POLICY FOR PROTECTION OF PERSONAL DATA

Concerned about the protection of your privacy, we attach great importance to the confidentiality of the personal data that you send to us.

We would like to explain to you by this policy for the protection of personal data(hereinafter the“Policy”), the nature of the personal data that we collect, the way in which we process it and the measures that we take to ensure its security and the nature of your rights.

Our Policy can be updated at any time by us and these modifications shall take effect immediately. We thus invite you to regularly consult it in order to take note of the latest version available.

By using our internet site (hereinafter called the “Site”), you declare that you accept the terms of this Policy and agree that we can collect, use and disclose your personal data in accordance with the policy. This Policy applies to all the personal data that you provide to us directly or indirectly. In the event of a disagreement about the terms of the Policy, we invite you not to use our site.

Please take the time to review this notice which explains what information we collect about you, how we use it, and your rights.

This site uses a VeriSign SSL123 Certificate to offer secure communications by encrypting all data to and from the site. VeriSign has checked and verified the site's registered domain name.

For any further information, you can contact us here

1. Who collects your personal data?

Your personal data collected in the course our activities and collected as described in this Policy and processed by:

LABORATOIRE NUXE

Registered office:127 rued’aguesseau, 92100 Boulogne-Billancourt, France

Paris Corporate Register number: 642.060.123

2. When do we collect your data?

We collect, directly or indirectly through our service providers, personal data from you notably when:

  • You browse on our Site or use our Services on ourSite,

  • You create an account on our Site and our BeautyProfile,

  • You connect to your account on our Site,

  • You use your account on our Site,

  • You subscribe to our newsletter,

  • You place and pay for an order on our site,

  • You draft a customer opinion, a comment about our social networks or ourSite,

  • You contact us through various channels including, in particular, the contact forms,by chat, by mail,by post or by telephone,

  • You contact us via out chat,

  • You participate in a game or contents, product tests, satisfaction surveys and polls,

  • You share content on social networks by using a hashtag #Nuxe or hashtags that we propose to you,

  • You have given your agreement to third parties so that they can send us personal data concerning you,

  • We only collect your personal data when this is strictly necessary and legal. We undertake only to collect the minimum of personal information necessary for the purposes covered by this Policy.

In the event where we will need to use your personal data for purposes not covered by this Policy, additional consent will be requested from you. Such consent is not compulsory but will sometimes be necessary so that we can be able to meet our needs/requests.

Please note, however, that your consent will not be necessary if the processing that we make of your personal data is justified by a legitimate reason on condition that this use has no prejudicial effect on your own rights and interests.

3. How do we collect your data?

We can collect personal information about you from various sources, notably:

  • The personal data collected directly, that you voluntarily communicate to us notably through collection forms (for example last name, first name, address details, etc)
  • The personal data collected indirectly, automatically or with your express consent at the time of use of our Site
  • The personal data that you choose to share at the time of us of sites third parties, that we have collected from other sources
  • The personal data concerning you coming from other legitimate sources, including sources available commercially, such as public databases, data aggregators, etc.

4. What personal data do we collect?

In this Policy, “your personal data” means information or items of information which allow you to be identified directly or indirectly. This generally includes information such as your name, address, profile photo, e-mail address and telephone number, but can also include other information such as your IP address, your buying habits, and information about your lifestyle or your preferences.

Even if the precise details of the personal data that we collect vary according to specific needs, we generally collect the following data:

When?

What data?

At the time of your browsing on our Site and/or your connection to your account or your beauty profile

your last name, first name, e-mail address, connection data, product reviews, and any information which you add to your account profile, technical data including your IP address, browsing information concerning your terminal

At the time of the creation of your account on our Site

your last name, first name, e-mail address, date of birth,type of skin, FacebookID(ifconnectionlinkedtoFacebook), gender,and any information which you add to your account profile,

At the time of your place or payment for an order on our Site

credit/debit card details and delivery information

At the time of your registration for our newsletter

your e-mail address

At the time of the filing of your opinion about a product and/or service proposed on our Site or our social networks

Your name, a title, the content of your opinion

At the time of your contacting our Consumer Departmentyour last name, first name, e-mail address, postal address, date of birth, telephone number, order number, the content of your request.
At the time of your participationàgames/contest, product tests, satisfaction surveys and pollsyour last name, first name, e-mail address, gender, date of birth, your content connected to the participation (photographs, videos, opinions, comments, etc), Facebook ID, product reviews, and any information related to the surveys or polls.
When you authorize third parties to send us datathe content of the data that you provide to them
At the time of your browsing on our Sitewhich pages you viewed and whether you clicked on a link in one of our email updates, information about the device you use to access our Site, cookies and tracking technologies, your location if you give us your consent.

This data is honestly collected; no collection is made without the knowledge of the persons and without their being informed thereof.

5. For what purposes do we collect your data?

The processing that we use has an explicit, legitimate, and specific purpose.

Any processing of your personal data which may have a purpose other than those set out below shall require your consent if it is not justified by a legitimate interest.

For our part, the processing of your personal data allows us to provide you with the services of the Site, ensure their improvement and the maintaining of a secure environment and, in particular, to:

  • Manage the functioning and the optimization of our Site and our services and products
  • Help accelerate your future activities and experiences on our Site
  • Assess the use of our Site, of our products and services and to analyze the effectiveness of our communication campaigns and promotions
  • Personalize your experience on our Site and other platforms and to assess anonymously and globally the activity on our Site and other platforms (in particular, we take into account the time when you visited it, if you have already visited it and what site referred you to it)
  • Make our Site easier to us and better adapt our Site, our products, and services to your interests and needs
  • Carry out the transactions concerning our business relationship (orders, payment, deliveries, invoices, accounting, satisfaction survey, customer service, etc)
  • Manage our customer relationships through our CRM, in order to get to know you better, personalize our products and services and contact you concerning the products and services capable of interesting you (launching of new products, promotional offers, promotional events, beauty lessons and/or demonstrations, beauty diagnosis, PR event, VIP meetings, announcements/events, events with shopping centers, department stores, celebrities, magazines, television, Web sites, etc.), on condition that you have given your consent (or that you have not expressed your refusal) or that you have previously requested a product or service from us and that the communication is relevant or connected to this prior request and made within the times stipulated by the applicable laws.
  • Provide you with the products or services that you request from us (request for information, replying to your questions/comments)
  • Provide a customer service accessible by telephone or by instant messaging by type of purchase
  • Provide sharing tools on our Site and/or social networks
  • Proceed with the verification, identification and authentication of the personal data that you have sent us
  • Prevent and detect frauds, malwares (malicious software) and manage security incidents
  • Manage eventual disputes
  • Comply with applicable laws, including requests and subpoenas from lawful authorities for information they may request
We try to minimize the data collected, to keep it accurate and up to date by facilitating the rights of the persons concerned.


6. For how long do we keep your data?

In accordance with the legislation and regulations in effect, we do not keep your data beyond the duration strictly necessary for the purposes pursued above.

THE TYPE OF DATA

THE DURATION OF CONSERVATION

>The personal data that you have filled out/declared in your profile.

>The data concerning your browsing and your use of the Site,

Duration of three (3) years from your last activity on the Site

>The data concerning an order

Duration of three (3) years from your order

>The audience measurement statistics and your gross data of frequentation of our Site

Duration of thirteen (13) months

>The prospects/customer data

Duration of three (3) years from its collection or the last

contact or the end of the business relationship.

>The banking data

Without your consent, the duration of the transaction.

With your consent, this data can be kept until the expiry date of the bank card.

>The data permitting proof of a right or a contract to be established or kept to comply with a statutory obligation

Archiving in accordance with applicable laws, rules and regulations, as amended.

>The information concerning the listening to and recording of conversations in order to

improve the Consumer Service

The duration of the conversation and up toa maximum of six months thereafter.


However, in order to fulfill our administrative, legal, accounting, and tax obligations, your data can be the subject of archiving and be kept beyond the above-mentioned periods, in accordance with the legislation in effect.

7. What is our policy concerning cookies?

For more details, please consult our cookies policy

8. Who are the recipients of your data?

We are the sole recipients of your personal data and we do not market it.

However, as necessary we can communicate your personal data to authorized and specified recipients, namely:

  • all of the employees of the companies of the Nuxe Group,

  • our advertising, marketing, and promotion agencies to help us execute and analyze the effectiveness of our advertising campaigns and promotions,

  • third parties required to deliver a product or service to you, such as delivery or postal service delivering a product that you have ordered,

  • third party suppliers of services, such as the suppliers of hosting services for Websites,

  • suppliers of Web analysis tools such as Google,

  • our service providers and/or business partners when sharing is necessary to achieve the purposes stated above,

  • the administrative or judicial authorities when they request us to disclose your information to them,

We require that these recipients take the technical and organizational measures necessary and appropriate to ensure the confidentiality and optimal security of your data against any improper use and that only use it in accordance with our instructions and the legislation and regulations in effect, notably by the signature of an agreement for the protection of personal data.

9. What is our Policy about transfer outside of the EU?

We inform you that we may transmit personal data concerning you for the needs set out above to an affiliate of LABORATOIRE NUXE or trusted partners located outside of the European Economic Area, whose legislation concerning the protection of personal data differs from that of the European Union.

When these partners are located outside of the European Union, we take, as far as possible, all the appropriate measures to guarantee the security of such transfers by one of the following measures:

  • Either by obtaining your express and unequivocal consent to sharing your personal data with these third parties,

  • Or by concluding contracts for the transfer of data reproducing the standard clauses of the European Commission,

  • Or by complying with internal company rules in accordance with applicable laws,

  • Or by ensuring that these third parties are companies that have registered with the EU-US Privacy Shield and are self-certified.

We contractually require of our partners that they take all the technical and organizational measures to ensure the confidentiality and the security of your data.

10. How do we protect your data?

In our capacity as Data Controller, we take all reasonable precautions to protect the security and the confidentiality of your personal data by deploying organizational, technical, software, and physical measures and we require from our partners that they do the same.

Access to your personal data is restricted to prevent any unauthorized access, any modification, interference, loss, and/or abuse. However, despite our efforts, we cannot guarantee the perfect security of the transmission or storage of your personal data on the Internet due to the fact that the internet is not an environment sufficiently safe and secure.

11. How can you exercise your rights?

In accordance with the applicable law, you have:

  • A right of access to your personal data,

  • A right of rectification of your personal data,

  • A right of opposition to the processing of your personal data for legitimate reasons,

  • A right to the deletion of your personal data subject to having legitimate reasons,

  • A right of portability of your personal data as from 25 May 2018,

  • A right to “digital death” in accordance with the Law for the Digital Republic, by providing us with instructions concerning the conservation, deletion and the communication of your personal data after your death. These instructions can be recorded with a “trusted third party in digital affairs”.

In the absence of a person appointed to ensure the execution of these instructions, your heirs will be appointed.


In the absence of instructions during your lifetime, your heirs will then have the possibility of exercising certain rights, in particular,

  • the right of access, if it is necessary “for the settlement of the estate of the deceased person”,

  • the right of opposition to proceed with the closure of your user accounts and oppose the processing of their data.

To exercise these rights, you only need to make a written request for this, signed and accompanied by an identity document to the Consumer Department:

either by sending a letter to the following address:

  • By an e-mail to the address:customer.experience@thehutgroup.com
  • Or alternatively, you may write to us by post at Customer Services, Meridian House, Gadbrook Park, Cheshire, CW9 7RA, United Kingdom

A reply will be sent to you within one (1) month from the date de receipt of your request. Nevertheless, we reserve the right not to answer requests that are clearly unjustified.

However, you can exercise your right of access to and of rectification of your personal data at any time from your Account, excluding the data collected indirectly.

How do you deregister from our newsletter lists?

Deregistration from our newsletter lists is accessible through the deregistration link present at the bottom of all our newsletters.

What is our policy concerning personal data of minors?

Our Site is intended only for those who are 18 years or older, and, for minors who have the authorization of their legal representative allowing them to make an order on the Site.

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us immediately at customer.experience@thehutgroup.com. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

12. Social networks/Links

LABORATOIRE NUXE is not responsible for the illegal collection or processing of personal data made by social networks that we use such as Facebook, Instagram and Twitter. As a service provided to our visitors, our Site may contain hypertext links referring to other web sites which are neither operated nor controlled by LABORATOIRE NUXE. This being the case, LABORATOIRE NUXE shall not be held liable for the content of such web sites or for the measures of protection of data of third parties who operate them. We draw your attention to the fact that the measures of protection of the data of third parties can differ from those presented in this policy. We ask you to verify and understand their measures in the matter before entrusting your personal data to them.

13. California Privacy Rights

California residents may have additional personal information rights and choices. Please see your California Privacy Rights for more information.