2. WHAT DATA WE GATHER ABOUT YOU
The term “personal data” means any information that may be used to identify you, either directly (such as your name), or indirectly (such as by way of a unique client number). The personal data that we gather about you may include information regarding:
- Name, address, email address, telephone number, gender, country, birth date, body size, hobby, photo, preferred contact information, purchase records, life style, preferred type of goods and fashion style, field of interest, personal data of other third parties (e.g., customer’s family, relatives etc.), access records such as IP address and log history and service use history
- The information that you provide or publish in a public space, on our social network pages or on our Site, for instance product reviews, or any information that you disclose via our interactive chat tool. If you use our mobile application, we may also gather your GPS location, subject to your prior consent . We might also ascertain with what frequency you use the application and where you downloaded it
- Your repairs
- Your requests submitted to our customer service unit
- Your comments and ratings of the Company’s services
- Those of our events that you take part in
3. HOW WE GATHER OR RECEIVE YOUR PERSONAL DATA
We may gather and receive personal data from you when you interact with us as part of our relationship:
Under the following circumstances:
- Creation and management of your account
- Registration for our newsletter and for promotional messages
- Browsing over the Internet
- User content
- Use of digital applications
- Requests for information
- Participation in an event.
Via the following points of contact:
- Browsing of Berluti.com
- Contact with our online advisers
- Contact with our in-store salespersons and advisers
- Contact with us during an event that we organise
- Contact with our customer service unit
- Forms that you fill in, whether in-store or online
- Digital applications that you use
- BERLUTI pages on the social networks that you access and comment on / like
- Advertisements in online media that you click on
- Advertisements in search engines that you click on.
4. HOW YOUR DATA IS MANAGED, AND FOR WHAT PURPOSES
The Company processes your personal data collected only to the extent that is strictly necessary for the following purposes:
- Identification and verification of member
- Notification of delivery status of the ordered goods
- Provision of customized customer service
- Customer service or development and specialization of product
- Posting of contents;
- Analysis on propensity of purchaser;
- Improvement of customer service
You may withdraw your consent at any point in time by clicking on the appropriate link featuring in the e-mails that we send you, or by modifying your account directly on the Site.
The information that we gather for these purposes and that is vital for us to be able to meet your requirements (primarily your family name, first names, postal addresses, e-mail address and bank account details, where applicable, and your telephone number for delivery purposes) is marked with an asterisk on the forms used to gather data, to indicate that it is mandatory, and is processed in order to enable the Company to perform the contract between the Company and yourself, or because you consented to this for some of the abovementioned purposes, or in order to improve the way in which we provide services to you. Should you not provide the requisite information in these mandatory fields, we shall not be able to respond to your requests.
5. HOW LONG WE KEEP YOUR PERSONAL DATA FOR
Your personal data is kept for a period of time that does not exceed the time needed for the purposes for which it is gathered, to wit:
- Data linked to the management of your subscription to our newsletter: we shall keep your personal data as long as your subscription is active. As soon as we shall receive a request to unsubscribe from you, we shall erase your personal data held in connection with the sending of our newsletter.
- Data linked to orders placed for BERLUTI products: we shall keep the data that is gathered for the purposes of the fulfilment of your order for as long as we need it to adduce evidence of a right or of a contract; this data may be archived in accordance with the provisions of France’s Commercial Code concerning the mandatory period of retention of books charting and documents created as part of commercial activities and in accordance with the provisions of France’s Consumer Code concerning the preservation of contracts formed by electronic means.
- Data linked to the management of your client account: we shall keep the data that is gathered to manage your account for a period of 10 years [after the closure of your account].
- Data linked to the management of prospective clients (users who have never bought any BERLUTI products but who are interested in the brand): the data shall be kept for 3 years as of the last contact with any given prospective client.
- Geolocation data: 2 months.
- Data generated by conversations on our online chat system: 1 year.
- Any cookies stored on your computer: 13 months.
Provided that if it is required to preserve personal data pursuant to the applicable laws and regulations, including the Commercial Code, the Company will retain such data for the retention and use period as specified under the laws and regulations.
- Important documents relating to business: 10 years (Korean Commercial Code)
- Records regarding the website access: 3 months (the Protection of Communications Secrets Act)
6. THE PARTIES TO WHOM YOUR PERSONAL DATA MAY BE DISCLOSED – TRANSFERS OF YOUR PERSONAL DATA TO THIRD PARTIES AND TRANSFERS OF YOUR PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA
BERLUTI may disclose your personal data where this is needed for the purposes of this Policy:
- To other entities of the LVMH Group, some of which may act as data processors;
- To trusted third party service providers, including:
- Third parties that provide digital and e-commerce services;
- Advertising, marketing, digital communication and social networking agencies;
- Third parties tasked with delivering BERLUTI products to you;
- Third party providers of IT services;
- Payment services providers and credit analysts;
- Third parties that assist us with customer service;
- Third parties that assist us with the organisation of our events;
- Third parties that secure the transactions performed on the Site against fraud and identity theft;
- BERLUTI subsidiaries or third parties located in countries outside the European Economic Area, as part of their access to client profiles pursuant to purchases made by a given client in a BERLUTI store abroad, and in particular in the stores of BERLUTI located in Australia, China, South Korea, the United Arab Emirates, the USA, Japan, Singapore, Taiwan, Hong-Kong and Macau.
Transfers of your personal data outside the European Economic Area are protected by personal data transfer agreements based on the standard terms adopted by the European Commission, which are signed with the abovementioned recipients so as to ensure that all the personal data that is transferred to them is covered by a suitable level of protection as per the meaning of this term in the data protection regulations, and that appropriate technical and organisational security measures have been implemented to protect the data against accidental or malicious destruction, accidental loss, alteration, disclosure or unauthorised access and against all other forms of malicious or unlawful processing. You may obtain a copy of these terms by contacting: firstname.lastname@example.org.
You may also choose to disclose your personal data to our partners, advertisers and affiliates by following a link to and from their web sites. Please note that these web sites apply their own confidentiality and data protection policies.
We may also give you the possibility to use your connection data to the social networks. Please note that in that case, you shall be sharing with us the information about your profile. The personal data that is shared depends on the configuration of the platform of the social network. Please note that these social networks each have and apply their own personal data confidentiality policies.
In any event, BERLUTI shall only transfer your personal data to a third party when:
- You have provided your prior consent to the sharing of this information, or
- BERLUTI must share this information with third parties in order to provide you with the service that you require, or
- BERLUTI is ordered to disclose the information by a judicial authority or any other administrative authority.
7. HOW WE PROTECT AND ENSURE THE SECURITY AND CONFIDENTIALITY OF YOUR PERSONAL DATA
The Company endeavors to take all useful and necessary precautions to preserve the confidentiality and the security of the personal data that it processes and to prevent it from being distorted, damaged, destroyed or accessed by unauthorised third parties. We implement technical and organisational security measures that comply with the highest standards of the profession, covering our information systems in particular.
More specifically, the Company currently takes measures to secure safety of personal data as follows:
- Managerial measure: Establishment and implementation of internal management plan, periodical training for employees, etc.
- Technical measure: Management of access right to the personal data processing system, installation of access control system, encryption of unique identification information, etc. installation of security programs
- Physical measure: Access control to the server room and archives.
Upon creating your “My Berluti Space” account, you shall be prompted to choose a password that is personal to you. This is a mandatory requirement that constitutes a cornerstone of our Policy. This password must consist of at least 12 characters of 4 different types: lower-case letters, upper-case letters, figures and special characters. However, the Company has no control over all the risks linked to the operation of the Internet and hereby draws your attention to the existence of potential risks inherent in its use and its operation.
Your personal data that is held by the Company shall be stored on the servers of our hosting company, which are located in Sweden. We consider the protection and the security of our information systems to be of the greatest importance. We have accordingly implemented a number of tools to enable us to detect any security breaches. These tools may result in incidental access to your personal data by our security teams. This data shall be gathered and processed for the sole purposes of the management of any vulnerabilities, in keeping with the applicable data protection regulations.
8. YOUR RIGHTS – HOW TO CONTACT US
We are highly aware of the importance of protecting your personal data and of your rights over same. Please find below a summary of your rights over the personal data that we hold about you under the data protection regulations. If you are less than 14 years, your legal representatives may exercise your rights on behalf of you.
- The right to request the disclosure of what personal data we hold about you;
- The right to access your personal data;
- The right to rectify and limit the processing of your personal data;
- The right to request the erasure of your personal data;
- The right to oppose the use of your personal data for commercial purposes;
- The right to withdraw your consent to the processing of your personal data on the basis of your consent, at any point in time;
- The right to oppose the processing of your personal data on account of your personal circumstances;
- The right to file a claim with a regulating body;
- The right to request the portability of your data;
- The right to manage any cookies;
- The right to issue instructions to us on the fate of your personal data after your death.
How to contact us to exercise your rights:
Should you have any questions about the way in which we process and use your personal data, or should you wish to exercise any of the abovementioned rights, please contact us:
- By calling our CRM team on +82 2 3441 6424; or
- By sending an e-mail to our data protection officer at email@example.com; or
- By using the contact form available on https://www.berluti.com/ko-kr/contact-us/;
- You may also send us a letter by post to:
15th Fl., 511, Samsung-ro (Golden Tower)
Gangnam-gu, Seoul, Republic of Korea
- To unsubscribe from our newsletter, you may access the dedicated section of your “My Berluti Space” personal space, or use the unsubscribe link featuring in each e-mail newsletter that is sent to you.
Please note that we may ask you for evidence of your identity as well as the full details of your request prior to dealing with it.
9. INFORMATION ABOUT THE MANAGEMENT OF COOKIES AND TRACKERS
What is a cookie?
A cookie is a text file that may be stored by your browser software in a dedicated space of the hard drive of your Terminal* in the course of your use of an online service. A cookie file enables its issuer to identify the terminal in which it is stored, throughout the period of validity or of registration of the cookie.
* the term Terminal means the hardware (computer, tablet, smartphone, etc.) that you use to access or display a web site, a mobile application, any advertising content, etc.
The Cookies that we issue on the Site
When you connect to our Site, depending on your choices, we may install various cookies in your Terminal that enable us to recognize the browser that you use on your Terminal throughout the period of validity of the cookie involved.
The cookies that we issue are designed
- To help us draw up statistics and determine the extent of the traffic and use of the various elements comprising our Site (sections and content viewed, browsing patterns), to enable us to improve the interest and usability of our services, as well as the visibility of the content that we publish;
- To enable or facilitate your browsing of the Site, or to provide you with the online communication services that you request during your browsing, and thus:
- To adapt the presentation of our Site to your Terminal’s display preferences (language used, display resolution, operating system used, etc.) during your visits to our Site, depending on the viewing or reading hardware and software incorporated into your Terminal;
- To store information concerning any forms that you may have filled in on our Site (e.g. registration or access to your account) or concerning any products, services or information that you may have chosen on our Site (e.g. a service that you subscribed to, the content of a shopping basket, a wish list, etc.);
- To enable you to access the private and personal spaces of our Site, such as your account, thanks to identifiers or data that you may have entrusted to us beforehand;
- To implement security measures, for instance when you are asked to connect once again to a given content or service after a certain time lapse.
The Cookies issued by third parties on our Site
- Cookies issued by third party applications incorporated into our Site:
Our Site may comprise various software applications provided by third parties that enable you to share content from our Site with other people or to let these other people know about something you saw on our Site or give them your opinion concerning any of the content of our Site. This is the case for instance of the “Share” and “Like” buttons provided by social networks (such as “Facebook”, “Twitter”, etc.).
A social network that provides such a software button may identify you thanks to this button, even if you do not click on this button while browsing our Site. This type of software button may enable the social network involved to track your browsing of our Site, merely by virtue of the fact that you have an open session with the social network in question on your Terminal at the time when you are browsing our Site.
We don’t have any control over the process used by the social networks to gather information about your browsing of our Site linked to the personal data that they hold about you. Please see the data protection policies of the social networks in order to become acquainted with the purposes for which they may gather data about your browsing using these software buttons, e.g. advertising. These data protection policies must for instance enable you to exercise your rights before these social networks, for instance by configuring your accounts with each of them.
- Cookies issued on our Site by third parties:
Our Site may contain cookies issued by third parties (advertising agencies, traffic measurement companies, etc.) enabling the latter to gather information about the browsing of any terminals that access our Site, throughout the period of validity of these cookies, and in particular in order to assess the effectiveness of our paid referencing campaigns with the search engines.
Your choices regarding the storage of cookies
You may choose at any point in time to express and to modify your wishes in terms of cookies, using the means described below.
The choices offered by your browser software: you may configure your browser software to allow cookies to be stored on your Terminal, or on the contrary, to ensure that they are rejected by your Terminal, either systematically, or depending on their issuer. You may also configure your browser software to prompt you to accept or reject individual cookies before they are stored on your Terminal. For more information, please see below entitled “How to set your preferences depending on your browser”
- Consenting to the storage of cookies
The storage of a cookie on a terminal is essentially subordinated to the will of the user of the Terminal, which the latter may express upon their first connection to the Site via the cookies banner, and freely modify at any point in time through the choices that are provided to them by their browser application concerning cookies, or via a cookies administration software application (e.g., application available at https://info.evidon.com/pub_info/15253. Should you have accepted, in your browser software, the storage of cookies in your Terminal, the cookies that are incorporated into the pages and content that you view may be stored temporarily in a dedicated space on your Terminal. They may only be read by their issuer.
- Rejecting cookies
Should you reject the storage of cookies in your Terminal, or should you delete the cookies that are stored there, you shall no longer benefit from a number of functionalities that are necessary to browse some of the spaces of our Site. This would for instance apply should you subsequently attempt to access our content or services that require you to identify yourself. This would also be the case should we or our service providers not be able to recognise the type of browser used by your Terminal, its language and display parameters or the country from which your Terminal appears to be connected to the Internet, for purposes of technological compatibility.
We hereby disclaim liability for the consequences of the improper operation of our services resulting from our inability to store or to read the cookies needed for their operation and that you shall have rejected or deleted.
Example of refusal (for Internet Explorer): Go to Tools > Internet Options > Privacy.
- How to set your preferences depending on your browser
The configuration of each browser is different. It is in general described in your browser’s help menu. We therefore recommend that you access and read it in order to find out how to set your preferences in terms of cookies.
- For Internet Explorer™: https://support.microsoft.com/ko-kr/help/17442/windows-internet-explorer-delete-manage-cookies
- For Safari: https://support.apple.com/kb/PH21411?locale=en_US&viewlocale=ko_KR
- For Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=ko
- For Firefox: https://support.mozilla.org/ko/kb/enable-and-disable-cookies-website-preferences
If your Terminal is used by several persons and has several browsers, we cannot guarantee with certainty that the services and advertisements destined for your Terminal do indeed correspond to your own use of this Terminal as opposed to another user of this Terminal.
Whether you share the use of your Terminal with other people and/or configure the cookies parameters of your browser is purely your decision and you are fully responsible for same.
10. HOW DO WE DESTROY UNNEEDED DATA
We will immediately destroy your data when it is no longer needed, such as when we have achieved the purposes for which we collected the information or no longer than each period of retention mentioned article 5 above, whichever is earlier.
When we destroy your data, we will take measures to ensure that it is not restored or regenerated. If the information that needs to be destroyed is in electronic form, we will permanently delete it in an irrevocable manner. Any other document, printout, letter and other recorded media will be destroyed by incineration or shredding.
11. CHANGES TO OUR POLICY
The Company may modify its Policy from time to time. We shall ensure that you are informed about these changes either by a special announcement on our Site, or by a personal warning.