Privacy Policy

Section 1 – How we use your personal information.

Whenever you decide to buy something at our online store, you will be asked to provide your personal information such as full name, current address, and email address.

When you browse through the sections of your online shop, our system automatically gathers the information regarding your IP address along with other data that may be useful for us.

Newsletters (if desired): We will provide you with an opportunity to sign for our newsletters which will contain the information about updates and new arrivals at our store.

Section 2 – Consent

How do you receive my consent?

You automatically give your consent to the use of your personal information in the following cases: placement of an order, verification of the payment method, organization of delivery or return of the purchased product. The gathered information will be used only for the business purposes related to the given purchase.

Should we require your information for any other purposes, for instance, marketing or charity, we will directly ask for your permission to use this information. It is up to you whether to give your full consent or to forbid us to use the information.

What to do if you have given the consent but then changed your mind?

If, for some reason, you decide that you no longer wish to receive our newsletters or you don't want us to get in touch with you for further collection of information and you would like to prohibit the use and disclosure of the existing information, feel free to contact us at your convenience and place the corresponding request. You can either contact us via email at or by post:

Brasil Cacau Keratin Official International Store

PO BOX 507 Shelley, Idaho, United States

ZIP code: 83274

Section 3 -  Disclosure

We reserve the right to disclose your personal information upon the request of law enforcement agencies or if a client infringes our Terms of Service.

Section 4 – Shopify

Our online store was developed on the Shopify platform and is currently hosted by this particular provider.

All the information, which we gather in the course of business activities, is stored on Shopify's server that is effectively protected by the firewall.


If you select a direct payment option to finalize the purchase, the system will automatically gather your credit card information and store it on Shopify server. The server itself is protected by the Payment Card Industry Data Security Standard (PCI-DSS) encryption. All the information related to your purchases at our online shop will be stored only for the duration of time necessary for the completion of a transaction. Once the transaction is carried out successfully, all related data will be permanently erased from the storage.

Each and every direct payment gateway complies with the standards of PCI-DSS developed by the PCI Security Standards Council, a joint managing authority comprised such recognized brands as Visa, MasterCard, American Express, and Discover.

PCI-DSS encryption provides an absolute protection of your credit cards details, guaranteed by us and our partners.

For more information regarding Shopify's Terms and Conditions please visit

( or Privacy Statement (

Section 5 – Third-party services

In most cases, the third-parties, who provide the auxiliary services for our online store, are allowed to gather your personal and credit card information only in the amount necessary for the proper rendering of their services. 

Some of these providers, for instance, payment gateways and other payment service providers, may use your personal information, including your credit card details, which we are obliged to give to them as part of our cooperation agreement.

To avoid any misunderstandings, we advise you to carefully study the privacy policies of such providers in order to get an understanding of how that information will be used.

Please keep in mind that some providers may not be registered and located in the same jurisdiction as our company or the client. Therefore, if you choose to proceed with the transaction that requires services of a third-party, your personal data may become compliant with legislation of the jurisdiction in which the corresponding service provider is registered.

For instance, if you reside in Canada and your purchase is processed by a payment system which falls under the US jurisdiction, then all data, which you have provided in the course of the transaction, can be used by the US authorities in accordance the Patriot Act and other laws of this particular country.

As soon as you log out from our website or get re-directed to another website which belongs to the third-party, you no longer fall within the ambit of our Terms of Service, including the Privacy Policy.

We do not bear responsibility for the privacy policies on other websites; therefore, if you decide to follow one of the links which you may find on our website, please take some time to get yourself acquainted with their privacy practices.

Section 6 – Security

We do our utmost to protect your personal data and to keep it from being stolen, manipulated, erased or used in another inappropriate manner.

All data related to credit card details and financial transactions is securely encrypted by means of a socket layer technology (SSL) and saved using an encryption called AES-256. Although no payment system or data storage can guarantee the absolute security of all transactions, we can assure you that we diligently follow each and every PCI-DSS requirement and implement all generally accepted security measures in a timely fashion.

Section 7 – Cookies

Below you can find the list of cookies that we use on our website. Please get yourself acquainted with them to decide whether you would enable them in the course of your browsing experience on our website or not.

_session_id, unique token, lets Shopify gather and store the data related to your browsing history (on referral and landing pages, etc.)

_shopify_visit, no data held, stays active for 30 minutes after your last visit to the website. Needed for Shopify's internal tracker to record how many times you have visited our website.

_shopify_uniq, no data held, stays active until midnight (visitor's time zone) of the following day. Keeps track of the number of visits to the online store by a selected user.

_secure_session_id, unique token, sessional cart, the unique cookie which stays active for 2 weeks. Keeps information about the items which you have moved to your cart.

storefront_digest, unique token, indefinite determines if the visitor, who is currently browsing the website, has actual access to it. Applied in case the given online shop employs password protection.

Section 8 – Contentment age

Upon visiting our website, you confirm that you have come of age determined by the legislation of your country or state or that you have given the permission to your underage dependents to visit this website.

Section 9 – Alterations to our Privacy Policy

We have the full right to alter our privacy policies at our own will and at any given time; therefore, make sure that your review it fairly regularly. You will be duly notified about the upcoming changes to our privacy policy so that you would be aware of all new nuances of data collection and storing procedures as well as the conditions under which we have the right to use and disclose that information.

In case our store becomes subject to merger or acquisition deal with another enterprise, your personal data will be transferred to the new owner in full.

Inquiries and contact information

For any inquiries regarding accessing, altering or deleting any personal information which you have provided for our website, filing a complaint or requesting additional information about the products and services, please send an email to our Privacy Compliance Officer at