Dermalogica privacy policy

1. overview

1.1. This privacy policy governs the treatment of personally identifiable information, which You may provide to Dermalogica, a division of UPD South AfricaProprietary Limited whose chosen address for purposes of this privacy policy is 11-13 St Andrews Road, Parktown, Johannesburg, 2193 ("Dermalogica").

1.2. Dermalogica respects Your privacy and will take reasonable measures to protect it and will implement and operate all reasonable informationsecurity controls in order to protect and preserve the confidentiality, integrity and accessibility of all personal information and the risks relatingthereto.

2. personal information

2.1. In the event that You:

2.1.1. register as a user on the Dermalogica website, www.dermalogica.co.za/en-na/pages/register ("Website") and/or sign up to receive newsletters and/or marketing information and/or complete an in-store or online customer information and/or consultation card, Dermalogica may require You to provide certain personally identifiable information, such as Your name and surname, credit card details, email address, physical address, date of birth, details relating to your well-being and/or health, medical information and/or mobile telephone number (collectively referred to as "Personal Information");

2.1.2. supply your Personal Information to Dermalogica, You expressly agree and acknowledge that Dermalogica will:

2.1.2.1. provide You with access to Your Personal Information to view and/or update Your personal details;

2.1.2.2. for the purposes of providing products and/or services to You, share Your Personal Information with its third party service providers such as logistic service providers, issuing or acquiring banks, payment method acquirers and/or transaction processing service providers (collectively referred to as “Service Providers”) and such Service Providers will collect, use, and retain such Personal Information for purposes of providing the third party services;

2.1.2.3. take appropriate technical and organisational measures to ensure that Your Personal Information is kept secure and is protected against unauthorised or unlawful processing, accidental loss, destruction or damage, alteration, disclosure or access;

2.1.2.4. promptly notify You if it becomes aware of any unauthorised use, disclosure or processing of Your Personal Information;

2.1.2.5. provide You with reasonable evidence of its compliance with its obligations under this privacy policy on reasonable notice and request; and

2.1.2.6. upon Your request, promptly return or destroy any and all of Your Personal Information in its possession or control.

2.2. Please note that:

2.2.1. in certain circumstances the Personal Information, which You provide to Dermalogica, may be shared by Dermalogica with its international licensor, trademark owners and/or partners (collectively referred to as "Licensors"), provided that such Licensors are subject to data protection laws, which provide an adequate level of protection in relation to the processing and use of Personal Information;

2.2.2. by providing Personal Information to Dermalogica, You will be deemed to have provided Your express consent to the use and lawful processing thereof by Dermalogica and, if applicable, the transfer, use, processing and retention thereof to the Licensors;

2.2.3. Dermalogica does not and will not knowingly collect, maintain, disclose or otherwise process Personal Information from minors below the age of 18, without the permission of such minor’s parents or legal guardians.

3. personal information collection and use

3.1. Subject to the provisions of this privacy policy, Dermalogica will:

3.1.1. treat Your Personal Information as strictly confidential;

3.1.2. automatically collect and store certain information in its server logs, such as web clicks, internet protocol addresses, device event information, cookies which may uniquely identify Your browser or Your account with Dermalogica;

3.1.3. not retain Your Personal Information for longer than the period for which it was originally needed, unless it is required by law to do so, or You consent to the retention thereof for a longer period.

3.2. Your Personal Information will be collected, processed and/or disclosed for the following purposes:

3.2.1. to process Your payments, if You purchase products, to provide You with Your order status, deal with Your enquiries and requests and assess and handle any complaints;

3.2.2. to process and answer Your enquiries and/or to contact You to answer Your questions and/or requests;

3.2.3. to provide You with skincare, body and/or beauty treatments and/or products, where applicable;

3.2.4. to develop and improve Dermalogica’s products, services, communication methods and/or the functionality of the Website;

3.2.5. to manage and give effect to its business requirements regarding Your participation in any competitions and/or promotions, which You may have entered;

3.2.6. to communicate information to You and to manage Your registration and/or subscription to any Dermalogica newsletters or other communications;

3.2.7. to authenticate the identity of individuals making contact with Dermalogica by telephone, electronic means or otherwise;

3.2.8. for use in internal training and/or quality assurance purposes;

3.2.9. to understand and assess the interests, wants, and changing needs of consumers, to improve the Website, current products and/or services and/or for developing new products and/or services;

3.2.10. to provide You with personalised products, communications and/or targeted advertising, including without limitation, product recommendations and/or invitations to events;

3.2.11. to perform a contract to which You are or will be a party and/or where Dermalogica has a legal obligation to collect, process and/or disclose Your Personal Information.

3.3. Where appropriate and required, You may be deemed to have consented to the use and processing of Your Personal Information, as a result of providing it to Dermalogica or Dermalogica will request that You provide Your consent to use and process Your Personal Information and in circumstances where You are deemed to or have provided your consent, You have the right to withdraw Your consent and/or object to any collection, processing and/or collection of Your Personal Information at any time by notifying the Dermalogica information officer at paia@cavi.co.za.

3.4. In certain instances, Dermalogica will rely on a legitimate interest for processing Your Personal Information on the basis that this ground will only be used where it is necessary to achieve a legitimate interest and will only be relied upon where there is a no less intrusive way to process Your Personal Information.

3.5. In addition to the provisions of clause 2.1.2.2, Dermalogica will share and/or transfer Your Personal Information to third parties when:

3.5.1. You have consented to the disclosure;

3.5.2. it is required in order to provide the services, which You have requested and/or in orderto comply with a law or court order;

3.5.3. it is necessary to:

3.5.3.1. enforce and/or apply the terms and conditions of an agreement, which Dermalogica may have entered into with a merchant and/or other third party;

3.5.3.2. protect the rights, property or safety of Dermalogica, its employees, users and/or customers.

4. data collection

4.1. Dermalogica will collect data about how You use its services and products and will only collect personal data relating to your medical history, wellbeing and/or health, where such information is necessary for Your proper care and treatment in relation to the provision of skin care and/or beauty services. By providing such personal information you will be deemed to have provided Dermalogica with Your express consent to the lawful use and processing thereof.

4.2. In addition to the aforesaid, Dermalogica may:

4.2.1. receive and store certain types of Personal Information whenever You interact with Dermalogica online, through the use of cookies and tracking technologies, as detailed in the Website terms and conditions applicable to the  Website;

4.2.2. collect personal data and/or information from third parties where Dermalogica operates accounts on such third party platforms, such as Facebook and Google.