Privacy policy
L'ORÉAL SINGAPORE PTE. LTD.
PRIVACY POLICY
L’Oréal’s ambition is to be an exemplary corporate citizen to help make the world a more beautiful place. We place great value on honesty and clarity and we are committed to building a strong and lasting relationship with you based on trust and mutual benefit. Part of this commitment means safeguarding and respecting your privacy and your choices. Respecting your privacy is essential to us. This is why we set out “Our Privacy Promise” and our full Privacy Policy below.
1. OUR PRIVACY PROMISE
- 1) We respect your privacy and your choices.
- 2) We make sure that privacy and security are embedded in everything we do.
- 3) We do not send you marketing communications without your consent. You may withdraw your consent at any time.
- 4) We never offer or sell your Personal Data.
- 5) We are committed to keeping your Personal Data safe and secure. This includes only working with trusted partners.
- 6) We are committed to being open and transparent about how we use your Personal Data.
- 7) We do not use your Personal Data without first informing you of the ways and purpose(s) of the use.
- 8) We respect your rights, and always try to accommodate your requests as far as is possible, in line with our own legal and operational responsibilities.
For more information about our privacy practices, we set out in this Privacy Policy the types of Personal Data that we may collect/receive from you directly or from your interaction with us, how we may use it, who we may disclose it to, how we protect and secure it, and your rights around your Personal Data in our possession. While the information in this Privacy Policy may not fully apply to you, this Privacy Policy intends to provide an overview of one or more possible situations which may apply to you based on your interactions with us.
The more you interact with us, the more you let us know about you and the more we are able to offer you tailored services.
If this Privacy Policy changes in any way, it will be updated on this page. Regularly reviewing this page ensures you are updated on the information which is collected, how it is used and under what circumstances, if any, it is shared with other parties.
When you share your Personal Data with us, or when we collect Personal Data about you, we will use and/or disclose your Personal Data in accordance with this Privacy Policy. Please read this Privacy Policy carefully. If you have any questions or concerns about your Personal Data, please contact us via the contact details set out in the "Contact" section below.
Please note that you must be at least eighteen (18) years old, or have obtained your parent’s or legal guardian’s consent, to use our services.
2. WHO WE ARE
Yves Saint Laurent Beauty Singapore is a part of the L’Oréal Singapore Pte. Ltd. (UEN: 199001413) (“L’Oréal”, “our”, “us”, or “we”) brand portfolio. L’Oréal is responsible for the Personal Data that you share with us. L’Oréal is the “organisation” for the purposes of the Singapore Personal Data Protection Act (No.26 of 2012), and the “data controller” for the purposes of applicable data protection laws in other jurisdictions.
L’Oréal Singapore Pte. Ltd. is a subsidiary of the L’Oréal Group, with a portfolio of numerous brands provided by our four divisions: Consumer Products, L’Oréal LUXE, Professional Products and Active Cosmetics as follows:
Consumer Products- • Garnier
- • L’Oréal Paris
- • Maybelline
- • Giorgio Armani Beauty
- • IT Cosmetics
- • Kiehl’s
- • Lancome
- • Shu Uemura
- • Yves Saint Laurent
- • Kerastase
- • L’Oréal Professionnel
- • La Roche-Posay
- • Vichy
- • Skin Ceuticals
(The brands listed above are hereinafter collectively referred to as the (“Brands”).
Business address: L’Oréal Singapore Pte. Ltd., 1 Raffles Quay, #47-01, North Tower, 048583
Website: https://www.yslbeauty.com.sg
3. WHAT IS PERSONAL DATA?
“Personal Data” means any information or pieces of information that could identify you either directly (e.g. your name) or indirectly (e.g. through pseudonymized data such as a unique ID number) and / or information which makes you identifiable. This means that personal data includes things like email/home addresses, mobile phone number, usernames, profile pictures, personal preferences and shopping habits, user generated content, financial information, and welfare information. It could also, in certain circumstances, include unique numerical identifiers like your computer’s IP address or your mobile device’s MAC address, as well as cookies.
4. WHAT PERSONAL DATA DO WE COLLECT FROM YOU AND HOW DO WE USE IT?
L'Oréal believes that you, the consumer, are at the heart of what we do. We love hearing from you, learning about you, and creating and delivering products and services that you enjoy. And we know that many of you love talking to us. Because of this, there are many ways that you might share your Personal Data with us, and how we might collect your Personal Data.
How do we collect or receive your Personal Data?
We might collect, record, hold, store, use, disclose, receive and/or process (collectively referred to as
"Process") Personal Data from you via our websites, forms, apps, devices, L’Oréal products or brands pages
on social media or otherwise. Sometimes you may give this to us directly (e.g. when you create an account,
when you contact us, when you purchase from our websites/apps or stores/beauty salon), sometimes we collect
it indirectly (e.g. using cookies to understand how you use our websites/apps), or sometimes we receive your
Personal Data from other third parties, including other L’Oréal Group entities.
When we collect Personal Data, we indicate the mandatory fields via asterisks(*) where such Personal Data is necessary for us to:
- - Perform our contract with you (e.g. to deliver the products you have purchase on our websites/apps);
- - Provide you with the service you have asked for (e.g. to provide you with a newsletter); or
- - Comply with legal requirements (e.g. invoicing).
If you do not provide the Personal Data marked with an asterisk (*), this may affect our ability to provide the products and services to you.
For further details on:
- When do we collect or use your Personal Data? This column explains what activity or situation you are involved in when we collect or use your Personal Data. For example, whether you are making a purchase, signing up to a newsletter, or browsing a website/app.
- What types of Personal Data do we Process? This column explains what types of Personal Data we may Process about you depending on the situation and your interaction with us.
- How and Why do we Process your Personal Data? This column explains what we may do with your Personal Data and the purposes for Processing it.
- What is our legal basis for Processing your Personal Data? This column explains the reason we may Process your Personal Data.
Depending on the purpose for which your Personal Data is used, the legal basis for the Processing of your Personal Data can be:
- Your consent;
- Our legitimate interest, which can be:
- Improving our products and services: more specifically, our business interests to help us better understand your needs and expectations and therefore improve our services, websites / Apps / devices, products and brands for our consumers’ benefit.
- Fraud prevention: to ensure payment is complete and free from fraud and misappropriation.
- Securing our tools: to keep tools used by you (our websites/Apps/devices) safe and secure and to ensure they are working properly and are continually improving.
- The performance of a contract: more specifically to perform the services you request from us;
- Legal grounds where a Processing is required by law.
Table - Information Overview On your Interactions With Us and Their Consequences On Your Personal Data
When do we collect or use your Personal Data? | What types of Personal Data do we Process from your interactions with us? | How and why we may use your Personal Data ? | What is our legal basis for Processing your Personal Data? |
Account Creation and management Information collected during the creation of an account on L’Oréal websites/apps, through a social media login, or in store. |
Depending on how much you are interacting with us, those data may include:
|
To:
|
|
|
|
||
|
|
||
Newsletter and commercial communications subscription |
Depending on how much you are interacting with us, those data may include:
|
To:
|
|
|
|
||
|
|
||
Purchases and order management Information collected during the purchase process made on L’Oréal or in the course of our interaction with you such as on our website/apps/social pages or in store |
Depending on how much you are interacting with us, those data may include:
|
To
|
Performance of a contract: To provide you with the service you requested (purchase). |
|
Legitimate interest To protect you and us from fraudulent transaction and to ensure the payment is complete and free from fraud and misappropriation. |
||
Online browsing Information collected by cookies or similar technologies (“Cookies”*) as part of your browsing on L’Oréal website/apps and/or on third-party website/apps. For information on specific Cookies placed through a given website/app, please consult the relevant cookie table. * Cookies are small text files stored on your device (computer, tablet or mobile) when you are on the Internet, including on L’Oréal Group’s websites. |
Depending on how much you are interacting with us, those data may include:
Technical Information:
A unique identifier granted to each visitor and the expiration date of such identifier. |
We use Cookies, where relevant, with other personal data you have already shared with us
(such as previous purchases, or whether you’re signed up to our email newsletters) or
the following purposes:
|
Legitimate interest: to ensure we are providing you with websites/apps, advertising and communications that are working properly and are continually improving for cookies that are (i) essential for the functioning of our websites/apps, (ii) used to keep our websites/apps safe and secure. |
|
Consent For all other cookies. |
||
Promotional operations Information collected during a game, contests, promotional offer, sample requests, surveys, events. |
Depending on how much you are interacting with us, those data may include:
|
|
Performance of contract To provide you with the service you requested. |
|
Legitimate Interest To help us better understand your needs and expectations and therefore improve our services, products and brands. |
||
|
Consent To send you direct marketing communications. To administer and manage your participation and presence in the event(s) as part of our promotional activities. |
||
User Generated Content Information collected when you submitted some content on one of our social platforms or accepted the re-use of content you posted on social media platforms by us. |
Depending on how much you are interacting with us, those data may include:
|
|
Consent To reuse the content you posted online. |
|
Legitimate interest To help us better understand your needs and expectations and therefore improve and promote our services, products and brands. |
||
Use of Apps and devices Information collected as part of your use of our Apps and/or devices. |
Depending on how much you are interacting with us, those data may include:
|
To
|
Performance of a contract To provide you with the service requested (including, where needed, analysis by the research and innovation team of the algorithm necessary to provide the service). |
|
Legitimate interest To always improve our products and services to match your needs and expectations and for research and innovation purposes; |
||
Enquiries Information collected when you ask questions (e.g. through our consumer care) relating to our brands, our products and their use. |
Depending on how much you are interacting with us, those data may include:
|
|
|
|
|
||
|
|
||
Sponsorship |
Depending on how much you are interacting with us, those data may include:
|
|
|
CCTV Surveillance | Pictures, audio, or video recordings that our CCTV surveillance device/system may have captured of yourself during your presence in our office premises and/or our boutique stores. |
|
|
Please note that regardless of the legal basis set out above, to the extent consent is necessary under local applicable laws, our Processing of your Personal Data is on the lawful basis of your consent.
Automated Decision Making
For purposes of securing transactions placed through our websites/apps/devices against fraud and misappropriation, we use third party provider’s solution(s). The method of fraud detection is based on, for example, simple comparisons, association, clustering, prediction and outlier detections using intelligent agents, data fusion techniques and various data mining techniques.
This fraud detection process may be completely automated or may involve human intervention where a person takes the final decision. In any case, we take all reasonable precautions and safeguards to limit access to your data.
As a result of automatic fraud detection, you may (i) experience delay in the processing of your order / request whilst your transaction is being reviewed by us; and (ii) be limited or excluded from the benefit of a service if a risk of fraud is identified. You have the right to access information on which we base our decision. Please see “Your Rights and Choices” section below.
Profiling
When we send or display personalised communications or content, we may use some techniques qualified as “profiling” (i.e. any form of automated Processing of Personal Data consisting of using those data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s personal preferences, interests, economic situation, behaviour, location, health, reliability, or movements). This means that we may collect personal data about you in the different scenarios mentioned in the table above. We centralize this data and analyse it to evaluate and predict your personal preferences and/or interests.
Based on our analysis, we send or display communications and/or content tailored to your interests/needs.
You have the right to object to the use of your data for “profiling” in certain circumstances. Please see “Your Rights and Choices” section below.
Who may access your Personal Data?
We may share your Personal Data within L’Oréal Group to comply with our legal obligations, to prevent fraud and/or to secure our tools, to improve our products and services, or after having obtained your consent to do so.
Depending on the purposes for which they were collected, and only on a need-to-know basis some of your Personal Data may be accessed by L’Oréal Group entities worldwide, where possible in a pseudonimized way (not allowing direct identification), and where necessary to provide you with requested services.
We may also share your Personal Data in a pseudonimized way (not allowing direct identification) with L’Oréal Research & Innovation scientists, including those located outside of your country, for research and innovation purposes.
Where permitted, we may also share some of your Personal Data including those collected through Cookies between our brands to harmonize and update the information you share with us, to perform statistics based on your characteristics and to tailor our communications.
Please visit the L’Oréal group website, for further details on the L’Oréal Group, its brands and its locations.
We may share your personal data for marketing purposes with third party (whether within or outside of Singapore) or entities of the L’Oréal Group.
We may direct you to a dedicated opt-in page hosted/operated by our third party partners for their own direct marketing purposes. In this context, your data is Processed by such third party, acting as an organisation/data controller, in accordance with their own terms and conditions and privacy policy. You should carefully check their terms and privacy policies before consenting to the disclosure of your information to that third party.
Your personal data may also be Processed on our behalf by our trusted third-party providers (whether within or outside of Singapore).
We rely on trusted third parties to perform a range of business operations on our behalf. We only provide them with the information they need to perform the service, and we require that they do not use your Personal Data for any other purpose. We always use our best efforts to ensure that all third parties we work with keep your Personal Data secure. For instance, we may entrust services that require the Processing of your Personal Data to:
- Third parties that assist and help us in providing digital and e-commerce services such as social listening, store locator, loyalty programs, identity management, ratings and reviews, CRM, web analytics and search engine, user generated content curation tools;
- Advertising, marketing, digital and social media agencies to help us to deliver advertising, marketing, and campaigns, to analyse their effectiveness, to manage your contact and questions, and our relationships;
- Third parties required to deliver a product to you e.g. postal/delivery services;
- Third parties that assist and help us in providing IT services, such as platform providers, hosting services, maintenance and support on our databases as well as on our software and applications that may contain data about you (such services could sometimes imply access to your data to perform the required tasks);
- Payment service providers and credit reference agencies for the purpose of assessing your credit score and verifying your details where this is a condition of entering into a contract with you;
- Third parties that assist us for customer care and customer vigilance purposes.
- Third parties that provide us with consulting services in the field of market research and analytics, collect feedback and conduct market surveys on our products, services and otherwise for customer relationship management purposes.
The legal basis for this sharing is our legitimate interests – (i) to improve our products and services; (ii) better engage with you; (iii) prevent fraud; (iv) secure our tools and design new features; (v) use appropriate suppliers; and (vi) ensuring your values align with that of L’Oréal’s.
We may also disclose your Personal Data to third parties (whether within or outside of Singapore):
- In the event that we sell any business or assets, in which case we may disclose your Personal Data to the prospective buyer of such business or assets. If L’Oréal or a part of its assets is acquired by a third party, Personal Data held by it about its customers relating to those assets is one of the transferred assets. Where appropriate, in such case, the buyer acting as the new organisation/data controller Processes your Personal Data and its privacy policy governs the Processing of your Personal Data.
- If we are under a duty to disclose or share your personal data in order to comply with a legal obligation, or in order to enforce or apply our terms of use/sales or other terms and conditions you have agreed to; or to protect the rights, property, or safety of L’Oréal, our customers, or employees.
- If we have your consent to do so
- Or if we are permitted to do so by law.
We may disclose your Personal Data to our partners (whether within or outside of Singapore):
-
In the event the service you subscribed to was co-created by L’Oréal and a partner (for example,
a co-branded app). In such case, L’Oréal and the partner Process your Personal Data each for
their own purposes and as such your data is Processed:
- By L’Oréal in accordance with this Privacy Policy;
- By the partner acting also as an organisation/data controller under its own terms and conditions and in accordance with its own privacy policy.
- In the event you agreed to receive marketing and commercial communications from a L’Oréal partner through a dedicated opt-in (for instance, through an app branded by L’Oréal and made available to its partners). In such case, your data is Processed by the partner acting as an organisation/data controller under its own terms and conditions, and in accordance with its own privacy policy.
- We may publish on our supports content from social networks. In the event you consult content from social networks on our website/apps, a Cookie from such social network may be stored on your device. We invite you to read the Cookie Policy of these social networks for more information.
Information that Google collects and shares with us
We may incorporate and use Google services (including advertising and analytics) on our websites/apps.
When we use Google services on our websites / apps, Google will access and use your Personal Data. If you wish to learn more on how Google uses your Personal Data in this context, please consult the Google Privacy & Terms which govern these services and Personal Data processing.
Information that Facebook collects and shares with us
We may incorporate and use Facebook features and services on our websites/apps.
All Facebook features and services available on our website/app are governed by the Facebook Data Policy in which you can get more info about your privacy rights and settings options.
By using our website/app, you may:
- Sign-up with your Facebook login. If you do so, you consent to share some of your public profile information with us;
- Use the Facebook social plug-ins, such as “like” or “share” our content on the Facebook platform;
- Accept cookies from this website/app (also identified as “Facebook Pixel”) that will help us understand your activities, including information about your device, how you use our services, the purchase you make and the ads you see, whether or not you have a Facebook account or are logged into Facebook. When you are using those Facebook features, we collect data that help us to:
- Show you adds you might be interested in on Facebook (or Instagram, Messenger or any other Facebook services);
- Measure and analyse the effectiveness of our website/app and ads.
We may also use the personal information you gave us on this website/app (such as your name and surname, email, address, gender and phone number) to identify you and/or those who have similar profile like yours in Facebook (or Instagram, Messenger or any other Facebook services) in order to show you and the others, ads that are even more relevant for you and the others. While doing this, Facebook will not share your personal information and will delete the information promptly after the match process is complete.
We do not offer or sell your personal data.
Where we Store your Personal DataThe Personal Data that we collect from you may be Processed, transferred to, accessed from, and stored at a destination outside Singapore. It may also be Processed by employees of L’Oréal operating outside Singapore who work for us or for one of our service providers.
L’Oréal transfers personal data outside of Singapore only in a secure and lawful way. As some countries may not have laws governing the use and transfer of personal data, we take steps to make sure that third parties adhere to the commitments set out in this Policy. These steps may include reviewing third parties’ privacy and security standards and/or entering into appropriate contracts.
For further information, please contact us as per the “Contact” section below.
How Long Do We Keep Your Personal DataWe only keep your Personal Data for as long as we need it for the purpose for which we hold your Personal
Data, to meet your needs, or to comply with our legal obligations.
To determine the data retention period of your Personal data, we use the following criteria as guidance:
- Where you purchase products and services, we keep your personal data for the duration of our contractual relationship;
- Where you participate in a promotional offer, we keep your Personal Data for the duration of the promotional offer;
- Where you contact us for an enquiry, we keep your Personal Data for the duration needed for the processing of your enquiry;
- Where you create an account, we keep your Personal Data until you require us to delete it or after a period of inactivity (no active interaction with brands) defined in accordance with local regulations and guidance;
- Where you have consented to direct marketing, we keep your personal data until you unsubscribe or require us to delete it or after a period of inactivity (no active interaction with brands) defined in accordance with local regulations and guidance;
- Where cookies are placed on your computer, we keep them for as long as necessary to achieve their purposes (e.g. for the duration of a session for shopping cart cookies or session ID cookies) and for a period defined in accordance with local regulations and guidance.
We may retain some Personal Data to comply with our legal or regulatory obligations, as well as to allow us to manage our rights (for example to assert our claims in Courts) or for statistical or historical purposes.
When we no longer need to use your Personal Data, it is removed from our systems and records or anonymised so that you can no longer be identified from it.
Is Your Personal Data Secure?We are committed to keeping your Personal Data secure, and taking all reasonable precautions to do so. We contractually require that trusted third parties who handle your personal data for us do the same.
We always do our best to protect your personal data and once we have received your personal data, we use strict procedures and security features to try to prevent unauthorised access. As the transmission of information via the internet is not completely secure, we cannot guarantee the security of your data transmitted to our site. As such, any transmission is at your own risk.
Links to Third Party Sites and Social LoginOur websites and Apps may from time to time contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we are not responsible or liable for these policies. Please check these policies before you submit any personal data to these websites.
We may also offer you the opportunity to use your social media login. If you do so, please be aware that you share your profile information with us depending on your social media platform settings. Please visit the relevant social media platform and review its privacy policy to understand how your personal data is shared and used in this context.
Social Media and User Generated ContentSome of our websites and Apps allow users to submit their own content. Please remember that any content submitted to one of our social media platforms can be viewed by the public, so you should be cautious about providing certain personal data e.g. financial information or address details. We are not responsible for any actions taken by other individuals if you post personal data on one of our social media platforms and we recommend that you do not share such information.
YOUR RIGHTS AND CHOICES
L’Oréal respects your right to privacy: it is important that you are able to control your personal data. You have the following rights:
Your rights | What does this mean? |
The right to be informed | You have the right to obtain clear, transparent and easily understandable information about how we use your Personal Data, and your rights. This is why we are providing you with the information in this Privacy Policy. |
The right of access | You have the right to access to the personal
data we
hold about you (subject to certain restrictions). We may charge a reasonable fee taking into account the administrative costs of providing the information. Requests may in certain circumstances, be refused in accordance with the requirements prescribed under law. To do this, please contact us at the details below. |
The right to rectification |
You have the right to have your personal data rectified if it is incorrect or
outdated
and/or completed if it is incomplete. To do this, please contact us at the details below. If you have an account, it may be easier to correct your own data via your “My Account” function. |
The right to erasure/right to be forgotten | In some cases, you have the right to have
your
personal data erased or deleted. Note this is not an absolute right, as we may
have
legal or legitimate grounds for retaining your personal data. If you would like us to delete your personal data, please contact us at the details below. Please note that if you wish to delete your personal data, depending on the personal data deleted, we may not be able to provide you with the requested services as described within this Privacy Policy. |
The right to object to direct marketing, including profiling |
You can unsubscribe or opt out of our direct marketing communication at any time. It is easiest to do this by clicking on the “unsubscribe” link in any email or communication we send you. Otherwise, you can contact us using the contact details below. If you would like to object to any profiling, please contact us at the details below. |
The right to withdraw consent at any time for data processing based on consent |
You can withdraw your consent to our Processing of your data. The withdrawal of consent shall not affect the lawfulness of Processing before the withdrawal of consent. If you would like to withdraw your consent, please contact us at the details below. Please note that if you withdraw your consent, we may not be able to provide you with the requested services as described within this Privacy Policy. |
The right to object to processing based on legitimate interests |
You can oppose at any time to our Processing of your data when such Processing is based on the legitimate interest. We refer to the tables inserted in section “what data do we collect from you and how do we use it” especially the column “What is our legal basis for Processing your Personal Data?” to identify where our Processing is based on legitimate interests. To do so, please contact us at the details below. |
The right to lodge a complaint with a supervisory authority |
You have the right to contact the data protection authority of your country in
order to
lodge a complaint against the data protection and privacy practices of
L’Oréal. Do not hesitate to contact us at the details below before lodging any complaint with the competent data protection authority. |
The right to data portability |
You have rights to move, copy or transfer data from our database to another. This only applies to data that you have provided where Processing is based on a contract or your consent, and the Processing is carried out by automated means. We refer to the tables inserted in section “what data do we collect from you and how do we use it” especially the column “What is our legal basis for Processing your Personal Data?” to identify where our Processing is based on the performance of a contract or on consent. For further details, please contact us at the details below. |
The right to restriction |
You have the right to request restriction of our Processing of your data. This right means that our Processing of your data is restricted, so we can store it, but not use nor Process it further.
It applies in limited circumstances as follows:
|
The right to deactivate Cookies |
You have the right to deactivate Cookies. The settings from the Internet browsers are usually programmed by default to accept Cookies, but you can easily adjust it by changing the settings of your browser. Many cookies are used to enhance the usability or functionality of websites/apps; therefore disabling cookies may prevent you from using certain parts of our websites/apps as detailed in the relevant Cookie Table. If you wish to restrict or block all the cookies which are set by our
websites/apps
(which may prevent you from using certain parts of the site), or any other
websites/apps, you can do this through your browser settings. The Help
function
within your browser should tell you how. |
To deal with your request, we may require proof of your identity.
CONTACT
If you have any questions or concerns about how we treat and use your Personal Data, or would like to exercise any of your rights above, you may contact our Data Protection Officer via e-mail at [email protected] or by writing to us at L’Oréal Singapore Pte. Ltd., 1 Raffles Quay, #47-01, North Tower, 048583 (attention: Data Protection Officer).
If you would like to unsubscribe from receiving text messages, emails or phone communications from L’Oréal, you may email us at [email protected] or by clicking the “unsubscribe” link at the bottom of each communication from us.
Please note that by visiting our website and / or utilizing and procuring our products and services, you are deemed to have consented to the terms in this Privacy Policy unless and until you otherwise notify us via the contact details set out above.
(Updated as of: October 2023)