Clean Start shop :: privacy statement

PRIVACY POLICY

Dermalogica (UK) Limited trading as Clean Start (“Dermalogica”) is committed to protecting and respecting the privacy of its customers (“Customers”). This policy sets out the basis on which any personal data Dermalogica collects from its Customers, or that Customers provide to Dermalogica, will be processed by Dermalogica. For the purpose of the Data Protection Act 1998 (the Act), the data controller is Dermalogica (UK) Limited of Caxton House, Randalls Way, Leatherhead, Surrey, KT22 7TW.

INFORMATION DERMALOGICA MAY COLLECT FROM CUSTOMERS

Dermalogica may collect and process the following data about Customers:
a) information that Customers provide by filling in forms on the site at www.shopcleanstart.dermalogica.co.uk (“the Site”). Dermalogica may also ask Customers for information when Customers report a problem with the Site;

b) if Customers contact Dermalogica, Dermalogica may keep a record of that correspondence;

c) details of transactions Customers carry out through the Site and of the fulfilment of Customers' orders;

d) details of Customers' visits to the Site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for Dermalogica's own billing purposes or otherwise and the resources that Customers access.

IP ADDRESSES AND COOKIES

Dermalogica may collect information about Customers' computers, including where available Customers' IP addresses, operating systems and browser types, for system administration. This is statistical data about Dermalogica's users„ browsing actions and patterns, and does not identify any individual.

For the same reason, Dermalogica may obtain information about Customers' general internet usage by using a cookie file which is stored on the hard drive of the Customer's computer. Cookies contain information that is transferred to Customers' computer's hard drive. They help Dermalogica to improve the Site and to deliver a better and more personalised service. They enable Dermalogica :
a) to estimate Dermalogica's audience size and usage pattern;

b) to store information about Customers' preferences, and so allow Dermalogica to customise the Site according to Customers' individual interests;

c) to speed up Customers' searches; and

d) to recognise Customers when they return to the Site.

Customers may refuse to accept cookies by activating the setting on their browsers which allows them to refuse the setting of cookies. However, if Customers select this setting they may be unable to access certain parts of the Site. Unless Customers have adjusted their browser settings so that they will refuse cookies, Dermalogica's system will issue cookies when Customers log on to the Site.

WHERE DERMALOGICA STORES CUSTOMERS’ PERSONAL DATA

The data that Dermalogica collects from Customers may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for Dermalogica or for one of Dermalogica's suppliers. Such staff maybe engaged in, among other things, the fulfilment of Customers' order, and the provision of support services. By submitting their personal data, Customers agree to this transfer, storing or processing. Dermalogica will take all steps reasonably necessary to ensure that Customers' data is treated securely and in accordance with this privacy policy.

All information Customers provide to Dermalogica is stored on Dermalogica's secure servers. Dermalogica does not process or store any customer financial information in connection with the Site.
Where Dermalogica has given Customers (or where Customers have chosen) a password which enables them to access certain parts of the Site, they are responsible for keeping this password confidential. Dermalogica asks Customers not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although Dermalogica will do its best to protect Customers' personal data, Dermalogica cannot guarantee the security of Customers' data transmitted to the Site; any transmission is at the Customers' own risk. Once Dermalogica has received Customers' information, Dermalogica will use strict procedures and security features to try to prevent unauthorised access.

USES MADE OF THE INFORMATION

Dermalogica use information held about Customers in the following ways:
a) to ensure that content from the Site is presented in the most effective manner for Customers and for their computers;

b) to provide Customers with information, products or services that they request from Dermalogica or which Dermalogica feel may interest them, where they have consented to be contacted for such purposes;

c) to carry out Dermalogica's obligations arising from any contracts entered into between Customers and Dermalogica; and

d) to notify Customers about changes to Dermalogica's service.

If Customers are existing customers of Dermalogica, Dermalogica will only contact them by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale to them. If Customers are new customers of Dermalogica, Dermalogica will contact them by electronic means only if they have consented to this.

DISCLOSURE OF CUSTOMERS’ INFORMATION

Dermalogica may disclose Customers' personal information to any member of Dermalogica's group, which means Dermalogica's subsidiaries, Dermalogica's ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 1985. Dermalogica may disclose Customers' personal information to third parties:
a) in the event that Dermalogica sells or buys any business or assets, in which case Dermalogica may disclose Customers' personal data to the prospective seller or buyer of such business or assets;

b) if Dermalogica or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;

c) if Dermalogica is under a duty to disclose or share Customers' personal data in order to comply with any legal obligation, or in order to enforce or apply Dermalogica's terms and conditions of online trading and other agreements; or to protect the rights, property, or safety of Dermalogica, Dermalogica's customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

CUSTOMERS’ RIGHTS

Customers have the right to ask Dermalogica not to process their personal data for marketing purposes. Dermalogica will usually inform Customers (before collecting Customers' data) if Dermalogica intends to use Customers' data for such purposes or if Dermalogica intends to disclose Customers' information to any third party for such purposes. Customers can exercise their right to prevent such processing by checking certain boxes on the forms Dermalogica uses to collect Customers' data. Customers can also exercise the right at any time by contacting Dermalogica at info@cleanstart.dermalogica.co.uk.

The Site may, from time to time, contain links to and from the websites of Dermalogica's partner networks, advertisers and affiliates. If Customers follow a link to any of these websites, please note that these websites have their own privacy policies and that Dermalogica does not accept any responsibility or liability for these policies. Please check these policies before submitting any personal data to these websites.

ACCESS TO INFORMATION

The Act gives Customers the right to access information held about Customers. Customers' rights of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet Dermalogica's costs in providing Customers with details of the information Dermalogica hold about them.

CHANGES TO DERMALOGICA’S PRIVACY POLICY

Any changes Dermalogica may make to its privacy policy in the future will be posted on this page and, where appropriate, notified to Customers by e-mail.