click here to book all your hair and lash appointments!

book online

Privacy Policy

Last updated: September 11, 2025

JOS Studios (“JOS Studios,” “we,” “us,” or “our”) operates this website (the “Site”) to sell physical products online. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our Site, make a purchase, or interact with us. This Policy applies to product sales only; we do not sell salon services or memberships on this Site.

By using the Site, you consent to the practices described here, in accordance with applicable laws (including Canada’s PIPEDA and, where applicable, the GDPR and CCPA/CPRA).

1) Who we are & how to contact us
Controller: JOS Studios, Toronto, Ontario, Canada
Email: info.josstudios@gmail.com
To exercise privacy rights or ask questions, email us. If we cannot resolve your concern, you may contact the Office of the Privacy Commissioner of Canada (OPC).

2) What we collect
We collect information you provide directly and data collected automatically:
A. Information you provide

Account & identity data: name, email, phone number, billing/shipping address.
Order & transaction data: items purchased, order value, delivery details, communications with us.
Payment data: processed by our payment providers (e.g., card brand, expiry, last 4). We do not store full card numbers; our processors handle and secure payment details.
Communications & UGC: product reviews, messages, survey responses, support requests, photos you upload.

B. Information collected automatically

Device & usage data: IP address, browser type, device identifiers, pages viewed, referring/exit pages, timestamps.
Cookies & similar technologies: for essential functionality (cart, checkout), analytics (e.g., site performance), and (optionally) advertising/retargeting. See Section 9 (Cookies).

C. Information from third parties

E-commerce & payment providers, shipping partners, fraud-prevention services, analytics/ads platforms (if enabled).

3) Why we use your information (purposes)

Process orders & deliver products (order confirmation, shipping, returns, refunds).
Customer support & communications (respond to inquiries, service messages).
Account management (remember preferences, saved addresses).
Site performance & security (fraud detection, abuse prevention, debugging).
Legal & compliance (invoices, taxes, recordkeeping).
Analytics & improvement (understand traffic, improve products and UX).
Marketing (optional) (newsletters, promotions), only with your consent or as allowed by law (see CASL/GDPR/CCPA sections).

Legal bases (GDPR, where applicable): performance of a contract (orders), legitimate interests (security, improvement), consent (marketing cookies/emails), legal obligations (tax, accounting).

4) Sharing your information
We share data only as needed to run our store and comply with law:

Service providers / processors: e-commerce platform/hosting, payment processors (e.g., Stripe/PayPal/Shop Pay), shipping carriers, email/MMS providers, customer support tools, analytics and (if used) advertising platforms. They may access personal information solely to perform services for us and under contractual confidentiality/security obligations.
Fraud prevention & security: tools that help detect/mitigate fraud or abuse.
Business transfers: in a merger, acquisition, financing, or sale of assets.
Legal compliance: to comply with law, enforce our Terms & Conditions, or protect rights, property, and safety.

We do not sell your personal information.

5) Payments
Payments are processed by third-party providers. JOS Studios does not store full payment card numbers or CVV. Your use of a payment method may be subject to the provider’s privacy policy and terms.

6) Retention
We keep personal information only as long as necessary for the purposes above:

Orders/transactions: typically 7 years (tax and accounting).
Support messages: as long as needed to resolve and for quality assurance.
Marketing data: until you unsubscribe or withdraw consent, or after a defined inactivity period.
Cookies: per the lifetimes noted in Section 9 or your browser settings.
When no longer needed, we securely delete or anonymize the information.

7) Security
We implement administrative, technical, and physical safeguards designed to protect personal information (e.g., encryption in transit, access controls, least-privilege access). No method of transmission or storage is 100% secure; residual risk remains.

8) Your choices & rights
Email & SMS marketing (CASL/GDPR): You can opt out anytime using unsubscribe links or by emailing us. Transactional emails (e.g., order confirmations) will still be sent.
Cookies: Manage cookies via our cookie banner (if shown), your browser settings, or device controls (see Section 9).
Access, correction, deletion (PIPEDA/GDPR/CCPA): You may request access to your data, ask us to correct inaccuracies, or request deletion, subject to legal exceptions (e.g., we may retain certain records for tax). You may also request:

Portability (GDPR): to receive certain data in a machine-readable format.
Restriction/objection (GDPR): to certain processing based on our legitimate interests.
Withdrawal of consent: where processing relies on consent.

California (CCPA/CPRA): You may request to know, access, correct, or delete personal information, and to limit use of sensitive personal information where applicable. We do not sell or share personal information for cross-context behavioral advertising in the CCPA sense unless our ads tools are explicitly configured to do so; if we enable such features, we will update this Policy and provide opt-out mechanisms.
We will verify requests and respond within applicable timelines. Authorized agents may submit requests with proof of authorization.

9) Cookies & similar technologies
We use:

Strictly necessary cookies (required for core functions like cart/checkout, security).
Performance/analytics cookies (to understand site usage and improve).
Functional cookies (remember preferences).
Advertising/retargeting cookies (only if enabled and consented, for personalized ads on third-party platforms).

You can:

Use our cookie banner (if present) to accept/decline non-essential cookies.
Adjust browser settings to block or delete cookies.
Use platform-specific opt-outs (Google/Meta ad settings) and industry tools (NAI/DAA, where available).

Blocking some cookies may impact site functionality.

10) Children’s privacy
Our Site is not intended for children under 13 (or under 16 in the EEA without guardian consent). We do not knowingly collect personal information from children. If you believe a child provided us data, contact us to delete it.

11) International transfers
Your information may be stored or processed outside your province, state, or country (including the U.S.). We take measures to protect data during transfers and, where required by law (e.g., GDPR), rely on appropriate safeguards such as Standard Contractual Clauses.

12) Third-party links & services
Our Site may link to third-party websites or integrate third-party tools (e.g., payment gateways, analytics, ads pixels). Their practices are governed by their own privacy policies. We are not responsible for their content or privacy practices.

13) Do Not Track
Some browsers transmit Do Not Track signals. Because there is no common industry standard, our Site may not respond to these signals. You can manage tracking via cookies and advertising opt-outs noted above.

14) Changes to this Policy
We may update this Privacy Policy from time to time. The “Last updated” date will change, and the new Policy will take effect when posted. Your continued use of the Site after changes means you accept the updated Policy.

15) How to reach us & complaints
Questions, requests, or complaints about this Policy or your personal information:

Email: contact@jos-studios.com

click here to book all your hair and lash appointments!

Privacy Policy

Account & identity data: name, email, phone number, billing/shipping address.

Order & transaction data: items purchased, order value, delivery details, communications with us.

Payment data: processed by our payment providers (e.g., card brand, expiry, last 4). We do not store full card numbers; our processors handle and secure payment details.

Communications & UGC: product reviews, messages, survey responses, support requests, photos you upload.

B. Information collected automatically

Device & usage data: IP address, browser type, device identifiers, pages viewed, referring/exit pages, timestamps.

Cookies & similar technologies: for essential functionality (cart, checkout), analytics (e.g., site performance), and (optionally) advertising/retargeting. See Section 9 (Cookies).

C. Information from third parties

E-commerce & payment providers, shipping partners, fraud-prevention services, analytics/ads platforms (if enabled).

3) Why we use your information (purposes)

Process orders & deliver products (order confirmation, shipping, returns, refunds).

Customer support & communications (respond to inquiries, service messages).

Account management (remember preferences, saved addresses).

Site performance & security (fraud detection, abuse prevention, debugging).

Legal & compliance (invoices, taxes, recordkeeping).

Analytics & improvement (understand traffic, improve products and UX).

Marketing (optional) (newsletters, promotions), only with your consent or as allowed by law (see CASL/GDPR/CCPA sections).

Legal bases (GDPR, where applicable): performance of a contract (orders), legitimate interests (security, improvement), consent (marketing cookies/emails), legal obligations (tax, accounting). 4) Sharing your information We share data only as needed to run our store and comply with law:

Fraud prevention & security: tools that help detect/mitigate fraud or abuse.

Business transfers: in a merger, acquisition, financing, or sale of assets.

Legal compliance: to comply with law, enforce our Terms & Conditions, or protect rights, property, and safety.

Orders/transactions: typically 7 years (tax and accounting).

Support messages: as long as needed to resolve and for quality assurance.

Marketing data: until you unsubscribe or withdraw consent, or after a defined inactivity period.

Cookies: per the lifetimes noted in Section 9 or your browser settings. When no longer needed, we securely delete or anonymize the information.

Portability (GDPR): to receive certain data in a machine-readable format.

Restriction/objection (GDPR): to certain processing based on our legitimate interests.

Withdrawal of consent: where processing relies on consent.

Strictly necessary cookies (required for core functions like cart/checkout, security).

Performance/analytics cookies (to understand site usage and improve).

Functional cookies (remember preferences).

Advertising/retargeting cookies (only if enabled and consented, for personalized ads on third-party platforms).

You can:

Use our cookie banner (if present) to accept/decline non-essential cookies.

Adjust browser settings to block or delete cookies.

Use platform-specific opt-outs (Google/Meta ad settings) and industry tools (NAI/DAA, where available).

Email: contact@jos-studios.com

subscribe to our newsletter

Legal bases (GDPR, where applicable): performance of a contract (orders), legitimate interests (security, improvement), consent (marketing cookies/emails), legal obligations (tax, accounting).

4) Sharing your information
We share data only as needed to run our store and comply with law:

Cookies: per the lifetimes noted in Section 9 or your browser settings.
When no longer needed, we securely delete or anonymize the information.