BestLooking.Skin

Legal

Website Privacy Policy

Last updated May 2, 2026

This website, www.bestlooking.skin, is owned and operated by FXN Holdings, a registered business in Australia.

This Privacy Policy applies to all personal information collected by FXN Holdings (we, us or our) via the website located at www.bestlooking.skin (Website).

We process personal data in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles. Where you are located in the European Economic Area (EEA), the United Kingdom, Switzerland, or the United States (including California and other states with comprehensive privacy laws), additional rights apply — see sections 8–11 below.

1. What information do we collect?

The kind of Personal Information that we collect from you will depend on how you use the Website. The Personal Information which we collect and hold about you may include:

  1. Identifiers and contact data — full name, email address, phone number, billing and shipping addresses.
  2. Commercial information — purchase history, order details, customer preferences and interests, and (for our e-commerce operations including NXT Smart Home and NXT Outlet) payment information processed securely through third-party payment processors.
  3. Internet/network activity — IP address, browser type, device information, referring URLs, pages visited and time spent.
  4. Customer-service interactions — communication history with our team and information submitted through contact forms or account registration.
  5. Inferences — preferences and interests we infer from the above to personalise the experience.

2. Types of information

The Privacy Act 1988 (Cth) (Privacy Act) defines types of information, including Personal Information and Sensitive Information.

Personal Information means information or an opinion about an identified individual or an individual who is reasonably identifiable:

  1. whether the information or opinion is true or not; and
  2. whether the information or opinion is recorded in a material form or not.

If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as "Personal Information" and will not be subject to this privacy policy.

Sensitive Information is defined in the Privacy Act as including information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information. Under the GDPR this is referred to as special category data.

Sensitive / special category information will be used by us only:

  1. for the primary purpose for which it was obtained;
  2. for a secondary purpose that is directly related to the primary purpose; and
  3. with your explicit consent or where required or authorised by law.

3. How we collect your Personal Information

  1. We may collect Personal Information from you whenever you input such information into the Website, related app or provide it to us in any other way.
  2. We may also use cookies and similar technologies which enable us to tell when you use the Website and to help customise your experience. See our Cookie Policy for details and how to manage your choices.
  3. We generally don't collect Sensitive Information, but when we do, we will comply with the preceding paragraph.
  4. Where reasonable and practicable we collect your Personal Information from you only. However, sometimes we may be given information from a third party (such as our advertising or analytics partners); in those cases we will take steps to make you aware of the information that was provided.

4. Purpose and lawful basis of collection

  1. We collect Personal Information to provide you with the best service experience possible on the Website, fulfill orders for our e-commerce operations, respond to enquiries and keep in touch with you about developments in our business.
  2. For visitors in the EEA / UK, the lawful bases on which we rely are (Article 6 GDPR / UK GDPR):
    1. Consent — for non-essential cookies, marketing emails, and any optional analytics.
    2. Contract — to fulfill orders and provide services you have requested.
    3. Legitimate interests — for site security, fraud prevention, basic analytics, and direct marketing of our own similar products to existing customers (subject to your right to object at any time).
    4. Legal obligation — to comply with tax, accounting and other applicable laws.
  3. We customarily disclose Personal Information only to our service providers who assist us in operating the Website (hosting, email delivery, analytics, payment processors, customer support tools). Each service provider is bound by contract to handle your data only for documented purposes and to maintain appropriate security.
  4. We will only use your Personal Information for direct marketing if we have collected it directly from you, and only if it is material of a type which you would reasonably expect to receive. We do not use sensitive Personal Information in direct marketing. Every marketing email contains a one-click unsubscribe link.

5. Security, retention and your rights

  1. We store your Personal Information using industry-standard technical and organisational measures (encryption in transit, access controls, regular reviews) to reasonably protect it from unauthorised access, misuse, modification or disclosure.
  2. Retention. When we no longer require your Personal Information for the purpose for which we obtained it, we will take reasonable steps to destroy and anonymise or de-identify it. Most Personal Information stored in our client files and records will be kept for a maximum of 7 years to fulfill our record-keeping obligations. Email correspondence is retained as long as it remains useful for support or legal record-keeping.
  3. The Australian Privacy Principles permit you to:
    1. obtain access to the Personal Information we hold about you in certain circumstances (Australian Privacy Principle 12); and
    2. correct inaccurate Personal Information subject to certain exceptions (Australian Privacy Principle 13).
  4. Where you would like to obtain such access, please contact us in writing on the contact details set out at the bottom of this privacy policy. We respond within 30 days for AU requests, 30 days for GDPR/UK GDPR requests (extendable by 60 days where complex), and 45 days for CCPA/CPRA requests.

6. Complaint procedure

If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us at privacy@bestlooking.skin. All complaints will be considered by Kritin Curtis and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem.

If you remain dissatisfied with the outcome you may refer the matter to the Office of the Australian Information Commissioner (oaic.gov.au), or, if you are based in the EEA / UK, to your local data-protection supervisory authority.

7. International data transfers

Your Personal Information may be transferred overseas or stored overseas for a variety of reasons (cloud hosting, email delivery, customer-support platforms). We use providers primarily located in Australia, the European Union, the United Kingdom and the United States.

Where Personal Information is transferred from the EEA or UK to a country that has not been the subject of a European Commission adequacy decision, we rely on Standard Contractual Clauses (the EU SCCs as updated 4 June 2021, and the UK International Data Transfer Addendum) and additional supplementary measures where appropriate, in accordance with Articles 45–49 GDPR.

For Australian residents, where Personal Information is sent to a country with data protection laws substantially similar to the Australian Privacy Principles, we will not be liable for a breach of those Principles if your Personal Information is mishandled in that jurisdiction. Where it is transferred to a jurisdiction with less comprehensive laws, we will take reasonable steps to secure a contractual commitment from the recipient to handle your information in accordance with the Australian Privacy Principles.

8. Your rights under the GDPR (EEA / UK / Switzerland)

If you are located in the EEA, United Kingdom or Switzerland, the GDPR / UK GDPR / Swiss FADP give you specific rights in relation to your Personal Information:

  1. Right of access — to obtain confirmation of and a copy of the Personal Information we hold about you (Art. 15).
  2. Right to rectification — to have inaccurate or incomplete data corrected (Art. 16).
  3. Right to erasure ("right to be forgotten") — in defined circumstances (Art. 17).
  4. Right to restriction of processing — to limit how we use your data in defined circumstances (Art. 18).
  5. Right to data portability — to receive your data in a structured, machine-readable format and have it transmitted to another controller (Art. 20).
  6. Right to object — to processing based on legitimate interests and to direct marketing at any time (Art. 21).
  7. Rights related to automated decision-making — we do not engage in solely automated decision-making with legal or similarly significant effects (Art. 22).
  8. Right to withdraw consent — at any time, where processing is based on consent.
  9. Right to lodge a complaint — with your local supervisory authority (e.g. the UK ICO at ico.org.uk, the Irish DPC at dataprotection.ie, or the authority for your country listed at edpb.europa.eu).

To exercise any of these rights, email privacy@bestlooking.skin. We may need to verify your identity before responding. Exercising these rights is free of charge. We will respond within one month, extendable by two further months for complex requests.

9. Notice for California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020) (CCPA) gives you specific rights.

Categories of Personal Information collected in the past 12 months: identifiers (name, email, IP); commercial information (purchase history); internet/network activity (browsing, referral, device info); geolocation (approximate, from IP); customer-service correspondence; and inferences drawn from the above.

Sources: directly from you; automatically through your interactions with the Website; from our service providers (analytics, hosting, advertising); and from public sources where applicable.

Business / commercial purposes for which it is used: operating, securing and improving the Website; fulfilling orders; responding to support requests; aggregate analytics; legal compliance; and marketing of our own services.

Disclosure / sharing. We disclose the categories above to service providers bound by contract. We do not sell Personal Information for monetary consideration. We may "share" certain identifiers and internet-activity data with advertising partners for cross-context behavioural advertising, which California law treats as a "sale or share". You can opt out via the link below or by enabling the Global Privacy Control (GPC) signal in your browser, which we honor as a valid opt-out request.

Your CCPA rights:

  1. Right to know what Personal Information we have collected about you and how it is used.
  2. Right to delete Personal Information we have collected (subject to exceptions).
  3. Right to correct inaccurate Personal Information.
  4. Right to opt out of the "sale" or "sharing" of Personal Information.
  5. Right to limit the use and disclosure of Sensitive Personal Information.
  6. Right to non-discrimination for exercising your CCPA rights — we will not deny services, charge different prices or provide a lower quality of service.

To exercise any of these rights, email privacy@bestlooking.skin or use our contact form. Authorised agents may submit requests on your behalf with verifiable written permission. We respond within 45 days (extendable by 45 days with notice). We may need information sufficient to verify you are the consumer about whom the data was collected.

Do Not Sell or Share My Personal Information — clicking opens an email pre-addressed to our privacy team. You may also enable the Global Privacy Control (globalprivacycontrol.org) in your browser as a universal opt-out.

10. Notice for residents of other US states

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon, Montana, and other US states with comprehensive privacy laws have rights broadly equivalent to those described in section 9: access, correction, deletion, portability and opt-out of targeted advertising / sale / profiling that produces legal or similarly significant effects. To exercise these rights, email privacy@bestlooking.skin. We honor recognised opt-out signals (including the Global Privacy Control) where required by your state's law. You have the right to appeal any denial of a rights request — contact privacy@bestlooking.skin with the subject line "Appeal".

11. Children's privacy

The Website is intended for a general audience and is not directed to children under the age of 13 (or under 16 in the EEA / UK where applicable). We do not knowingly collect Personal Information from children. If you believe a child has provided us with Personal Information, please contact us at privacy@bestlooking.skin and we will delete it promptly. We comply with the US Children's Online Privacy Protection Act (COPPA) and equivalent provisions of the GDPR.

12. Cookies and tracking technologies

We use cookies and similar technologies to operate the site, remember preferences, measure aggregate usage and (with your consent in jurisdictions that require it) deliver advertising. Full details — including how to manage your consent, browser-specific opt-out instructions, and a list of cookie categories — are provided in our Cookie Policy.

13. Affiliate-link disclosure

Some links on the Website are affiliate links. When you click through and make a qualifying purchase, we may earn a commission at no additional cost to you. BestLooking.Skin is a participant in the Amazon Services LLC Associates Program and other affiliate programs. Our editorial recommendations are not influenced by these relationships, in line with the U.S. Federal Trade Commission Endorsement Guides.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be notified via the Website and, where required, by email or in-product notice prior to the change taking effect.

15. How to contact us about privacy

Data Controller: FXN Holdings, Western Australia.
Privacy queries, access requests, complaints and CCPA / GDPR rights requests: privacy@bestlooking.skin.

This Privacy Policy is provided as a general template covering the Australian Privacy Act, the GDPR / UK GDPR, the CCPA / CPRA and other US state privacy laws. It does not constitute legal advice. For a fully audited document tailored to your specific operations, please consult a qualified privacy lawyer in your jurisdictions of operation.