We invite you to read this Policy, which explains how your personal data are processed by the La Prairie companies listed in the Data Controllers and Contact section below (Section 7) ("La Prairie", "we", "us").
It also tells you how you can access and update your personal data and make certain choices about how your personal data is used including a right to object to some of the processing (including personalized marketing) we carry out or where we rely on your consent, a right to withdraw this consent. More information about your preferences and rights is set out in Section 5 and 6 below.
If we change the way we handle your personal data, we will update this Policy and notify you or seek your consent as and when appropriate, usually by placing an updated Policy on our websites. If we make significant changes that materially alter our privacy practices, we may also notify you by other means, such as sending an email prior to the changes taking effect. We reserve the right to make changes to our practices and this Policy at any time. We invite you to check our Platforms from time to time for any updates or changes to this Policy
We may also provide you with additional information when we collect personal data where we feel it would be helpful to provide relevant and timely information.
1. WHAT PERSONAL DATA DO WE COLLECT?
We obtain personal data from or about you from various online and offline sources including when you: (i) interact with our websites listed on http://www.laprairie.com or mobile sites/applications (together "the Platforms"); (ii) interact with us on our social media pages, chat services, forums or blogs; (iii) visit one of our boutiques, stores or counters; (iv) participate in our events and demonstrations, loyalty or other client programs, competitions, promotions or surveys; or (v) participate in beauty consultations or interact with our beauty advisors and customer service.
Our products are sold through various authorized retailers. Unless otherwise indicated at the time that you provide your personal data, any personal data that our retail partners collect is not provided to us and this Policy does not apply to such personal data.
We collect the following personal data:
Information provided by you (for example, by creating a web account with us, signing up to our loyalty or other client programmes, or by providing information about yourself to us at one of our boutiques, stores or counters):
- Contact information (such as your name, phone number (home and mobile), home address and email address);
- Age, date of birth, gender, nationality, preferred language, interests and lifestyle;
- Billing information (including delivery address and payment details). We reserve the right to request additional evidence or proof of billing information where, in our reasonable opinion, this is necessary. Please note we do not keep your payment card details on file (except where required for refund purposes). We use a third party data controller, Wirecard AG, to process payment details;
- Website registration credentials (including username and password). By creating an account, you can securely store your debit and credit card information (held by our third party service provider) for easier and faster checkout, store and edit your delivery addresses and billing information and review your previous purchases and order history;
- Expressed personal preferences (such as communication and language settings);
- Interactions with us (such as your transaction history or information about your physical characteristics and skincare concerns obtained through a beauty consultation or survey or when you visit our social media pages, blogs or forums or interact with customer service or our chat service); and/or
- Correspondence and communication between us and you.
In addition, we sometimes run promotions or events where you can tell us about someone known to you who may be interested in our products and services. If this person gives you their permission to provide us with their details, then we will only use their information for that reason and not to send them any other unrelated offers. We may also mention that it was you who made the referral in the message that we send to them.
We do not knowingly collect information about minors.
Information automatically collected from your use of our Platforms, social media pages or interaction with our online adverts.
We automatically collect the following information:
- technical information, including your device’s IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, unique device identifiers and advertising identifiers; and
- information about your visit, including the URL clickstream to, through and from our Platforms (including date and time); products you viewed or searched for, the content (and any ads) that you view or interact with, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Some of this information is collected using cookies and related technologies. To learn more, please see Section 3 on "Cookies and related technologies".
Information collected from third party sources
From time to time (where permitted by applicable law), we collect information such as your preferences, interests and other demographic data from trusted third party sources that are either publicly or commercially available (e.g. business and retail partners, payment and delivery services, social media networks, advertising networks, analytics providers, and search information providers) which will be used for the purposes outlined in this Policy.
We also receive personal data you provide to authorised distributors of our products and services which will be used for the purposes outlined in this Policy.
When you pay for your products (either in-store or online), we get information from our payment processing service provider (Wirecard AG) who will carry out credit and antifraud checks on you and the payment method you provide in order to verify your identity, to validate your credit or debit card, to obtain an initial credit or debit card authorization and/or to authorize individual purchases.
In order to ensure data accuracy and to offer you a better customer experience, we link or combine the information that we collect from the different sources and channels outlined above to provide personalized services, content, targeted communications and advertising. (e.g. we combine data about your online purchases with information gathered from our boutiques, stores and counters such as details from a beauty consultation so that we can provide you with personalized offers and skincare recommendations in accordance with your communication preferences). This includes combining personal data collected by different La Prairie companies.
You do not have to provide personal data to access the Platforms but certain functionalities (such as being able to buy our products via the website) will not otherwise be available to you. You may however choose whether or not to receive marketing communications from us and we will only send you such communications where we have the appropriate consent to do so. For more information on your preferences regarding how we use your personal data, please see Section 5 below.
You must not provide information about anyone else unless you have their permission to do so.
2. WHY DO WE NEED YOUR PERSONAL DATA?
We process your personal data for the reasons set out below:
- To fulfil a contract or take steps linked to a contract: this is relevant where you make a purchase from us: This includes:
- setting up and managing your online account on our Platform;
- fulfilling orders and processing your transactions (including the processing of your payment details, credit card checks and fraud prevention activities); these checks may be required, amongst other things, to verify your identity, to validate your credit or debit card, to obtain an initial credit or debit card authorization and/or to authorise individual purchases; and
- send service-related communications and to respond to your enquiries;
- Where this is necessary for the purposes which are in our, or third parties legitimate interests. These interests are:
- to allow you to participate in the interactive features of the website;
- to ask your opinion or to take part in market research;
- to monitor your account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime in accordance with applicable law;
- to investigate any complaints received from you or from others about our Platforms or our products and services and
- to monitor use of our Platforms and use your information to help us monitor, improve and protect our products, content, services and Platforms, both online and offline and your experiences with us including via research and demographic studies; analytics and data cleansing and measuring the effectiveness of our advertising campaigns;
- for our internal corporate reporting purposes.
- Where you give us consent:
- where you ask us to tell you about our products, services, promotions and events by telephone, post, SMS, e-mail or online or via our applications or to send you samples, gifts and rewards in accordance with your communications preferences and to the extent permitted by applicable laws. This includes being contacted by any of our group companies for these purposes (please see Section 5 below about how you can control these updates);
- where you give us consent to place cookies and related technologies in accordance with Section 3 below;
- on other occasions where we ask for your consent, for the purpose for which we explain at the time.
- For purposes which are required by law
- In response to requests by government or law enforcement authorities conducting an investigation.
Disclosure of your personal data
In addition to the La Prairie companies mentioned in the Data Controllers & Contact section below, we may share your personal data: (where permitted in accordance with applicable privacy laws) with:
- other companies in our group for the purposes outlined above. A full list of our group companies can be found here;
- authorized distributors for the purposes outlined above;
- banks and our payment services provider (Wirecard AG) for the purpose of transaction processing;
- third parties, where we have your permission to do so (e.g. social networks providers, concierge service or our retail partners). Your personal data will become subject to the privacy policies of those third parties when your personal data is shared with them;
- prospective or eventual buyers of our business (if we or substantially all of our assets are acquired by or merged with a third party including through bankruptcy);
- our third party service providers (as well as group companies) who perform services on our behalf based on our instructions. We do not authorize these parties to use or disclose the information except as necessary to perform services on our behalf or to comply with legal requirements. Examples of these parties include companies that fulfill orders and manage refunds, and provide data hosting and support, content personalization, advertising and marketing services (including digital and personalized advertising) and data cleansing, management, segmentation and analysis.
We also share information with third parties including social media and search engine partners:
We aggregate your personal data with the information of other customers, creating a dataset of information about the usage of our Platforms, purchase of our products, and other general, grouped information about our customers. Although this dataset is aggregated and anonymised, meaning it cannot directly identify you as an individual, it provides a valuable insight into the use of our Platforms and we will share it with select third parties. These parties include our group companies.
We also transfer information about you to ad technology providers and our social media and search engine partners (including Facebook, Google and Twitter) so that they may recognize your devices and deliver interest based content and advertisements. The information can include your name, postal address, email, device ID, or other identifier in encrypted form. The providers often process the information in hashed or de-identified form. These providers can collect additional information from you, such as your IP address and information about your browser or operating system; combine information about you with information from other companies in data sharing cooperatives in which we participate; and may place or recognize their own unique cookie on your browser. The third parties that generate these cookies have their own privacy policies and we have no access to read or write these cookies.
If you are based in the Russian Federation, the personal data that you provide through our Platforms may be stored on servers in the US.
If you are based in the European Economic Area (EEA) and Switzerland the personal data that you provide through our Platforms is stored on servers in the US and supported from the US. We also transfer personal data about you (whether collected online or offline) to our group companies and other service providers who perform functions on our behalf which are based around the world including in countries outside of the European Economic Area (EEA) and Switzerland and this information may be stored and processed in those countries which may have different data protection standards to those which apply in your country of residence. For a list of the countries in which we operate, please see www.laprairie.com.
For European and Swiss individuals, where your personal data is transferred outside the EEA and Switzerland, and where this is to a group company or service provider in a country that is not subject to an adequacy decision by the EU Commission, we will take steps to ensure your information is adequately protected either by EU Commission or Swiss approved standard contractual clauses, an appropriate Privacy Shield certification or through Binding Corporate Rules. A copy of the relevant mechanism can be obtained for your review on request by using the contact details provided in Section 7. To the extent that the above mechanisms have not been put in place then you consent to these data transfers by providing us with your personal data and interacting with our Platforms.
Your personal data will be retained for a certain period of time based on the following criteria: (i) as long as necessary to fulfil the purposes outlined in this Policy; (ii) any applicable legal requirements; or (iii) any request for deletion from you in applicable situations. Personal data used to provide you with personalized communications and services will be kept for a duration permitted by applicable laws. For more information, please contact us using the details in Section 7.
3. COOKIES AND RELATED TECHNOLOGIES
What are cookies?
Cookies are small text files that websites send to your computer, mobile device or other Internet-connected device to uniquely identify your browser or to store information or settings in your browser.
Our cookies and what they do:
The cookies that we use can be categorised as follows:
The data collected will generally be aggregated to provide trends and usage patterns for business analysis, site/platform improvement and performance metrics. Our cookies or the resulting analysis may be also shared with our business partners. The type of information we collect includes how many visitors visit our websites, how many customers log in, when they visited, for how long and which areas of our websites and services but is generally not used to identify you individually. We may also receive similar information about visitors to our partner websites. We use Google Analytics, run by Google Inc for this purpose. To opt out of being tracked by Google Analytics, visit https://tools.google.com/dlpage/gaoptout.
We use the following third party advertising cookies on our Platforms:
|GA Audiences cookie enables us to deliver interest-based advertisements on the web and within apps. The cookie lifecycle is a maximum of 13 months.|
|DataXu||DataXu's cookie offers us to reach you via advertisings broadcasted on DataXu’s websites network. The cookie lifecycle is a maximum of 13 months.|
|Criteo||Criteo cookie enables us to reach you via advertisements once you have visited our Platforms or interacted with a different advertisement in the past. The cookie lifecycle is a maximum of 13 months.|
|Facebook cookie enables us to deliver to you interest based advertising on the online social network. The cookie lifecycle is a maximum of 13 months.|
|DoubleClick (Google)||Facebook cookie enables us to deliver to you interest based advertising on the online social network. The cookie lifecycle is a maximum of 13 months.|
|Yahoo||Yahoo! Audiences cookie enables us to deliver interest-based advertisements on the web and within apps. The cookie lifecycle is a maximum of 13 months.|
Web server logs and web beacons
Can I opt out of cookies and similar technologies?
Because web beacons are the same as any other content request included in the recipe for a web page, you cannot opt out or refuse them. However, you may be able to disable web beacons in email messages by not downloading images contained in messages you receive (this feature varies depending on the email software used on your personal computer). However, doing this may not always disable a web beacon or other similar technologies in the email message due to specific email software capabilities. For more information about this, please refer to the information provided by your email software or service provider. Web beacons may also be rendered ineffective in some circumstances by opting out of cookies or amending your cookie settings in your browser.
4. KEEPING YOUR PERSONAL DATA SECURE
We are committed to protecting the personal data we collect and keeping your personal data secure is very important to us. We take steps to ensure that your personal data is protected against unauthorized or unlawful processing and against accidental loss, damage or destruction or disclosure and we limit access to your personal data to persons who reasonably need access to it, to provide products or services to you. However, the transmission of information via the internet is not completely secure so we cannot guarantee the security of your data transmitted to our Platforms.
Any data transmitted from your browser to our Platforms via online forms, our store locator or shopping cart is secured via SSL (secure socket layer) technology. SSL is a cryptographic protocol that ensures data privacy and data integrity between two authenticated communicating parties.
Our Platforms may contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or how those third parties may use your personal data. Please check these policies before you submit any personal data to these websites.
If you create an account with us, you will be asked to provide an account user name and password as part of our security procedures. You must treat such information as confidential and you must not disclose it to any third party.
5. YOUR RIGHTS
We strive to provide you with choices regarding the personal data that you provide to us. The following mechanisms give you control over your personal data:
Advertising, marketing and personalization (offline and online):If you wish to be notified about our products and services, events, loyalty and other client programmes as well as other promotional activities, you can indicate your communication preferences through the relevant checkbox(es) on our Platforms or client cards instore or by answering the question(s) presented by our beauty advisors or store representatives. Some of our activities and communications may be personalized to your specific interests and preferences (which will be done with your permission, if required by law).
If you wish to stop receiving our marketing communications (and/or you wish opt out of personalized marketing communications), simply let us know at any time by following the opt-out instructions in the relevant communication or using the details in Section 7. Please note that this will not stop you from receiving service messages (i.e. non-marketing communications, such as e-mail updates on your order status or notifications about your account activities) from us.
Cookies/Similar Technologies and Interest Based Advertising: You can set your browser to refuse all or some browser cookies or to alert you when cookies are being used or you can use the opt-out tools provided. You also have choices in respect of interest based advertising. Please see Section 3 above.
6. YOUR PREFERENCES
In accordance with applicable law, you may be entitled to ask us for a copy of your personal data, to correct it, erase or restrict its processing, or to ask us to transfer some of this personal data to other organisations. You may also have rights to object to some processing and, where we have asked for your consent to process your personal data, to withdraw this consent. Where we process your personal data because we have a legitimate interest in doing so (as explained above), you also have a right to object to this. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement or contractual obligation to process your personal data. In some instances, this may mean that we are able to retain your personal data even if you withdraw your consent. In such a case, we will apply appropriate measures and safeguards to protect your personal data.
If you wish to exercise any of these rights, please contact us by using the details in Section 7.
7. DATA CONTROLLERS AND CONTACT
If you have any questions about this Policy or privacy matters generally or to make a complaint about our compliance with applicable privacy laws, please contact us using the Contact us page of our website and our customer services team will be happy to assist you.
You can also use this Contact us if you wish to exercise your preferences and rights as detailed above.
We will acknowledge and investigate any complaint you make (including a complaint that we have breached your rights under applicable privacy laws). We hope that we can satisfy queries but if you have unresolved concerns you may also have the right to contact the relevant data protection authority in your country of residence or place of the alleged infringement.
DATA CONTROLLERS RESPONSIBLE FOR ALL ACTIVITIES (BOTH ONLINE AND OFFLINE)
Phone number: +41 44 947 82 10
If indicated at the time you make a La Prairie purchase instore or complete a client card or you provide your details to one of our instore beauty advisers or representatives, the following local data controllers will also be involved:
c/- WM Ritchie (Aust.) Pty Limited
112-118 Dunning Avenue
Rosebery NSW 2018
Phone number: +61 2 9888 0600
Euro Plaza, Gebäude H
A - 1120 Wien
Phone number: +43 1 616 45 77 - 0
Room 5503, Wheelock Square
1717 West Nanjing Road
Shanghai, PRC 200040
Phone number: +86 21 62 48 66 55
54 Ave. Du Général Leclerc
F - 92513 Boulogne - Cédex
Phone number: +33 1 41 10 21 74
Lange Strasse 65
Phone number: +49 72 21 683 800
Suites 3210-12, 32F One Island East
18 Westlands Road
Phone number: +852 2809 0100
Corso Italia no 13
I - 20122 Milano
Phone number: +39 02 806 06 51
1-8-8 Across Shinkawa Bld. 2
Phone number: +81 3 5540 4301
5th floor, Samseongdang Building 747
Phone number: +82263 90 11 11
Paveletskaya Square 2, Block B
Phone number: +7 495 660 47 50
c/ Manuel Pombo Angulo 28 - 2ª planta
Phone number: +34 91 048 42 00
Phone number: +41 44 947 82 10
Dubai Airport Free Zone
Building 5W, Block A
2nd Floor, Office 219
PO Box 293758
United Arab Emirates
Phone number: +9714 260 22 60
52-54 High Holborn
London, WC1V 6RL
Phone number: +44 207 968 68 88
680 Fifth Avenue
New York, NY 10019
United States of America
Phone number: +1 212 506 08 40
Miami, Florida 33131
United States of America
Phone number: +1 305 358 66 37