CONFIDENTIALITY AND DATA PROTECTION POLICY
Last updated on March 23rd, 2023
This confidentiality and data protection policy (the “Policy”) sets out the policy of BERLUTI SA, 120, rue du Faubourg Saint-Honoré, 75008 Paris, France, and its affiliates (you can obtain the name and the address of the data controller entity in your area by visiting www.berluti.com or by sending an e-mail to email@example.com) (“BERLUTI”) in terms of data protection and cookies on the www.berluti.com web site (the “Site”), or any other web site operated by BERLUTI (the “Sites”). This Policy applies to all the information that you (the “User”) provide to us directly, or that is gathered indirectly while you browse our Site. BERLUTI respects your concerns about the confidentiality of the information that you disclose to us. We have therefore drawn up this policy in a bid to foster transparency, in order to inform you about the policies and practices that we apply to the personal data that you provide to us or that you share with us through the various points of contact via which you interact with us. This Policy informs you about the terms under which we use, analyze, and disclose the personal data that you disclose to us, where applicable with your consent when the latter is required by law, for the purposes mentioned below. We therefore urge you to read this Policy carefully.
Some of our BERLUTI stores or e-commerce web sites selling our BERLUTI branded products are operated by distributors, i.e. independent entrepreneurs. This Policy does not apply to either our distributors or their web sites or mobile applications. To find out how they use their clients’ personal data, please see their own confidentiality policies.
The data protection officer of BERLUTI may be contacted at firstname.lastname@example.org.
You may from time to time have to disclose personal data to BERLUTI via the Site, for instance when creating a client account “My Berluti account”, placing orders for BERLUTI products or registering for our newsletter.
Any personal data that you disclose to BERLUTI to use specific services is covered by the provisions of the data protection regulations (France’s data protection law no. 78-17 of 6 January 1978, as subsequently modified, and the European General Data Protection Regulation of 27 April 2016 (“GDPR”)) as well as any complementary national law.
BERLUTI may also gather information concerning your browsing of our Site, with your consent, under terms that are described in greater detail in the Cookies section below.
WHAT DATA WE GATHER ABOUT YOU
The term “personal data” covers any information that may be used to identify you, either directly (such as your name), or indirectly (such as by way of a unique client number).
The personal data that we gather about you may include information regarding:
- Your identity information (first and last names)
- Your contact details (email address, phone number);
- Your demographic data (gender, birthday);
- Your personal clothing preferences and behaviour;
- Your size and your style;
- Your purchases (in-store and online);
- Your browsing history (berluti.com, social network pages, partner web sites);
- The information that you provide or publish in a public space, on our social network pages or on our Site, for instance product reviews, or any information that you disclose via our interactive chat tool.
- Your repairs;
- Your requests submitted to our customer service unit;
- Your payment data (except for Global-e buyers);
- Your comments and ratings of BERLUTI’s services;
- Those of our events that you take part in.
HOW WE GATHER OR RECEIVE YOUR PERSONAL DATA
We may gather and receive personal data from you when you interact with us as part of our relationship:
Under the following circumstances:
- Creation and management of your account;
- Registration for our newsletter and for promotional messages;
- User content;
- Use of Berluti’s digital applications (including its websites);
- Requests for information;
- Participation in an event.
Via the following points of contact:
- Browsing of Berluti.com;
- Contact with our online advisers;
- Contact with our in-store salespersons and advisers;
- Contact with us during an event;
- Contact with our customer service unit;
- Forms that you fill in, whether in-store or online;
- Digital applications that you use;
- BERLUTI pages on the social networks that you access and comment / like;
- Advertisements in online media that you click on;
- Advertisements in search engines that you click on.
HOW YOUR DATA IS MANAGED, AND FOR WHAT PURPOSES
BERLUTI processes your personal data on the Site only to the extent that is strictly necessary for the following purposes:
- On the legal basis of the performance of a contract, as per article 6 b) of the GDPR:
- To fulfil and track your orders for BERLUTI products placed on our Site;
- To enable you to access some of the functionality of our Site. This includes the use of your IP address for technical reasons.The IP address is pseudonymized and stored for 90 days.
- For customer relationship management (orders, deliveries, purchasing history, warranties, claims, requests, etc.);
- To manage payment defaults and disputes;
- To pursue the legitimate interest of BERLUTI to know its clients better and to improve its goods and services, on the legal basis of the legitimate interest of the data controller, as per article 6 f) of the GDPR:
- To compile anonymous statistics on the use of our Site,
- To improve the customer experience,
- To manage prospective clients,
- To know the opinions of clients about our products, services or content,
- To combat fraud.
- On the legal basis of the consent of the data subject, as per article 6 a) of the GDPR:
- To manage your registration for our newsletter (registrations and unsubscribing),
- Subject to your prior consent, to provide you with information about our company and its activity, its products and/or services and other marketing material,
- To conduct surveys, with your consent,
You may withdraw your consent at any point in time by clicking on the appropriate link featuring in the e-mails that we send you, or by modifying your account directly on the Site. The withdrawal of your consent shall not affect the lawfulness of any processing of your personal data based on your consent prior to the withdrawal of your consent.
- To locate your closest store when you connect to our Store Locator Site, by gathering your geolocation data through your IP address with the consent given to your web browser. The geolocation is managed by your web browser, the consent is therefore given to the web browser and can be canceled through the modification of its geolocation settings.
The information that we gather for these purposes and that is vital for us to be able to meet your requirements (primarily your family name, first names, postal addresses, e-mail address and credit card details, where applicable, and your telephone number for delivery purposes) is marked with an asterisk on the forms used to gather data, to indicate that it is mandatory, and is processed in order to enable BERLUTI to perform the contract between BERLUTI and yourself, or because you consented to this for some of the abovementioned purposes, or in order to improve the way in which we provide services to you. Should you not provide the requisite information in these mandatory fields, we shall not be able to respond to your requests.
HOW LONG WE KEEP YOUR PERSONAL DATA FOR
Your personal data is kept for a period of time that does not exceed the time needed for the purposes for which it is gathered, that is to say:
- Data linked to the management of your subscription to our newsletter: we shall keep your personal data as long as your subscription is active. As soon as we shall receive a request to unsubscribe from you, we shall erase your personal data held in connection with the sending of our newsletter.
- Data linked to orders placed for BERLUTI products: we shall keep the data that is gathered for the purposes of the fulfilment of your order for as long as we need it to adduce evidence of a right or of a contract; this data may be archived in accordance with the provisions of France’s Commercial Code concerning the mandatory period of retention of books charting and documents created as part of commercial activities and in accordance with the provisions of France’s Consumer Code concerning the preservation of contracts formed by electronic means.
- Data linked to the management of your client account: we shall keep the data that is gathered to manage your account for a period of 10 years as of the last contact with the client.
- Data linked to the management of prospective clients (users who have never bought any BERLUTI products but who are interested in the brand): the data shall be kept for 3 years as of the last contact with any given prospective client.
- Pseudonymized IP address for technical reasons: 90 days.
- Data generated by conversations on our online chat system: 12 months.
- Any cookies stored on your computer: 12 months.
THE PARTIES TO WHOM YOUR PERSONAL DATA MAY BE DISCLOSED – TRANSFERS OF YOUR PERSONAL DATA TO THIRD PARTIES AND TRANSFERS OF YOUR PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA
BERLUTI may disclose your personal data where this is needed for the purposes of this Policy:
- To the LVMH Service Center acting as data processor,
- To trusted third party service providers acting on behalf of Berluti, including:
- Third parties that provide digital and e-commerce services (including Global-e),
- Advertising, marketing, digital communication and social networking agencies,
- Third parties tasked with delivering BERLUTI products to you,
- Third party providers of IT services;
- Payment services providers and credit analysts (except for Global-e buyers),
- Third parties that assist us with customer service,
- Third parties that assist us with the organization of our events,
- Third parties that secure the transactions performed on the Site against fraud and identity theft,
- BERLUTI subsidiaries located in European Union or in countries outside the European Union, as part of their access to client profiles pursuant to purchases made by a given client in a BERLUTI store abroad, and in particular in the stores of BERLUTI located in the UK, Australia, South Korea, the United Arab Emirates, the USA, Japan, Singapore, Taiwan, Hong-Kong and Macau.
Transfers of your personal data outside the European Economic Area are protected by personal data transfer agreements based on the standard terms adopted by the European Commission, which are signed with the abovementioned recipients so as to ensure that all the personal data that is transferred to them is covered by a suitable level of protection as per the meaning of this term in the data protection regulations, and that appropriate technical and organizational security measures have been implemented to protect the data against accidental or malicious destruction, accidental loss, alteration, disclosure or unauthorized access and against all other forms of malicious or unlawful processing. You may obtain a copy of these terms by contacting: email@example.com.
You may also choose to disclose your personal data to our partners, advertisers and affiliates by following a link to and from their web sites. Please note that these web sites apply their own confidentiality and data protection policies.
We may also give you the possibility to use your connection data to the social networks. Please note that in that case, you shall be sharing with us the information about your profile. The personal data that is shared depends on the configuration of the platform of the social network. Please note that these social networks each have and apply their own personal data confidentiality policies.
In any event, BERLUTI shall only transfer your personal data to a third party when:
- BERLUTI must share this information with third parties in order to provide you with the service that you require, or
- BERLUTI is ordered to disclose the information by a judicial authority or any other administrative authority.
HOW WE PROTECT AND ENSURE THE SECURITY AND CONFIDENTIALITY OF YOUR PERSONAL DATA
BERLUTI endeavors to take all useful and necessary precautions to preserve the confidentiality and the security of the personal data that it processes and to prevent it from being distorted, damaged, destroyed or accessed by unauthorized third parties. We implement appropriate technical and organizational security measures, covering our information systems in particular.
Upon creating your “My Berluti account”, you shall be prompted to choose a password that is personal to you. This is a mandatory requirement that constitutes a cornerstone of our Policy. This password must consist of at least 8 characters of 4 different types: lower-case letters, upper-case letters, figures and special characters.
However, BERLUTI has no control over all the risks linked to the operation of the Internet and hereby draws your attention to the existence of potential risks inherent in its use and its operation.
Your personal data that is held by BERLUTI shall be stored on the servers of our hosting company, which are located in the EU and the US.
We consider the protection and the security of our information systems to be of the greatest importance. We have accordingly implemented a number of tools to enable us to detect any security breaches. These tools may result in incidental access to your personal data by our security teams. This data shall be gathered and processed for the sole purposes of the management of any vulnerabilities, in keeping with the applicable data protection regulations.
YOUR RIGHTS – HOW TO CONTACT US
We are highly aware of the importance of protecting your personal data and of your rights over same. Please find below a summary of your rights over the personal data that we hold about you under the data protection regulations:
- The right to request the disclosure of what personal data we hold about you,
- The right to access your personal data,
- The right to rectify and limit the processing of your personal data,
- The right to request the erasure of your personal data,
- The right to oppose the use of your personal data for commercial purposes,
- The right to withdraw your consent to the processing of your personal data on the basis of your consent, at any point in time,
- The right to oppose the processing of your personal data on account of your personal circumstances,
- The right to file a claim with a regulating body,
- The right to request the portability of your data,
- The right to manage any cookies,
- The right to issue instructions to us on the fate of your personal data after your death.
How to contact us to exercise your rights:
Should you have any questions about the way in which we process and use your personal data, or should you wish to exercise any of the abovementioned rights, please contact us:
- By calling our Customer Service unit on , , +44 20 3901 2683 or
- By sending an e-mail to our data protection officer at firstname.lastname@example.org; or
- By using the contact form available on https://www.berluti.com/en-ro/contact-us/;
- You may also send us a letter by post to:
BERLUTI DPO - Data Protection
120 rue du Faubourg Saint Honoré
75008 Paris, France
- To unsubscribe from our newsletter, you may access the dedicated section of your “My Berluti account” personal space, or use the unsubscribe link featuring in each e-mail newsletter that is sent to you.
Please note that we may ask you for evidence of your identity as well as the full details of your request prior to dealing with it.
INFORMATION ABOUT THE MANAGEMENT OF COOKIES AND TRACKERS9.1. What is a cookie?
A cookie is a text file that may be stored by your browser software in a dedicated space of the hard drive of your Terminal* in the course of your use of an online service. A cookie file enables its issuer to identify the terminal in which it is stored, throughout the period of validity or of registration of the cookie.
* the term Terminal means the hardware (computer, tablet, smartphone, etc.) that you use to access or display a web site, a mobile application, any advertising content, etc.
9.2. What information is collected through the cookies?
- The duration of your connection to the website
- The type of operating systems of your device
- The version of the browser software used on your device
- The brand and model of your device
- 9.3. The Cookies that we issue on the Site
When you connect to our Site, depending on your choices, we may install various cookies in your Terminal that enable us to recognize the browser that you use on your Terminal throughout the period of validity of the cookie involved.
The cookies that we issue are designed:
- To help us draw up statistics and determine the extent of the traffic and use of the various elements comprising our Site (sections and content viewed, browsing patterns), to enable us to improve the interest and usability of our services, as well as the visibility of the content that we publish,
- To enable or facilitate your browsing of the Site, or to provide you with the online communication services that you request during your browsing, and thus:
- To adapt the presentation of our Site to your Terminal’s display preferences (language used, display resolution, operating system used, etc.) during your visits to our Site, depending on the viewing or reading hardware and software incorporated into your Terminal,
- To store information concerning any forms that you may have filled in on our Site (e.g. registration or access to your account) or concerning any products, services or information that you may have chosen on our Site (e.g. a service that you subscribed to, the content of a shopping basket, a wish list, etc.);
- To enable you to access the private and personal spaces of our Site, such as your account, thanks to identifiers or data that you may have entrusted to us beforehand,
- To implement security measures, for instance when you are asked to connect once again to a given content or service after a certain time lapse.
- 9.4. The Cookies issued by third parties on our Site
- Cookies issued by third party applications incorporated into our Site:
Our Site may comprise various software applications provided by third parties that enable you to share content from our Site with other people or to let these other people know about something you saw on our Site or give them your opinion concerning any of the content of our Site. This is the case for instance of the “Share” and “Like” buttons provided by social networks (such as “Facebook”, “Twitter”, etc.).
A social network that provides such a software button may identify you thanks to this button, even if you do not click on this button while browsing our Site. This type of software button may enable the social network involved to track your browsing of our Site, merely by virtue of the fact that you have an open session with the social network in question on your Terminal at the time when you are browsing our Site.
We don’t have any control over the process used by the social networks to gather information about your browsing of our Site linked to the personal data that they hold about you. Please see the data protection policies of the social networks in order to become acquainted with the purposes for which they may gather data about your browsing using these software buttons, e.g. advertising. These data protection policies must for instance enable you to exercise your rights before these social networks, for instance by configuring your accounts with each of them.
- Cookies issued on our Site by third parties:
Our Site may contain cookies issued by third parties (advertising agencies, traffic measurement companies, etc.) enabling the latter to gather information about the browsing of any terminals that access our Site, throughout the period of validity of these cookies, and in particular in order to assess the effectiveness of our paid referencing campaigns with the search engines.
- 9.5. Your choices regarding the storage of cookies
You may choose at any point in time to express and to modify your wishes in terms of cookies, using the means described below.
The choices offered by your browser software: you may configure your browser software to allow cookies to be stored on your Terminal, or on the contrary, to ensure that they are rejected by your Terminal, either systematically, or depending on their issuer. You may also configure your browser software to prompt you to accept or reject individual cookies before they are stored on your Terminal. For more information, please see section (c) below entitled “How to set your preferences depending on your browser”
- Consenting to the storage of cookies
The storage of a cookie on a terminal is essentially subordinated to the will of the user of the Terminal, which the latter may express upon their first connection to the Site via the cookies banner, and freely modify at any point in time through the choices that are provided to them by their browser application concerning cookies, or via a cookies administration software application which is available at the footer of the website “Cookie settings” link. Should you have accepted, in your browser software, the storage of cookies in your Terminal, the cookies that are incorporated into the pages and content that you view may be stored temporarily in a dedicated space on your Terminal. They may only be read by their issuer.
- Rejecting cookies
Should you reject the storage of cookies in your Terminal, or should you delete the cookies that are stored there, you shall no longer benefit from a number of functionalities that are necessary to browse some of the spaces of our Site. This would for instance apply should you subsequently attempt to access our content or services that require you to identify yourself. This would also be the case should we or our service providers not be able to recognize the type of browser used by your Terminal, its language and display parameters or the country from which your Terminal appears to be connected to the Internet, for purposes of technological compatibility.
We hereby disclaim liability for the consequences of the improper operation of our services resulting from our inability to store or to read the cookies needed for their operation and that you shall have rejected or deleted.
- How to set your preferences depending on your browser
The configuration of each browser is different. It is in general described in your browser’s help menu. We therefore recommend that you access and read it in order to find out how to set your preferences in terms of cookies.
- For Internet Explorer™: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage- cookies
- For Safari: https://support.apple.com/kb/PH19214?locale=fr_FR&viewlocale=en_US
- For Chrome: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
- For Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- For Opera ™: http://help.opera.com/Windows/10.20/en/cookies.html
If your Terminal is used by several persons and has several browsers, we cannot guarantee with certainty that the services and advertisements destined for your Terminal do indeed correspond to your own use of this Terminal as opposed to another user of this Terminal.
Whether you share the use of your Terminal with other people and/or configure the cookies parameters of your browser is purely your decision and you are fully responsible for same.
SEND TO A FRIEND FUNCTIONALITY AND GATHERING OF THIRD PARTIES’ PERSONAL DATA
Our Site gives you the possibility to send goods to third parties (a friend for example). We shall ask you to provide the family name, first name and delivery address of the third party in order to send the product to them. In this case, you must guarantee that the person involved is already informed of the fact that you plan to disclose their personal data to us.
CHANGES TO OUR POLICY
BERLUTI may modify its Policy from time to time. We shall ensure that you are informed about these changes either by a special announcement on our Site, or by a personal warning, for instance in our newsletters.