#YOURDATAISYOURS
Preamble
We know you care about your personal data and how it is used. Trust INTUISKIN, owner of the M/C brand, to use it with the utmost care. This Privacy Policy explains what kind of personal data we collect, why we do it and how we use it.
When reading this Privacy Policy, please remember that it applies to INTUISKIN, owner of the M/C brand, defined below.
Please take the time to familiarize yourself with our privacy practices and please let us know if you have any questions by emailing us at contact@madewithcare.com .
We have tried to keep this Policy as simple as possible, but if you are unsure about the terms Cookies, IP Addresses and Browsers, please read up on these key terms first.
You have the right to object to certain uses of your personal data, including the use of your personal data for direct marketing purposes. You can see what your rights are and how you can exercise them here .
1. Who is responsible for the collection?
All personal data provided to or collected by INTUISKIN is controlled by INTUISKIN SAS, Parc Activillage des Fontaines, ZI Bernin, 38926 CROLLES, FRANCE (the data controllers ).
This Privacy Policy applies to personal data collected by INTUISKIN SAS in connection with the services and products we offer. When we refer to “INTUISKIN” in this Privacy Policy, we mean INTUISKIN, owner of the M/C brand.
This Privacy Policy also applies to INTUISKIN marketing materials, including offers and advertisements for INTUISKIN products and services, that we (or a service provider acting on our behalf) may send to you on third -party websites, platforms and applications based on your site usage information. These third-party sites typically have their own privacy policies and terms and conditions. We encourage you to review them before using these websites.
2. What personal data do we collect?
Personal data means any information that can be used to directly or indirectly identify a specific individual. This definition includes personal data collected offline through our Consumer Engagement Centers, direct marketing campaigns, sweepstakes and contests, and online through our websites, applications and brand pages on third-party platforms and applications accessible or used on third-party platforms.
We may collect personal information from a variety of sources , including:
- Personal information you give us directly ,
- Personal information we collect automatically , and
- Personal information we collect from other sources .
You may be asked to provide your personal data when you contact us. Data controllers may share this personal data with each other and use it in accordance with this Privacy Policy. We may also combine it with other information to improve our products, services, content and advertising.
You are not required to provide INTUISKIN with the personal data we request, but if you choose not to, we may not be able to provide you with our products and services, or a very high quality of service, or respond to any requests.
2.1. Our methods of collecting your personal data
We may collect personal information from a variety of sources , including:
- Personal information you give us directly . We collect data about how you use our services and products, such as the types of content you view or are interested in, or the frequency and duration of your activities. We also collect personal data that you provide to us when you sign up for a marketing newsletter, complete a survey, or open an account to purchase our products. In doing so, we may ask you for personal information such as your name, gender, date of birth, address, email address, telephone number, or bank details. Some INTUISKIN brands may collect “ special categories of personal data ” about you with your explicit consent. To learn more about the special categories of data we collect and how we use them, see the relevant section below.
- Personal Information We Collect Automatically . We also receive and store certain types of personal information whenever you interact with us online. For example, we use cookies and tracking technologies (to learn more, refer to our key terms here ) to obtain personal information when your web browser accesses our websites or advertisements and other content served by or on behalf of INTUISKIN on other websites. Your personal information is also collected when you search, purchase, post, enter a contest or survey, or communicate with our customer service teams. The types of personal information collected may include, for example, an IP address (for more information, please refer to our key terms here ), device ID, location data, computer and connection information such as browser type and version, time zone setting, browser plug-in types and versions, operating system, and purchase history – which INTUISKIN sometimes aggregates with similar information from other consumers. As you browse INTUISKIN websites, we may also use software tools to measure and collect session information, including page response times, download errors, length of visits to certain pages, page interaction, and methods used to browse away from the page. We may also collect technical information that enables us to identify your device for diagnostic and fraud prevention purposes.
- Personal information we collect from other sources . We collect personal information from other sources including our trusted partnerships with third parties and where we have INTUISKIN accounts on third party platforms: for example when you use the “like” feature on Facebook. In addition, we receive information about you and other visitors’ interactions with our ads to measure whether our ads are relevant and successful. We also collect information about you and your activities from a third party when you jointly offer services or products, or from third party data enrichment providers (for more information, refer to our key terms here ) who may provide INTUISKIN with information about the personal data we hold.
2.2. When and why do we collect “special categories of personal data”?
Certain categories of personal information such as race, ethnicity, religion, health, sexuality or biometric data are classified as “ special categories of data ” and benefit from additional protection under European data protection legislation.
We limit the instances in which we collect and process these special categories of data.
INTUISKIN sometimes collects data regarding your health, e.g. allergies, pregnancy or skin type, in order to send you personalized advertisements and relevant promotions. INTUISKIN only collects and uses this personal information when you have given us your consent to do so. In some cases, you may be asked for services or products that do not directly require the collection of special categories of data but may involve or insinuate your religion, health or other special categories of data.
To illustrate cases where INTUISKIN collects and processes special categories of data, we have given the following examples:
- INTUISKIN collects sun exposure habits or skin type in the personal account in order to offer customers advertisements and promotions for products that match their needs.
- INTUISKIN sometimes collects information about your skin (age group, sun exposure, skin type, hydration, wrinkles, fine lines) for its diagnostic devices in order to advise you on the type of product that would be best suited to your needs.
2.3. How do we protect children's privacy?
We understand the importance of taking extra precautions to protect the privacy and safety of children using INTUISKIN products and services.
INTUISKIN sites, including IOMA, are designed for and intended for use by adults .
We sometimes use your personal information to carry out age verifications and enforce any age restrictions.
3. How do we use your data?
We collect, process and disclose your personal information only for specific and limited purposes . For example, to process your payments , access and process complaints , develop and improve our products, services, communication methods and the functionality of our websites, to provide personalized products and communications, targeted advertising, and our product recommendations.
We also create profiles by analyzing information about your online browsing, search and purchasing behavior, and interactions with our brand communications by creating segments (creating groups that have certain common characteristics) and placing your personal information into one or more segments.
In addition, INTUISKIN processes your personal information using automated processes . An automated decision is a decision that is made solely by automatic processes where humans do not intervene in the decision-making process regarding your personal information.
We collect, process and disclose your personal information for the following purposes:
- To make your payments , if you purchase our products, to inform you of the status of your order , to process your requests for information and queries and to access and process complaints ;
- To process and respond to your requests for information or to contact you to respond to your questions and/or requests;
- To develop and improve our products, services, communication methods and the functionality of our websites;
- In connection with contests or promotions in which you participate;
- To communicate information to you and manage your registration and/or subscription to our newsletter or other communications;
- To manage our ongoing business needs regarding your participation in our contests, sweepstakes, promotional activities or your requests;
- To authenticate the identity of individuals contacting us by telephone, electronic means or otherwise;
- As part of internal training and quality assurance ;
- To understand and assess consumers' interests , wishes and changing needs , to improve our website, current products and services and/or develop new products and services; and
- To provide personalized products, communications, targeted advertising, and our product recommendations.
When we collect and use your personal data for the purposes mentioned above or for other reasons, we will inform you beforehand or at the time of collection.
If necessary, we will ask for your consent to process your personal information. If you have given your consent for processing activities, you have the right to withdraw it at any time.
In some cases, we rely on legitimate interest to process your personal data. For example, a legitimate interest may apply when you join a loyalty program for one of our brands and we use the personal data collected to conduct data analytics to improve our products and services. This ground will only be used if it is necessary to achieve a legitimate interest, for example to enable the performance of a contract, or to optimize a service, but it does not override your rights as an individual. The legal basis will only be used if there is no less intrusive way to process your personal data. We assure you that if we use a legitimate interest as a ground for processing your personal data, we will keep a record of it and you will have the right to request this information.
3.1. Profiling
INTUISKIN uses your personal data to create profiles . We create profiles by analyzing information from your online browsing, search and purchasing behavior, and interactions with our brand communications by creating segments (creating groups that have certain common characteristics) and placing your personal information into one or more segments.
These segments are used by INTUISKIN to personalize the website and our communications to you (e.g. showing you relevant content when you visit our website or in a newsletter addressed to you), and to display appropriate offers and advertisements from the INTUISKIN brand on the INTUISKIN website and via third-party websites. Segments may also be used for third-party campaigns on the INTUISKIN website. INTUISKIN profiles your data when you have given us your consent to do so, for example by accepting the placement of cookies on your online browser or subscribing to e-newsletters from one of our brands.
You may withdraw your consent at any time to prevent this use of your personal data by referring to the manage cookies section of our Cookie Notice or by unsubscribing from the use of your email address if you are already logged in to one of our sites or subscribed to marketing newsletters.
For example:
- INTUISKIN collects data, with your consent, from:
- Our web pages visited and how you interact with our content;
- Our advertising banners that we serve on social media platforms and other publisher websites; and
- Forms you complete online and send to us regarding your interests;
- We also track the products you purchase when you click on one of our banner ads and then purchase a product or service from our selected retail partners.
- If you have requested to be notified by email, SMS, or push notification from us, we track you as soon as you open, read or click on content to see what interests you, which allows us to bring you more content that is likely to satisfy you.
- We use this data to profile your likes and dislikes . For example, if we see that you regularly view specific INTUISKIN products on our website www.madewithcare.com and you have opted in to receive emails, we may inform you about new products and beauty routines that are posted on the website, or we may tailor our web content to include items that may be of great interest to you.
- Based on the information in these profiles, we may serve you ads that we think you will like and want to see because you are viewing content curated by us or our network of publishers with whom we promote. Sometimes, with your consent, we may use your current location to serve you ads that are related in part to promotions or events happening nearby that we think may be of interest to you.
- We may also use information you have provided to selected third parties and consented to be shared such as your age, gender, life stage, lifestyle and broader interests to identify people who may have similar interests to you and who may be interested in the same advertising.
3.2. Automated decision-making
In some cases, INTUISKIN processes your personal information using automated processes . An automated decision is a decision that is made solely by automatic processes where humans do not intervene in the decision-making process regarding your personal information.
For example:
- INTUISKIN uses automated emailing scenarios that generate email campaigns based on your browsing behavior, purchasing habits, birthday.
We will not make decisions based solely on automated decision-making that will have a significant impact on you. If we do, we will inform you and provide you with clear information about our decision to rely on automated processing to make our decision and our legal basis for doing so. For example, INTUISKIN processes your personal data using automated means only if this is necessary for entering into or performing a contract with you or where you have given your explicit consent .
You have the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning you or significantly affects you. In particular, you have the right:
- to obtain human intervention ;
- to express your point of view ;
- to obtain an explanation of the decision taken after an assessment; and
- to challenge this decision.
4. Who do we share your personal data with?
As a global company, INTUISKIN may share your personal information internally and with selected third parties . For example, we may share your personal information with third-party service providers, other third parties , and in the event of business transfers or legal disclosures .
As a global company, INTUISKIN may share your personal information internally and with selected third parties in the following circumstances:
- Third Party Service Providers . In order to fulfill your requests, respond to your requests for information, process your orders, accept coupons, provide samples, allow you to enter sweepstakes, and provide other features, services, and materials on our sites, we share your personal information with third party service providers who perform functions on our behalf. These are companies that: host or operate INTUISKIN sites, process payments, analyze data, provide customer service, mailing or delivery services, and advertisers or other third parties that administer or participate in our promotions. They have access to personal information necessary to perform their functions but may not use it for other purposes. In addition, they must treat such personal information in accordance with this Privacy Policy and in compliance with applicable data protection laws and regulations.
- Other Third Parties . Your personal data will also be used by us or shared with advertisers, advertising agencies, ad networks, ad servers, social media and analytics companies or other third parties in connection with marketing, promotion, data enrichment (to learn more about our key terms, follow this link ) and other offers, as well as product information.
- Business Transfers . Your personal data will be used by us or shared with data controllers for internal reasons, primarily for business and operational purposes. As we continue to develop our business, we may sell or buy assets, subsidiaries or business units. In these transactions, your personal data generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Policy (unless you consent otherwise). If another entity acquires us, our businesses or all or a portion of our assets, or assets related to the INTUISKIN Sites, your personal data will be disclosed to that entity as part of the due diligence process and will be transferred to that entity as one of the transferred assets. Additionally, if any bankruptcy or reorganization proceeding is instituted by or against us, all such personal data will be considered an asset of ours and may be sold or transferred to third parties as such.
-
Legal Disclosure . We may transfer and disclose your personal data to third parties:
- in order to comply with a legal obligation ;
- when we believe in good faith that the law requires it;
- at the request of government authorities conducting an investigation ;
- in order to verify or enforce our “ Terms of Use ” or other applicable policies;
- to detect and protect against fraud , or any technical or security vulnerabilities ;
- in order to respond to an emergency ; or otherwise
- to protect the rights, property, safety or security of third parties, visitors to INTUISKIN sites, INTUISKIN diagnostic devices, INTUISKIN or the public.
4.1. International data transfers
INTUISKIN shares personal data internally or with third parties for the purposes described in this Privacy Policy.
Unilever will only transfer personal data collected in the European Economic Area (EEA) to foreign countries in situations such as:
- Follow your instructions ;
- To comply with a legal obligation ; or
- Working with our agents and advertisers who we use to help us operate our business and services .
If we need to transfer personal data outside the EEA, INTUISKIN will ensure that it is protected in the same way as it is within the EEA. We will use one of the following safeguards:
- Transfer to a non-EEA country whose privacy legislation ensures an appropriate level of protection of personal data as in an EEA country;
- Put in place a contract with the foreign third party which means that it must protect personal data to the same standards as the EEA; or
- Transferring personal data to organizations that are party to specific agreements relating to cross-border data transfers with the European Union (e.g. the Privacy Shield is a framework that sets out privacy standards for data transferred from European Union countries to the United States).
5. How do we protect your personal data?
INTUISKIN takes the security of your personal data very seriously. We strive to protect your personal data from misuse, interference, loss, unauthorized access, modification or disclosure.
Our measures include implementing appropriate access controls , investing in the latest information security capabilities to protect the IT environments we operate, and ensuring that we encrypt, pseudonymize and anonymize personal data where possible.
Access to your personal data is only permitted among our employees and agents on a need-to-know basis and is subject to strict contractual confidentiality obligations when the data is processed by third parties.
6. How long will your personal data be stored?
We will retain your personal data for the time necessary to fulfill the purpose for which it was collected. For example, when you purchase a product from us online, we retain the data related to your purchase, allowing us to execute the specific contract you have accepted and after which, we retain the personal data for a period allowing us to process or respond to complaints, requests for information or concerns about the purchase.
Your data may also be retained so that we can continue to improve your experience with us and ensure you receive loyalty rewards to which you are entitled.
We retain identifiable data, which we collect directly for targeting purposes, for a minimum limited period , after which we take steps to permanently delete it.
We will actively review the personal data we hold and securely delete it , or in some cases anonymize it, when it is no longer necessary to retain it for legal, business or consumer purposes.
7. What are your rights?
Your rights concern how we process your personal data. You can exercise these rights at any time. Below we provide you with an overview of these rights and what this means for you. You can exercise your rights by sending an email to contact@madewithcare.com .
- The right to information . You have the right to obtain clear, transparent and easily understandable information about how we use your personal data and your rights. Therefore, we provide you with the information in this Privacy Policy.
- The right of access and rectification . You have the right to access, correct or update your personal data at any time. We understand the importance of this and if you wish to exercise your rights, please contact us.
- The right to data portability . The right to portability is limited to the personal data you have provided to us. This means that it may be given, copied or transmitted electronically in certain circumstances.
- The right to be forgotten . You have the right to request the deletion of your data in certain circumstances. If you wish to delete your personal data in our possession, please let us know and we will take reasonable steps to comply with your request in accordance with legal requirements. If the personal data collected is no longer necessary and we are not required by law to retain it, we will ensure that it is deleted, destroyed or permanently anonymized.
- The right to restrict processing of data . You have the right to restrict the processing of your personal data in certain circumstances.
- The right to object . You have the right to object to certain types of data processing in certain cases, including processing for direct marketing purposes (i.e. receiving emails from us notifying you of this or being contacted with different options).
- The right to lodge a complaint with a Supervisory Authority. You have the right to lodge a complaint directly with a local Supervisory Authority about how we process your personal data.
- The right to withdraw consent . If you have given your consent for us to process your personal data for any purpose (we rely on consent as the legal basis for processing your personal data), you have the right to withdraw your consent at any time (but if you do so, this does not mean that our use of your personal data with your consent at that stage is unlawful). You may withdraw your consent to the processing of your personal data at any time by contacting us with the details below.
-
Rights related to automated decision-making . You have the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning you or significantly affects you. In particular, you have the right:
- to obtain human intervention ;
- to express your point of view ;
- to obtain an explanation of the decision taken after an assessment; and
- to challenge this decision
- The right to register on the Bloctel system's telephone canvassing opt-out list: https://www.bloctel.gouv.fr .
You can obtain further information and advice on your rights from the data protection regulator in your country.
8. How to contact INTUISKIN?
If you have any questions or concerns about INTUISKIN's Privacy Policy or data processing or wish to make a complaint about a possible violation of local privacy laws, please contact us by sending an email to contact@madewithcare.com .
When we receive a privacy query or access request, we have a dedicated team that triages the contacts and seeks to address the specific concerns or requests for information you raise. Where your issue is more significant, you may seek further information. All such serious contacts will receive a response. If you are not satisfied with the response you receive, you may refer the matter to your relevant Supervisory Authority in your country. If you request it, we will endeavour to provide you with information on the relevant remedies that may apply to you.
9. How do we update this privacy policy?
This Privacy Policy will be updated as necessary to reflect customer feedback and changes to our products and services. When we make changes to this statement, we will revise the “ last updated ” date at the top of this document. If the changes are significant, we will provide a more prominent Privacy Policy (including, for some services, an email notification of the Privacy Policy changes). We will also archive previous versions of this Privacy Policy for your review.
Under this Privacy Policy, we will not diminish your rights without your consent.
10. Additional Privacy Terms or Policies
In addition to this Privacy Policy, we may run specific campaigns or promotions that will be governed by additional privacy terms or policies. We encourage you to review these additional terms or policies before participating in these campaigns or promotions, as you will be required to comply with them if you participate. Any additional privacy terms or policies will be made specifically visible to you.
11. Definition of key terms
IP Address : An IP address, or just an "IP," is a unique address that identifies a device on the Internet or a local area network. It allows a system to be recognized by another system connected over the Internet.
Cookie : A cookie is a small amount of data generated by a website and stored by your web browser.
SMS : Stands for Short Message Service. SMS is used to send text messages to mobile phones.
Push notification : A push notification is a message that is displayed on a device. A push notification is similar to SMS text messages and mobile alerts but is only intended for users who have installed your app.
You can find more definitions here .