Oriflame Cosmetics AG ("We") are committed to protecting and respecting your privacy.
For the purpose of the Data Protection Acthttps://www.gov.uk/data-protection/the-data-protection-act (UK) orhttps://www.dataprotection.ie (ROI), the data controller is Oriflame Holdings BV(registered in Bolduc Building A, Utopialaan 52, 5232 CE 's-Hertogenbosch, The Netherlands)
We process the data in compliance with the Act, the purpose of personal data processing by us is to organize and ensure that we fulfil our obligations and ensure protection of our rights arising from your registration. The processing of the data by us is done pursuant to the rules described below.
We may collect and process the following data about you:
1.1 Information you give us. You may give us information about you by filling in forms on our site www.oriflame.co.uk OR www.oriflame.ie or by filling in the registration form in writing or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to be our consultant, search for a product, place an order on our site, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey and when you report a problem with our site. The information you give us may include your:
· date of birth,
· e-mail address,
· phone number and mobile phone number,
· unique consultant ID,
· personal identification number,
· national tax code or number,
· social insurance/security number,
· bank account details,
· name and surname of your legal guardian if you are adolescent,
· and passport number (for the consultants taking part in international conferences).
We hope you will provide us with this information. However, if you do not want to disclose your personally-identifiable information to us, please do not submit it. Please be aware that if you do not provide such information in some cases we will not be able to provide you the service you have requested.
1.2 Information we collect about you. We store the history of your purchases, your levels in our consultants’ network structure, your performance, recruits sponsored by you etc.
With regard to each of your visits to our site we may automatically collect the following information:
· technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
· information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
1.3 Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
2 Uses made of the information
We use information held about you in the following ways:
· to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us including resolving any disputes, collect fees, and troubleshoot problems;
· to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
· To provide you with the rights, benefits, and entitlements, and other conditions as applicable under the contractual relationship between you and us;
· To comply with other regulations applicable to our cooperation with you such as e.g. tax laws, social security laws, statistical obligations etc.
· To monitor and assure compliance by you with our policies and rules.
· to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. We will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. We will do so only if you have consented to this. If you change your mind and do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please: select relevant tick box on your Account or contact customer service by sending an email to email@example.com OR firstname.lastname@example.org or by calling to our helpdesk line at 0207 1180081 UK OR 01 485 1010 ROI to notify you about changes to our service;
· to ensure that content from our site is presented in the most effective manner for you and for your computer;
· to ensure effective management of the network of our consultants by ourselves but also by other members of our consultants networks (mainly your sponsor);
· to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
· to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
· to allow you to participate in interactive features of our service, when you choose to do so;
· to keep our site safe and secure;
· to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you, this includes performance of the consumer satisfaction and alike studies;
· to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them;
· to respond to requests and legal demands from regulators or other authorities.
3 Disclosure of your information
3.1 We do not sell, rent or trade your personal data.
3.2 We may give access to your personal information and allow its processing to the companies being members of our group (ultimate holding company and its subsidiaries) in order to support us in performance of the activities listed above in point 3 (Uses Made of the Information).
3.3 We may give access to your information and allow its processing in strictly defined scope and purpose to selected third parties such as:
· business partners: suppliers and sub-contractors for the performance of any contract we enter into with them or you. This includes among others: carriers, credit collection agencies, factoring services providers, logistics services (such as picking and packing) providers, customer support services providers etc.
· Other members of our consultants network (primarily to your sponsor in our network and your down-line consultants) for the purpose of effective management of our consultants network. If you do not want us to pass your personal information to the other consultants in the network for mentioned purpose, please contact customer service by sending an email to email@example.com OR firstname.lastname@example.org or by calling to our helpdesk line at 0207 1180081 UK OR 01 485 1010 ROI
· Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, new joint consultants from certain area).
· Analytics and search engine providers that assist us in the improvement and optimisation of our site.
· Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
· Providers of technical solutions allowing us to send to you our messages (including marketing messages or customer satisfaction surveys when you consented to receive such information) e.g. mass mailing solutions providers, mass texting solutions providers.
We may also disclose your personal information to third parties:
· In the event that we sell, buy or in other way transfer any business or assets, in which case we may disclose your personal data to the prospective seller, buyer or acquirer of such business or assets.
· If our company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
4 How and Where we store your personal data
All information you provide to us and we collect about you is stored on secure servers. All online payment transactions will be encrypted using SSL technology and will be processed by third party providers. We do not collect or store credit and debit card information for online transactions.
5 Duty of care
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site (hereinafter your “ Account”), you are responsible for keeping this password confidential. We ask you not to share a password with anyone. If you do share your password with others, you will be responsible for all actions taken in the name of your Account. If you lose control of your password, you may lose substantial control over your personal data and may be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason, you should immediately notify us and change your password. We will never ask for your password except during the login process. Our employees are subject to additional requirements in the area of information protection.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
6 Your rights
6.1 Marketing information. You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms (mainly the CAF) we use to collect your data. You can also exercise the right at any time by selecting relevant tick box on your Account or contacting our customer service by sending an email to email@example.com OR firstname.lastname@example.org or by calling to our helpdesk line at 0207 1180081 UK OR 01 485 1010 ROI
6.2 Access to information. Rectification and deletion. You have the right to access information held about you and to request its rectification or deletion. You can see, review and change most of your personal data by signing on to your Account. Generally, we will not manually modify your Personal Data because verifying their identity remotely may prove difficult. Thus, it is your responsibility to update promptly your personal data if it changes or is inaccurate. Upon your request to Oriflame Customer Service email@example.com ORinfo@oriflame.ie 0207 1180081 UK OR 01 485 1010 ROI, www.oriflame.co.uk OR www.oriflame.ie we will close your Account as soon as reasonably possible, in accordance with applicable law. We do retain personal data from closed accounts to comply with law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, and take other actions otherwise permitted by law.
7 Entrustment of personal data processing – Your Obligations
As to a member of our consultants network, we entrust you the processing of the personal data of other members of our consultants network on the basis of the below provisions.
We entrust you with personal data processing in the scope and for the purpose defined in the Rules, and you covenant to process these data in the manner ensuring compliance with the requirements contemplated in the Act, and in particular compliance with rules regarding the processing and protection of the entrusted data.
The sole objective of personal data processing by you is to perform the provisions of the Rules.
You are obliged in particular:
· to process the personal data entrusted to you by us only within the objective of data processing specified above,
· not to take any actions aiming at making the personal data further available in the manner not described herein, unless the commonly binding provisions of law stipulate otherwise,
· to immediately return the entrusted personal data after termination of your relationship with us (i.e. upon your deregistration as our Consultant), and to remove these data from any electronic data carriers on which they were recorded by you for the purpose of achievement of the objective described in above.
We reserve the right to audit the methods of protecting the entrusted personal data applied by you. You are obliged to provide us with an opportunity to conduct such an audit immediately after being requested to do so.
We authorize you to process the personal data in the scope and for the purpose defined in the Rules, in particular in the IT systems and in a hard-copy form, and also to grant further authorizations to process the data to the persons cooperating with you on the basis of a civil law agreements provided that you will ensure contractually that they will comply with all the requirements with regard to the data processing and protection binding on you and provided that we accept such sub-processor.
It is agreed between us and you that if the files containing personal data are sent between us, such files will be secured during transmission through the public network with cryptographic means of personal data protection.
Certain cookies contain Personal Data – for example, by clicking to “remember me” when logging in, a cookie will store the username. Most cookies will not collect information that identifies the user, and will instead collect more general information such as how users arrive at and use systems, or a user’s general location.
8.1 Essential Cookies
Some cookies are essential for the operation of the system. For example, some cookies allow us to identify registered users and ensure they can access the whole system. If a registered user opts to disable these cookies, the User may not be able to access all of the content of the system.
8.2 Performance Cookies
Other cookies may be used to analyze how the users use the systems and to monitor system performance. This allows us to provide a high quality experience by customizing the offering and quickly identifying and fixing any issues that arise. For example, performance cookies may be used to keep track of which pages are most popular and to determine why some pages are receiving error messages. These cookies may also be used to highlight products or site services that will be of interest to the users based on their usage of the System.
8.3 Functionality Cookies
Functionality cookies are used to allow us to remember some users’ preferences.
8.4 Behaviourally Targeted Advertising Cookies
Users are always free to decline cookies if their browser permits, although doing so may interfere with their use of some of Oriflame Systems. Please find detailed information on how to disable cookies here (http://www.allaboutcookies.org/manage-cookies/).
10 Contact and complaints
Publication date: April 2016