Allez au contenu Allez à la navigation

Privacy policy

NAOS UK - BIODERMA LIMITED PRIVACY POLICY

Just like your skin, respect for your privacy is one of our priorities. When you visit our website or purchase our products, you may send us personal data, directly or indirectly. Your personal data are precious, they are part of your privacy.

BIODERMA (NAOS UK) therefore undertakes to collect and process your personal data in a transparent, fair and lawful manner.

We invite you to carefully read this Privacy Policy (hereinafter "the Policy"). Here you will find all the information about the data we collect, how we use it, how long it takes, how we protect it, what rights you have, and so on.

Our Privacy Policy may be updated or modified, depending on the evolution of our services, tools and regulations. The changes taking effect immediately, we invite you to consult it regularly.

I- Which data is covered by the Policy?

This Privacy Policy applies to all personal data that you communicate to us or that we collect, directly or indirectly, in particular when you browse our website https://www.bioderma-uk.com/ (hereinafter "The Website") or on the occasion of the purchase of BIODERMA (NAOS UK) products.

A "personal data" is information that directly or indirectly identifies a natural person. This includes, for example, your name, e-mail address, phone number, but also data on your consumption habits, your skin type, etc.


Time of collection


Categories of data collected


Retention period


Legal basis

You browse our Website

We collect:

 

• Your technical data for connection and navigation (e.g. your IP address, information about your browser, information about your device, pages visited, duration of your visit, etc.)

 

For more information, see our Cookie Policy.

13 months from the date of collection during your navigation.

Legitimate interest

Consent


You join the BIODERMA Loyalty Club, you use the services offered (e.g. declaration of your purchases, sending of your loyalty card, validation of your gift vouchers, payment of your prize pool, etc.), you use your account, you complete your profile, etc.

We collect:

• Your identification data (e.g. surname, first name, postal address, email address, photo, etc.);

• Data relating to your consumption habits (e.g. favourite outlets, cash receipts for proof of purchase, etc.);

• If you consent, data relating to your health and your skin colour (e.g. skin-related pathology, phototype, etc.) in order to offer you adapted products;

• Your personal situation (number of children and year of birth in order to offer you adapted products);

• Bank or financial data (e.g. amount of your kitty, IBAN, PayPal account number, etc.);

• Your profile on social networks (if you use it to connect, if you are active on our pages or if you communicate it to us).

3 years from the date of your account creation or last login to your account

Legitimate interest

Consent

Execution of a contract

You are sponsoring your friend (s)

We collect:

• The identification data of your referrals (last name, first name, email address).

1 month from collection

Legitimate interest

You subscribe to our newsletter

We collect :

  • Your email address

3 years from the date of collection or last contact from you

Consent

You write via our social networking pages

We collect:

• Identification data (surname, first name, etc.);

• Your profile on social networks;

• The content of your messages (which may include data relating to your health, skin colour, consumption habits, etc.).

3 years from the date of collection or last contact from you

Legitimate interest

Consent

You contact our Consumers Service or our advisers by email, phone, chat, mail

Depending on your request and the channel, we collect:

• Your identification data (e.g. surname, first name, postal address, e-mail address, etc.);

• The information you agree to communicate to us (which may contain information relating to your health, skin colour, habits of consumption, etc.);

• For chat: your real-time navigation data on our Website and the content of your preview messages (unsaved).

3 years from the collection or last contact from you

Legitimate interest

Consent

You participate in a game or contest

We collect:

• Your identification details (e.g. surname, first name, postal address, email address, nickname, phone number, etc.).


Time required to manage the game

Completing a contract

You participate in a product test or a satisfaction survey

The data we collect depends on the purpose of the survey or test.

We can collect including:

• Your identification data (name, surname, age, etc.);

• Data relating to your health (e.g. pathology related to your skin);

• Your family situation,

• Data relating to your skin colour (e.g. phototype), etc.

Duration required to complete the test or survey and to interpret the results.

Consent

Legitimate interest

You declare a case of Cosmetovigilance


We collect:

• Your identification data (e.g. surname, first name, postal address, e-mail address, etc.);

• The reason and the content of our exchanges;

• data relating to your health or your skin colour, if you decide or agree to communicate them to us;

• Bank or financial data (e.g. IBAN in case of refund, etc.).

Duration provided by law

Legal obligation

During each collection, certain data (indicated by asterisks) must be provided in order to benefit from the services offered. The others are purely optional and allow us to know you better, for example to offer you adapted offers.

II- How do we collect data from minors?

Our website is accessible to anyone, major or minor.

However, the additional prior consent of the holder of parental authority is required for minors under the age of fifteen who subscribe to our services or provide us with personal data concerning them.

III- The case of third-party websites

On our website, you can connect via your social network profiles, click on links to our social networking pages, etc.

Social networks (Facebook, Instagram, Pinterest, Twitter, YouTube, etc.) may collect personal data about you. You will find below the links to the privacy policies of these main social networks. To ensure the security of your data, we invite you to consult the privacy policy of these websites.

• Facebook: https://en-gb.facebook.com/privacy/explanation/

• Instagram: https://en-gb.facebook.com/help/instagram/155833707900388

• Twitter: https://twitter.com/en/privacy

• Pinterest: https://policy.pinterest.com/en-gb/privacy-policy

• YouTube: https://policies.google.com/privacy?hl=en-GB&gl=zz

 

You also have the option to publish content on our pages. We remind you that any content transmitted via our pages is accessible to the public. Concerned about the protection of your privacy, we invite you to be vigilant when you communicate your personal data on social networks. We are not responsible for the use that may be made by third parties, data that you have communicated publicly.

We remind you that we may collect the content you publish on our pages, to know you better and to segment our consumer databases.

IV- Cookie management

We may be required to deposit and use cookies when browsing our website or mobile application, in particular to improve our content and the operation of our services.

As part of the protection of your privacy, we invite you to consult our Cookies Management Policy to obtain information on these cookies and set their operation.

V-  Who are the recipients of your data?

We may be required to transmit your data to the following companies, structures and / or persons involved in the fulfilment of the purposes described in IV above:

• Employees of NAOS Group companies who need to process the personal data collected for the purposes explained above;

• Our subcontractors and service providers, for example to send you commercial solicitations when you have consented, to host our consumer databases, etc.;

• Google, to measure the audience on our Website;

• Social networks, to know your activity on our pages, your consumption habits etc.;

We select subcontractors, service providers and suppliers who provide sufficient safeguards to ensure the protection, security and privacy of your personal data, including the implementation of appropriate technical and organizational measures that meet the requirements of the law. They are only allowed to process your data according to our instructions.

Your personal data may also be communicated to the administrative or judicial authorities at their request, as well as to third parties or authorized recipients to comply with a legal obligation or for the exercise of legitimate interests.

VI- How do we ensure the security of your data?

We undertake to use reasonable means to ensure that your personal data are sufficiently protected, taking into account the sensitive nature of certain information collected. We use a variety of technologies and procedures to ensure that your data is treated in a manner that protects it against unauthorized loss, destruction, alteration, disclosure, or access, whether unlawfully or accidentally.

We implement measures that respect the principles of protection from the design stage and, by default, the personal data processed. As such, we are able to use data anonymization techniques whenever possible and / or necessary.

We demand an equivalent level of security from our subcontractors.

For example, we or our subcontractors store your data on computer servers located in controlled locations and whose access is limited.

VII-  Where do we store your data?

Our company and our subcontractors process and store your data only in member countries of the European Union.

VIII- How can you exercise your rights?

In accordance with the laws in force, you benefit from:

• A right to information;

• A right of access to data concerning you;

• A right to correct your data;

• A right to erase data for legitimate reasons;

• The right to oppose the processing of your data for legitimate reasons;

• The right to withdraw your consent to the processing of your data;

• A right to limit treatment;

• The right to portability of data;

• The right not to be the subject of a decision based exclusively on automated processing and having legal effects affecting you or affecting you significantly;

• The right to oppose the commercial prospection;

• The right to formulate guidelines regarding the storage, deletion and communication of your personal post-mortem data.

You may exercise these rights at any time by email, via our contact form (https://www.bioderma-uk.com/contact-us/individual) or by post to the following address: Consumer Service BIODERMA, NAOS UK - 1A Redchurch Street Third Floor E27DJ London United-Kingdom.

A reply will be sent to you within one month of receiving your request.

We reserve the right not to respond to requests that are manifestly unfounded in accordance with European regulations. The person concerned will be informed of any refusal formulated by us.

You can also - if you wish - make a complaint to the GOV.uk website: https://www.gov.uk/data-protection.

For more information please consult the following link:

http://www.aboutcookies.org/.

IX- How to contact the DPO?

We have appointed a Data Protection Officer (DPO) who can be reached at the following address: contacts@uk.naos.com, or by post at the following address: Legal Department - DPO, 1A Redchurch Street Third Floor E27DJ London United-Kingdom.

The Data Protection Officer is available to provide any necessary information regarding the Data Protection Policy.