Privacy Policy
At Dermalogico, accessible from dermalogico.com, we are committed to safeguarding the privacy of our website visitors, customers, and users of our services. This Privacy Policy outlines our commitment to protecting your personal data and details how we collect, use, and store information about you in compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Introduction
We prioritize your privacy and data protection, understanding the responsibility that comes with handling personal information. This Privacy Policy aims to transparently communicate our data handling practices and your rights regarding your personal data.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data that we collect through our website dermalogico.com and services associated with it. Dermalogico, having its principal place of business at dermalogico.com, acts as the data controller for the processing of your personal data.
3. Categories of Data Processed
We may process the following categories of data:
– Usage Data: Includes data such as your browser type and version, IP address, geolocation, operating system, referral source, length of visit, and page views.
– Account Data: Comprises data you provide to set up an account with us, including your name, address, email address, and phone number.
– Profile Data: Encompasses your profile information, including preferences, purchase history, and behavioral patterns.
– Communication Data: Consists of contact history and support requests made through our customer service.
– Technical Data: Involves data from your device such as hardware models, device identifiers, system configurations, and network information.
– Transaction Data: Relates to payment details, order history, and delivery information.
– Preference Data: Includes your marketing consents and product interests.
4. Legal Bases for Processing
We process your personal data based on the following legal frameworks:
– Legitimate Interest: For process optimizations, marketing, and service improvements.
– Contractual Necessity: To fulfill contracts or user requests.
– Consent: For situations where consent is required, including marketing communications.
5. Your Rights
You are entitled to the following rights concerning your personal data:
– Right of Access: Obtain a copy of the data we hold about you.
– Right to Rectification: Request correction of inaccurate personal data.
– Right to Erasure: Request deletion of data where applicable.
– Right to Restriction: Request the limitation of data processing.
– Right to Portability: Obtain and reuse your data across different services.
6. Security Measures
Our robust security protocols include data encryption, stringent access controls, regular backups, and comprehensive employee training to protect your personal information from unauthorized access and data breaches.
7. International Transfers
When transferring personal data outside of the European Economic Area, we utilize standard contractual clauses to ensure compliance with applicable regulations, maintaining the integrity and security of your data.
8. Data Retention
Personal data is retained for only as long as necessary to fulfill the purposes for which it is processed. Specific retention periods vary depending on the category of data but are determined in compliance with regulatory requirements.
9. Cookie Policy
Our website employs cookies to enhance user experience:
– Essential Cookies: Necessary for basic website functionality.
– Functional Cookies: Improve site efficiency and usability.
– Analytics Cookies: Gather data for analysis to improve site performance.
– Performance Cookies: Track user behavior to ascertain areas for enhancement.
10. Cookie Management and Compliance
You have the right to manage cookie settings per your preference. Our practices comply with GDPR and CCPA requirements, ensuring transparency and choice in tracking technologies.
11. Special Protections for Children Under 13
We do not knowingly collect personal data from children under 13. Parental consent is required before any data collection or processing of minors.
12. Policy Updates & User Notifications
We reserve the right to update this Privacy Policy periodically. Any significant changes will be communicated to users through our website or direct communication channels.
13. Contact
For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at [email protected].
We are committed to operating in compliance with applicable data protection regulations. Should you have any questions regarding our privacy practices, please reach out to us using the contact information provided above.