Privacy Policy]]
This Privacy Policy was last updated on August 27, 2024.
We attach particular importance to respecting the privacy of users of our site and to compliance with the legal provisions in force.
This privacy policy allows you to better understand the personal data protection principles that we apply. It may be updated at any time by us. Any changes will be published on this page and, where applicable, notified to you. We invite you to read it before submitting your personal data to us and to refer to it regularly. You can download and archive this document in PDF format in clicking here . To open the PDF file, you must have the free Adobe Reader software (downloadable from www.adobe.fr) or similar software that supports the PDF format.
1. Who are we?
myBlend, whose registered office is located at 9 rue du Commandant Pilot, 92200 Neuilly-Sur-Seine, France, is responsible for the processing of personal data unless we declare otherwise in a particular case.
2. When do we collect your personal data?
We collect personal data from you when:
- you visit our site;
- you create an account on our site;
- you make a purchase or reservation on our site or at one of our approved points of sale;
- you subscribe to one of our newsletters;
- you order a gift card;
- you join our loyalty programs;
- you participate in special operations, including competitions, product tests, satisfaction surveys, polls or market studies;
- you share content on social media such as Instagram, Facebook or Pinterest using the hashtag #myblend or other hashtags we offer;
- you visit us at an Institute/Spa or at certain approved points of sale in the myBlend selective distribution network;
- you carry out a diagnosis with mySkinDiag via the website, the mobile application or at the point of sale;
- you contact us, in particular when you call or make a request or complaint to our Customer Relations Department, when you give your opinion on our products and/or services or when you communicate in real time with our coaches;
- you have given your consent to third parties transmitting data about you to us.
3. What personal data do we collect?
We are mainly likely to collect the following personal data which allows you to be identified directly or indirectly:
- data relating to your identity, in particular your title, your surname, your first names, your postal address, your telephone numbers, your email address, your identifier, user name and password, your date of birth or your age;
- where applicable, identification data (surname, first name) and contact details (email address, telephone number) of the person receiving the myBlend gift card, if you have ordered this gift card for someone other than yourself;
- data relating to your means of payment, in particular your credit card number and its expiry date;
- data relating to the monitoring of our commercial relationship, in particular your order number, the history of your purchases, your requests or your correspondence with our Customer Relations Service, your preferences and interests or information relating to our loyalty program
- data relating to your social media accounts (username, gender, profile picture, caption, location, etc.), uploads and posts when you download content or use the hashtag #myblend or other hashtags that we offer on certain social networks;
- content data such as photographs, videos, notes, personalized messages, reviews or comments;
- wellness or health data (beauty concerns, skin type, skin sensitivity, contraindications, declarations relating to adverse effects, etc.) subject, where applicable, to your prior and explicit consent, in particular in the context of cosmetovigilance, a Skin Diag or a myBlend treatment in one of our institutes/spas;
- technical data, including your IP address or browsing information relating to your terminal;
- other data that you provide in connection with a request to one of our services or that we may have obtained from external service providers.
4. Why is your personal data collected?
We collect your personal data for all or part of the following main purposes:
- Administration of the site and improvement of the quality of the service (Legitimate interests);
- Management of your orders (orders, deliveries, invoices, after-sales service, etc.) (Execution of a contract);
- Customer relationship management (CRM), in particular to know you better and communicate personalized information about our products and services (in particular, by email, SMS or any other medium and by displaying targeted advertising on websites and social networks), to manage your membership in our loyalty program and allow you to benefit from your accumulated benefits (Consent). In this respect, we may carry out segmentation operations based on your habits, preferences and purchasing behavior, analyze your browsing and requests on our site or carry out other actions aimed at better qualifying our database (Legitimate interests or Consent). For example, we may transmit certain encrypted data (email or telephone number) to third-party platforms to check whether you have already had an interaction with our brands or whether you are likely to be interested in our products and services and offer you personalized advertising on social networks using retargeting features. Creating an account allows you to benefit from a personalized customer experience and a unified view of your personal data, regardless of the method of collection (eg information collected at points of sale, by our Customer Relations Department or during promotional operations). We remind you that you can also place an order on our site without creating an account;
- Carrying out business analyses and statistics (business intelligence, data visualization, etc.) to anticipate market developments, measure your satisfaction and carry out our R&D activities (Legitimate interests);
- Measuring the performance of affiliate campaigns (Consent);
- Social Interaction (Consent);
- Fraud prevention and detection, management and monitoring of unpaid invoices, offences observed at points of sale and disputes. The fraud detection solutions we use may be fully automated or involve human intervention. When we use automated fraud detection solutions, we undertake to process your personal data for the purpose of identifying fraudulent activity or securing a payment, and to make automated decisions in this regard. The logic of this automated decision-making is based on the application of fraud analysis rules and models to our business processes in order to determine whether an action is potentially fraudulent. This processing may produce legal effects that concern you or significantly affect you, and in particular we may refuse to enter into a contract with you;
- Processing your requests for information and complaints (Consent) or relating to the exercise of your rights (maintaining an opt-out list) (Legal obligation);
- Management of adverse effects linked to the use of our products (Cosmetovigilance), carrying out studies concerning the safety of use of our products (Legal obligation), cosmetovigilance and exercising your rights (Legal obligation).
5. Who do we share your personal data with?
We never sell or rent your personal data to other companies for commercial prospecting or any other purpose.
myBlend is a company of the Clarins group, an international group present in many countries and whose head office is located in France. The personal data that we collect is intended for myBlend and may be communicated for the purposes mentioned in this privacy policy to all companies of the group to the extent that this proves necessary and in particular to our parent company located in France and/or to our subsidiaries located in the following countries: France, South Africa, Germany, Australia, Austria, Benelux, Canada, China, South Korea, Dubai, Spain, United States, Hong Kong, Ireland, Italy, Japan, Kuwait, Malaysia, Mexico, Portugal, United Kingdom, Russia, Singapore, Switzerland and Taiwan. Each of these companies may also process and use your data for the purposes set out in this privacy policy independently and in its own name.
They may also be transmitted to service providers chosen for their expertise and reliability who act on our behalf and according to our instructions or as joint data controllers with us or who receive data about you from us as independent data controllers, in particular to provide you with services (processing and shipping orders, secure payment, customer service management, carrying out technical maintenance and development operations, managing reviews of our products and services, personalizing content, audience analysis, spam prevention, managing digital and affiliate campaigns, etc.). We only authorize these service providers to use your personal data to the extent necessary to provide services on our behalf or to comply with legal requirements and we strive to ensure that your personal data is protected at all times.
These third parties may be established in countries that are or are not part of the European Economic Area (“EEA”), including countries that do not offer the same level of data protection as your country of residence. In such a case and to the extent required by applicable laws, we will ensure:
- either to conclude data transfer contracts that comply at least with the standard contractual clauses adopted by the European Commission;
- either to comply with internal corporate rules (BCR) approved by the competent authorities;
- or to use another valid legal basis in accordance with applicable law.
- Finally, we may also be required to transmit your personal data to local authorities, if this is required by law or as part of an investigation and in accordance with applicable regulations, as well as to a third party in the event of a sale, merger, consolidation, liquidation, reorganization or acquisition.
6. How do we protect your personal data?
myBlend implements appropriate technical and organizational measures, with regard to the nature of the data and the risks that their processing involves, to preserve the security and confidentiality of your personal data and, in particular, to prevent them from being distorted, damaged, or accessed by unauthorized third parties.
These measures may include practices such as limited access to data by personnel of departments authorized to access it due to their duties, contractual guarantees in the event of use of an external service provider, privacy impact studies, regular reviews of our privacy practices and policies and/or physical and/or logical security measures (secure access, authentication process, backup copies, antivirus software, firewall, pseudonymization, encryption, etc.).
7. What is our policy regarding minors?
The site www.my-blend.com is not intended for minors.
We do not knowingly collect or process personal data relating to minors. In the event that we become aware of the collection of personal data of minors without the prior authorization of the holder of parental responsibility, we will take appropriate measures to contact the person and/or, where appropriate, to delete this personal data from our servers and/or those of our service providers.
8. What is our policy on cookies and other trackers?
Cookies or tracers refer to all devices that tend to access information already stored in your device or to write information to it.
During your first visit, we inform you of the purposes of the tracers used as well as the identity of our partners to allow you to exercise your choice in an informed manner.
We ask for your consent prior to the deposit and/or reading of tracers on your device except when their exclusive purpose is to enable or facilitate the use of our site or are strictly necessary for the provision of a service expressly requested by you.
The tracers used on our site are mainly intended to:
- produce statistics on the traffic and navigation of our site;
- display personalized advertising based on your browsing and profile;
- personalize the editorial content of our site based on your usage or personalize the display of our products and services based on those you have previously viewed on our site;
- enable additional features on our site (chatbot, ratings & reviews, etc.).
You can change your tracer preferences at any time:
- our consent management tool allows you to give or withdraw your consent independently and specifically for each distinct purpose;
- your browser's help menu lets you know how to change your preferences regarding trackers;
- The European Youronlinechoices platform allows you to refuse or accept the trackers used by digital advertising professionals grouped within the European Digital Advertising Alliance.
Please note that disabling advertising trackers will not prevent ads from being displayed on your device. It will only block technologies that allow ads to be tailored to your browsing and interests. We also remind you that your settings may result in degraded operation of all or part of our services. Finally, we draw your attention to the fact that taking your choices into account is based on a tracker. If you delete all the trackers saved on your device (via your browser), we – or our partners – will no longer be able to retain your preferences.
By default, we keep your choices (both consent and refusal) for a period of 6 months.
9. How is the content you share on social networks managed using the hashtags we offer?
You can choose to use the hashtags we provide to tag your content on social networks such as Instagram, Facebook or Pinterest.
By using these hashtags, you acknowledge and consent that your content may appear on our site and be used to link to our products or services.
We remind you that the information you make public on social networks can be consulted, used and saved by other people throughout the world, and in particular in countries without legislation guaranteeing adequate protection of your personal data, as defined in your country of residence.
We also draw your attention to the fact that when you submit content using one of our hashtags, your use of social networks is exclusively governed by the general conditions of these social networks. We invite you to read them and refer to them regularly.
If you no longer wish for any of your content to appear on our site, please remove it from the social network or stop using any of our hashtags.
10. How long is your personal data kept?
We ensure that we keep your personal data for a period that does not exceed the period necessary for the purposes set out in this privacy policy or in accordance with what is provided for by applicable law.
As a general rule:
- Prospect/customer data is retained, unless you object or request deletion, for a period of three years from their collection or the last contact or the end of the commercial relationship. At the end of this three-year period, we may contact you again to find out if you wish to continue receiving commercial solicitations. In the absence of a positive and explicit response from you, the data concerning you will be deleted or archived in accordance with the provisions in force.
- When you order a myBlend gift card, your data and the data of the beneficiary, if the beneficiary is a separate person, are kept for five years.
- Where applicable, data relating to identity documents may be kept for up to one year in the event that you exercise your rights.
- Bank details are deleted once the transaction has been completed or archived for proof purposes in accordance with the provisions in force. Subject to your express agreement, this data may be kept until the expiry date of the bank card. We never keep your visual cryptogram.
- The data required to carry out commercial analyses and statistics are kept for up to five years.
- Data used to establish proof of a right or contract, or retained for the purpose of complying with a legal obligation, are archived in accordance with the provisions in force.
11. What are your rights regarding your personal data and how to contact us?
If you provide us with your email address, telephone number or postal address, you may receive periodic mailings, calls or messages from us about our products, services or upcoming events. You can unsubscribe from our mailing lists at any time by contacting us at the address below, by following the "Description" link contained in each of our emails or by replying "STOP" to one of our SMS messages. You can also change your preferences in your account at any time. If you do not wish to be the subject of commercial prospecting by telephone, we remind you in application of article L. 223-1 of the Consumer Code that you can register free of charge on a list of opposition to telephone canvassing.
In accordance with applicable regulations, you have the right to access, rectify, delete and transfer information concerning you, as well as the right to object and limit processing. You may withdraw your consent at any time. You may also provide instructions regarding the retention, deletion and communication of your personal data after your death. To exercise these rights, you must send us a request, providing proof of your identity:
By email to the Customer Relations Department at the following address: serviceclient@my-blend.com
By post to the following address:
myBlend
12 avenue of the Porte des Ternes
75017 Paris
France
We will inform you of the measures taken following your request as soon as possible and in any event within one month of receipt of the request. However, we reserve the right not to respond to requests that are manifestly unfounded or excessive.
In accordance with applicable regulations, you may also lodge a complaint with the competent supervisory authority responsible for data protection or seek legal redress if your data is misused.
For any questions regarding this privacy policy, we invite you to contact our Data Protection Officer (DPO):
Clarins
Legal Department / Data Protection Officer
12 avenue of the Porte des Ternes
75017 Paris
France