not limited to, providing the Services, ensuring that the Services is working correctly and securely, providing aggregate statistics and analytics and/or preventing fraud.

Right to non-discrimination

You have the right to be free from any discrimination for exercising your rights under State Laws. Should you exercise any of your rights under State laws, we will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of services, based solely upon your request. However, in some circumstances, for example where you have requested or consented to our Services that use your Personal Information to provide the service, we may not be able to provide a service if you choose to delete your Personal Information.

Right to Limit Use of Sensitive Personal Information

In the event that we use or disclose Sensitive Personal Information about you, you may have the right to limit such use subject to applicable regulation.

6.1 Exercising Your Rights

You can exercise your rights by submitting a verifiable consumer request to our physical address (as written below in the "Contact Us" section) or to our email address: shopus@ahava.com.

Only you or a person authorized to act on your behalf may make a consumer request related to your Personal Information.

The request must:

Provide sufficient information to allow us to reasonably verify you are the person about whom we collected Personal Data or an authorized representative.
Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Data if we cannot verify your identity or authority to make the request and confirm the Personal Data relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Data provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

Under certain jurisdictions, you have the right to appeal a rejection to your request. The appeal request shall be submitted through our Data Privacy Officer's email address: support-it@ahava.com

If your appeal is denied, certain jurisdictions allow you to submit a complaint via the local attorney general, in accordance with the details below:

Jurisdiction	Communication Method
Virginia	Available Here
Colorado	Available Here
Connecticut	Available here
Texas	Available here
Oregon	Available here
New Hampshire	Available here
Iowa	Available here
Montana	Available here

7.4 Designating Agents

You can designate an authorized agent to make a request on your behalf if:

The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and
You sign a written declaration that you authorize the authorized agent to act on your behalf.

If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below.

If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent.

8. Security

We implement reasonable administrative, organizational and technical safeguards and security measures to protect Personal Data from unauthorized access, disclosure, destruction or alteration, accidental loss, misuse or damage. We regularly review and monitor such safeguards and security measures.

When disclosure of data to third parties is necessary and authorized, we ensure that these third parties guarantee the same level of data protection as that offered to them by us and requires contractual guarantees so that the data are exclusively processed for the purposes you have previously accepted, and with the required confidentiality and security.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please immediately notify us in accordance with the “Contact Us” section, below.

9. Retention

To the extent permissible by applicable law, we will retain your Personal Data for such period as necessary to satisfy or to fulfill the following:

The purposes for which that Personal Data was provided.
An identifiable and ongoing business need, including record keeping.
A requirement to retain records that may be relevant to any notified regulatory investigations or active legal proceedings.
Comply with any applicable law, regulation, legal process, including, without limitation, court orders and/or compulsory disclosures required by governmental authorities.
Fulfill legitimate interests of AHAVA and third parties, such as, defend in cases of legal procedures etc.

10. Sensitive Data

Unless specifically requested, we recommend that you don't send us, or disclose, on or through the Services or otherwise, to us, any Sensitive Personal Data (data related to racial or ethnic origin, political opinions, religion, ideological or other beliefs, health, biometrics or genetic characteristics, criminal background, trade union membership, administrative or criminal proceedings and sanctions).

11. Minors

AHAVA does not knowingly collect or solicit Personal Data from anyone under the Age of Majority (as determined under the applicable laws where the individual resides; “Age of Majority”). By accessing, using or interacting with our Services, you certify to us that you are not under the age of eighteen (18) and not under the Age of Majority at your jurisdiction of residency.

In the event that we learn that we have collected Personal Data from an individual under the Age of Majority without parental or legal guardian consent, we will delete that information upon discovery. If you believe that we might have any information from or about an individual under the Age of Majority, then please contact us.

12. Updates to Our Privacy Policy.

We are entitled to change and update this Privacy Policy from time to time, at our sole discretion, without having to provide notice thereof. Responsibility for becoming familiar with the changes, if any, made by this Privacy Policy is your responsibility. If required under applicable law, we will review this Privacy Policy every twelve (12) months.

13. Contact Us.

If you have any questions or concerns regarding this Privacy Policy and Cookie Notice, please contact us.

14. SMS Marketing

We value your privacy and the information you consent to share in relation to our SMS marketing service. We use this information to send you text notifications (for your order, including abandoned checkout reminders), text marketing offers, and transactional texts, including requests for reviews from us.Opt-in data and consent for text messaging will not be shared with any third parties except for messaging partners,for the purpose of enabling and operating our text messaging program.

Opt-in data and consent for text messaging will not be shared with any third-parties except for messaging partners, for the purpose of enabling and operating our text messaging program.

Our website uses cookies to keep track of items you put into your shopping cart, including when you have abandoned your checkout. This information is used to determine when to send cart reminder messages via SMS.