Personal Data Management Policy
La Colline greatly values your privacy and endeavours to build strong, long-lasting relationships with its customers and partners. The protection of your personal data is very important to us. That is why we would like to explain our personal data protection policy to you. The purpose of this page is to inform you of our practices concerning the processing of the information you provide to us through our websites.
Our personal data policy has been developed in anticipation of the upcoming revision of the Swiss data protection laws (LPD, Loi fédérale sur la protection des données) and the entry into force of the GDPR, the European Union (EU) regulation on personal data protection and privacy. While the GDPR is an EU regulation, it is relevant for La Colline because Swiss data protection legislation has historically been linked to the European regulations, because the modifications to be made to the Swiss data protection laws are influenced by the GDPR, and because the GDPR imposes strict personal data protection standards that have an extraterritorial scope; in other words, companies based outside of the EU can, in certain circumstances, be bound by the provisions of this regulation.
The following information will help you familiarize yourself with the data protection regulations.
Legal Definitions
Personal data: information collected by the company that can serve to identify you either directly (e.g. your first and last name) or indirectly (e.g. through data pseudonymized by a unique identifier such as a customer number).
Personal data processing: an operation or set of operations applied to Personal Data (e.g. collection, recording, storage, viewing, etc.).
Data controller: refers to the natural person or legal entity that determines the purposes and means of processing.
Customer: refers to any natural person who has bought products from the company, and who has accepted the general terms of sale and/or created an account on the company’s website and accepted the general terms of use.
Right of access: the right to access your data free of charge at any time.
Right to rectification: the right to demand that incorrect data be corrected, and to demand that your data be completed if it is incomplete.
Right to object: within the limits of applicable law, and excluding processing for which there are legitimate and compelling grounds, you may, at any time, object to the processing of your Personal Data, in particular if your data is processed for direct marketing purposes.
Right to erasure: the right to obtain the deletion of your data from our databases. This is not an absolute right, inasmuch as we may be required to keep your data for legal, tax or other legitimate reasons.
Right to restriction of processing: the right to demand that our processing of your data be restricted. This right means that the processing of your personal data is restricted, meaning that we can store this data, but not use it. This right applies in specific circumstances provided for by the General Data Protection Regulation.
Right to data portability: the right to receive the Personal Data you provided to us in a structured, commonly-used and machine-readable format and transmit it to another Data Controller. This right only applies to data you have provided to us, when its processing depends on your consent or on a contract, and when the processing is carried out by automated means.
Who is collecting your personal data?
The company La Colline Cellular Research Laboratories SA, Case Postale 89, Rue de la Dent Blanche 20, CH-1951 Sion, Switzerland, is responsible for all of the Personal Data Processing carried out on the websites whose name ends with lacolline-skincare.com.
What Personal Data is collected?
You may be asked to provide identifiable personal information via our websites or at a point of sale. This is the case when you fill out one of our registration forms (newsletter subscription, order from an online store, etc.). This information can include your first and last name, mailing address, email address, birth date, gender and phone number. This information may be required. If you do not provide it and consent to its processing, La Colline may not be able to provide you with the requested service. On our websites, we also use cookies to collect additional data on how our websites are used. Cookies enable us to optimize your browsing experience. We invite you to read our “Cookie Policy” for more information on this technology and your rights in relation to it.
For what purpose is Personal Data collected, and on what legal basis?
In accordance with the regulations, La Colline undertakes to only collect Personal Data for specific, legitimate and relevant purposes. Thus, the Personal Data we collect about you is necessary for the use of the services offered on our websites (sales, subscriptions to our publications, treatments, loyalty cards, etc.).
Furthermore, and subject to your consent, your data may be used to send you communications about our services (special offers, presence at a trade show, presentations of new products, etc.) by mail and/or email and/or SMS.
If your phone number is collected and you change it, you must update the information in your customer account to prevent us from sending messages to the new owner of your old number.
When you create your account, we may offer to send you communications and special offers from our partners by email. We will ask for your express consent before we do this.
You have the option of unsubscribing from these communications at any time by clicking the “unsubscribe” link found in each of the emails you receive or, for SMS communications, by replying “STOP” by SMS. You can also change your settings on a dedicated page in your account (“My Information“).
To use our services, you must be at least 15 years old. Collection of your date of birth enables us to verify your age and customize our communications. Indeed, the message may be different depending on each Customer’s age group.
Finally, to enable La Colline to adapt its product and service offerings, we may use your Personal Data to create statistics.
What are your rights and how can you exercise them?
In accordance with the regulatory and legislative provisions in force, you have a right to access, rectify and erase your personal data, object to or limit its processing, and the right to data portability. However, the simplest way to modify and/or complete any incorrect/incomplete personal data is via your account, in the “My Information” section.
In accordance with the law, La Colline undertakes to send you a response within one (1) month from receipt of your request. Furthermore, you have the right to formulate general instructions (provided to a trusted, certified digital third party) or specific instructions (provided to the Data Controller) regarding the storage, erasure and sharing of your personal data after your death.
These requests with regard to individual legal rights may be made by regular mail, by registered letter with acknowledgement of receipt addressed to: DPO – La Colline International, 71 rue de Provence, 75009 Paris, France, by email: contact@lacolline-skincare.com
In the interest of confidentiality and the protection of personal data, such requests may only be made by the person to whom the data pertains. A copy of a signed identity document must be included in all requests, specifying the address to which the reply must be sent.
Within the limits permitted by applicable legislative provisions, when an individual’s requests are manifestly unfounded or excessive, namely due to their repetitive nature, we may refuse to comply with your request or require the payment of a fee that is reasonable in light of the administrative costs borne to provide the requested information.
Finally, please be aware that the company La Colline may be required, in the context of legal or tax procedures, to share the Personal Data in its possession with the public authorities, and that the company may not be held liable in this event. La Colline may also keep certain information if required by law or if the company has a legitimate reason to do so.
You have the right to seize the Personal Data Protection Authority and file a claim objecting to our company’s personal data protection and privacy practices. We nevertheless invite you to contact us at the addresses given above before filing any claims with this authority. In Swiss, the regulating authority is the:
Federal Data Protection and Information Commissioner
Feldeggwegg 1 – CH-3003 Bern, Switzerland – www.leprepose.ch
For how long will your data be kept?
La Colline has developed precise rules to determine the time for which Personal Data is kept. Thus, your Personal Data will be deleted three (3) years following your last use of any of our services. We will erase it from our systems and files or anonymize it so that it can no longer be used to identify you but can nevertheless be used to create statistics relevant to the services provided.
Who are the recipients and users of your Personal Data?
We may work closely with subcontractors who may have access to your Personal Data, namely to provide data storage services, send you communications, perform sorting and partitioning operations, dispatch products or perform logistics services. We require that all of our subcontractors comply with the personal data protection legislation and that they make satisfactory guarantees regarding the implementation of suitable technical and organizational measures.
Our sales partners do not have access to your Personal Data. La Colline is the only sender of electronic communications containing sales offers from its partners.
Your Personal Data may be shared with companies located outside the European Union that do not have an acceptable level of Personal Data protection as required by the European Union. This could be the case, for example, if we make use of subcontractors located outside the European Union for data storage or the provision of services. Prior to all transfers of data outside the European Union, in accordance with the regulations in force, La Colline implements all required procedures to obtain the necessary guarantees pertaining to the securing of these transfers. These measures may include the signing of standard contractual clauses (based on the template adopted by the European Commission) or the verification of the subcontractor’s adherence to the Privacy Shield (the American personal data protection laws).
How do we protect your data?
La Colline takes all reasonable precautions to ensure the security of your Personal Data against its loss, misuse, disclosure, modification or destruction.
In particular:
as soon as we receive your data, we apply strict procedures and security measures to prevent all unauthorized access, as access to the databases is strictly reserved for persons authorized to consult them as part of their work,
in addition, we require, by contractual means, that our subcontractors agree to respect the security and confidentiality of your Personal Data.
How can our Personal Data protection officer be contacted?
La Colline has appointed a personal data protection officer tasked with helping the data controller comply with the European Regulation. For all questions pertaining to Personal Data protection, please write to the following email address: contact@lacolline-skincare.com. You can also write to us by regular mail, by registered letter with acknowledgement of receipt, to: DPO – La Colline International, 75 avenue des Champs Elysées, 75008 Paris, France
What protections are in place for social networking?
The La Colline website uses plug-ins for social networks such as Facebook, Twitter, Instagram, LinkedIn, Google+. If you interact with these plug-ins (clicking the “Like” or “Share” buttons), information on your browsing and the operations performed on the La Colline websites may be sent to the company operating the relevant social network; in certain cases, data may be sent even if you do not click on a social network button.
If you do not want a social network of which you are a member to have access to the information collected when you browse the La Colline website, you should log out of the social network in question before visiting the La Colline website.
In all events, the use of these plug-ins or of the data collected during browsing with the social network active is exclusively governed by the general terms and conditions of the social networks in question. As such, we invite you to read the personal data protection policies of these social networks to familiarize yourself with precisely what information is collected and how it is used.
Is this policy subject to change?
At any time, La Colline reserves the right to modify, add to or remove elements from this Policy. La Colline will first inform you of these changes by email or in a notice on its website. This serves to ensure that you are provided with a reasonable time in which to exercise your rights pursuant to the Information Processing and Freedoms Act and the General Data Protection Regulation. By continuing to access the services after these changes enter into force, you accept the terms and conditions stated in the new Data Protection Policy. We nevertheless encourage you to regularly consult this Policy to familiarize yourself with how your personal data is protected.
In France, this Policy is also governed by French Law no. 78-17 of 6 January 1978 on Information Processing, Computer Files and Personal Freedoms, amended in 2004 (known as the “Information Processing and Freedoms law”), and in all European Union countries, by European Regulation 2016/679 on Personal Data Protection of 27 April 2016 (known as the “GDPR” or “General Data Protection Regulation”).
Our security commitment
La Colline will never contact you (whether by email, by SMS or by phone) to ask you to share, by any means, the private code you use to access its services. If you receive such a message, don’t click on any links, don’t call the number given and pay no heed to the information it contains, as it is most likely an attempt at piracy, a phishing message. We invite you to visit La Colline’s “Internet Security” page to learn what steps to take.