1.3 We will also provide you with additional information when we collect personal information in those instances where we believe it is useful to provide relevant and timely information.
2 DATA COLLECTED
2.1 We obtain personal data from or about you from various online and offline sources, including where: (i) you interact with our websites listed at http://www.holiquelaboratories.com or mobile sites/applications (collectively, "the Platforms"); (ii) you interact with us on our social media pages, chat services, forums or blogs; (iii) you participate in our events and demonstrations, loyalty or other customer-facing programs, competitions, promotions or surveys; or (iv) you participate in our beauty consultations or interact with our beauty consultants and customer service.
2.3 The information you provide to us (for example, by creating an internet account with us, signing up for our loyalty programs or other customer-facing programs).
2.3.1 We collect the following personal data:
- Details, such as your name, telephone number (home and mobile), home address, and e-mail address;
- Your age, date of birth, gender, nationality, preferred language, interests and lifestyle;
- Billing information (including shipping address and payment details). We reserve the right to request additional proof of billing information where, in our judgment, this is necessary. Please note that we do not store your payment card details (except where necessary for refund purposes). We use a third party data controller, Shopify Payments and Paypal, to process your payment information;
- Site registration credentials (including username and password). By creating an account, you will be able to securely store your credit or debit card information (held by our third-party service provider) to simplify and expedite payments, store and modify shipping addresses and billing information, and review your history of previous purchases and orders;
- Expressed personal preferences (such as, but not limited to, communication and language settings);
- Interactions with us (such as, by way of example, your transaction history or information regarding your physical characteristics and skin care obtained through a beauty consultation or survey or when you visit our social media pages, blogs or forums or interact with customer service or our chat service); and/or
- Correspondence and communication between us and you.
2.3.2 In addition, we sometimes hold promotions or events at which you can tell us about people you know who may be interested in our products and services. If these people give you their consent to provide us with their contact information, we will use the information for that reason and will not send them any unrelated offers. In the message we send them, we may also mention that it was you who indicated their interest.
2.3.3 We do not knowingly collect information about minors.
2.4 Information collected automatically during your use of our Platforms, our social media pages, or interactions with our online advertisements.
2.4.1 We automatically collect the following information:
- technical information, including your device IP address, browser type and version, time zone settings, browser plug-in types and versions, operating system, unique device identifiers, ad identifiers; and
- information related to your visits, including clickstream URLs to, through, and from our Platforms (including times and dates); products you viewed or searched for; the content (and any advertisements) you viewed or interacted with; page response times; download errors; length of visits to certain pages; information about interactions on pages (such as scrolling, clicking, and mouse movements); and methods used to close pages and continue browsing.
2.4.2 Some of this information is collected using cookies and related technologies. For more information, please see Section 4.
2.5 Information collected from third party sources
2.5.3 When you make payments (in-store or online), we receive information from our payment service provider who will carry out fraud and credit checks on you and the payment method you use in order to verify your identity, to validate your credit or debit card, to obtain an initial authorization for your credit or debit card and/or to authorize individual purchases.
2.5.4 In order to ensure data accuracy and to provide you with a better customer experience, we link or combine the information we collect from the various sources and channels outlined above in order to provide you with personalized services, content, targeted communications and advertising (e.g., we combine data about your online purchases with information collected from our boutiques, stores and counters such as, for example, information collected during a beauty consultation so that we can provide you with personalized offers and skin care advice in line with your communication preferences). This includes combining personal data collected by different Laboratoires Holique companies.
2.5.5 You are not required to provide personal data to access the Platforms, but if you do, certain features (such as, for example, the ability to purchase our products through the Website) will not be available. You will still be able to choose whether or not to receive our marketing communications, and we will only send you those communications for which we have received your intended consent. For more information about your preferences regarding how we use your personal information, please see Section 7 below.
2.5.6 You must not provide information about other people unless you have been authorized to do so.
3.1 We process your personal data for the reasons set out below:
- To perform a contract or to take action in connection with a contract: this is relevant when you make a purchase from us: This includes:
- creating and managing your online account on our Platform;
- processing orders and processing your transactions (including processing your payment information, credit card checks, and fraud prevention activities); these checks may be necessary, among other things, to verify your identity, to validate your credit or debit card, to obtain an initial authorization for your credit or debit card, and/or to authorize individual purchases; and
- to send you communications relating to the service and to respond to your questions;
- Where necessary for purposes related to our or a third party's legitimate interests. Such interests are:
- allowing you to participate in the interactive features of our website;
- to allow us to know your opinion or to take part in market researches;
- to monitor your account in order to prevent, investigate, and/or report fraud, terrorism, misrepresentations, security incidents, or crime in accordance with applicable laws;
- investigate any complaints received by you or others about our Platforms or our products and services; and
- to monitor the use of our Platforms and use your information to help us monitor, improve and protect our products, content, services and Platforms, both online and offline, and your experiences with us, including through research and demographic studies; for analytics and data remediation; and to measure the effectiveness of our advertising campaigns;
- for our internal corporate reporting purposes.
- When you consent:
- when you ask us for information about our products, services, promotions and events by phone, mail, SMS, email or online or through our applications or ask us to send you samples, gifts and prizes in accordance with your communication preferences and to the extent permitted by applicable law. This includes being contacted by any of our group companies for such purposes (please see Section 6 below on how you can control these updates).
- when you consent to the placement of cookies and other related technologies in accordance with Section 4 below;
- on other occasions when we ask for your consent, for the purpose that will be explained to you on that particular occasion.
- For purposes of law:
- In response to requests from government authorities or law enforcement agencies conducting investigations.
3.2 Disclosure of your personal data
3.2.1 In addition to the companies mentioned in the Data Controllers and Contact Information section below, we may share your personal data (where permitted in accordance with applicable privacy laws) with:
- other companies in our group for the purposes set out above;
- authorized distributors for the above purposes
- banks and our payment service providers for the purpose of processing the transaction;
- third parties, when we have a relationship with them.
- third parties, when we have your consent to do so (e.g. social network providers, concierge service or our retail partners). Your personal information will be subject to the privacy policies of such third parties, when your personal information is shared with such parties;
- potential or eventual purchasers of our business (where we or substantially all of our assets are acquired by or merged with a third party including through bankruptcy);
- our third-party service providers (as well as group companies) who perform services on our behalf based on our instructions. We do not authorize these parties to use or disclose this information except as necessary to perform services on our behalf or to comply with legal requirements. Examples of these parties include companies that fulfill orders and process refunds, and provide data hosting and support services, content customization, advertising and marketing services (including digital and personalized advertising), and data remediation, management, segmentation and analysis.
3.2.2 We also share information with third parties including our social media and search engine partners. We aggregate your personal information with information from other customers, creating a dataset of information related to use of our Platforms, purchase of our products, and other general aggregate information about our customers. Although this dataset is aggregated and anonymized, meaning that you cannot be identified as an individual, it provides valuable insight into the use of our Platforms and we will share it with selected third parties. These third parties include our group companies.
3.2.3 We also transfer information about you to our ad network providers and our social media and search engine partners (including, Facebook, Google and Twitter) so that they can recognize your devices and offer you content and advertising based on your interests. The information may include your name, mailing address, email, device identifier, or other identifier in encrypted form. Providers often process information in a hashed or de-identified manner. These vendors may collect additional information about you, such as your IP address and information about your browser or operating system; associate information about you with information from other companies in data sharing cooperatives in which we participate; and may place or recognize their own unique cookie on your browser. The third parties that generate these cookies have their own privacy policies that we do not have access to in order to read or write these cookies.
3.3 Data Retention
4.2 What are cookies?
4.2.1 Cookies are small text files that websites send to your computer, mobile device or other device connected to the Internet to uniquely identify your browser or to store information or settings in your browser. The cookies we use can be divided into the following categories below.
4.3 Strictly necessary cookies
4.3.1 These cookies are essential for your use of the website and its functionality, such as depositing the products you have selected in the shopping basket as you continue to shop and/or navigate between different pages of the website and access secure areas of the website. We need to use these cookies to ensure the proper functioning of the internet site, whether you agree to their use or not.
4.4 Analytical / performance cookies
4.4.1 These cookies collect information about how you use our website and internet services, in order to improve your experience and to develop them according to the preferences of our customers and visitors. For example, cookies and web beacons may be used for:
- test different designs and to ensure that we maintain a consistent look & feel on our websites;
- track and provide trend analysis related to how you interact with our websites and communications;
- track errors and measure the effectiveness of our promotional campaigns;
4.4.2 Generally, the data collected will be aggregated to provide trends and usage patterns for business analysis, site/platform improvement, and performance metrics. Our cookies or derived analytics may also be shared with our business partners. The type of information we collect includes how many visitors visit our websites, how many customers log in, when they visited, for how long, and which areas and services of our websites but is generally not used to identify you personally. We may also receive similar visitor information from our partners' websites. For this purpose, we use Google Analytics with Anonymized IP, operated by Google Inc. To opt-out of tracking by Google Analytics, please visit https://tools.google.com/dlpage/gaoptout.
4.5 Functionality cookies
4.5.1 These cookies allow the website to remember you for the purpose of providing enhanced personalised functionality (e.g. language preferences). These cookies may also be used to remember changes you have made to text size, font and other pages on the website that you can customize. The information these cookies collect may be anonymized and cannot track your browsing on other websites.
4.6 Social media cookies
4.7 Targeted advertising cookies
4.7.1 These cookies are used to provide you with advertisements that are most relevant to you and your interests on both our websites and the websites of our group companies, as well as the websites of our partners. We carry out targeted advertising to our existing customer base as well as to other people who we think may be interested in our products and services. They are also used to limit the number of times you view an advertisement, as well as to help measure the effectiveness of advertising campaigns. They allow us to understand and evaluate clicks on our advertisements so that we can improve the service you receive. Normally, they are placed by ad networks with our consent. They remember that you have visited websites and this information is shared with other organizations such as advertisers. Advertisers and other third parties (including ad networks, advertising management companies, and other service providers that they may use) may assume that users who interact with or click on a personalized advertisement or content are part of the group of people to whom the advertisement or content is directed.
4.7.2 To opt-out of targeted advertising cookies, you may visit www.youronlinechoices.eu. However, this will not allow you to opt out of advertising as a whole - opting out simply means that the advertisements will not be targeted to you. Please note that there are many more networks listed on this site than we use on our website.
4.7.3 We use the following third-party advertising cookies on our Platforms:
Google Analytics with Anonymized IP
The Google Analytics (GA) Audiences cookie allows us to deliver interest-based advertising on the internet and in applications. The lifecycle of a cookie is a maximum of 14 months.
The Facebook cookie allows us to deliver interest-based advertising to you on the online social network. The lifecycle of a cookie is a maximum of 13 months.
4.8 Web server logs and web beacons
4.9 Can I opt-out of cookies and similar technologies?
4.9.2 Because web beacons are the same as any other content request included in the receipt of an internet page, you cannot opt-out or reject them. However, you can disable web beacons in e-mails by not downloading the images contained in the messages you receive (this feature varies depending on the e-mail software your computer uses). However, this does not always disable a web beacon or other similar technology contained in emails due to the specific capabilities of the email software. For more information on this topic, please review the information provided for your email software or by your service provider. Web beacons may also be rendered ineffective in some circumstances by opting out of cookies or changing your cookie settings in your browser.
5 DATA SECURITY
5.1 We are committed to protecting the personal data we collect and ensuring the security of your personal data is very important to us. We take steps to ensure that your personal data is protected from unauthorized or unlawful processing and from accidental loss, damage, destruction or disclosure and we restrict access to your personal data to those persons who reasonably need to access it for the purpose of providing products or services to you.
5.2 All personal data collected by us is protected against unauthorized or unlawful processing and against accidental loss, damage, destruction or disclosure.
5.2 All data transmitted from your browser to our Platforms via online forms, our store locator or shopping basket is secured using Secure Socket Layer (SSL) technology. SSL is a cryptographic protocol that ensures the privacy and integrity of data between two authenticated communicating parties.
5.3 Our Platforms may contain links to or from third party websites. If you follow a link to one of these websites, please note that these websites have their own privacy policies. We are not responsible for these privacy policies or the way in which these third parties use your personal data. Please read these policies before submitting any personal data to these websites.
5.4 Our security procedures require that if you create an account with us, you will be asked to provide a username and password for your account. This information must be kept confidential and you must not disclose it to any third party.
6 YOUR RIGHTS
6.1 We strive to offer you choices regarding the personal information you provide to us. The following mechanisms give you control over your personal information:
6.2 Advertising, marketing and personalization (offline and online):
6.2.1 If you would like to be informed about our products and services, events, loyalty and other customer programs as well as other promotional activities, you may indicate your communication preferences through the relevant box(es) to be checked on our Platforms or with our customer forms available in our stores or simply by answering the question(s) asked by our beauty consultant(s) or salesperson(s). Some of our activities and communications may be tailored to your specific interests and preferences (this will be done with your consent, where required by law).
6.2.2 If you wish to stop receiving our marketing communications (and/or if you wish to opt-out of personalised marketing communications), simply follow the instructions for opting out of these communications at any time or use the information set out in Section 8. Please note that this does not stop the receipt of service communications (i.e., non-marketing communications, such as e-mail updates regarding the status of your order or notifications of account activity) that we send to you.
6.3 Cookies/Similar Technologies and Interest-Based Advertising:
6.3.1 From your browser, you can select settings to refuse all or some browser cookies, or to alert you when cookies are being used, or you can use the opt-out mechanisms provided. You also have a choice regarding interest-based advertising. Please review Section 4 above.
7.1 In accordance with applicable law, you may have the right to ask us for a copy of your personal data, to correct, delete or restrict its processing, or to ask us to transfer certain personal data to other organizations. You may also have the right to object to certain processing and, where we have asked for your consent to process your personal data, to withdraw this consent. Where we process your personal data because we have a legitimate interest (as set out above), you also have the right to object. These rights may be limited in certain situations - for example, where we can demonstrate that we have a regulatory or contractual obligation to process your personal data. In some circumstances, this may mean that we are entitled to retain your personal data even when you withdraw your consent. In these cases, we will take appropriate measures and safeguards to protect your personal data.
7.2 If you wish to exercise these rights, please contact us using the contact details set out in Section 8.
8 DATA CONTROLLERS AND RECIPIENTS
8.2 You may also use the Contact Us page if you wish to exercise your preferences and rights in the ways set out above.
8.3 We will acknowledge and investigate any complaints you make (including a complaint that we have violated your rights under applicable privacy laws). We are confident that we will be able to satisfy all your requests for clarification but in the event of unresolved concerns, you will also have the right to contact the Data Protection Commissioner in your country of residence or in the country where the alleged infringement occurred.
8.4 Below are the contact details of the Data Controllers responsible for all activities (both online and offline):
Laboratoires Holique S.r.l.
Via Tolentino 5
20155 Milano, Italia
VAT IT 11484070963
REA MI – 2606206
Share capital € 10.000 fully paid.