Spend $199, choose a free full-size product.Shop Now

Renew Your Brand Consultant Agreement
""
Renew Now

YOUR SESSION IS ABOUT TO EXPIRE:

Search
Search
0
English
Search for products, concerns and keywords.
No results for , please try again.
Common Searches
Common Searches (5)
Popular Products
Popular Products (5)

Save 20% with our best-selling skin regimens!

Shop Now
Your Brand Consultant Agreement has been successfully renewed.
There was a problem processing your Brand Consultant Agreement renewal. Please try again.
There was a system error. Please try again.
There was an issue adding this product. Please refresh the page and try again

PRIVACY POLICY

Last Updated April 3, 2025


Purpose and Reach | Information Collected | Consumer Health Data | Cookies and Marketing | Third Parties | Your Rights Regarding Your PI | Safeguarding Information | How Long Your PI Will Be Retained | Changes to This Privacy Policy | Contact Us


Your privacy is important to us. Rodan & Fields Beauty, LLC, f/k/a Rodan & Fields, LLC, including all its subsidiaries and affiliates (“Rodan + Fields,” “we,” “our,” and “us”), has created this Privacy Notice (“Policy”) to help you become familiar with how we collect, use, disclose, share, and protect Personal Information (or “PI”, defined below) and otherwise comply with applicable privacy laws. We encourage you to read this Policy in its entirety before using https://www.rodanandfields.com/ or any other online service (e.g., website or mobile app) that posts a link to the Policy, opening our emails, or otherwise providing PI to us.

I. Purpose and Reach of this Policy

This Policy describes the types of PI that R+F may collect or process, how we may use and disclose that PI, and how you may exercise any rights you may have regarding our processing of your PI.

This Policy applies to PI collected or processed by us:

  • Through online activities and services we offer (through websites, web surveys, newsletters, applications, email, online messaging services and channels, and otherwise), including the Rodan + Fields® website (or any of our international websites or applications) and any products, services, software, tools, applications, features or functionality offered on or through the website or mobile application (including any Rodan + Fields independent sales consultant (“Brand Consultant(s)”) personal web pages provided through the website) (collectively, the “Online Services”).
  • When you use our Solution Tool to receive customized product recommendations;
  • When we provide products and services directly to you and in other situations where you interact with us, including but not limited to interacting with us through our telephone customer service centers, though email or SMS/text messages, or by visiting our sites and offices or our events (e.g., tradeshows and conferences) (such products and services, together with Online Services, are collectively, the “Products and Services”);
  • When you interact with us in a professional capacity, for example, if you are a Brand Consultant;
  • When we undertake employment recruiting activities; or
  • Anywhere this Policy is posted or referenced.


R+F may provide you with a different privacy notice in certain specific situations, in which case that privacy notice or policy will apply to the PI collected or processed in that specific situation, rather than this one.

If you provide us with the PI of anyone other than yourself (such as a family member), please note that you are responsible for complying with all applicable privacy and data protection laws prior to providing that information to R+F (including obtaining consent, if required).

Please review this Policy carefully. By visiting our Online Services, providing us your PI, or otherwise interacting with our Products and Services, to the extent allowed by law, you agree to the Service’s Terms and Conditions and consent to Rodan + Fields’s data collection, use, and disclosure practices, and other activities as described in this Policy.

If you do not agree and consent, please discontinue use of the Products and Services, and uninstall any downloads and applications.

If you have any questions about this Policy or our privacy practices, please contact us here.

II. Information Collected

A. What is Personal Information?

"Personal Information" is any information—as electronically or otherwise recorded—that can be used to identify a person or that we can link to or associate with a specific individual.

Personal Information may include information considered sensitive in some jurisdictions, such as financial account information, specific geolocation, ethnic or racial origin, health information, information concerning your sex life or your sexual orientation, social security number, driver’s license, state identification card, passport number, and other similar information. Data that could be considered Sensitive PI is highlighted with a “^” in the chart below.

We will process any PI we collect in accordance with applicable law and as described in this Policy (unless, as explained above, a separate policy or notice governs). In some circumstances, if you do not provide us with your PI, certain Products and Services may be unavailable to you.

The table below is a high-level summary of the types of PI we may collect from you.

 

PI that may be considered sensitive is noted with a “^”.
R+F does not knowingly collect, maintain, disclose, or otherwise process PI from minors below the age of 16 without the permission of such minor’s parents or legal guardians.

Below is additional detail and information on how we collect, process, and use PI and the potential recipients of your PI, now and in the preceding 12 months. Some jurisdictions require us to state the legal bases for processing your PI, which are included below, but please note that not all jurisdictions may recognize all legal bases. The types of PI we collect and disclose depends on your relationship with R+F. Not all the categories listed in the following charts may apply to you. If the nature of your relationship with R+F changes, additional categories of PI may also apply.

Jump to:


B. Consumers, Users of Online Services, Purchasers of Products, Visitors to our Website, Survey Participants, and Senders of Inquiries

We may process your PI when you: (1) purchase one of our Products or Services, (2) visit our Online Services; (3) submit inquiries to us both online (for example, via email) or offline (for example, by written letters or phone call); (4) sign up for our informational or marketing materials; (5) create a R+F account; (6) enroll as a PC Perks subscriber; (7) participate in an offering, promotion or referral program; (8) complete an online survey; and/or (9) use our Solution Tool.

Examples of the types of data we process (PI that may be considered sensitive is noted with a “^”)


      Identity and contact information, such as:

  • first and last name or unique personal identifier
  • honorifics and titles including preferred form of address
  • email address
  • postal address
  • phone number
  • username or code and password^, security answers^, and user preferences


      Demographic information, such as:

  • age
  • gender
  • approximate location
  • interests
  • recent upcoming purchases
  • username or code and password


      Video, audio, and recorded information, such as:

  • still images
  • voicemails
  • recordings of your interactions with our Online Services, including with our customer service, whether through phone, email, SMS/text message, or chat


      Technical information, such as:

  • Internet Protocol (IP) addresses (which may identify your general geographic location or company)
  • browser type, version, and browser language
  • browsing history and search history
  • device type
  • advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
  • MAC address
  • computer type (Windows or Macintosh)
  • screen resolution
  • OS version
  • approximate geolocation of device
  • date and time you use our Products and Services
  • activity on our Products and Services and referring websites or applications
  • data collected from cookies or other similar technologies^


      Health information, such as:

  • medical condition, including pregnancy^
  • physical characteristics or description^
  • allergies^
  • prescriptions and dosing^
  • health values, such as heart rate and blood pressure^
  • health or exercise data^


      Commercial and financial information, such as:

  • Products and Services purchased, obtained, or considered
  • request documentation
  • customer service records and correspondence
  • bank account number and details^
  • credit and/or debit card number^


      Anonymized / de-identified data:

  • Anonymized and/or de-identified data is data for which your individual personal characteristics and information have been removed such that you are not identified or identifiable and the information is no longer considered PI under data protection laws**


Where do we get the data?

  • you directly
  • your devices
  • our Affiliates or Brand Consultants
  • service providers
  • third parties that provide access to information you make publicly available, such as social media
  • companies conducting research such as market research companies


Why do we process the data? (Purposes for the processing of PI that may be considered sensitive are noted with a “^”)

  • to process transactions
  • to send messages regarding Site-related content or our products to a friend through the Service
  • to communicate with you
  • to send you updates
  • to identify and authenticate you
  • to customize content for you
  • to detect security incidents
  • to protect against malicious or illegal activity
  • to ensure the appropriate use of our Products and Services
  • to improve our Products and Services
  • for short-term, transient use
  • for administrative purposes
  • for marketing, internal research, and development, including training, developing, and improving artificial intelligence services
  • for quality assurance and to assist in training and development of our representatives
  • to improve our Online Services
  • to make inferences for advertising and marketing (excluding cross-context behavioral advertising and targeted advertising)
  • advertising and product promotion, including to contact you regarding programs, products, services, and topics that may be of interest or useful^
  • to comply with legal and regulatory obligations
  • in connection with any financing, reorganization, restructuring, bankruptcy, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Rodan + Fields' business, assets or stock (including without limitation in connection with any due diligence related thereto)


What are the Lawful or Legal Bases of Processing?

  • for the purposes of our legitimate interests
  • to comply with legal and regulatory obligations and to establish, exercise, or defend our legal claims and rights
  • in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law


Who receives the data? (Parties that may receive PI that may be considered sensitive are noted with a “^”)

  • R+F, our affiliates, and related companies
  • R+F Brand Consultants
  • non-affiliated parties, including service providers
  • third party shippers
  • friends you refer to the Service
  • third parties who assist with fraud prevention, detection and mitigation
  • third parties who assist with our information technology and security programs and our loss prevention programs
  • third parties who assist with advertising, analytics and marketing efforts
  • third parties who assist with support services
  • partners that assist us in providing the Products and Services or help us improve our marketing or administration^
  • R+F’s lawyers, auditors and consultants


C. Brand Consultants, Business Partners, and Their Employees, Agents, and Contractors

We may process your PI if you are a current R+F business partner, employee of a R+F business partner, a Consultant, agent or contractor when you: (1) visit our Online Services; (2) submit inquiries to us both online (for example, via email) or offline (for example, by written letters or phone call); (3) sign up for our informational or marketing materials; (4) enroll or renew as a Brand Consultant or CRP subscriber; (7) participate in an offering, promotion or referral program; (8) complete an online survey; and/or (9) use our Solution Tool.

Examples of the types of data we process (PI that may be considered sensitive is noted with a “^”)


      Identity and contact information, such as:

  • first and last name or unique personal identifier
  • honorifics and titles including preferred form of address
  • company/employer
  • email address
  • postal address
  • phone number
  • username or code and password^, security answers^, and user preferences
  • signature


      Demographic information, such as:

  • age
  • gender
  • driver’s license, state ID card, or passport number^
  • disability^
  • social security number^
  • date of birth


      Technical information, such as:

  • Internet Protocol (IP) addresses (which may identify your general geographic location or company)
  • browser type and browser language
  • device type
  • advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
  • date and time you use our Products and Services
  • Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
  • activity on our Products and Services and referring websites or applications
  • data collected from cookies or other similar technologies^


      Commercial and financial information, such as:

  • Products and Services purchased, obtained, or considered
  • request documentation
  • customer service records and correspondence
  • financial transaction history
  • financial account number^
  • bank account number and details^
  • credit and/or debit card number
  • tax identification number^


      Professional and educational information, such as:

  • job title or position
  • your employer, company with which you are associated, or principal
  • working location
  • work skills
  • employment history
  • graduate degrees
  • certifications
  • specialized training
  • responses to surveys and questionnaires
  • enrollment history for our education and training events
  • records of collaborations with R+F
  • information from references
  • background checks^


      Anonymized / de-identified data:

  • Anonymized and/or de-identified data is data for which your individual personal characteristics and information have been removed such that you are not identified or identifiable and the information is no longer considered PI under data protection laws**


Where do we get the data?

  • you directly
  • our Affiliates or Brand Consultants
  • your employer, company with which you are associated, or principal
  • your references and third parties that assist us in conducting background checks
  • your devices
  • our security systems (including CCTV)
  • third parties that provide access to information you make available, such as social media companies
  • business partners or other third parties that assist us in providing and improving our Products and Services


Why do we process the data? (Purposes for the processing of PI that may be considered sensitive are noted with a “^”)

  • to communicate with you
  • to administer our relationship with your organization^
  • to send you updates
  • to identify and authenticate you^
  • to detect security incidents*
  • to protect against malicious or illegal activity^
  • for short-term, transient use^
  • for administrative purposes^
  • for marketing, internal research, and development^, including training, developing, and improving artificial intelligence services
  • to provide you with our Products and Services^
  • to comply with legal and regulatory obligations^


What are the Lawful or Legal Bases of Processing?

  • for the purposes of our legitimate interests
  • to comply with legal and regulatory obligations and to establish, exercise, or defend our legal claims and rights
  • in preparation for or to perform a contract with you
  • in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law*


Who receives the data? (Parties that may receive PI that may be considered sensitive are noted with a “^”)

  • R+F, our affiliates, and related companies^
  • R+F Brand Consultants
  • our customers
  • non-affiliated parties, including service providers
  • third party shippers
  • friends you refer to the Service
  • third parties who assist with fraud prevention, detection and mitigation^
  • third parties who assist with our information technology and security programs^ and our loss prevention programs
  • third parties who assist with support services
  • R+F’s lawyers, auditors, and consultants^
  • partners that assist us in providing the Products and Services or help us improve our marketing or administration^


D. Attendees and Participants at Events

We may process your PI when you attend or participate in events or conferences we hold.

Examples of the types of data we process (PI that may be considered sensitive is noted with a “^”)


      Identity and contact information, such as:

  • first and last name or unique personal identifier
  • honorifics and titles including preferred form of address
  • company/employer
  • email address
  • postal address
  • phone number
  • username or code and password^, security answers^, and user preferences


      Demographic information, such as:

  • age
  • gender
  • preferred language
  • disability^
  • date of birth


      Video, audio, and recorded information, such as:

  • still images
  • video (including via CCTV)
  • audio


      Technical information, such as:

  • Internet Protocol (IP) addresses (which may identify your general geographic location or company)
  • browser type and browser language
  • device type
  • advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID))
  • date and time you use our Products and Services
  • Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our Products and Services
  • activity on our Products and Services and referring websites or applications
  • data collected from cookies or other similar technologies^’


      Commercial and financial information, such as:

  • Products and Services purchased, obtained, or considered
  • bank account number and details^
  • customer service records and correspondence
  • request documentation
  • financial transaction history
  • financial account number^
  • credit and/or debit card number
  • tax identification number^


      Anonymized / de-identified data:

  • Anonymized and/or de-identified data is data for which your individual personal characteristics and information have been removed such that you are not identified or identifiable and the information is no longer considered PI under data protection laws**


Where do we get the data?

  • you directly
  • your employer or principal
  • your devices
  • our Brand Consultants or business partners


Why do we process the data? (Purposes for the processing of PI that may be considered sensitive are noted with a “^”)

  • to communicate with you
  • to administer our relationship with your organization
  • to send you update
  • to identify and authenticate you^
  • to detect security incidents^
  • to protect against malicious or illegal activity^
  • for short-term, transient use^
  • for administrative purposes^
  • for marketing, internal research, and development^


What are the Lawful or Legal Bases of Processing?

  • for the purposes of our legitimate interests
  • to comply with legal and regulatory obligations and to establish, exercise, or defend our legal claims and rights
  • in preparation for or to perform a contract with you
  • in circumstances where we have requested and received consent and for other purposes that may be required or allowed by law^


Who receives the data? (Parties that may receive PI that may be considered sensitive are noted with a “^”)

  • R+F, our affiliates, and related companies^
  • other event attendees and participants
  • third parties who assist with fraud prevention, detection and mitigation^
  • third parties who assist with our information technology and security programs^
  • third parties who assist with support services
  • R+F’s lawyers, auditors, and consultants^
  • partners that assist us in providing the Products and Services or help us improve our marketing or administration^


E. Children

The Service is intended for a general audience and not directed to children less than 13 years of age. We do not knowingly collect information from children under thirteen (13). Under our Terms and Conditions, children are not permitted to use our Site or Service.

Rodan + Fields does not intend to collect personal information as defined by the U.S. Children’s Online Privacy Protection Act (“COPPA”) (“Children’s Personal Information”) in a manner that is not permitted by COPPA. If we obtain knowledge that we have collected Children’s Personal Information in a manner not permitted by COPPA, we will delete such data to the extent required by COPPA.

California residents under the age of eighteen (18) who have registered to use the Service and who posted content or information on the Service, can request removal by contacting Rodan + Fields here, detailing where the content or information is posted and attesting that you posted it. Rodan + Fields will then make reasonable good faith efforts to remove the post from prospective public view or anonymize it so the minor cannot be individually identified to the extent required by applicable law. This removal process cannot ensure complete or comprehensive removal. For instance, third parties may have republished or archived content by search engines and others that Rodan + Fields does not control.

*In limited circumstances, recipients may include, (1) in the event of a sale, assignment, merger, consolidation, corporate reorganization, or transfer, to the buyer, assignee, or transferee; and (2) government or regulatory officials, law enforcement, courts, public authorities, or others when permitted by this Notice or required by law.

**We will not attempt to re-identify you or anyone else from this de-identified data, and if we disclose it to third parties, we will require that they commit to not attempting to re-identify you or anyone else from the de-identified data.

III. Consumer Health Data

The law of the state in which you reside or in which your PI is collected may make specific requirements in connection with PI that is linked or is reasonably capable of being linked to you and that identifies your past, present, or future physical or mental health status (“Consumer Health Data”). Please note that the collection of consumer health data subject to the Washington State My Health My Data Act (the “MHMDA”) is addressed in the separate Washington Consumer Health Data Privacy Notice below.

To the extent your PI constitutes “Consumer Health Data,” the categories of Consumer Health Data being collected; the manner in which it will be used; the categories of sources from which it is collected; the categories of third parties and affiliates with whom it is being shared; the purposes of collecting, using and sharing it; and the manner in which it will be processed are all provided in the “Information Collected” section of this Policy. Additional information about R+F’s activities can be found in the “Processing Using Website Tracking” and “Third Parties” sections of this Policy.

To the extent that the state in which you live requires us to provide certain rights to you in connection with your Consumer Health Data, we will provide the following rights to you based on your state’s law:

  • To request our confirmation that we are collecting, sharing, or selling your Consumer Health Data;
  • To request to review and to make changes to any of your Consumer Health Data;
  • To request that we delete your Consumer Health Data;
  • To request a list of all third parties with whom we have shared or sold your Consumer Health Data;
  • To request that we stop collecting, sharing, or selling your Consumer Health Data;


To exercise any of these rights, follow the procedure explained in the “Your Rights Regarding Your PI” section of this Policy.

A third party may collect Consumer Health Data over time and across different websites or online services when you use any of our websites or Online Services. For more information, see the “Third Parties” sections of this Policy.

This section (and the Policy more generally) is effective as of the “Last Updated” date above. We will notify you of changes to this section (and the Policy more generally) as described in the “Changes to This Privacy Notice” section.

IV. Cookies and Marketing

We may now or in the future use the data collected through Tracking Technologies (directly by us or by our service providers) and other data (i.e. deterministic data such as unique identifiers) to make educated predictions that give us the ability to match your devices. We may then, subject to the limitations otherwise set forth in this Policy and applicable law, display targeted advertisements to you across your devices (unless you have opted-out for a particular device as described in the options section below.)

We may use the information we collect (alone or in combination with information provided by third parties and service providers) through Tracking Technologies (which may be combined with other PI such as your e-mail address), and from other sources, to deliver targeted advertising to you when you visit our Online Services or elsewhere. For example, if you are searching our Online Services for information on a particular product, we may use that information to cause an advertisement to appear on other websites you view promoting a product that matches your search.

We also partner with third parties that collect information across various channels, including offline and online, for purposes of delivering advertising that is more relevant to you. Our partners may place or recognize a Tracking Technology placed on your computer, device, or directly in our e-mails/communications, and we may share PI with them for interest-based advertising purposes. Our partners may use this information to recognize you across different channels and platforms, including but not limited to, computers, mobile devices, and Smart TVs, over time for advertising, analytics, attribution, and reporting purposes. Rodan + Fields is not responsible for, and makes no representations regarding, the policies or business practices of ny third parties, including, without limitation, analytics Service Providers and Tracking Technologies associated with the Service.


A. Targeted or Behavioral Advertising

Where allowed by law, as described above, we use your PI to provide you with targeted advertisements or marketing communications we believe may be of interest to you. In some jurisdictions, you may have the right to opt out of these types of targeted advertisements. See the Notice of Opt-out of Sale or Sharing or Limit the Use of Sensitive Data section below to do so.

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page by going to http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.


B. Notice of Opt-out of Sale, Sharing for Targeted Advertising, or Limit the Use of Sensitive Data

Certain of R+F’s practices may be considered the sale or sharing of PI under applicable law. You may have the right to opt-out of the sale of PI, opt-out of sharing of PI for purposes of cross-context behavioral advertising, which in other states is the right to opt-out of targeted advertising, and the right to limit the use of sensitive PI. To exercise these rights, please see the “Your Rights Regarding Your PI” section below.

In general, opt-outs must be performed on each device and browser that you wish to have opted-out. For example, if you have opted out on your computer browser that opt-out will not necessarily be effective on your mobile device. In the event we are performing cross-device matching (as described above), once you have opted out on one device (“Opted-Out Device”), we will not use any new data from the Opted-Out Device to identify you on another device for interest-based advertising purposes and we will not use data from another device for interest-based advertising purposes on the Opted-Out Device.

You can opt-out of selling of your PI or opt-out of targeted advertising for any R+F website you visit by clicking on the "Cookie Settings" link located at the bottom of that website, as described above, or you may choose to enable online a universal tool that automatically communicates your opt-out choice, such as the Global Privacy Control (“GPC”). We will process the GPC signal as a request to opt out. We will recognize and apply the GPC Signal to inactivate all of the cookies for that website, except for cookies that are necessary for the website to operate (“Strictly Necessary Cookies”). Additionally, you can determine if your browser GPC Signal has been recognized by clicking on the “Your Privacy Choices” link in the footer of the website that will include a short message at the top of the preference center indicating that your GPC Signal has been received. To learn more about and enable GPC, you can visit the Global Privacy Control page at https://globalprivacycontrol.org. If you visit our website from a different device or from a different browser on the same device, you will need to opt-out, or use an opt-out preference signal, for that browser and/or device.

With respect to Rodan + Fields’ Apps, you can stop all collection of data generated by use of the app by uninstalling the app. Also, you may be able to exercise specific privacy choices, such as enabling or disabling certain features (e.g., tracking across apps and websites owned by other online services, location-based services, push notifications, accessing calendar/contacts/photos, etc.), by adjusting the permissions in your mobile device and/or the app’s settings. For example, to limit receiving Interest-based Advertising on your mobile device, for iOS 14, go to “Settings,” select “Privacy,” select “Tracking,” and then toggle off “Allow Apps to Request to Track.” For earlier versions of iOS dating back to iOS 6, go to “Settings,” select “Privacy,” select “Advertising,” and toggle on “Limit Ad Tracking.” For Android, go to “Settings,” select “Privacy,” select “Ads,” and then toggle on “Opt out of Ads Personalization.” Beware that if GPS precise location services are disabled, other means of establishing or estimating location (e.g., connecting to or proximity to Wi-Fi, Bluetooth, beacons, or our networks) may persist. To learn more about how you can control location permissions using your mobile device’s operating system settings, please visit the following links depending on which device you use:

Android:
For Android 6.0 and above: https://support.google.com/googleplay/answer/6270602?hl=en
For earlier versions of Android: https://support.google.com/googleplay/answer/6014972

iOS: https://support.apple.com/en-us/HT207056

V. Interactive Features of our Websites

To the extent we offer any public or group forums on our Products and Services, such as newsfeeds, blogs, message boards, or similar tools (“Interactive Features”), the posts or comments you make may be public and viewed by others. You should use care before posting information about yourself, including PI. You acknowledge and understand that you have no expectation of privacy or confidentiality in the content you submit to Interactive Features over the Products and Services. Except when required to do so by applicable law, we assume no obligation to remove PI you post on our Products and Services, and your disclosure of any PI through the Interactive Features is at your own risk.

VI. Third Parties

A. Service Providers

Service providers acting on our behalf must execute agreements requiring them to maintain confidentiality and to process PI as necessary to perform their functions in a manner consistent with this Notice, other applicable privacy notices, and as explicitly permitted or required by applicable laws, rules, and regulations.


B. Combination of Data with Data Received from Third Parties

We may combine information we collect, including PI, with PI that we may obtain from third parties.


C. Links to Other Websites

Our Products and Services may contain links to other websites, applications, products, or services that are not owned or operated by R+F, such as social media websites and applications like Facebook and Twitter. You should carefully review the privacy policies and practices of other websites, products, and services as we cannot control and are not responsible for privacy policies, notices, or practices of third-party websites, applications, products, and services.

VII. Your Rights Regarding Your PI

Please note that in many circumstances, we cannot effectively do business with you without processing some PI about you (e.g., your contact information). For example, when you contact our customer service representatives, we may require you to provide information to authenticate your identity to assist you with your request. If you are unable to provide this information, we may be unable to process your request.

To the extent that the state in which you live has a data protection law that requires us to offer some or all the following rights to you, we will provide the following rights to you based on your state’s law:

  • To opt-out of sharing your PI for cross-context behavioral advertising or, in other states, to opt-out of targeted advertising;
  • To request access to and a copy of your PI, including to provide your PI directly to another organization, i.e., a right to data portability;
  • To request to know about the PI we process about you or to request to acknowledge our processing of your PI;
  • To request that we correct your inaccurate PI;
  • To request that we delete your PI except to the extent we have a basis for retention under applicable law;
  • To request that we limit the processing of your Sensitive PI;
  • To not receive discriminatory adverse treatment for exercising any of your rights;
  • To opt-out of processing of Sensitive PI;
  • To appeal the denial of a request; and
  • To lodge a complaint with the data protection authority in your jurisdiction.


To learn if you have the other above rights in the state in which you live and to exercise any of these rights with respect to your PI, please complete the form located at our Consumer Rights Request Portal or, if you prefer, you can call us at 415-273-8000 or email privacy@rodanandfields.com. We will not discriminate against you for exercising any of the rights described above, although we may not be able to continue to provide you Products and Services or it may otherwise affect the way we are able to interact with you.

You may also use an authorized agent to submit requests on your behalf. Authorized agents may submit such requests by visiting the agent section of our Consumer Rights Request Portal. An authorized agent must have your signed permission to submit a request on your behalf. Before completing requests from authorized agents, we may contact you directly to confirm you’ve given your permission and/or to verify your identity.

We will make reasonable efforts to respond promptly to your requests in accordance with applicable laws. We may, after receiving your request, require additional information from you to honor your request and verify your identity. Upon submitting a request, you will receive an email providing a link where you can authenticate your email address. If authentication is not completed within 7 days, the link will expire and the request will automatically close. You must authenticate your email address within 7 days of receiving the link in order for your request to be processed. Please be aware that we may be unable to afford these rights to you under certain circumstances, such as if we are legally prevented from doing so.

In the event you wish to make a complaint about how we process your PI, please contact us at privacy@rodanandfields.com and we will handle your request as soon as possible. Even if you make a complaint to us, you may always lodge a complaint with the relevant authority in your location.

When we receive your PI from our customers and process your PI on their behalf, we do so at their request and subject to their instructions. We do not have control over our customers’ privacy and security practices and processes. If your PI has been submitted to us by a R+F customer and you wish to exercise any of the above-mentioned rights, please contact the relevant customer directly.


Our Rewards Programs

We may offer discounts or other rewards (“Incentives”) from time-to-time to customers that provide us with Personal Information, such as your name, phone number, email address, IP address and location. You may opt-in to incentives by subscribing to our Perks Program or other loyalty and Incentive programs we may offer from time-to-time (“Program(s)”). Each Program may have additional terms, available on the Program page, at Program sign-up, or on the Promotional Terms and Conditions page. We measure the value your PI collected in Programs by the cost of operating the applicable Program (excluding Incentive costs) and/or the cost of providing the Incentive. We deem the value of the PI to be reasonably related to the value of the Incentive, and by subscribing to these Programs you indicate you agree. If you do not, do not subscribe to the Programs. If you subsequently wish to withdraw from the Programs, the method for doing so will be explained in the Program terms. We do not limit Program participation to consumers that do not exercise their privacy rights. However, a deletion request will only delete Program PI if you wish to terminate your participation in the Program.

VIII. Safeguarding Information

Consistent with applicable laws and requirements, R+F has put in place physical, technical, and administrative safeguards designed to protect PI from loss, misuse, alteration, theft, unauthorized access, and unauthorized disclosure consistent with legal obligations and industry practices. However, as is the case with all websites, applications, products, and services, we unfortunately are not able to guarantee security for data collected through our Products and Services. In addition, it is your responsibility to safeguard any passwords, ID numbers, or similar individual information associated with your use of the Products and Services.

IX. How Long Your PI Will Be Retained

We generally retain PI for as long as needed for the specific business purpose or purposes for which it was collected or obtained, and as outlined in this Policy. In some cases, we may be required to retain PI for a longer period of time by law or for other necessary business purposes. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject that affects the PI; and (iii) whether retention is determined to be necessary or advisable for R+F due to applicable statutes of limitations, litigation, or other legal or regulatory obligations. R+F takes reasonable steps to dispose of PI upon the expiration of retention periods taking into consideration these litigation, legal, or regulatory obligations.

X. Changes to This Privacy Policy

We reserve the right to change this Policy from time to time. The changes will apply prospectively, not retrospectively. We will alert you when changes have been made by indicating the date this Policy was last updated as the date the Policy became effective or as otherwise may be required by law. It is recommended that you periodically revisit this Policy to learn of any changes. To the extent allowed by applicable law, your continued use of the Products and Services after we post any revisions to this Policy constitutes your acceptance of the revised terms and conditions as to such continued use.

XI. Contact Us

If you have questions or comments about this Policy or about how your PI is processed, please contact us by one of the methods below:

Email: privacy@rodanandfields.com
Webform: Consumer Rights Request Portal
Phone: 415-273-8000 (for R+F Support) and 1-877-915-7167 (to submit a Consumer Rights Request)

We will make reasonable efforts to respond promptly to your requests in accordance with applicable laws. Please note that email communications will not necessarily be secure; accordingly, you should not include credit card information or other sensitive information in your email correspondence with us. Note that your request to exercise your privacy rights should be done through the Consumer Rights Request Portal or 1-877-915-7167.

XII. Washington Consumer Health Data Privacy Notice

This Washington Consumer Health Data Privacy Notice ("Notice") applies to “Consumer Health Data” subject to the Washington State My Health My Data Act ("MHMDA") that Rodan & Fields Beauty, LLC, f/k/a Rodan & Fields, LLC, including all its subsidiaries and affiliates ("Rodan + Fields," "we," "our," and "us") collects as a regulated entity under MHMDA. This Notice is provided for residents of the State of Washington (“Washington”) and consumers whose health data is collected in Washington in accordance with MHMDA, and supplements Rodan + Fields’ Privacy Policy, which provides further information regarding how Rodan + Fields collects, uses, and discloses your data under applicable data protection laws. Consistent with the MHMDA, we use the term “consumer health data” to mean personal information that is linked or reasonably linkable to a consumer and that identifies the consumer's past, present, or future physical or mental health status.

This Notice sets out how we at Rodan + Fields (including all its subsidiaries and affiliates, Rodan + Fields platforms, applications, services, and Rodan + Fields branded products) use and disclose your Consumer Health Data that we collect from or about you as:

  • a user of Rodan + Fields brands, products and services;
  • a visitor to Rodan + Fields and Rodan + Fields-owned websites;
  • a user of Rodan + Fields systems and applications;
  • a member of the general public who is interested in contacting or is being contacted by Rodan + Fields; and
  • any individual who has received this Notice and to whom the other notices in the Privacy Policy do not apply.


We understand that privacy is important to you. We are committed to treating your Consumer Health Data with care and integrity.

Before submitting your Consumer Health Data to us, please review this Notice carefully. Rodan + Fields may supplement this Notice depending on which products or services you use.

In this Notice, we explain:


What Consumer Health Data do we collect, use, and share about you?

The Consumer Health Data we collect, use, and share may include:

1. Individual health conditions, treatment, diseases, or diagnosis;
2. Social, psychological, behavioural, and medical interventions;
3. Health-related surgeries or procedures;
4. Use or purchase of medication;
5. Bodily functions, vital signs, symptoms, or measurements of physical or mental health status;
6. Diagnoses or diagnostic testing, treatment, or medication;
7. Any other health information that you provide to us;
8. Biometric data;
9. Data that identifies you seeking healthcare services; or
10. Any personal information that is derived or extrapolated from non-health information (such as proxy, derivative, inferred, or emergent data by any means, including algorithms or machine learning).

You can choose not to give us Consumer Health Data when we ask you for it. If you decide not to give us your Consumer Health Data, it may restrict our relationship with you. For example, we may not be able to provide you with the services that you have requested.

In addition to Consumer Health Data, we also collect and share your personal information in accordance with our Privacy Policy.

For what purpose do we collect your Consumer Health Data and how do we use it?

We use your Consumer Health Data for the purposes we have described below in this Notice, or for purposes that are reasonably compatible to the ones described.

We will use your Consumer Health Data to Manage our relationship with you, including:

  • Provide our products and services to you;
  • Send you updates;
  • Manage your account on our websites, and apps;
  • Identify you and authenticate your access rights access to our websites, systems, and apps;
  • To respond to your queries and provide you with information when you request it or when we believe our products and services may be of interest to you. If we intend to share electronic marketing with you, we will ask for your consent where required and you can opt out at any time;
  • Invite you to provide feedback, participate in research, surveys or attend events;
  • Personalize your experience when interacting with Rodan + Fields;
  • To deliver services to you via your smart device and our mobile apps;
  • Report the adverse events you notify us about; and
  • Perform analytics, market research and segmentation to understand your preferences, improve our products and services and our communications to you.


We will use your Consumer Health Data to manage and improve our processes and our business operations, including:

  • Manage our network and information systems security;
  • Manage our workforce effectively;
  • Respond to reports you make of a possible side effects associated with one of our products and to monitor the safety of our products;
  • Perform data analyses, auditing and research to help us deliver and improve our Rodan + Fields digital platforms, content and services;
  • Verify or maintain the quality or safety of our products and services, and to improve, upgrade, or enhance our products and services;
  • Short-term, transient use;
  • Prevent, detect, and respond to security incidents;
  • Protect against malicious, fraudulent, or illegal activity;
  • Engage in the contracting and negotiation process;
  • Perform our obligations in accordance with our contracts;
  • Monitor and analyse trends, usage and activities in connection with our products and services to understand which parts of our products and services are of the most interest and to improve them accordingly;
  • Prepare and perform management reporting and analysis, including analytics and metrics;
  • To gain insights and feedback on our products and services in order to correct or improve them, by analyzing information from external sources such as Google, Facebook, TikTok, SnapChat and Twitter (and others); and
  • As part of a merger or acquisition we may engage in with other entities or specific brands, including but not limited to conducting due diligence, market research, valuations, and revenue streams.


We will use your Consumer Health Data to comply with our legal and regulatory obligations, including:

  • To follow applicable laws and regulations;
  • To respond to requests from competent public authorities;
  • To tell you about changes to our terms, conditions and policies;
  • To exercise or defend Rodan + Fields against potential, threatened or actual litigation;
  • To investigate and take action against illegal or harmful behavior of users; and
  • To protect Rodan + Fields, your vital interests, or those of another person.


How do we collect your Consumer Health Data?

Directly from you when you:

  • Consent to our use of your Consumer Health Data;
  • Create an account and profile on one of our websites, or apps;
  • Use our websites, apps and systems, through the use of cookies, pixels, web beacons, and other online tracking tools (for more information about how we use online tracking tools please see our general Privacy Policy);
  • Share or use your social media profile to contact Rodan + Fields;
  • Sign up with us to receive promotional material;
  • Enter a contest or competition organized by Rodan + Fields;
  • Engage with a Brand Consultant;
  • Get in touch for support or to provide feedback;
  • Attend an online event such as a webcast;
  • Respond to any surveys that you may choose to participate in;
  • Share adverse events or medical information inquiries with us; and
  • Attend offline meetings, such as advisory boards or conferences.


From other sources:

  • Those authorized to provide Consumer Health Data on your behalf, such as your caregiver or authorized representative;
  • R+F Brand Consultants
  • Publicly accessible sources;
  • Marketing vendors and partners;
  • Healthcare provider directories;
  • Events management agencies;
  • Social media platforms; and
  • When you talk about us online, such as mentioning a Rodan + Fields product in a social media post.


If you connect your social media account to our websites, or apps, you will share certain Consumer Health Data from your social media account with us. This may include your name, email address, photo, list of social media contacts, and any other information you make accessible to us when you connect your social media account to our websites, or apps.

We also combine information about you from various sources, including the information you provide to us and Consumer Health Data, which is collected during your relationship with us.

Who do we share your Consumer Health Data with?

We share your Consumer Health Data on a need-to-know basis, and to the extent necessary to follow laws and regulations, and in the context of managing our relationship with you. In some instances, we may need your consent prior to sharing your Consumer Health Data.

We share your Consumer Health Data only with teams in our Rodan + Fields companies and affiliates or specialized third party service providers who need to see it to do their jobs.

We will also share your Consumer Health Data with other entities, for example:

  • R+F Brand Consultants
  • Business partners or affiliates;
  • Third parties who assist with fraud prevention, detection and mitigation;
  • Third parties who assist with our information technology and security programs and our loss prevention programs;
  • Advisors, auditors, consultants, and representatives;
  • Event agencies;
  • Marketing agencies;
  • Technology suppliers who work with us to develop and improve our websites, digital forums and apps;
  • Media services providers who work with us;
  • Suppliers managing adverse event reports;
  • Local or foreign regulators, courts, governments and law enforcement authorities; and
  • Professional advisors, such as auditors, accountants and lawyers.


What are your privacy rights?

As a Washington resident, you have following rights with respect to the Consumer Health Data we process about you:

  • To confirm whether we are collecting, sharing, or selling your consumer health data;
  • To access such data to the extent that we are collecting, sharing, or selling it;
  • to request a list of third parties and affiliates with whom we have shared or sold your Consumer Health Data, and an active email address or other online mechanism that you may use to contact such third parties;
  • To request that we delete Consumer Health Data that we have collected from you; and
  • To withdraw your consent for us to collect, share, or sell your Consumer Health Data.


How can you securely and reliably exercise your rights under the My Health My Data Act?

Washington residents may exercise the above rights by contacting us via our Consumer Rights Request Portal or by calling us at 1-877-915-7167.

Where we have relied upon your permission to collect, share, or sell your Consumer Health Data, and you later withdraw that permission, we may not be able to complete some of the activities described in How do we use your Consumer Health Data . If you would like to withdraw your consent to collect or share your Consumer Health Data automatically collected online through cookies and other tracking technologies, you may do one of the following:

  1. Submit a request through our Consumer Rights Request Portal.
  2. Disable the use of all cookies and other tracking technologies through our web form.
  3. Submit an opt-out request using a preference signal that is sent in a commonly used and recognized format.


If you choose to exercise any of these rights, Rodan + Fields will not discriminate against you in any way. If you exercise certain rights, understand that you may be unable to use or access certain features of our website or our products or services.

For your protection, and to protect the privacy of others, we may need to verify your identity before completing what you have asked us to do. We will take steps to verify your identity before completing your rights request. Upon submitting a request, you will receive an email providing a link where you can authenticate your email address. If authentication is not completed within 7 days, the link will expire and the request will automatically close. You must authenticate your email address within 7 days of receiving the link in order for your request to be processed. We may also ask you to provide additional information, such as your name, home address, and email address. Depending on the nature of your request and our relationship with you, we may request different or additional information, including a signed declaration that you are who you claim to be. We cannot respond to your request or provide you with consumer health data if we cannot verify your identity or authority to make the request and confirm that the Consumer Health Data relates to you. We will only use Consumer Health Data collected in connection with a verifiable consumer request to verify the requestor's identity or authority to make the request.

You may use an authorized agent to submit a request on your behalf. Your authorized agent must submit a request via our Consumer Rights Request Portal and indicate that they are submitting the request as an agent. We may require the agent to provide proof that you gave signed permission to submit the request and may also require to you to confirm with us that you provided the agent permission to submit the request or to verify your own identity directly with us.

You may have the right to appeal our decision if we deny your rights request. To submit an appeal, contact us via our Consumer Rights Request Portal or by calling us at 1-877-915-7167.

How do we update this Notice?

From time to time, we will update this Notice. Any changes become effective when we post the revised Notice on the Rodan + Fields website. This Notice was last updated as of the “Last Updated ” date shown above. If changes are significant, we will provide a more prominent notice to let you know what the changes are and we may be required to seek your consent prior to implementing the changes to our collection, sharing, or sale.

How can you contact us?

If you want to exercise your rights, have any questions about this Notice, need more information or would like to raise a concern, please contact us using one of the methods below.

Online: Use our online Consumer Rights Request Portal
Telephone: 415-273-8000 (for R+F Support) and 1-877-915-7167 (to submit a Consumer Rights Request)
Email: privacy@RodanandFields.com