Privacy policy
PRIVACY POLICY
1. OUR COMMITMENTS TO PERSONAL DATA PROTECTION
As we are concerned about protecting your privacy, we place great importance on the confidentiality of the personal data you provide to us.
“Your personal data” means information or elements of information that may directly or indirectly identify you. This generally includes information such as your name, addresses, profile photo, email addresses and telephone numbers, but may also include other information such as your IP address, your buying habits, information on your lifestyle or preferences.
In this privacy policy (hereinafter “Policy”), we want to explain the nature of the personal data we collect, how we process it, the measures we take to ensure its security and the rights that you have.
Our Policy may be updated at any time by us and these amendments will take immediate effect. You will be notified of these updates. We, therefore, invite you to refer to it regularly so that you are familiar with the latest available version.
This Policy applies to all the personal data that you provide to us, directly or indirectly, including through our websites (‘Sites’)
For more information, you can Contact us.
2. WHO COLLECTS YOUR PERSONAL DATA?
LABORATOIRE NUXE
Registeredoffice: 127 rue d’Aguesseau 92100 Boulogne Billancourt, France
Paris Trade and Companies Register 642.060.123
NUXE SPA(for our spas)
Registeredoffice: 127 rue d’Aguesseau 92100 Boulogne Billancourt, France
Paris Trade and Companies Register 497.883.587
Hereinafter collectively referred to as “NUXE”, is the data controller for the processing of your personal data as described in this Policy.
NUXE has also partnered with The Hut.com Limited (“THG”)to operate our website at https://uk.nuxe.com/ and online store through which THG will distribute NUXE products for us. When providing us with those services, THG process your personal data on our behalf. THG are a company registered in England and Wales and have a registered office at5th Floor, Voyager House, Manchester Airport, Manchester, M90 3DQ, United Kingdom.
3. WHEN DO WE COLLECT YOUR PERSONAL DATA?
We collect personal data from you, directly or indirectly through our suppliers, in particular when:
You browse our Sites or use our Services on our Sites;
You create an account on our Sites;
You log into your account on our Sites;
You use your account on our Sites;
You subscribe to our newsletter;
You make and pay for an order on our Sites;
You write a customer review, comment on our social media, on our Sites;
You contact us through various channels, including the contact forms, by chat, email, post or telephone;
You participate in a game or competition, product tests, satisfaction surveys and polls;
You visit the NuxeSpas;
You share content on social media using the hashtag #Nuxe or the hashtags we suggest;
You have given your consent to third parties to send us your personal data;
You share your content with us on our UGC (User Generated Consent);
We only collect your personal data when this is strictly necessary and legal. We undertake only to collect the minimum of personal data necessary for the purposes covered by this Policy.
4. HOW DO WE COLLECT YOUR PERSONAL DATA?
We may collect your personal data from different sources, such as:
Directly collected personal data, which you agree to send us when you create your account, through the collection forms, or when you make a purchase on our Site or in store. (for example: first name, last name, contact details, etc.);
Personal data collected when you use our Sites, for example by using cookies;
Personal data that you choose to share when using third party sites, which we collect from other sources.
5. WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT PURPOSES?
Our processing of your personal data has a specific purpose and a legal basis. More information about each purpose and the legal basis for our processing is set out below.
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
THE HUT.COM LIMITED on behalf of NUXE | When you create an account on our Sites and to manage your account | Depending on the situation, this personal data may include:
|
| Performing a contract Providing you with the service you have requested or the offer we have committed to | 3 years from your last activity on our sites |
|
| Consent Sending you marketing messages | |||
|
| Legitimate interest Improving consumer knowledge | |||
|
| Legitimate interest Preventing risks of fraud |
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
THE HUT.COM LIMITED on behalf of NUXE | Registering for the NUXE newsletter | Depending on the situation, this personal data may include:
|
| Consent Sending you marketing messages | 3 years from your last activity on our sites |
|
| Legitimate interest Understanding the relevance and effectiveness of our newsletters | 3 years from your last activity on our sites | ||
|
| Legal obligations Maintaining your contact details on a list of unsubscribe requests | 3 years from your request to unsubscribe |
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
THE HUT.COM LIMITED on behalf of NUXE | Purchases of products and/or services on our Sites and management of orders, provided you have created an account Data collected during purchases made directly on our Sites, through social media pages or in our sales outlets/Nuxe Spas. | Depending on the situation, this personal data may include: Data related to creating your account, which is needed to make a purchase:
|
Please note that information relating to payment (credit card number/Paypal information/bank details)are not collected by us but directly by the payment service providers
| Performing a contract Providing you with the service you have requested or the offer we have committed to | Data related to creating the account: 3 years from your last activity on our sites Data related to purchases and order management: until the services are completed Data related to billing:10 years (legal obligation) |
|
Please note that we use a solution provided by athird party service provider to detect fraud and so that we can check that the payment was made by you | Legitimate interest Protecting you and us against any fraudulent transaction and ensuring that payments are made and are not subject to any fraud or wrongdoing. | 13 months following the debit date or 15 months in the case of deferred debit payment cards. The data is kept for the purposes of evidence and is stored in an intermediary archive. It is only used if the transaction is disputed. | ||
|
| Legitimate interest Monitoring the dispute and providing you with a solution | |||
Data related to the purchase:
|
| Legitimate interest Monitoring our activity Legitimate interest Making your shopping experience easier | Data related to creating the account: 3 years from your last activity on our sites | ||
|
| Consent |
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
THE HUT.COM LIMITED on behalf of NUXE | Online browsing | The data collected when you browse directly on our Sites, or through cookies or similar technology. To find out more about the cookies used: Cookie Policy:
Technical information:
A unique login given to each visitor and the expiry date of this login.
Depending on the case:
| Please refer to our Cookie Policy which gives more detail on the types of cookies we use |
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
THE HUT.COM LIMITED on behalf of NUXE | User generated content
| Depending on the situation, this personal data may include:
|
| Legitimate interest Re-using the content you have posted online and offering you feedback on products/services | 3 years from your last activity on our sites |
|
| Legitimate interest Helping us understand your needs and expectations so that we can improve and promote our services,products and brands. |
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
THE HUT.COM LIMITED on behalf of NUXE | Use of services and applications
Data collected when you use our services, applications and/or systems (e.g. beauty diagnosis, store locator) | Depending on the situation, this personal data may include:
|
| Performing a contract Providing you with the service you have requested or the offer we have committed to | 3 years from your last activity on our sites |
| Legitimate interest Constantly improving our products and services to meet your needs and expectations, and to advance research and innovation. |
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
THE HUT.COM LIMITED on behalf of NUXE | Information requests Data collected when we contact you
| Depending on the situation, this personal data may include:
|
| Performing a contractual or pre-contractual measure Providing you with the service you have requested or the offer we have committed to | 3 years from your last activity on our sites |
| Legitimate interest Helping us understand the expectations and needs of our customersin order to improve our services, products and brands | ||||
For Cosmetovigilance:
| Legal obligations Complying with the legal obligation to monitor the undesirable effects of our products | Cosmetovigilance:10 years (legal obligation) |
Who collects your data? | When we collect your personal data? | What data (directly or following an interaction with you)? | For what purposes do we use your data? | On what legal basis? | How long do we keep your data for? |
---|---|---|---|---|---|
NUXE | Visiting Nuxe Spas or sales outlets | Depending on the situation, this personal data may include:
|
| Performing a contract Offering you treatment appropriate to your health | |
| Legitimate interest Helping us understand the expectations and needs of our customers in order to improve our services, products and brands |
7. WHAT IS OUR COOKIE POLICY?
For more information, please read our Cookie Policy.
8. WHO WE SHARE YOUR DATA WITH?
To provide our services, we may share your personal data with specific, authorised recipients, such as:
THG and its employees;
employees of the companies in the NUXE Group, bound by an obligation of confidentiality;
our advertising, marketing and promotion agencies, to help them deliver and analyse the effectiveness of our advertising campaigns and promotions;
third parties required to deliver you a product or a service, such as a delivery or postal service delivering a product that you have ordered;
suppliers of third party services, such as suppliers of hosting services for websites, conversational chatbots;
suppliers of Web analysis tools, such as Google;
our service providers and/or financial partners when sharing is required to meet the purposes referred to above;
the administrative or legal authorities when they ask us to disclose your information;
We ask these recipients to implement all the necessary and appropriate technical and organisational measures to ensure the confidentiality and optimum security of your data against any abusive use, and only to use it in accordance with our instructions and with the legislation and regulations in force, in particular by signing a personal data protection agreement where appropriate.
9. WHAT IS OUR DATA TRANSFER POLICY OUTSIDE THE UK AND EEA?
Whilst our partner THG is located in the United Kingdom (‘UK’)we are located in France. Your personal data will therefore be processed in the UK and in the European Economic Area (‘EEA’).
We may transfer your personal data for the purposes detailed above to another company in the NUXE Group, or to trusted partners outside the UK and EEA, whose legislation on personal data protection is different to the UK and EEA.
When these partners are located outside the UK and EEA, we will take all appropriate measures, insofar as possible, to guarantee the security of such transfers by one of the following measures, in particular:
by signing data transfer contracts including standard European Commission clauses;
by complying with the internal company rules approved by the competent authorities;
We ask our partners to implement all the necessary and appropriate technical and organisational measures to ensure the confidentiality and security of your data.
On request, we can provide you with the list of countries in which we store and process your data and the countries through which your data might transit.
10. HOW DO WE PROTECT YOUR PERSONAL DATA?
We take all reasonable precautions to protect the security and confidentiality of your personal data by implementing organisational, technical, software and hardware measures and we require our partners to do the same.
Access to your personal data is restricted to prevent all unauthorised access, modification, interference, loss and/or abuse. Although NUXE takes all reasonable measures to protect your personal data, no transmission or storage technology is infallible.
11. HOW CAN YOU EXERCISE YOUR RIGHTS?
You have certain rights in relation to the personal data we hold about you. These include the following rights:
right of access to your personal data, which gives you the right to know if your data is processed and to obtain communication thereof in a comprehensible format. It also allows you to control the accuracy of the data and, where necessary, to correct or erase it.
right of rectification, which gives you the right to correct inaccurate personal data (incorrect age or address) or to complete data (address without apartment number) related to the purpose of the processing.
right to object to processing your personal data, which gives you the right to object to your data being used for a specific purpose;
right to erase your personal data in some circumstances;
right of portability over your personal data, which gives you the right to request recovery of the data you have provided, for personal use or to transmit to a third party of your choice;
right to restrict processing of your personal data, which gives you the right to restrict the processing of your personal data in certain circumstances such as where you contest the accuracy of that personal data or you object to us processing it for a particular purpose;
right to withdraw consent, where we rely on your consent (or explicit consent) as our legal basis for processing your personal data. You have the right to withdraw that consent at any time by contacting us or using any other opt-out mechanism we provide (as set out below);
right not to be subject to a decision when it is based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for the entering into, or the performance of, a contract between you and us;
right to lodge a complaint with the supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK. Contact details for the ICO can be found on its website at https://ico.org.uk.
To exercise these rights, you simply need to send a written request via the contact form identifying the subject of your request as “Personal Data & GDPR”.
You will be sent a response within one (1) month of the date on which your request is received.
However, you can exercise your right of access and rectification over your personal data at any time from your Account, excluding data collected indirectly.
How to unsubscribe from our newsletter lists
You can unsubscribe from our newsletter lists via the unsubscribe link present on the bottom of all our newsletters or on the communication preferences page for your account.