StyleLookup Privacy Policy

1. Scope

This policy applies to StyleLookup websites, mobile apps, support forms, certificate-related tools, store portal and trunk portal workflows, and related services operated by B.H. Multi Com Corp. / Effy Group.

2. Information We Collect

• Account and identity data: username, email address, employee-related access attributes, role, permissions, and related directory or authentication data.
• Authentication and session data: cookies, JWTs, session identifiers, remember-me tokens, device/session validation data, and related security claims used to keep users signed in and enforce access controls.
• Usage data: searches, views, exports, feature usage, app version, error events, and diagnostic activity.
• Device and network data: IP address, browser or user agent, operating system, timestamps, device-related metadata, and similar technical information used for security and troubleshooting.
• Support request data: information submitted through support forms, such as name, work email, phone number, platform, app version, subject, message content, and technical metadata associated with the request.
• Customer and certificate data: customer names, email addresses, phone numbers, mailing addresses, purchase details, item details, store information, certificate numbers, certificate PDFs, and related uploaded materials such as receipts where applicable.
• Application content: product, style, image, stone, pricing, vendor, line, and related business records made available through authorized system access.
• Security and anti-abuse data: validation and fraud-prevention information, including reCAPTCHA-related data and related verification results.

3. How We Collect Information

• Directly from users when they sign in, search, submit support requests, or use platform features.
• From internal systems and connected business data sources that power StyleLookup functionality.
• From customer-facing or store-facing workflows such as certificates, customer lookup, and trunk portal features.
• Automatically through cookies, tokens, logs, and device or browser interactions needed to operate and secure the platform.

4. How We Use Information

• Provide StyleLookup functionality such as style search, detail views, vendor and pricing workflows, line lookup, portal access, and exports.
• Authenticate users and maintain secure sessions.
• Enforce role-based, store-based, chain-based, and route-based access controls.
• Support certificate creation, customer lookup, PDF generation, and related transactional workflows.
• Respond to support requests and communicate with users about operational or technical issues.
• Maintain security, audit access, detect misuse, and troubleshoot application issues.
• Improve reliability, performance, and user experience.
• Meet contractual, legal, regulatory, and compliance obligations.

5. Authentication, Cookies, and Similar Technologies

StyleLookup uses cookies, JWTs, session identifiers, and similar technologies to authenticate users, keep sessions active, remember users when configured, secure protected routes, and enforce permissions. Some features may rely on secure cookies or session tokens and may not function correctly without them.

6. Support and Communications

When users submit a support request, we may use the submitted contact information and technical details to investigate issues, respond to the request, and improve support operations. We may also send transactional or operational emails related to support, certificates, or other requested services.

7. Customer and Certificate Workflows

Certain areas of StyleLookup support customer-facing or store-facing operations, including customer lookup, certificate creation, certificate delivery, and related purchase or service workflows. Information processed in these areas is used only for the relevant operational business purpose and not beyond what is reasonably necessary for that workflow.

8. Sharing and Disclosure

• Internal access: limited to authorized personnel with a business need to know.
• Service providers: hosting, authentication, email, validation, security, or technical support providers acting on our behalf and subject to appropriate restrictions.
• Legal and compliance purposes: when required by law, legal process, audit, investigation, or to protect rights, property, systems, or safety.
• Business operations: where disclosure is necessary to operate customer-facing or store-facing workflows requested through the platform.

We do not disclose personal information for unrelated marketing purposes where the data was collected for a limited operational workflow.

9. Data Retention

We retain information for as long as reasonably necessary for the purpose for which it was collected, including operational use, support, audit, security, legal compliance, and recordkeeping. Different categories of information may be retained for different periods, including authentication data, system logs, support requests, certificates, customer records, and uploaded documents.

10. Security

We use administrative, technical, and organizational safeguards appropriate to the sensitivity of the data involved. These safeguards may include access controls, encrypted transmission, route restrictions, network restrictions, monitoring, logging, and other security measures designed to protect confidentiality, integrity, and availability.

No method of transmission, storage, or security control is completely guaranteed, and residual risk remains.

11. Third-Party Services

StyleLookup may use third-party or infrastructure services for authentication, validation, email delivery, hosting, app distribution, or related operational support. These services may process limited information as needed to perform their function on our behalf.

12. Your Choices and Requests

• If you believe your access is incorrect, contact IT.
• You may request correction of inaccurate personal information where appropriate.
• You may sign out or clear cookies to end active browser sessions, although some protected features require authentication to function.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material updates may be communicated through the application, support channels, or other appropriate internal or operational means. The effective date above reflects the latest revision.

14. Contact

For questions regarding this policy, contact B.H. Multi Com Corp. / Effy Group IT:

• Phone: 212-944-0020