Lorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque eget tincidunt quam. Phasellus ultricies ultrices bibendum.
Aenean vitae porta nisl, nec feugiat neque. Maecenas luctus magna eu elit dapibus, a porttitor lacus euismod.
Effective Date: November 3, 2025
Your privacy is important to us. It is MISTORY’s policy to respect your privacy and comply with applicable laws and regulations regarding any personal information we may collect about you, including across our website, https://www.hairandbodymist.com, and other sites we own and operate.
“Personal information” means any information about you that can be used to identify you, including information about you as a person (such as name, address, and date of birth), your devices, payment details, and information about how you use a website or online service.
If our site contains links to third-party sites and services, please be aware those sites have their own privacy policies. After following a link to any third-party content, you should read their posted privacy policy to understand how they collect and use personal information. This Privacy Policy does not apply to your activities after you leave our site.
Information we collect falls into two categories: “voluntarily provided” and “automatically collected.”
When you visit our website, our servers may automatically log standard data provided by your web browser. This may include your device’s IP address, browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details about your visit.
If you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding it (e.g., device details and what you were doing when the error occurred). While this information may not identify you by itself, it may be possible to combine it with other data to identify you.
When you visit our website or interact with our services, we may collect device data such as:
Please check your device and software policies to learn what information they make available to us.
We may ask for personal information—for example, when you contact us or submit content—including:
Last updated: November 3, 2025
The MISTORY mobile messaging service (the “Service”) is operated by MISTORY (“MISTORY,” “we,” or “us”). Your use of the Service constitutes your agreement to these Mobile Terms. We may modify or cancel the Service or any of its features at any time. To the extent permitted by law, we may also modify these Mobile Terms at any time, and your continued use of the Service following the effective date of any changes constitutes your acceptance.
By consenting to MISTORY’s SMS/text messaging Service, you agree to receive recurring SMS/text messages from and on behalf of MISTORY to the mobile number you provide, including via an automatic telephone dialing system or similar technology. Promotional messages may include promotions, specials, and cart reminders. Your consent is not a condition of purchase. Message frequency varies. Message and data rates may apply.
Opt-out: You may opt out at any time by replying STOP to a message from us or using the unsubscribe link (where available). You’ll receive a one-time confirmation message. To obtain help, reply HELP or email support@hairandbodymist.com.
We may change any phone number or sender ID we use to operate the Service and will notify you of such changes when required. Wireless carriers are not liable for delayed or undelivered messages. You agree to provide a valid mobile number; if you change your number, you must re-subscribe with the new number.
We respect your privacy. See this Privacy Policy for how we collect and use personal information. Our website may use cookies to keep track of items in your shopping cart, including when you have abandoned your cart, and this information may be used to determine when to send cart reminder messages via SMS.
We will not share your SMS opt-in with any third party for purposes unrelated to providing you with the Service. We may share Personal Data (including your SMS opt-in or consent status) with vendors who help deliver messaging services (e.g., platform providers and carriers) and require them to protect your data.
“User-generated content” means materials (text, images, videos, etc.) you supply to us for publishing on our website or social media. All such content is associated with the account or email used to submit it and may become public after posting. Once public, it may be accessible to third parties not covered by this Privacy Policy.
We only collect and use personal information when we have a legitimate reason to do so, and only to the extent reasonably necessary to provide our services.
We may collect personal information when you:
We may collect, hold, use, and disclose information to:
We may combine voluntarily provided and automatically collected personal information with information from other trusted sources (e.g., research or analytics) to improve our site and your experience.
We protect personal information within commercially acceptable means to prevent loss, theft, and unauthorized access, disclosure, copying, use, or modification. No method of electronic transmission or storage is 100% secure. You are responsible for maintaining secure passwords and protecting your account credentials.
We keep personal information only as long as needed for the purposes set out in this Privacy Policy or as required by law (e.g., tax, accounting, compliance). When no longer required, we will delete it or de-identify it.
We do not aim our products or services at children under 13 and do not knowingly collect personal information from children under 13.
We do not sell your personally identifiable information. We may share personal information with:
We may share non-identifying, aggregated information for marketing, advertising, or other uses.
We use cookies to collect information about you and your activity across our site so we can understand usage and serve content based on your preferences. You may decline cookies in your browser settings if supported by your browser.
If we or our assets are acquired or we enter bankruptcy or reorganization, personal information may be transferred to the acquiring parties, who may continue to use it consistent with this Privacy Policy to the extent permitted by law.
Our website may link to external sites not operated by us. We are not responsible for the content or privacy practices of those sites.
We may update this Privacy Policy to reflect changes to our business, practices, or applicable laws. We will post updates at this link. If the changes are significant or required by law, we will notify you via your selected communication preferences. Where required, we will seek your consent for new uses of personal information.
If Australian privacy law applies, you acknowledge that some third parties we share data with may not be regulated by the Privacy Act and Australian Privacy Principles, and we may not be able to ensure redress under that law for those parties’ acts or practices.
Data Controller / Data Processor: For the personal information you provide, MISTORY acts as Data Controller and/or Data Processor (as applicable).
Legal bases: We process personal information only where we have a legal basis, including consent, performance of a contract, legitimate interests (e.g., operating, improving, and securing our services), and compliance with law. Where consent is relied upon and you are under 16, parental/guardian consent may be required by law.
International transfers: Where personal information is transferred outside the EEA, we will use appropriate safeguards (e.g., Standard Contractual Clauses or other legally acceptable mechanisms).
Your GDPR rights may include: access, correction, deletion, restriction, objection, and data portability, subject to conditions under the GDPR.
We may collect categories of personal information described in the California Consumer Privacy Act (CCPA) in the preceding 12 months (e.g., identifiers, customer records, demographics, geolocation). You may have rights to know and delete personal information, and to receive disclosures about categories of information collected, sources, purposes, and third-party disclosures. You may also have rights under Shine the Light and CCPA-permitted financial incentives. See the sections above and contact us to exercise your rights.
Do Not Track: We do not currently respond to browser “Do Not Track” signals.
If you have questions or concerns regarding your privacy, please contact us:
Email: support@hairandbodymist.com
We have appointed an internal contact for privacy matters. You may reach our privacy team at support@hairandbodymist.com.
Enjoy fast, trackable delivery on every order with no extra fees. Keep you updated until your package arrives.
Checkout with confidence using industry-standard encryption and trusted gateways.
Need help? Our team is available around the clock by chat, email, or phone.
If you’re not delighted, return your item within our easy return window under Return Policy.
