Perricone MD ("we" or "us") is the controller of and responsible for the information collected on this website. We collect personal information from our users at several different points on our site to process your order and fulfil your customer service needs.
We are committed to respecting your privacy. We use the information we collect about you to process orders and to provide a more personalized shopping experience. In addition, when you place an order with Perricone MD your personal information and credit card information are safe. Please read on for more details about how we use and protect your personal information.
1. The information we collect about you
Personal information or personal data means any information about an individual from which that person can be identified. We collect the following types of personal information:
- Identity Data including first name, last name, title, and gender.
- Contact Data including billing address, delivery address, email address and telephone numbers.
- Financial Data including payment card details.
- Transaction Data including details about payments to and from you and other details of products you have purchased from us.
- Technical Data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Profile Data including your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data including information about how you use our website, products and services.
- Marketing and Communications Data including your preferences about receiving marketing from us and your communication preferences.
We also collect some information which is considered to be special categories of personal data, for example information about skin conditions or concerns. We only collect this information if you choose to provide it to us.
You must provide us with certain information such as your Contact Data and Financial Data, otherwise we will not be able to process and fulfil your order.
2. How We Use Your Personal Information
We use personal information for the purposes set out below. The law also requires us to tell you the “legal bases” for which we use your personal information. These are also explained below.
Fulfilling your order: If you purchase a product or service from us, we request certain personal data from you on our order pages such as your Contact Data, Identity Data and Financial Data. We use this information for billing purposes and to fulfll your orders. If we have trouble processing an order, we will use this information to contact you. We process this data because it is necessary to perform our contract with you.
Analysis and Improvement: We use information such as your Transaction Data, Technical Data, Profile Data and Usage Data to make our services, including our website, more rewarding and easier for you to use. We use this information for internal purposes, such as studying our customers' preferences and improving the customer experience. We process this data because it is necessary for our legitimate business interests to improve our website, develop our business and improve our marketing strategy.
Business Administration: We use information such as your Contact Data, Identity Data and Technical Data to administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). We process this data because it is necessary for our legitimate business interests to run our business, provide administration and network services, including security, and to prevent fraud. It may also be necessary to process data in this category for the purposes of complying with legal obligations.
Website content and analysis: We use information such as Identity Data, Contact Data, Profile Data, Usage Data and Technical Data to deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you. We process this data because it is necessary for our legitimate business interests in developing our marketing strategy and growing our business.
Marketing: With your permission we use information such as your Identity Data, Contact Data, Transactional Data, Profile Data and Marketing Data to send you marketing communications. You can opt out of marketing communications at any time (see section 6 below). We process personal data for direct marketing based on your consent.
3. How we share your personal data
We also rely on trusted third parties to perform a range of business operations on our behalf. We only provide them with the information they need to perform the service, and we require that they do not use your personal data for any other purpose. We will always use our best efforts to make sure that all third parties we work with will keep your personal data secure. Examples of third party service providers we use include:
- Third parties that assist us in providing digital and e-commerce services such as social listening, reviews, CRM, web analytics and search engine, user generated content curation tools;
- Advertising, marketing, digital and social media agencies to help us to deliver advertising, marketing, and campaigns, to analyse their effectiveness, and to manage your contact and questions.
- Third parties required to deliver a product to you e.g. postal/delivery services;
- Third parties that assist us in providing IT services, such as platform providers, hosting services, maintenance and support on our databases as well as on our software and applications;
- Payment service providers and credit reference agencies for the purpose of assessing your credit score and verifying your details where this is a condition of entering into a contract with you.
We may also disclose your personal information as required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on us.
4. Will We Transfer Your Information Overseas?
The information that we collect from you may be transferred to, and stored at, a destination outside the UK / European Economic Area ("EEA"). It may also be processed by staff operating outside the UK/EEA who work for us or one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.
Whenever we transfer your personal information out of the UK/EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanisms used by us when transferring your personal information to countries outside of the UK/EEA.
The security of your personal information is important to us. When you enter sensitive information (such as credit card number) on our order forms, we encrypt that information using secure socket layer technology (SSL). We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.
All purchases and credit card transactions made through Perricone MD are private and secure. We use the latest technologies of encryption available from VeriSign. VeriSign has set the highest industry standards for transmitting sensitive data over the internet. They've earned the trust of businesses world wide, including all of the Fortune 500 companies on the web. For more information about encrypted data, please visit their site at VeriSign.com.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. If you have any questions about security on our site, please contact us as indicated below.
6. Opting Out of Newsletters, Special Offers and Product Updates
You may be a subscriber to our newsletters. Also, we may occasionally send you information on special offers, promotions or product updates. If you ever decide you no longer wish to receive these communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication, or writing to us at the address below.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.
You are asked to accept or decline cookies when you arrive at our site. You can also block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
Except for essential cookies, all cookies will expire after 1 month.
8. Web Beacons and tracking pixels
"Web beacons" or clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users. In contrast to cookies, which are stored on a user's computer hard drive, web beacons are embedded invisibly on web pages and are about the size of the full stop at the end of this sentence. We utilize web beacons that help us better manage content on our site by informing us what content is effective. We do not tie the information gathered by web beacons to your personal information.
We also use tracking pixels when we send out emails to you. A tracking pixel is an HTML code which is embedded in the email. When an email loads in your mailbox, it makes a web request to our service provider’s servers to load the pixel. This enables us to record the IP address of the device on which the email is opened and the user agent the request came from. We use tracking pixels to help us measure the effectiveness of our email marketing.
9. Links to Other Sites
This site may contain links to other sites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other sites. This privacy statement applies only to information collected by this site. We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personal information.
10. How Long Do We Keep Your Personal Data
We will keep your personal data for as long as we need it to provide you with your requested service(s) or to meet our commercial or legal obligations. To determine the retention period of your personal data, we consider several criteria to make sure that we do not keep your personal data for long than is necessary or appropriate. These criteria include:
- The purpose for which we hold your personal data;
- Our legal and regulatory obligations in relation to that personal data, for example any financial reporting obligations;
- Whether our relationship with you is ongoing, for example, you have an active account with one or more of our brands, you continue to receive marketing communications, or you regularly browse or purchase off our websites/apps;
- Whether you are no longer actively participating or engaging with our brands, for example, you do not open our emails, visit our websites, or share user generated content;
- Any specific requests from you in relation to the deletion of your personal data; and
- Our legitimate business interests in relation to managing our own rights, for example the defence of any claims.
When we no longer need to retain your personal data, it will be deleted or be anonymised so that you can no longer be identified from it.
11. Social Media and User Generated Content
Some of our websites and apps allow users to submit their own content. Please remember that any content submitted to our social media platforms can be viewed by the public, and you should be cautious about providing certain personal data e.g. financial information or address details. We are not responsible for any actions taken by other individuals if you post personal data on one of our social media platforms and we recommend that you do not share such information.
12. Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data You have the right to:
- Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- If you want us to establish the data's accuracy.
- Where our use of the data is unlawful but you do not want us to erase it.
- Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
- You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
13. How Can I Exercise these Rights?
For more information, or to request any of the rights noted above, please contact us on the details set out below.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
Note that we may require proof of your identity and full details of your request, before we process any request(s).
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
14. Children Under 13
Children under 13 may view our site, but they cannot make a purchase, nor provide any personal information. Our site is not designed for children and we do not wish to collect personal information from children under 13. If you register with us and we discover that you are under 13, we will delete your registration. We will send you message if we do this.
16. Contact Us
Perricone MD Cosmeceuticals UK Ltd
17 – 18 Berners Street
0800 917 8698