Chicago's First Experiential Perfume Bar  ·  Free shipping over $75
Perfume Bar · Chicago
Bag

Privacy Policy

Privacy Policy | Le Nez Perfume Bar Chicago
Legal & Privacy

Privacy Policy

Last updated: May 1, 2026

Contents
  1. Information We Collect
  2. How We Use Your Information
  3. Sharing Your Information
  4. Cookies & Tracking Technologies
  5. Data Retention
  6. Your Rights (GDPR & CCPA)
  7. Data Security
  8. Third-Party Services
  9. Children's Privacy
  10. Changes to This Policy
  11. Contact Us
Who we are: Le Nez Perfume Bar, 2657 N Clark St, Chicago, IL 60614. Email: info@lenezperfumebar.com. We are the data controller for information collected through lenezperfumebar.com.

1. Information We Collect

We collect information you provide directly, automatically through your use of our site, and from third-party partners.

Information you provide:

  • Name, email address, phone number, and shipping address when you place an order or create an account
  • Payment information — processed directly by Stripe and never stored on our servers
  • Birth month when provided for the Birthday Ritual membership benefit
  • Custom fragrance formula information when you participate in a bespoke creation session
  • Inquiry and event request details submitted through our contact forms
  • Marketing preferences and consent choices

Information collected automatically:

  • Browser type, operating system, and device information
  • IP address and approximate geographic location
  • Pages visited, time spent on each page, and navigation paths
  • Cart behavior, checkout steps completed, and purchase history
  • Cookie identifiers (see Section 4 for full cookie disclosure)

2. How We Use Your Information

  • To process and fulfill your fragrance orders and shipping
  • To confirm and manage atelier bookings and private event inquiries
  • To manage your Scent Society membership, billing cycles, and benefits
  • To send transactional emails (order confirmations, shipping notifications, booking confirmations)
  • To send marketing communications you have consented to receive (new releases, seasonal campaigns, event announcements)
  • To deliver personalized content based on your fragrance preferences and purchase history
  • To send your Birthday Ritual gift during your birth month (if provided)
  • To improve our website, products, and services through analytics
  • To comply with legal obligations and enforce our Terms of Service

Legal basis (GDPR): Contract performance (orders, bookings) · Legitimate interests (security, fraud prevention) · Consent (marketing emails, analytics cookies) · Legal obligation (accounting, tax records).

3. Sharing Your Information

We never sell your personal data. We share information only with service providers that help us operate our business:

  • Shopify Inc. — e-commerce platform and order management
  • Stripe Inc. — payment processing (PCI DSS Level 1 certified)
  • Recharge Payments — subscription and membership billing
  • Klaviyo Inc. — marketing email platform (only receives data for customers who have consented to marketing)
  • Postmark / ActiveCampaign — transactional email delivery
  • Google LLC — analytics (anonymized), Google Maps integration
  • Supabase — secure database for inquiry records and booking logs

We may also disclose information when required by law, court order, or to protect the rights and safety of Le Nez, our customers, or the public.

4. Cookies & Tracking Technologies

We use cookies and similar technologies to operate our website, remember your preferences, and understand how visitors use our site.

Strictly Necessary Cookies (always active — no consent required):

  • _shopify_y — Shopify session and cart management. Expires: session.
  • _shopify_s — Shopify session tracking for checkout. Expires: 30 minutes.
  • cart — Stores your shopping cart contents. Expires: 2 weeks.
  • secure_customer_sig — Customer authentication token. Expires: 20 years.

Functional Cookies (require consent):

  • lnz_cart — Client-side cart display mirror (localStorage, not a cookie). Cleared on checkout.
  • lnz_cookie_consent — Records your cookie consent choice. Expires: 1 year.

Analytics Cookies (require consent):

  • _ga — Google Analytics visitor identifier. Expires: 2 years.
  • _ga_* — Google Analytics session data. Expires: 2 years.
  • _gid — Google Analytics daily session. Expires: 24 hours.

Marketing Cookies (require consent):

  • __klaviyo_* — Klaviyo email behavior tracking (only set after email link click). Expires: 1 year.
  • _fbp — Meta Pixel for advertising retargeting. Expires: 3 months.

You can manage cookie preferences at any time by clicking "Cookie Settings" in the footer or by clearing cookies in your browser settings. Withdrawing consent for analytics or marketing cookies will not affect the functionality of your cart or account.

5. Data Retention

  • Order data: Retained for 7 years for tax and legal compliance purposes
  • Account data: Retained while your account is active, plus 2 years after deletion request
  • Custom fragrance formulas: Retained indefinitely unless you request deletion
  • Inquiry records: Retained for 3 years after last contact
  • Marketing consent records: Retained as long as you are a subscriber, plus 3 years for legal compliance
  • Analytics data: Anonymized after 26 months per Google Analytics configuration

6. Your Rights (GDPR & CCPA)

Depending on where you live, you may have the following rights regarding your personal data:

  • Access: Request a copy of all personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data ("right to be forgotten")
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdrawal of consent: Withdraw marketing consent at any time via the unsubscribe link in any email
  • California residents (CCPA): Right to know, right to delete, right to opt out of sale (we do not sell data)

To exercise any of these rights, email info@lenezperfumebar.com with the subject line "Privacy Request." We will respond within 30 days.

7. Data Security

We implement industry-standard security measures to protect your personal data:

  • TLS 1.2+ encryption on all data in transit (enforced via HTTPS)
  • Payment data handled exclusively by Stripe (PCI DSS Level 1) — we never see or store card numbers
  • Database access restricted to authenticated application services only
  • HSTS header enforced: Strict-Transport-Security: max-age=31536000
  • CSRF protection on all form submissions
  • Rate limiting on all API endpoints

If you discover a security vulnerability, please email info@lenezperfumebar.com immediately. We will respond within 24 hours.

8. Third-Party Services

The following third-party services process personal data on our behalf. Each has its own privacy policy governing how your data is handled on their infrastructure:

9. Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a minor, please contact us immediately at info@lenezperfumebar.com and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy periodically. When we do, we will revise the "Last updated" date at the top of this page. For material changes, we will notify you via email or a prominent notice on our website at least 30 days before the change takes effect.

11. Contact Us

For any privacy-related questions, data access requests, or to withdraw consent:

We aim to respond to all privacy requests within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.

This policy was last reviewed and updated May 1, 2026.