This store requires javascript to be enabled for some features to work correctly.

Free Mystery Box on CAD$190+ Orders

Delivery Across Canada

30 Days Return Policy & 1 Year Warranty

Delivered Right to Your Door Across Canada 🇨🇦

Subscribe us with extra discount

Shop All

Hair Tools

Hair Care

Shop by Style

Sale

Bundle & Save

About TYMO

Support

Real Reviews

PRIVACY POLICY

Last Updated: June 15, 2026

This Privacy Policy is issued by TYMO BEAUTY INC. and its affiliates (collectively, “TYMO”, “we”, “us” and “our”). This Notice governs the collection, use, storage, disclosure, cross-border transfer and protection of personal information of all users who visit our website https://tymobeauty.com/ (the “Site”), use our products, receive our services, subscribe to our mobile message services, or otherwise interact with us (collectively “you” and “your”).

This Privacy Policy applies to all services, platforms, websites and related functions operated by TYMO. We may update this Privacy Policy from time to time to reflect changes to our business practices, technical arrangements or legal compliance requirements. For material updates, we will notify you via email or prominent notices on the Site prior to the effective date. Your continued use of our Site and services after the update takes effect shall be deemed your acceptance of the revised Privacy Policy.

1. Collection of Personal Information

1.1 Sources of Personal Information

We may collect or obtain your personal information from multiple sources:

1.1.1 Information you voluntarily provide: We collect information you actively submit when you register an account, complete orders, fill out forms, subscribe to marketing services, contact customer support, submit reviews or communicate with us via email, phone and other channels. This includes all information submitted during checkout, account setup and service subscription.

1.1.2 Information collected automatically: When you access and browse the Site, interact with web pages, click links or use site functions, we and our authorized third-party partners automatically collect device data, network data, browsing behaviour and operation records through tracking technologies.

1.1.3 Information from third parties: We may obtain your information from our authorized service providers, advertising partners, logistics vendors, payment institutions and technical support providers.

1.1.4 Public information: We may collect the content you publicly publish on our Site, review areas and public community sections.

1.2 Tracking Technologies for Automatic Collection

We adopt cookies, log files, web beacons, tags and pixels to collect automatic information. These technologies run on the Site to record your access status and interactive behaviours, and the collected data may be combined with other personal information we hold. You may manage or disable relevant tracking functions through your browser settings. For detailed guidance on cookies, please refer to Section 12 of this Notice.

2. Creation and Combination of Personal Information

We may generate derivative records based on your historical interactions, order records and service usage behaviours. We may also combine the personal information collected from different terminals, pages and service scenarios, so as to unify service management, optimize user experience and conduct legitimate operational analysis.

3. Categories of Collected and Processed Personal Information

We may collect and process ordinary personal information and sensitive personal information. Sensitive personal information includes payment data, mobile phone numbers, precise location data, browsing tracks and biometric-related information. Processing of sensitive personal information requires your separate explicit consent where required by law.

3.1 Identity and Account Information

This category includes your first name, surname, customer ID, loyalty member ID, login email, encrypted password, account status and membership level. Such information is collected during account registration, login and membership activation, and used for account authentication and identity verification.

3.2 Contact Information

This category includes your email address and mobile phone number. We collect such information during registration, checkout, newsletter subscription, SMS service subscription and customer consultation, to realize two-way communication with you.

3.3 Address Information

This category includes your billing address, shipping address, country and postal code, which are collected when you place orders on the Site for logistics distribution, tax calculation and order management.

3.4 Order, Transaction and Payment Information

This category includes order number, purchase history, product SKU, order value, payment status, coupon usage records, refund and return records, payment method, transaction ID and payment token. We collect such information during order placement and payment processing to complete order performance, financial accounting and after-sales processing.

3.5 Loyalty Program Information

This category includes your reward points, points redemption history and membership tier information, which are collected during your participation in our loyalty program for points management and membership service.

3.6 Device and Technical Information

This category includes your device model, browser type, IP address, time zone, Internet service provider, access time stamp, referring page and exit page. Such information is automatically collected when you browse the Site to maintain network security, prevent risks and optimize site operation.

3.7 Usage and Behaviour Information

This category includes pages you browse, products you view, click records, search keywords, cart content, cart value and abandoned cart records. We also collect your page view data, interactive records and preference information generated during the use of the Site.

3.8 Marketing and Advertising Information

This category includes your email subscription status, SMS subscription consent status, campaign source, UTM tracking parameters, referral source and ad click data, which are collected when you subscribe to marketing services or interact with advertising content.

3.9 Review and User-Generated Content

This category includes product reviews, ratings, pictures, texts and other content you publish on the Site, as well as Q&A and community posts you submit.

3.10 Customer Service Records

This category includes support tickets, online chat logs and email correspondence generated when you contact our customer service team.

3.11 Social Media Information

If you log in via social media accounts, we will collect the corresponding social media identification information for account authentication.

3.12 Location Information

We may obtain your general geographic location derived from your IP address for risk prevention, regional service adaptation and marketing optimization. We will not collect or process your precise location data without your separate explicit consent.

4. Purposes of Processing Personal Information

We may process your personal information for clear, legitimate and disclosed purposes in compliance with applicable laws, and all processing activities are necessary to achieve the following purposes:

4.1 To perform contractual obligations: Process identity, address, order, payment and transaction information to complete order acceptance, payment processing, logistics delivery, invoice issuance, after-sales return and refund services; manage your account, membership and loyalty program to provide normal account services and membership benefits.

4.2 To maintain site operation and optimize user experience: Process device information, network data and browsing behaviour data to monitor site operation status, troubleshoot technical faults, analyze user usage habits, optimize page layout and function settings, and improve overall service quality. We conduct user profiling and automated analysis for site optimization and advertising delivery. You have the right to object to such automated processing in accordance with applicable laws. You can object to user profiling and fully automated decision-making based on your personal data at any time by contacting us via email at csteam@tymo-tech.com.

4.3 To prevent risks and ensure security: Use IP address, device information, transaction records and other data to identify, investigate and prevent fraud, network attacks, abnormal transactions and other unsafe behaviours, and protect the legitimate rights and interests of you and our platform.

4.4 To carry out legitimate marketing activities: Based on your consent, send transaction notifications, service reminders, discount information, promotional content and abandoned cart reminder messages via email, SMS and other channels; deliver targeted advertisements and personalized content combined with your browsing preferences and consumption habits.

4.5 To provide customer support: Use contact information, order records and customer service logs to respond to your consultations, handle complaints and solve after-sales problems.

4.6 To operate community and review functions: Display user reviews, user-generated content and interactive information, and maintain the normal operation of community sections.

4.7 To comply with legal obligations: Retain relevant data to fulfill tax, accounting, judicial investigation and other statutory record-keeping obligations; respond to legal documents such as subpoenas and search warrants issued by competent authorities. In the event of a personal data breach that poses risks to your rights and interests, we will notify the competent regulatory authority and inform affected users in a timely manner.

4.8 Other purposes: Process information based on your additional explicit consent, or for other legitimate business purposes notified to you separately.

If we change the purpose of data processing, we will notify you in advance and obtain your renewed consent where required by law.

5. Legal Bases for Processing

We rely on the following legal bases for data processing:

5.1 Performance of a contract: Most of your account information, order information, address information, payment information and membership information are processed because such processing is necessary to perform the service contract between you and us.

5.2 Legitimate interests of the controller: We process device data, browsing data, usage records and risk control data based on our legitimate business interests, including site operation optimization, security protection, operational analysis and investigate or provide notice of fraud or unlawful or criminal activity etc.

5.3 Consent: We process your marketing subscription information, SMS consent information and part of tracking data based on your voluntary, explicit and revocable consent. Your consent is voluntary, and you have the right to withdraw consent at any time with future effect.

5.4 Compliance with legal obligations: We retain and disclose part of your personal information to comply with statutory record-keeping, tax reporting, judicial assistance and other legal requirements.

6. Disclosure and Sharing of Personal Information

We may also share, transmit, disclose, grant access to, make available, and provide Personal Data with and to other third parties:

6.1 Affiliated companies: We may share your necessary business data and user information with our group companies and affiliated entities for normal business operation, internal management and unified marketing arrangement.

6.2 Service providers: We share corresponding information with third-party service providers including Shopify, logistics providers, payment service providers, marketing service providers, technical service providers and review system providers to deliver services normally. We require all service providers to strictly adhere to data protection laws, process personal data only on our instructions and for authorized purposes, and undertake corresponding confidentiality and security obligations.

6.3 For legal reasons: We may disclose your personal information when required by laws, regulations, court orders, subpoenas, search warrants or official requests from competent authorities. We may also disclose information to protect legitimate rights, property and personal safety of all parties.

6.4 Corporate transactions: In the event of merger, acquisition, asset transfer or bankruptcy reorganization, your personal information may be transferred as part of business assets, and we will notify you in accordance with the law.

6.5 With your consent: We will share your information with third parties if you give separate explicit consent or make an active request. We may share your browsing data, device data and behavioral data with Google, Meta, Bing and other advertising platforms for cross-context behavioral advertising activities. Such sharing for targeted advertising is defined as sharing of personal information, not a sale. All advertising platforms shall act as data processors and strictly abide by applicable data protection laws.

In the event your consent to cookies and tracking technologies, you still retain the permanent right to opt out via the opt-out link posted on our website footer. After opting out, we will stop sharing your behavioral data with advertising platforms immediately.

7. International Transfer of Personal Information

Your personal data may be transferred across borders in the course of our global service delivery, including the United States, Canada and China. We will conduct cross-border data transfers in compliance with all applicable laws. By using our website and services, you expressly consent to such cross-border data transfers. We will take appropriate protective measures to safeguard your personal information, such as the signature of Standard Contractual Clause.

8. Data Retention Rules

We retain your personal information only for the period necessary to fulfill the collection purposes and meet statutory requirements. When the retention period expires, we will delete, anonymize or pseudonymize your personal information permanently. We will keep relevant data for a longer period if there are ongoing legal disputes, litigations or regulatory investigations.

We set differentiated retention periods for different types of personal data in accordance with laws:

(i) Account and membership data: Retained during your account validity; you may apply for account cancellation and data deletion at any time.

(ii) Order, payment and transaction data: Retained for 7 years to meet financial, tax and legal archive requirements.

(iii) Browsing and cookie data: Retained for a maximum of 12 months.

(iv) User-generated content (reviews, posts, etc.): Will be retained unless you submit a deletion application.

account and membership data are retained during your account validity; order, payment and transaction data are retained to meet financial and legal archive requirements; browsing and cookie data are retained within a reasonable period; user-generated content will be retained unless you apply for deletion.

9. Your Privacy Rights

Subject to applicable law, you may have the following rights regarding the processing of your personal information, ncluding the right to access, correct, delete your personal data, restrict data processing, obtain data portability, object to marketing activities and withdraw your consent. If you are located in the EEA, UK or Canada, you have the right to lodge a complaint with your local data protection authority at any time. Please contact us via the email address in Section 15 to exercise your rights. We will verify your identity before handling your requests. We will respond to all legitimate requests within 1 month, and may extend the period for complex cases as permitted by law.

10. Text Marketing Terms and Conditions

10.1 We use a text messaging platform to send promotional and transactional SMS/text Messages. By subscribing to our mobile message service (the “Service”), you agree to receive recurring SMS/text Messages, including but not limited to the following at the mobile number you provided:

i) Order-related messages (e.g., order confirmations, shipping updates);

ii) Service-related messages (e.g., updates, alerts, account notifications);

iii) Promotional messages (e.g., discounts, special offers, cart reminders);

By entering your phone number at checkout, subscribing through a form, or using a keyword, you consent to receive automated text messages from us. Consent is not a condition of any purchase.

10.2 Message frequency varies. Message and data rates may apply. Your phone number and related order data may be shared with our SMS service provider solely for the purpose of enabling message delivery and functionality. We do not sell or share your SMS opt-in data or consent status with other third parties for their own marketing purposes.

10.3 You can unsubscribe at any time by replying STOP to any SMS/text Messages you receive. You will receive a confirmation message once unsubscribed. For help, reply HELP or contact us at csteam@tymo-tech.com.

10.4 By agreeing to our mobile message service, you consent to receive recurring SMS messages from us and our service providers through your mobile carrier, even if your number is on any Do Not Call list. SMS messages may be sent via automated systems, and subscription is not a purchase requirement.

We may update SMS service numbers and short codes; you need to re-subscribe if you change your mobile number. We only share your SMS-related information with message delivery service providers and will not use it for unauthorized purposes. Mobile carriers are not liable for delayed or undelivered SMS. You shall ensure the mobile number you provide is valid. We will never sell your SMS-related data.

11. Do Not Track

We respect global Do Not Track (DNT) browser preferences. You may disable website tracking, targeted advertising and related data collection functions via your browser settings or official opt-out tools provided by advertising platforms.

12. Cookies, Pixels and Related Tracking Technologies

We use cookies, log files, web beacons, tags and pixels to maintain site functions, analyze user behaviours, optimize services and deliver advertisements.

12.1 Cookies are small data files stored on your device with anonymous unique identifiers, divided into necessary cookies, analytics cookies and marketing cookies. Necessary cookies are indispensable for site operation and cannot be disabled. We will not enable non-necessary cookies without your consent. You can adjust cookie preferences at any time via website cookie settings or browser tools.

12.2 Log files record site operations including IP address, browser information and time stamps.

12.3 Web beacons, tags and pixels are electronic files used to record browsing tracks.

For more details and disabling guidance about cookies, please visit: http://www.allaboutcookies.org. Disabling partial tracking technologies may affect the use of some site functions.

We also use cookies to help keep track of items you put into your shopping cart including when you have abandoned your cart and this information is used to determine when to send cart reminder messages via SMS.

All categories of cookies and tracking technologies have fixed data retention periods. Once you withdraw your consent to non-necessary cookies, we will immediately stop all relevant tracking activities and suspend data transmission to third-party advertising and analytics service providers.

13. Behavioural advertising

As described above, we use your personal information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

You can opt out of targeted advertising by using the links below:

- Facebook: https://www.facebook.com/settings/?tab=ads

- Google: https://www.google.com/settings/ads/anonymous

-Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.

14. Third-Party Websites and Service Providers

Our Site may contain links to third-party websites. This Privacy Notice only applies to services operated by TYMO. We are not responsible for the data policies of third-party platforms. Please read their privacy policies carefully before providing personal information to third parties. We shall not be liable for their independent illegal acts.

15. Contact Information

If you have questions, complaints about this Privacy Policy, or need to exercise your privacy rights, please contact us via email: csteam@tymo-tech.com. We will respond to your requests in a timely manner.