Updated April 2019
At Nuaroma SKINCARE, we take the protection for your Personal Information (such as name; address; phone number; date of birth; e-mail address; credit card number; gender; language preference; and merchandise category preferences) very seriously.
We collect Personal Information that you provide to us voluntarily and process it for the following purposes ("Purposes"):
- To complete transactions with you and manage your membership of our customer loyalty scheme where applicable;
- to direct market to you, with your permission;
- to understand and analyze our sales, and your needs and preferences;
- to develop, enhance, market and provide products and services to meet your needs;
- to enable you to participate in promotions and contests;
- to enable you to participate in customer research or focus groups;
- to process exchanges or product returns;
- to improve our shops; and,
- to respond to requests or complaints.
We may hold or process such Personal Information securely anywhere in the world, for as long as is necessary for the Purposes and we may only share it with franchisees, subsidiaries and subcontractors of Nuaroma SKINCARE. We use Secure Sockets Layer (SSL) technology to protect your credit card information online.
Subject to your consent we may communicate with you through a variety of channels, including through our stores, our customer loyalty schemes, and through the internet, and through a variety of means such as post, email, phone, fax, or text message, subject to your preference. You may unsubscribe at any time by writing to us in the manner explained in our communications or by contacting us as set out in section 14.1 below.
We have a designated Information Officer in our global headquarters, responsible for compliance with this policy and with all applicable laws.
TABLE OF CONTENTS:
1. Our Approach to Privacy
2. About Information Collection
3. Personal Information
4. Non-Personally Identifiable Information
5. When Is Personal Information Collected and How Is It Used?
6. Customer Consent (Opt In - Unsubscribe)
7. Accuracy of Information
8. Accessing and Updating Personal Information
10. How Do We keep Your Information Secure?
11. Matters specific to the Internet
12. Links to Other Websites
13. Cookies - Beacons
15. Compliance with the Law
1. OUR APPROACH TO PRIVACY
1.6. We take every measure to provide a comparable level of protection for Personal Information should the information be Processed by a Vendor.
2. ABOUT INFORMATION COLLECTION
2.2. We provide you with information that explains why the Personal Information is needed and how the Personal Information will be processed.
2.3. We usually collect personal information through:
2.3.1 our websites;
2.3.2 use of social media;
2.3.3 orders for products or services;
2.3.4 third party service providers;
2.3.5 requests for brochures, to join a mailing list or to be contacted for further information about our products or services;
2.3.6 warranty claims;
2.3.7 provision of customer service and support;
2.3.8 responses to surveys or research conducted by us or on our behalf;
2.3.9 entries into competitions or trade promotions conducted by us or on our behalf;
3.1. We at Nuaroma SKINCARE limit the amount and type of information that we collect to that which is necessary for the identified purposes and do not collect your Personal Information unless you (directly or indirectly) provide it to us voluntarily.
3.2. Although the precise details of the Personal Information collected will vary according to the specific purpose, we may typically collect the following Personal Information from or in relation to you:
3.2.3. phone number(s);
3.2.4. date of birth;
3.2.5. email address;
3.2.6. credit card number;
3.2.8. language preference; and merchandise category preferences
3.2.9. identity card number or national insurance number (only in markets where this is appropriate pursuant to local law or custom)
4. NON-PERSONALLY IDENTIFIABLE INFORMATION
4.1. Where we collect information through our web sites, as is the case with many other web sites, we automatically collect certain non-personal information regarding web site use that does not identify you. Examples include the Internet Protocol (IP) address of your computer, the IP address of your Internet Service Provider, the date and time you access the web site, the internet address of the web site from which you linked directly to our web site, the operating system you are using, the sections of the web site you visit, the web site pages read and images viewed, and the content you download from our web site.
4.2. We may use non-personal information to compile tracking information reports regarding site user demographics, site traffic patterns, and site purchases. None of the tracking information in the reports can or will be connected to the identities or other Personal Information of individual users.
4.3. In this way, your visit to our web site will be logged; however, you will remain anonymous to us unless you specifically choose to share information with us. We use this information about the way in which our customers use our website to better understand which features are most popular and best meet the needs of our visitors.
5. WHEN IS PERSONAL INFORMATION COLLECTED AND HOW IS IT USED?
5.1. We at Nuaroma SKINCARE collect Personal Information for the following purposes ("Purposes"):
5.1.1. to complete transactions with you and to administer sales and to manage your membership with our customer loyalty scheme (if you become a member);
5.1.2. to direct market to you, with your permission;
5.1.3. to understand and analyze our sales, and your needs and preferences;
5.1.4. to develop, enhance, market and provide products and services to meet your needs;
5.1.5. to enable you to participate in promotions and contests;
5.1.6. to enable you to participate in customer research or focus groups;
5.1.7. to process exchanges or product returns;
5.1.8. to improve our Shops; and,
5.1.9. to respond to requests or complaints
5.1.10. to enable you to participate in our customer loyalty schemes and manage your membership thereof
5.2. We only keep Personal Information for as long as is necessary to satisfy the specified purposes, for which it was collected. We retain Personal Information in accordance with our own guidelines, procedures and principles and in line with applicable law
5.4. We may disclose your Personal Information if we are required to do so by law or requirement of a competent authority.
5.5. In addition to the above, we may from time to time work on specific initiatives with carefully selected third party companies/organisations (outside of Nuaroma SKINCARE) to share opportunities with you. If we do this, we will inform you at the time of such initiatives that, if you decide to submit any Personal Information it will be shared with those selected companies/organisation and will only do so with your prior consent.
5.7.If you do consent (opt in) to receive these communications you may unsubscribe at any point in the future by contacting us as provided at section 6.4 below.
5.8. We will only use your Personal Information for a purpose that has been specified prior to its use or where the Processing of your Personal Information is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract or Processing is necessary for other legal purposes.
5.9. As we develop our business, we might sell or buy Shops or assets. In such transactions, Personal Information may be one of the transferred business assets. Also, in the event that The Body Shop or substantially all of its assets are acquired, data files containing Personal Information will be one of the transferred assets.
6. CUSTOMER CONSENT (OPT IN - UNSUBSCRIBE)
6.1. Opt In: We at Nuaroma SKINCARE will not use your Personal Information for a purpose that has not previously been specified, unless we have previously obtained your consent or unless such purpose is required by law.
6.2. Consent to provide Personal Information is not a condition for our selling a product to you, unless the information requested is required to fulfill an explicitly specified and legitimate purpose.
6.3. In particular we will seek your explicit prior consent (opt in) before sending to you marketing communications (see section 5.1.2 above).
6.4. Unsubscribe: At any time, you can withdraw your consent to our collection, use or disclosure (generally Processing) of your Personal Information by (i) contacting us as set out in section 14.1 below, or (ii) writing to us in the prescribed manner (whether by email or post, or by text messaging etc), as specified in our communications to you, or in relevant forms that you might have signed (e.g. for our customer loyalty scheme). If you have any concerns whatsoever, with regard to the unsubscribe functionality that we make available to you, pursuant to this section, please contact us at the address or medium shown in section 14 below.
6.5. If you have previously opted into receiving commercial communications from us pursuant to 6.3 above, while also becoming a member of our loyalty scheme, should your membership to such scheme comes to an end for whatever reason, we will not take this to imply an automatic request to unsubscribe, and we will assume that we have your continued consent, unless you specifically unsubscribe, as is provided for in section 6.4.
7. ACCURACY OF INFORMATION
7.1. We at Nuaroma SKINCARE keep Personal Information as accurate, complete and up-to-date as necessary, taking into account its use and the interests of our customers.
8. ACCESSING AND UPDATING PERSONAL INFORMATION
8.1. Customers have a qualified right to access, rectify, delete, or object (to the processing of) your Personal Information held by us and to receive an account of its use and disclosure. We recommend that all customer requests for access to Personal Information held by Nuaroma SKINCARE(002846618-U) be made in writing, although we will not impose a formal requirement in this regard. However, we may require you to provide us with additional information reasonably necessary for us to satisfy your request.
8.2. Responding to a customer request (under section 14 below) for information will usually be done at no or minimal cost to the customer. However, a fee for reasonable costs incurred may be charged in responding in writing. The Personal Information requested is provided to the customer in a form that is generally understandable.
8.3. We amend the Personal Information contained in our database or elsewhere as required when an individual successfully demonstrates the inaccuracy or incompleteness of the Personal Information. An amendment may involve the correction, deletion or addition of information and notification to third party to whom the data have been disclosed. However, we may be unable to amend past purchase information or return transaction information.
9.3. If at any point we decide that we wish to use Personal Information for any purpose other than, or in addition to the Purpose(s) listed in this policy (section 5 above) or from that stated at the time this information was collected, we will notify you by way of an email, unless we do not have your email address, in which case we will use any other means of communication available to us depending on the contact details that you have provided to us. We will only proceed with such use, if we receive your consent with respect to such additional purposes (not previously communicated, or not previously included in this policy).
10. HOW DO WE KEEP YOUR INFORMATION SECURE?
10.1. We at The Body Shop protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification with security safeguards appropriate to the sensitivity of the Personal Information, regardless of the format in which it is held.
10.2. We use various methods to safeguard Personal Information. They include:
10.2.1. physical measures: locked filing cabinets, restriction of access to offices, and company alarm systems.
10.2.2. technical tools: passwords and encryption, using generally industry best practices.
10.2.3. organizational controls: confidentiality agreements, limiting access on a need-to-know basis, staff training and security clearances.
10.3. Online security is also a priority. Nuaroma SKINCARE incorporates security measures such as encryption and authentication tools to protect your Personal Information from unauthorized use. Firewalls are utilized t protect our servers and network from unauthorized users accessing and tampering with files and other information that we store.
10.4. We use Secure Sockets Layer (SSL) technology to protect your credit card information online. Upon entering the checkout page your computer will begin communicating with our server in secure mode. You will be able to tell that you are in secure mode because the "http" in the web address on your browser will change to "https".
10.5. In particular, with regard to credit card information, The Body Shop as a global retailer has signed up to and aims to comply - to the extent relevant to its type of business - with the Payment Card Industry Data Security Standard (PCI DSS) which is managed by the PCI Security Standards Council (which has been founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International) and in order to improve credit card security for our customers. The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures with a view to achieving ongoing development, enhancement, storage, dissemination and implementation of high security standards for account data protection. For more details on PCI DSS please refer to:https://www.pcisecuritystandards.org/.
11. MATTERS SPECIFIC TO THE INTERNET
11.1. Links to Other Websites
11.1.1. The Web Site or any of Nuaroma SKINCARE various other web sites may contain links to other third party owned and operated web sites or internet resources. When you click on one of those links you are contacting another web site or internet resource. We have no responsibility or liability for or control over those other web sites or internet resources or their collection, use and disclosure (processing) of your Personal Information.
11.1.2. We encourage you to read the privacy policies of those other sites to learn how they collect and use information about you.
11.2. Cookies - Beacons
11.2.4. You may choose to decline cookies if your browser permits, but doing so may affect your use of our web site and your ability to access certain features of the site or to engage in transactions.
11.2.5. Tracking tags/Beacons: Each web page in our web sites contains tracking pixels that allow us to follow your progress through the various pages within the web site. This information is then aggregated (de personalised) before being analysed.
12.1. We will never knowingly collect or solicit Personal Information from individuals under the age of sixteen (16) without first obtaining verifiable parental consent. If you are under the age of 16 you should not provide information to us. If we become aware that a person under 16 has provided Personal Information to us without verifiable parental consent (as may be the case where the information is provided via one of our web sites), we will remove such Personal Information from our files.
13. COMPLIANCE WITH THE LAW
13.1. Nuaroma SKINCARE has procedures in place in order to receive and respond to enquiries about Nuaroma SKINCARE policies and practices relating to its handling of Personal Information. Any complaint or enquiry should be made in writing and addressed as shown in section 14 below.
13.2. Nuaroma SKINCARE investigates all complaints and will use reasonable endeavours to respond to you in writing within 30 days of receiving the written complaint. Requests will be forwarded to the Information Officer. If the complaint is found to be justified, Nuaroma SKINCARE will take appropriate measures to resolve the matter, including, if necessary, amending its policies and practices. If we fail to respond to your complaint within 30 days of receiving it in writing or if you are dissatisfied with the response that you receive from us, you may have the right, depending on the jurisdiction, to make a complaint to the applicable regulator.
14. CONTACTING US
By Email: email@example.com
By Phone:+6 017 673 4145(Monday to Friday between 9am - 5.30pm)
(Attn: Nuaroma SKINCARE)No 11, Jalan SU 16, Taman Selayang Utama, 68100, Batu Caves, Selangor, Malaysia.
14.2. You are reminded not to send via unencrypted means (such as email) sensitive information such as passwords, credit card information etc.