Just like your skin, respect for your privacy is one of our priorities. When you visit our website or purchase our products, you may send us personal data, directly or indirectly. Your personal data is precious; it is part of your privacy.

BIODERMA (NAOS UK and Ireland) therefore undertakes to collect and process your personal data in a transparent, fair and lawful manner.

We invite you to carefully read this Privacy Policy (hereinafter "the Policy"). Here you will find all the information about the data we collect, how we use it, how long it takes, how we protect it, what rights you have, and so on.

Our Privacy Policy may be updated or modified, depending on the evolution of our services, tools and regulations. The changes taking effect immediately, we invite you to consult it regularly.

Global Opt-In for NAOS United Kingdom and Ireland

By signing up for the newsletter of any brand affiliated with NAOS United Kingdom and Ireland, including NAOS UKI Corporate, Bioderma brand (https://www.bioderma.co.uk/), Institut Esthederm brand (https://www.esthederm.com/en/), Etat pur (https://www.etatpur.com/), and our e-commerce website NAOS Store (https://www.naos-store.co.uk/), you are providing your explicit consent to receive communication from NAOS United Kingdom and Ireland. This communication may include updates, promotions, and information related to any of our brands. We are committed to safeguarding your privacy and complying with all applicable data protection laws, including the General Data Protection Regulation (GDPR) and UK data protection law.

Your personal information will be used solely for the purpose of delivering relevant newsletters and marketing content from NAOS United Kingdom and Ireland and its affiliated brands. You have the right to withdraw your consent or manage your communication preferences at any time by following the instructions provided in our communications or by contacting our Data Protection Officer at support@uki.naos.com.

We value your trust and are dedicated to ensuring that your personal information is handled with the utmost care and security. For more information on how we collect, process, and protect your data, please review our comprehensive Privacy Policy on our respective websites.

1. Which data is covered by the Policy?

This Privacy Policy applies to all personal data that you communicate to us or that we collect, directly or indirectly, in particular when you browse our website https://www.bioderma.co.uk/ (hereinafter "The Website") or on the occasion of the purchase of BIODERMA (NAOS UK and Ireland) products.

"Personal data" is information that directly or indirectly identifies a natural person. This includes, for example, your name, e-mail address, and phone number, but also data on your consumption habits, your skin type, etc.

Time of collectionCategories of data collectedRetention periodLegal basis
You browse our Website

We collect:

  • Your technical data for connection and navigation (e.g. your IP address, information about your browser, device, pages visited, duration of your visit, etc.)

For more information, see our Cookie Policy.

13 months from the date of collection during your navigation.

Legitimate interest

Consent

You subscribe to our newsletter

We collect:

  • Your email address
3 years from the date of collection or last contact from youConsent
You write via our social networking pages

We collect:

  • Identification data (surname, first name, etc.);
  • Your profile on social networks;
  • The content of your messages (which may include data relating to your health, skin colour, consumption habits, etc.).
3 years from the date of collection or last contact from you

Legitimate interest

Consent

You contact our Consumers Service or our advisers by email, phone, mail

We collect:

  • Your identification data (e.g. surname, first name, postal address, e-mail address, etc.);
  • The information you agree to communicate to us (which may contain information relating to your health, skin colour, habits of consumption, etc.);
3 years from the date of collection or last contact from you

Legitimate interest

Consent

You participate in a game or contest

We collect:

  • Your identification details (e.g. surname, first name, postal address, email address, nickname, phone number, etc.).
Time required to manage the gameCompleting a contract
You participate in a product test or a satisfaction survey

The data we collect depends on the purpose of the survey or test.

We can collect including:

  • Your identification data (name, surname, age, etc.);
  • Data relating to your health (e.g. pathology related to your skin);
  • Your family situation,
  • Data relating to your skin colour (e.g. phototype), etc.
Duration required to complete the test or survey and to interpret the results.

Legitimate interest

Consent

You declare a case of Cosmetovigilance

We collect:

  • Your identification data (e.g. surname, first name, postal address, e-mail address, etc.);
  • The reason and the content of our exchanges;
  • data relating to your health or your skin colour, if you decide or agree to communicate them to us;
  • Bank or financial data (e.g. IBAN in case of refund, etc.).
Duration provided by lawLegal obligation

During each collection, certain data (indicated by asterisks) must be provided in order to benefit from the services offered. The others are purely optional and allow us to know you better, for example to offer you adapted offers.

 

 

2. How do we collect data from minors?

Our website is accessible to anyone, major or minor.

However, the additional prior consent of the holder of parental authority is required for minors under the age of fifteen who subscribe to our services or provide us with personal data concerning them.

3. The case of third-party websites

On our website, you can connect via your social network profiles, click on links to our social networking pages, etc.

Social networks (Facebook, Instagram, Pinterest, YouTube, etc.) may collect personal data about you. You will find below the links to the privacy policies of these main social networks. To ensure the security of your data, we invite you to consult the privacy policy of these websites.

You also have the option to publish content on our pages. We remind you that any content transmitted via our pages is accessible to the public. Concerned about the protection of your privacy, we invite you to be vigilant when you communicate your personal data on social networks. We are not responsible for the use that may be made by third parties, data that you have communicated publicly.

We remind you that we may collect the content you publish on our pages, to know you better and to segment our consumer databases.

4. Cookie management

We may be required to deposit and use cookies when browsing our website or mobile application, in particular to improve our content and the operation of our services.

As part of the protection of your privacy, we invite you to consult our Cookies Management Policy to obtain information on these cookies and set their operation.

5. Who are the recipients of your data?

We may be required to transmit your data to the following companies, structures and/or persons involved in the fulfillment of the purposes described in IV above:

  • Employees of NAOS Group companies who need to process the personal data collected for the purposes explained above;
  • Our subcontractors and service providers, for example to send you commercial solicitations when you have consented, to host our consumer databases, etc.;
  • Google, to measure the audience on our Website;
  • Social networks, to know your activity on our pages, your consumption habits etc.;

We select subcontractors, service providers and suppliers who provide sufficient safeguards to ensure the protection, security and privacy of your personal data, including the implementation of appropriate technical and organizational measures that meet the requirements of the law. They are only allowed to process your data according to our instructions.

Your personal data may also be communicated to the administrative or judicial authorities at their request, as well as to third parties or authorized recipients to comply with a legal obligation or for the exercise of legitimate interests.

6. How do we ensure the security of your data?

We undertake to use reasonable means to ensure that your personal data are sufficiently protected, taking into account the sensitive nature of certain information collected. We use a variety of technologies and procedures to ensure that your data is treated in a manner that protects it against unauthorized loss, destruction, alteration, disclosure, or access, whether unlawfully or accidentally.

We implement measures that respect the principles of protection from the design stage and, by default, the personal data processed. As such, we are able to use data anonymization techniques whenever possible and/or necessary.

We demand an equivalent level of security from our subcontractors.

For example, we or our subcontractors store your data on computer servers located in controlled locations and whose access is limited.

7. Where do we store your data?

Our company and our subcontractors process and store your data only in member countries of the European Union.

8. How can you exercise your rights?

In accordance with the laws in force, you benefit from:

  • A right to information;
  • A right of access to data concerning you;
  • A right to correct your data;
  • A right to erase data for legitimate reasons;
  • The right to oppose the processing of your data for legitimate reasons;
  • The right to withdraw your consent to the processing of your data;
  • A right to limit treatment;
  • The right to portability of data;
  • The right not to be the subject of a decision based exclusively on automated processing and having legal effects affecting you or affecting you significantly;
  • The right to oppose the commercial prospection;
  • The right to formulate guidelines regarding the storage, deletion and communication of your personal post-mortem data.

You may exercise these rights at any time by email, via our contact form (https://www.bioderma.co.uk/contact-us) or by post to the following address: Consumer Service BIODERMA, NAOS UKI - Dickens House, 1 Fetter Lane, London. EC4A 1BR United Kingdom.

A reply will be sent to you within one month of receiving your request.

We reserve the right not to respond to requests that are manifestly unfounded in accordance with European regulations. The person concerned will be informed of any refusal formulated by us.

You can also - if you wish - make a complaint to the GOV.uk website: https://www.gov.uk/data-protection.

For more information, please consult the following link: http://www.aboutcookies.org/.

9. How to contact the DPO?

We have appointed a Data Protection Officer (DPO) who can be reached at the following address: support@uki.naos.com, or by post at the following address: Legal Department - DPO, NAOS UKI, Dickens House, 1 Fetter Lane, London. EC4A 1BR United Kingdom.

The Data Protection Officer is available to provide any necessary information regarding the Data Protection Policy.