PERSONAL DATA

CHRISTIAN DIOR PRIVACY POLICY (6)

PRIVACY STATEMENT - CHRISTIAN DIOR

 

The Maisons Christian Dior Couture and Parfums Christian Dior attach particular importance to the processing, confidentiality and security of your personal data. We are committed to offering you personalized services while respecting your privacy and personal choices.

 

The purpose of this privacy policy is to inform you in a clear, simple and complete manner of the processing carried out on the personal data that you provide to us, or that each of our Houses can collect from the various outlets. contact you may have with us (e.g. shop, customer care, dior.com, social networks, digital applications, events), their possible transfer to third parties as well as your rights and the options you have to control your information protect your privacy, in accordance with current regulations.

 

During your shopping experience, and in order to inform you in advance, you will go from Maison Christian Dior Couture to Maison Parfums Christian Dior, or vice versa. Depending on the type of product ordered, the Data Controller will be either Maison Christian Dior Couture or Maison Parfums Christian Dior, within the meaning of the regulations applicable to personal data and in particular with regard to article 24 of the Regulations (EU) 2016/679 (hereinafter "GDPR").

 

As an example, referring to a few iconic products from the two Maisons:

 

Maison Christian Dior Couture

  • Lady Dior bag

  • 30 Montaigne bag

  • Bar jacket

 

Maison Parfums Christian Dior

  • J’adore or Sauvage perfume

  • Dior Prestige beauty care

  • Maquillage Dior Forever products

 

In this Statement, you will find information about:

• Who are we?

• What data we may collect about you

• How we collect or receive your data

• For what purposes we use your data

• How long we keep them

• Who are the recipients of your data

• How we protect them and ensure their confidentiality

• How we treat your preferences and your rights stemming from European Regulation

• The additional protections we offer to residents of certain regions

• How to contact us if you have questions about our use of your personal data

• How we protect children's privacy

• Modification of this privacy statement

 

WHO are we ?

 

  • The Maison Christian Dior Couture

 

Christian Dior Couture SA (head office), a public limited company under French law with its head office located at 30 avenue Montaigne, Paris 8, France, registered in the Paris Trade and Companies Register under number 612 035 832 and represented by Hien Tran Trung in his capacity as Administrative and Financial Director of Christian Dior Couture,

And all of the Christian Dior Couture affiliates with whom you share your information

Christian Dior Couture is a story of dreams and elegance, passion and excellence; it is also a story of know-how. The creations of Christian Dior Couture express the passion for beautiful gestures and exceptional objects. From haute couture to ready-to-wear, including leather goods, watchmaking and jewelry, know-how is transformed into the art of making.

 

The Maison Parfums Christian Dior

 

Parfums Christian Dior (head office), a public limited company under French law whose head office is located at 33, avenue Hoche, 75008 Paris, France, registered in the Paris Trade and Companies Register under number 552 065 187, and represented by Claude Martinez in his capacity as Managing Director,

And all the affiliates of Parfums Christian Dior with which you share your information

Parfums Christian Dior is a story of dreams, glamor, creativity and excellence. The Maison, which has unique expertise, is made up of talented and ambitious professionals who are committed to perpetuating the heritage of the Dior heritage and transmitting their passion for beauty.

 

WHAT data do we collect about you?

 

"Personal data" means any information that identifies you either directly (such as your name) or indirectly (for example, using a unique customer number).

 

The personal data we collect depends on the point of contact through which you interact with us, as well as the purposes of this interaction as described in this Policy and are also limited to those which are relevant and appropriate for this interaction. Visitors to the Dior.com website who view our products, information and offers can choose to do so without logging in, and the same is true for point-of-sale search and browsing on social media. Unless you choose to interact with us through these contact points, for example:

 

• by creating an account and connecting to it,

• by making a purchase on our site,

• by subscribing to one of our programs or services,

• by writing to us via the consumer contact forms,

• or by writing us a comment in the free online order fields,

 

or else, our data collection is limited to the use of "cookies" (visitors) for website visitors whose conditions are specifically defined by our cookie policy and according to your preferences. For the sake of transparency and clarity, our cookie management policy is separate from this general policy. The cookie management policy is accessible from this link.

 

For one thing, for customers and others who sign up for programs or services, we need to collect certain relevant information from you. The information we collect is related to a given transaction as well as in the context of our business relationship with you. For example, if you make purchases on Dior.com or in our points of sale, we must collect information to process (and, if necessary, execute and dispatch) your order, to ensure its tracking and invoicing, to be in able to respond to any after-sales inquiries you may have. For customers and others who sign up for our programs or services, we generally collect your contact information, contact preferences and information that allows us to make recommendations to you about our products or services that may be of interest to you. We can centralize information about our customers to organize it in one place, as this helps us manage our relationship with you as well as your choices and preferences. Finally, if you subscribe to our newsletter, we collect your email address.

 

Depending on the data that you communicate to us or that you share with us, personal data may include information concerning:

• Your identity and contact details: surname, first name, postal address, email address, telephone number

• Your interests

• A history of your purchases (in store or online, including your orders, tracking and invoices, amount and type of purchase) and your repairs

• Your requests via our customer care service or our public relations service

• The Dior events in which you participate

• Your size and stylistic preferences (only for Christian Dior Couture)

• Your date of birth in order to benefit from the Birthday offers eligible according to your program

• Your satisfaction and comments on our programs, services and products

• The information that you specify related to the possible undesirable effects that you could report to us (only for Parfums Christian Dior)

 

Regarding your purchases, payments are made via a secure payment platform, supplemented by control measures, including encryption of contact details, in order to guarantee the security of purchases made and to fight against fraud. Your bank details are therefore not accessible on Dior's servers.

 

We invite you to ensure that your data is regularly updated, either by modifying it directly on our sites or, by informing us in writing of any modification by referring to the dedicated section "How to contact us".

 

HOW do we collect or receive your data?

 

As part of our relationships, the data we collect may be collected through the following contact points:

• Course on Dior.com

• Exchanges with our advisors in Dior stores as well as points of sale in department stores

• Dior events in which you participate

• Relationship with our public relations services

• Contact with customer care

• Forms that you fill out (in store or online)

• Digital applications with which you interact

• Loyalty program from which you benefit

• Third party data providers with whom you share information

• Retailers for whom you agree to receive our communications

• Satisfaction surveys or questionnaires to which you answer

 

 

We make sure to identify the personal data essential for the purpose for which it is collected by indicating it with an asterisk like this ‘(*)’ on each personal data collection form. If you do not fill in these mandatory fields, we will not be able to respond to your requests and / or provide you with the services requested. The other information is optional and allows us to know you better and improve our communications and services to you. Although not mandatory, we recommend that you fill them in to allow you to benefit from the best possible experience during our interactions with you.

 

During your purchase journey, you will be able to choose between i) logging into your existing Dior account, ii) creating a new account, or iii) paying as a Guest (or also called Guest Check out). This last purchasing experience is thus summarized as follows:

 

Payment for purchases as a Guest refers to the possibility for any Dior customer or prospect to make a purchase in our online store without logging into an account. Your information is collected only for the process of payment and delivery of items or for Dior in order to comply with applicable laws. In accordance with your express consent, the information may be used for analytical purposes by Dior. Likewise, in accordance with your express consent, your information may also be used by Dior for communication purposes via its preferred channel (for example: subscribe to a newsletter). For more information on these purposes, please go to the section below, under the "Analysis and personalization purposes" section, here below.

 

FOR WHAT PURPOSES is your data used by Dior?

 

We are required to use your data for purposes defined according to the nature of our relationships. Thus, depending on the context in which your data is collected, it may be used for one or more of the following purposes:

• Managing your orders

• Management of personalized content and Dior communications (digital or not)

• Managing your profile

• Managing your loyalty program

• Managing your requests in connection with Dior

• The management of events in which you register / participate

• The management of alerts that you send us as part of our cosmetovigilance obligations (only for Parfums Christian Dior products)

• The management of our website and our digital applications

• Management and improvement of our products and services, image and reputation

• Transaction management (securing online payments, prevention of fraud, incidents related to payments and debts)

• Analysis and personalization purposes: with your explicit consent (when required), we use your personal data to send you personalized communications (newsletters, offers, invitations and surveys) and analyze your preferences and habits, anticipate your needs from of your consumer profile. We can make you benefit from our personalized communications by means of emails, postal letters, SMS or calls according to the communication preferences that you have indicated to us and your consumer profile (when authorized).

We ensure the legal basis for the processing of your data according to the purpose (s) concerned, which may be, depending on the context in which it is collected:

• Your explicit consent: for example, for the purposes of managing our personalized commercial offers, managing your browsing via cookies under the conditions defined by our Cookies Policy, or establishing your consumer profile in applicable cases;

• The implementation of a contract, for example for your access to your customer account, the processing and follow-up of your orders ...;

• A legal obligation when processing is required by law, for example, keeping purchase invoices to prevent fraud;

• Our legitimate interest: for example, to improve our products and services, defend ourselves or secure our tools

 

HOW LONG can we keep them?

 

We keep your personal data only for the time necessary for the purpose pursued. In general, your personal data is stored in our database, as shown in the table below:

 

• Data subject: Regular customer (ie: having a Customer profile in one of the two Dior Houses)

• Duration: 10 years from the date of the first purchase; 5 years for business development

• Specificity: A first period of 5 years when your status is "active". A second period of 5 years also when your status becomes ‘inactive’. If the status is still "inactive" after the second period of 5 years, your customer profile is deleted. The status becomes “active” when interacting with Dior such as a purchase or an update of your profile.

 

• Data subject: Prospect

• Duration: 3 years from the date of data collection

• Specificity: This period will be renewed each time you interact with Dior (for example participation in an event) or your consent to continue interacting after this period.

 

• Data subject: Client ‘Guest’ (i.e. not having a Client profile in one of the two Dior Houses)

• Duration: For the duration of the transaction until the delivery of the order

• Specificity: Intermediate archive of 5 years maximum from the end of the commercial relationship.

 

• Data subject: customer care (ie: calls for assistance, complaints or information)

• Duration: For the duration of the request management, or by default 30 days maximum

  • Specificity: Intermediate archive of 5 years maximum from the end of the management of the request

 

• Data subject: Privileged interlocutors (eg agents, stylists, celebrity managers, artists) in relation to Dior Public Relations services

• Duration: 10 years from the date of your first contact

• Specificity: This period will be renewed each time you interact with Dior (for example a request for information on the Maison Dior)

 

When we no longer need to use your personal data, it is deleted from our systems and our registers or made anonymous so that it can no longer be identified, subject to retention for archival purposes. claims and litigation management as well as to meet our legal and / or regulatory obligations and / or to respond to requests from authorities authorized to make the request

 

 

WHO can access your data?

 

Your data is intended for the services of Maison Christian Dior concerned by your requests. We ensure that only duly authorized persons can access your personal data when this is necessary for the aforementioned purposes.

 

We do not pass your data on to third parties for commercial purposes.

 

We are only required to communicate your information if necessary, and if possible in a form that does not allow direct identification to:

 

• Other Dior entities as well as department stores where you buy our products in order to provide you with identical personalized service worldwide

 

• Our trusted third-party providers, including other entities of the LVMH group, acting as subcontractors according to our instructions and on our behalf only.

For example, we entrust certain services to third parties responsible for delivering a product to you, payment service providers and transaction security against fraud, third parties who assist us in the organization of our events, third parties providing services IT, digital communication and public relations agencies, third parties who assist us in customer care, third parties who assist us in qualitative surveys of our products, programs or services.

 

• Third parties including the LVMH group wishing to know your preferences and consumption trends for our programs and services in order to improve visibility, accessibility and performance.

 

• Our trusted third party partners assist us in the management of your orders. In particular, we entrust certain services to third parties responsible for delivering a product to you, to payment service providers and to providers ensuring the security of anti-fraud transactions.

Please note that these partners may act as data controllers; in this case, they have their own privacy policies. We illustrate some examples in the list below:

 

 DHL orders and deliveries (delivery), BlueLink (call center management), FluentCommerce (order and stock management) and any other service provider in management.

 

 Ecommerce management SMILE (website host), CapGemini (eCommerce solution), Salesforce (management of customer profiles) and any other service provider in the management of your ecommerce shopping experience.

 

 Payments and transaction security Cybersource (securing transactions against electronic commerce fraud), PayPal (payment service provider), OneyTrust (securing transactions against electronic commerce fraud) and any other payment service provider, verification, or banking provider.

 

• Third parties wishing to know your interests so that they can build similar audiences and target prospects corresponding to your profile. In the context of this specific processing, we are not the data controller relating to prospecting and you will not be the subject of prospecting, your data being only used to constitute profiles similar to yours.

 

• Third Parties in the event of a change of control or of status or company name, for legal reasons, or with your prior consent

 

You can also choose to disclose your personal data to our partners, advertisers and affiliates by following a link to and from their websites. Please note that these websites apply their own privacy policy.

 

We may also offer you the possibility of using your social media connection data. Please note that in this case, you are sharing your profile information with us. The personal data shared depends on the configuration of the social network platform. Please note that these social networks apply their own privacy policy

 

 

HOW do we protect and ensure the confidentiality of your data?

 

We take all the necessary precautions to guarantee the confidentiality and security of your data and to prevent it from being distorted, damaged, destroyed or from unauthorized third parties having access to it.

 

We ask our partners and group companies to maintain a level of protection similar to ours concerning your personal data. The security measures put in place are evaluated and updated to face new threats and new challenges, as well as new legal requirements in the countries where we operate.

 

 

HOW do we deal with cross-border protections?

 

Given the presence of Dior in many countries around the world and in order to provide you with personalized service worldwide, some of your data may be collected, accessible or stored outside your country of residence. You should be aware that data protection and security requirements differ from place to place and may not offer the same level of protection as those of your country of origin. However, Dior and our group companies have taken measures to guarantee an adequate level of protection of your data, regardless of their location, for example by using standard data transfer clauses, or any other method approved by the Commission. European (where data protection legislation is considered to be the most effective in the world) and / or the National Data Protection Authorities. We also ask our third party partners to comply with the applicable data transfer obligations, for example by contractual clauses, with regard to the personal data they receive on our behalf.

 

HOW are consumer preferences and individual rights treated?

 

In accordance with applicable laws and requirements, Dior and its group companies have put in place measures to guarantee respect for the rights of individuals with regard to personal data that we (or our third parties) have about them. This includes, for example, the right to know the data that we hold about you or to obtain a copy, as well as the limited rights to modify your data, to request erasure or to object to the processing of your data. We encourage those who have given their data to us to keep it up-to-date (for example, if you change your email address, address or telephone number), so that we keep your correct information in our files. We also encourage consumers to update their preferences with us, for example regarding products and frequency of contact, so that we can customize our service to suit your expectations and needs. Finally, we offer individuals the right to withdraw their consent from our programs and offers at any time. To do this, or to exercise any of these other rights, please use or the contact possibilities in the section "How to contact us" below. For people wishing to access their data, we also need authentication to ensure that we do not provide personal data to an unauthorized person.

 

WHAT additional protections are provided for residents of certain regions?

 

Dior has adopted the data protection and security practices described in this privacy policy for all individuals concerned. In addition, we have also identified and taken in to account the data protection and security measures required at local or regional level. This includes, for example, those required for residents of the European Union / European Economic Area under the General EU Data Protection Regulation (GDPR) 2016/679.

 

In particular, the GDPR provides the following rights:

 

• Right to information: you have the right to obtain clear, transparent and understandable information about how we use your personal data and about your rights. You will find all of this information in this policy

 

• Right of access: you have the right to access the personal data that Dior holds about you

 

• Right of rectification: you have the right to have your personal data rectified if it is inaccurate or obsolete and / or to supplement it if it is incomplete

 

• Right to erasure / right to be forgotten: you have the right to have your data erased or deleted. However, this right may be limited by a legal reason or our legitimate interest in keeping your personal data

 

• Right of opposition: you can at any time request to no longer receive our communications relating to our offers, news and events. You can in particular use the hypertext link provided for this purpose in each email or communication that we send to you. You can also request to receive non-personalized communications about our products and services

 

• Right to withdraw consent at any time for data processing based on consent: you can withdraw your consent relating to our processing of your data when this processing is based on consent

• Right to data portability: you have the right to move, copy or transfer data from our database to another. This right only applies to the data you have provided, and provided that the processing is based on a contract or your consent and carried out using automated processes

 •You, or one of your legally designated representatives, also have the right to formulate specific or general directives concerning the conservation, erasure and communication of your post-mortem data and this in application of the Law for a Digital Republic.

• If you are a citizen or resident of the Republic of the Philippines, you also have the right to access and correct your personal data.  You may also file a complaint with the National Privacy Commission ("NPC") for violation of your rights under the Data Privacy Act of 2012, its Implementing Rules and Regulations, and issuances of the NPC.

 

HOW to contact us ?
1 / Please contact us in the manner below if you wish to exercise these rights or if you have questions or complaints regarding the processing of your personal data.
 Christian Dior Couture
- By email to privacy@christiandior.com
- By online form: https://www.dior.com/en_gb/contact-couture
- By phone: +33140737373 for France, +852800969886 for Hong Kong, Australia and New-Zealand, 1800 4159 990 for Singapore,  +853 28751860 for Macau , 852800969886 for Vietnam, 852800969886 for Thailand
- By post: 

Australia - Christian Dior Australia Pty Ltd Suite 10.02, 75 Castlereagh Street, Sydney NSW 2000

New-Zealand – Christian Dior New Zealand Ltd 203 Manukau Road, Epsom, Auckland, New Zealand

Singapore - Christian Dior Singapore PTE 391B Orchard Road #12-03 Ngee Ann City Tower B 238874 Singapore

Hong Kong - Christian Dior Far East Ltd, 36/F The Lee Gardens 33 Hysan Avenue, Causeway Bay, Hong Kong

Thailand - Christian Dior (Thailand) Co.,Ltd, 591 Unit 2103, 21F UBC ll, Sukhumvit Road, North Klongton, Wattana, Bangkok 10110

Vietnam - Christian Dior Vietnam Liability Company, #1305, Level 13, Tung Shing Square Building, 2 Ngo Quyen, Ly Thai To Ward, Hoan Kiem District, Hanoi, Vietnam 

Malaysia - Christian Dior Fashion (Malaysia) Sdn Bhd, Office 3, Muse Floor, Starhill Gallery, 181 Jalan Bukit Bintang 55100 Kuala Lumpur

Macau- Christian Dior Macau Single Shareholder Co. Ltd Avenida Comercial EDF. Finance and IT Centre of Macau, 7/F Unit I, Macau 

請在此處查閱繁體中文的隱私聲明

Vietnam - Christian Dior Vietnam Limited Liability Company - #1305, Level 13, Tung Shing Square Building, 2 Ngo Quyen, Ly Thai To Ward, Hoan Kiem District, Hanoi, Vietnam 

Tham khảo cam kết bảo mật tiếng Việt tại đây 

Mohon untuk membaca Pernyataan Privasi dalam 

India - Christian Dior Trading India Pvt. Ltd. Suite #3601, 36th Floor, The St. Regis Hotel, S.B. Marg, Lower Parel, Mumbai 400013 Maharashtra, India 

Christian Dior perfumes
- By email to dpo_international@diormail.com
- By online form: https://www.dior.com/en_int/contact-parfum
- By phone: 1800 318 240 ( AUS NZ ) / +44  207 216 02 16 ( SG)
For the sake of speed of management of your requests, it is advisable to favor the email address.
2 / You also have the right to contact the Dior lead data protection authority, the CNIL, at any time, in order to lodge a complaint against Dior's data protection and privacy practices. The CNIL can be contacted using the following information:
Commission Nationale pour l’Informatique et les Libertés (CNIL)

3 Place de Fontenoy
TSA 80715 - 75334 Paris, Cedex 07
Phone. +33 1 53 73 22 22
Fax +33 1 53 73 22 00
Website: http://www.cnil.fr/
3 / We also wish to inform you about the contacts of other authorities in Europe that you can find and contact on the website of the European Data Protection Board: https://edpb.europa.eu/about-edpb/board/members_en
HOW does Dior protect the privacy of children?
Dior has adopted practices aimed at avoiding collecting or storing information on children under the age of 15, in accordance with French law. If we learn that we have mistakenly collected information from people under the age of 15, we will purge it immediately, except to answer a single question or request from the person, their parent or legal guardian.

 

NOTICE ABOUT SOCIAL LOGIN

Privacy Notice – Register using social providers

  1.  For what activities personal data are processed

By creating a Dior account, logging on Dior.com via Google, Facebook, Line, Kakao or by binding your Dior account to your Google, Facebook, Line, Kakao accounts, in this case, you are sharing your profile information with us. The personal data shared depends on the configuration of the social network platform.

In order to facilitate the account creation process, we can pre-fill the account creation form with information retrieved from the social provider account.

  1. What data are exactly involved :

The types of information that Dior can collect depends on the settings selected for that provider and is subjected to the processing details under their own established privacy policies. Here are the types of information per

  • Google : first name and last name, e-mail, language preferences (not used), profile picture (not used)

  • Facebook : first name and last name, e-mail, profile picture (not used)

  • Kakao login : fullname (not used), e-mail, phone number

  • Line : first name and last name, e-mail, phone number, profile picture (not used)

 

3. Who is the Data controller: is Christian Dior Couture SA (registered office), a public limited company under French law whose registered office is located at 30 avenue Montaigne, Paris 8, France, and all the affiliates of Christian Dior Couture with whom you share your information.

Please note that as displayed in the section “Who may access your data” referred to in our global Privacy Statement   your social media connection data is administered and managed by the above listed social media platforms acting on your social media account and may act as Data Controller. Please note that these social networks apply their own privacy policy, settings and standards.

4. Where can I find further information? Please contact us as below if you wish to exercise your rights under applicable Data Protection Laws or if you have any questions or complaints regarding the processing of your personal data.

- By email at privacy@christiandior.com

- By postal mail: Christian Dior Couture, 30 avenue Montaigne, 75008 Paris, France

More details can be found in our global Privacy Statement at https://www.dior.com/en_gb/fashion/personal-data

NOTICE ABOUT 30 MONTAIGNE ACTIVITIES

PRIVACY STATEMENT - CHRISTIAN DIOR –  30 Montaigne Hotel, Restaurant and Gallery

The Maison Christian Dior Couture attaches particular importance to the processing, confidentiality and security of your personal data. We are committed to offering you personalized services while respecting your privacy and personal choices.

 

The purpose of this privacy policy is to inform you in a clear, simple and complete manner of the processing carried out on the personal data that you provide to us, or that each of our Affiliates can collect from the various outlets, contact you may have with us (e.g. shop, Customer Service, dior.com, social networks, digital applications, events), their possible transfer to third parties as well as your rights and the options you have to control your information protect your privacy, in accordance with current regulations.

 

In particular, this Privacy Statement is dedicated to the collection, handling and usage of your personal data during your various interaction with the a) Hotel, b) the Restaurant or c) the Gallery located at 30 Montaigne (also named herewith as “30 Montaigne”). Throughout this dedicated Privacy Statement, in relation to other processing activities, notably with regards to your purchases of Dior products, please refer to the generic Privacy Statement which can be reached at this link.

 

The Data Controller will be Maison Christian Dior Couture, within the meaning of the regulations applicable to personal data and in particular with regard to article 24 of the Regulations (EU) 2016/679 (hereinafter "GDPR").

 

In this Statement dedicated to the activities of the “30 Montaigne” and your interaction with it, you will find information about:

• Who are we?

• What data we may collect about you

• How we collect or receive your data

• For what purposes we use your data

• How long we keep them

• Who are the recipients of your data

• How we protect them and ensure their confidentiality

• How we treat your preferences and your rights stemming from European Regulation

• The additional protections we offer to residents of certain regions

• How to contact us if you have questions about our use of your personal data

•Modification of this privacy statement

 

WHO are we ?

The Maison Christian Dior Couture

 

Christian Dior Couture SA (head office), a public limited company under French law with its head office located at 30 avenue Montaigne, Paris 8, France, registered in the Paris Trade and Companies Register under number 612 035 832 and represented by Hien Tran Trung in his capacity as Administrative and Financial Director of Christian Dior Couture,

And all of the Christian Dior Couture affiliates with whom you share your information

Christian Dior Couture is a story of dreams and elegance, passion and excellence; it is also a story of know-how. The creations of Christian Dior Couture express the passion for beautiful gestures and exceptional objects. From haute couture to ready-to-wear, including leather goods, watchmaking and jewelry, know-how is transformed into the art of making.

 

WHAT data do we collect about you?

"Personal data" means any information that identifies you either directly (such as your name) or indirectly (for example, using a unique customer number).

 

The personal data we collect depends on the point of contact through which you interact with us, as well as the purposes of this interaction as described in this Policy and are also limited to those which are relevant and appropriate for this interaction. Visitors to the Dior.com website, or applicable websites for the “30 Montaigne”, who view our products, services information and offers can choose to do so without logging in, and the same is true for point-of-sale search and browsing on social media. Unless you choose to interact with us through these contact points, for example:

 

• by making a purchase on our dedicated sites,

• by subscribing to one of our programs or services,

• by writing to us via the consumer contact forms,

• or by writing us a comment in the free online order fields,

 

or else, our data collection is limited to the use of "cookies" (visitors) for website visitors whose conditions are specifically defined by our cookie policy and according to your preferences. For the sake of transparency and clarity, our cookie management policy is separate from this general policy. The cookie management policy is accessible from this link.

 

Depending on the data that you communicate to us or that you share with us, personal data may include information concerning:

• Your identity and contact details: surname, first name, postal address, email address, telephone number, and for the “30 Montaigne” Hotel only: Passport details

• Your interests

• A history of your purchases (in store or online, including your orders, tracking and invoices, amount and type of purchase)

• Your requests via our customer service or our public relations service

• The Dior events in which you participate

• Your food intolerance in relation to the “30 Montaigne” Restaurant

• Your satisfaction and comments on our programs, services and products

 

Regarding your purchases, payments are made via a secure payment platform, supplemented by control measures, including encryption of contact details, in order to guarantee the security of purchases made and to fight against fraud. Your bank details are therefore not accessible on Dior's servers.

 

We invite you to ensure that your data is regularly updated, either by modifying it directly on our sites or, by informing us in writing of any modification by referring to the dedicated section "How to contact us".

 

HOW do we collect or receive your data?

As part of our relationships, the data we collect may be collected through the following contact points:

• Course on dedicated websites such as galeriedior.com and billetterie.galeriedior.com

• Exchanges with our advisers at the “30 Montaigne”

• Dior events in which you participate

• Relationship with our public relations services

• Contact with Customer Service

• Forms that you fill out (at the “30 Montaigne” or online)

• Digital applications with which you interact

• Third party data providers with whom you share information

• Retailers for whom you agree to receive our communications

• Satisfaction surveys or questionnaires to which you answer

 

We make sure to identify the personal data essential for the purpose for which it is collected by indicating it with an asterisk like this ‘(*)’ on each personal data collection form. If you do not fill in these mandatory fields, we will not be able to respond to your requests and / or provide you with the services requested. The other information is optional and allows us to know you better and improve our communications and services to you. Although not mandatory, we recommend that you fill them in to allow you to benefit from the best possible experience during our interactions with you.

 

Further information on how Dior collects your data can be found at the generic Privacy Statement which can be reached at this link.

 

FOR WHAT PURPOSES is your data used by Dior?

We are required to use your data for purposes defined according to the nature of our relationships. Thus, depending on the context in which your data is collected, it may be used for one or more of the following purposes:

• Managing your orders in relation to Grand Montaigne goods or services

• Management of personalized content and Dior communications (digital or not)

• Managing your profile

• Managing your requests in connection with Dior

• The management of events in which you register / participate in relation for instance of the Grand Montaigne Gallery

• The management of our website and our digital applications in relation to Grand Montaigne goods or services

• Management and improvement of our products and services, image and reputation

• Transaction management (securing online payments, prevention of fraud, incidents related to payments and debts)

• Analysis and personalization purposes: with your explicit consent (when required), we use your personal data to send you personalized communications (newsletters, offers, invitations and surveys) and analyze your preferences and habits, anticipate your needs from of your consumer profile. We can make you benefit from our personalized communications by means of emails, postal letters, SMS or calls according to the communication preferences that you have indicated to us and your consumer profile (when authorized).

 

Further information on Dior processing activities can be found at the generic Privacy Statement which can be reached at this link.

 

We ensure the legal basis for the processing of your data according to the purpose (s) concerned, which may be, depending on the context in which it is collected:

• Your explicit consent: for example, for the purposes of managing our personalized commercial offers, managing your browsing via cookies under the conditions defined by our Cookies Policy, or establishing your consumer profile in applicable cases;

• The implementation of a contract, for example for your access to your customer account, the processing and follow-up of your orders;

• A legal obligation when processing is required by law, for example, keeping purchase invoices to prevent fraud;

• Our legitimate interest: for example, to improve our products and services, defend ourselves or secure our tools

 

HOW LONG can we keep them?

We keep your personal data only for the time necessary for the purpose pursued. In general, your personal data is stored in a dedicated “30 Montaigne” database:

 

  • For the guests staying at the “30 Montaigne” Hotel: 5 years starting at the date of the check in.

 

  • For the customers of “30 Montaigne” Restaurant: 3 years starting at the date of the meal payment

 

  • For the visitors of the “30 Montaigne” Gallery: 3 years starting at the date of the Gallery visiting ticket issuance.

 

When we no longer need to use your personal data, it is deleted from our systems and our registers or made anonymous so that it can no longer be identified, subject to retention for archival purposes. claims and litigation management as well as to meet our legal and / or regulatory obligations and / or to respond to requests from authorities authorized to make the request

 

WHO can access your data?

Your data is intended for the services of Maison Christian Dior concerned by your requests. We ensure that only duly authorized persons can access your personal data when this is necessary for the aforementioned purposes.

 

We do not pass your data on to third parties for commercial purposes.

 

At high level, we are only required to communicate your information if necessary, and if possible in a form that does not allow direct identification to:

 

• Other Dior entities as well as department stores where you buy our products in order to provide you with identical personalized service worldwide

 

• Our trusted third-party providers, including other entities of the LVMH group, acting as subcontractors according to our instructions and on our behalf only.

For example, we entrust certain services to third parties responsible for delivering a product to you, payment service providers and transaction security against fraud, third parties who assist us in the organization of our events, third parties providing services IT, digital communication and public relations agencies, third parties who assist us in customer service, third parties who assist us in qualitative surveys of our products, programs or services.

 

• Third parties including the LVMH group wishing to know your preferences and consumption trends for our programs and services in order to improve visibility, accessibility and performance.

 

• Our trusted third party partners assist us in the management of your orders. In particular, we entrust certain services to third parties responsible for delivering a product to you, to payment service providers and to providers ensuring the security of anti-fraud transactions. Please note that these partners may act as data controllers; in this case, they have their own privacy policies.

 

Further information on how Dior shares your data can be found at the generic Privacy Statement which can be reached at this link.

 

HOW do we protect and ensure the confidentiality of your data?

We take all the necessary precautions to guarantee the confidentiality and security of your data and to prevent it from being distorted, damaged, destroyed or from unauthorized third parties having access to it.

 

We ask our partners and group companies to maintain a level of protection similar to ours concerning your personal data. The security measures put in place are evaluated and updated to face new threats and new challenges, as well as new legal requirements in the countries where we operate.

 

HOW do we deal with cross-border protections?

Given the presence of Dior in many countries around the world and in order to provide you with personalized service worldwide, some of your data may be collected, accessible or stored outside your country of residence. You should be aware that data protection and security requirements differ from place to place and may not offer the same level of protection as those of your country of origin. However, Dior and our group companies have taken measures to guarantee an adequate level of protection of your data, regardless of their location.

 

Further information on how Dior processing handle data transfer can be found at the generic Privacy Statement which can be reached at this link.

 

WHAT additional protections are provided for residents of certain regions?

Dior has adopted the data protection and security practices described in this privacy policy for all individuals concerned. In addition, we have also identified and taken into account the data protection and security measures required at local or regional level. This includes, for example, those required for residents of the European Union / European Economic Area under the General EU Data Protection Regulation (GDPR) 2016/679.

 

In particular, the GDPR provides the following rights:

 

• Right to information: you have the right to obtain clear, transparent and understandable information about how we use your personal data and about your rights. You will find all of this information in this policy

 

• Right of access: you have the right to access the personal data that Dior holds about you

 

• Right of rectification: you have the right to have your personal data rectified if it is inaccurate or obsolete and / or to supplement it if it is incomplete

 

• Right to erasure / right to be forgotten: you have the right to have your data erased or deleted. However, this right may be limited by a legal reason or our legitimate interest in keeping your personal data

 

• Right of opposition: you can at any time request to no longer receive our communications relating to our offers, news and events. You can in particular use the hypertext link provided for this purpose in each email or communication that we send to you. You can also request to receive non-personalized communications about our products and services

 

• Right to withdraw consent at any time for data processing based on consent: you can withdraw your consent relating to our processing of your data when this processing is based on consent

 

• Right to data portability: you have the right to move, copy or transfer data from our database to another. This right only applies to the data you have provided, and provided that the processing is based on a contract or your consent and carried out using automated processes

 

You, or one of your legally designated representatives, also have the right to formulate specific or general directives concerning the conservation, erasure and communication of your post-mortem data and this in application of the Law for a Digital Republic.

 

HOW to contact us ?

1 / Please contact us in the manner below if you wish to exercise these rights or if you have questions or complaints regarding the processing of your personal data.

Christian Dior Couture

-             By email at privacy@christiandior.com

-             By postal mail: Christian Dior Couture, 30 avenue Montaigne, 75008 Paris, France

2 / You also have the right to contact the Dior lead data protection authority, the CNIL, at any time, in order to lodge a complaint against Dior's data protection and privacy practices. The CNIL can be contacted using the following information:
Commission Nationale de l’Informatique et les Libertés (CNIL)

3 Place de Fontenoy
TSA 80715 - 75334 Paris, Cedex 07
Phone. +33 1 53 73 22 22
Fax +33 1 53 73 22 00
Website: http://www.cnil.fr/

CHRISTIAN DIOR COUTURE - CANDIDATE PRIVACY STATEMENT

Statement relating to the protection of your personal data collected in the context of recruitment

This Privacy Statement for Candidates (hereinafter the “Privacy Statement”) is intended to provide visitors and users (“You”) of the www.dior.com website, as well as of all the Dior’s websites with .com, .it, .ru, .co, .jp, .cn domain names suffixes (hereinafter collectively the “Website”) with information relating to how the Maison Christian Dior Couture (hereinafter “Christian Dior Couture” or “We/Us”) processes your personal data (hereinafter the “Personal Data” or “Data”) and about your rights in this respect.

Christian Dior Couture places the highest priority and takes the utmost care to protect your Personal Data.

1. Who are we? Who is the Data Controller of your Personal data?

During your recruitment experience, and in order to inform you in advance, the Data Controller will be Christian Dior Couture within the meaning of the regulations applicable to personal data and in particular with regard to article 24 of the Regulations (EU) 2016/679 (hereinafter "GDPR").

As an example, referring to some of the Maison iconic products:

• Lady Dior bag

• 30 Montaigne bag

• Bar jacket

Christian Dior Couture SA (head office), a public limited company under French law with its head office located at 30 avenue Montaigne, Paris 8, France, registered with the Paris Trade and Companies Register under number 612 035 832 and represented by Hien Tran Trung in his capacity as Administrative and Financial Director of Christian Dior Couture,

And all Christian Dior Couture affiliates

Christian Dior Couture is a story of dreams and elegance, passion and excellence; it is also a story of know-how. The creations of Christian Dior Couture express the passion for beautiful gestures and exceptional objects. From haute couture to ready-to-wear, including leather goods, watchmaking and jewelry, know-how is transformed into the art of making.

2. What is a “personal data”?

Personal Data refers to any information or pieces of information that could identify You either directly (e.g. your name, surname, email, home address, etc.) or indirectly (e.g. through pseudonymized data, such as a unique ID number, etc.). It may also include unique identifiers like your computer’s IP address.

3. Why and how do We use the Personal Data that We collect?

3.1 How do We collect your Personal Data?

 We collect your Personal Data as follows:

  • directly from You when You use our Website and our services (completion of various forms on the Website, direct communication with Us through our institutional departments, etc.);

  • automatically when You access or use the Website (technical details, IP address, browsing information, etc.).

3.2 What Data do We collect?

We collect several types of Personal Data about You:

 Personal Data that We collect directly from You

We collect Personal Data that You provide directly when You use our Website.

This is specifically the case when You:

  • interact with Us through the contact forms,

  • register to receive our newsletters or institutional documentation,

  • apply to job offers.

The categories of Personal Data that We collect include:

  • Identification and contact information: e.g., last name, first name, mailing address, contact details needed to identify You when You interact with Us,

  • Application information: e.g., last name, first name, email address, telephone number, professional experience and all the information You provide by sending your application and/or your curriculum vitae: photo, skills, education level, spoken languages, salary expectations, home address, hobbies, family status, etc.  We only collect and store this Data in connection with the management of our own job offers and do not use them for any other purposes, including for commercial purposes.

Personal Data that We collect automatically

We automatically collect certain Data about You when You access or use the Website, specifically:

  • Technical information: We collect information about the device that You use to login, as well as your use of the Website (g., operating system, type of browser used, whether a proxy is used, location of the device inferred from your IP address that identifies your computer, access time, accessed pages and the link that enabled You to access our Website),

  • Browsing information: We use tracking technologies to collect Data about You when You use our Website.

3.3 On what legal grounds and for which purposes do We use the Data that We collect?

 In accordance with current personal data protection regulations, We only collect Personal Data when We have a legal basis to do so.

Personal Data is collected either:

        i.          based on pre-contractual measures

       ii.          based on your consent,

      iii.          in our legitimate interest, or

     iv.          to meet our legal obligations.

(i) We collect your Personal Data on the basis of pre-contractual measures, in particular in the context of the processing of applications (CV and motivation letter) and management of interviews.

(ii) We collect Personal Data based on your consent, for the following purposes

  • Share opportunities that can match your profile and keep you up to date on the life of Maison Dior,

 (iii) We collect Personal Data based on our legitimate interest, for the following purposes:

  • ·        to manage your requests and queries: We use your Data to send You the information You request,

  • to defend our interests in the event of a dispute or court action,

  • to manage cybersecurity of the Website,

  • to prevent fraudulent acts in order to ensure the security of our assets and contents.

(iv) We may also store your Personal Data when the law requires Us to do so or to defend our legal rights.

3.4 Who has access to your Data? 

3.4.1 Accessibility within Christian Dior Couture

Your Data is processed by the Christian Dior Couture for the purposes described above and are only accessible to Christian Dior Couture personnel who need to know it to perform their duties.

In this respect, your Personal Data is processed by the following departments of Christian Dior Couture and/or other Maisons of the LVMH Group:

  • Christian Dior Couture Institutional Communication Department and Financial Communication Department for the management of your requests and queries, as well as to send You newsletters;

  • Christian Dior Couture Human Resources department to manage your applications to job offers;

  • Christian Dior Couture Security Department to manage cybersecurity of the Website;

  • Christian Dior Couture Fraud and Legal Departments to manage fraudulent acts or legal claims if any.

3.4.2 Accessibility by third parties

Certain third parties may have access to your Data, specifically:

(i) our subcontractors and service providers acting for technical and logistical reasons (carriers, Website hosting, security and maintenance providers, fraud management service providers, technical service providers responsible for sending e-mails and newsletters, anti-spam and anti-bot services, recruitment agencies which may provide Us with advice on the management of our candidates’ databases and help with the selection of profiles within such databases, etc.);

(ii) other LVMH Group affiliates for recruitment purposes: when you apply to an LVMH Group affiliate’s job offer, this affiliate collects and processes your Data as independent data controller. In such case, your Data will be processed according to this affiliate’s personal data protection policy, which You may obtain by contacting it directly. Likewise, the rights You enjoy pursuant to personal data protection laws must be directly enforced against it;

(iii) any authority, court or other third party when disclosure is required by law, regulations or a judicial decision, or if such disclosure is necessary to protect and defend our rights.

3.5 Is any Personal Data transferred outside of the European Economic Area?

Your Data is processed in France by the Maison Christian Dior Couture. However, We may rely on certain service providers, which are located abroad or which themselves rely on processors located abroad, including outside of the European Economic Area (EEA) in countries where personal data protection laws differ from those that apply in the EEA.

With reference to the data relating to applications, the LVMH Group has adopted binding corporate rules ("BCR") which the French Supervisory Authority (the CNIL) has declared to be compliant with current legislation and suitable for offering an adequate level. of protection in case of data transfer within the Group, also outside the European Economic Area.

3.6 How long do We store your Data?

Data is stored as long as required for the purpose for which it was collected and, in any case, will be destroyed at the end of such period.

Please see the list below for additional details about these periods.

Any transfer of your Data outside of the EEA will take place with appropriate safeguards in place that comply with applicable personal data protection regulations. Upon request, We will provide You with a copy of applicable safeguards.

  • Purpose: Management of your requests and queries

  • Data categories: Identification Data (last name, first name, mailing address, contact details needed to identify You when You interact with Us).

  • Period of storage before erasure: Duration required to manage your requests and queries. Your Data will then be either deleted or anonymized, unless we need to keep it to meet our legal obligations for the applicable statutory retention period.         

 

  • Purpose: Sending You our newsletters

  • Data categories: Your email address

  • Period of storage before erasure: Duration of your subscription. Then, the Data will be destroyed or anonymized.

 

  • Purpose: Management of your applications to job offers

  • Data categories: Application information

  • Period of storage before erasure: Duration of two (2) years from when the Data has been provided or from the last contact with You. At the end of this 2-year period, Christian Dior Couture may contact You to know whether You want Christian Dior Couture to keep retaining your Personal Data, for the purpose of informing You of an opportunity that may arise and match your career aspirations and skills. In any event, your Data will be erased at your request, within a maximum period of 1 month from your request.

 

  • Purpose: Security of the Website

  • Data categories: Technical information of your device (IP address, device type, browser ID, etc.)

  • Period of storage before erasure: 6 months, then the Data is either deleted or anonymized.

 

  • Purpose: Disputes/complaints

  • Data categories: Data concerning the dispute/complaint

  • Period of storage before erasure: Duration of the complaint + 5 years from the complaint.

  • In the event of a court action: duration of proceedings through full enforcement of the legal decision or settlement agreement

4. What are your rights in relation to your Data?

 4.1 Access, rectification and portability

 In accordance with current regulations, You have the right to access your Data. You may also request correction of Your Personal Data should they be inaccurate. Depending on the purpose of processing, You also have the right to have incomplete Personal Data completed.

To respond to your request, We may ask You to provide Us with a proof of your identity. We may also need to ask You for additional information or supporting documents. We will make every effort to respond to your request as soon as possible.

You may, to the extent provided for by law, exercise your right to Data portability which allows You to retrieve, in an interoperable format, the Personal Data that You provided to Us.

4.2 Right to erasure of your Data and to limitation of the processing of your Data

 You may request erasure of your Personal Data if:

  • You believe that our processing of your Personal Data is no longer needed for the purposes described in this Privacy Policy,

  • You believe that the processing is unlawful or You contest the accuracy of the Data We process about You,

  • You withdrew your consent to the processing of your Data.

Alternatively, to the extent provided for by law, You may request limitation of the processing of your Data.

Please note that despite the exercise of your right to erasure or processing limitation, We will store some of Your Personal Data when the law requires Us to do so, or to exercise or defend our rights.

4.3 Right to establish instructions for the management of your Personal Data after your death

For France and when mandatory local provisions so provide, You may determine how You want Us to handle your Personal Data upon your death.

4.4 Procedure to exercise your Data protection rights

You can exercise your data protection rights in the following ways or if you have any questions or complaints about the processing of your personal data.

You also have the right to contact Dior’s lead Supervisory Authority, the CNIL, at any time in order to file a complaint against Dior’s data protection and privacy practices. The CNIL can be contacted by using the following information:

 

Commission Nationale de l'Informatique et des Libertés – CNIL

3 Place de Fontenoy
TSA 80715 - 75334 Paris, Cedex 07
Phone. +33 1 53 73 22 22
Fax +33 1 53 73 22 00
Website: http://www.cnil.fr/

We also wish to inform you about the contacts of other authorities in Europe that you can find and contact on the website of the European Data Protection Board: https://edpb.europa.eu/about-edpb/board/members_en

When the processing of your Data is based on your consent (e.g., subscription to the newsletter), You may withdraw your consent at any time without justification. This right can be exercised by changing your options regarding subscriptions to our newsletters by clicking on the hyperlink provided for this purpose in each email We send You.

5. How is your Personal Data secured?

Christian Dior Couture uses technical and organizational measures that comply with French and EU legal and regulatory requirements, to keep your Data secure and confidential. Under written agreements, Christian Dior Couture requires its service providers and processors to provide safeguards and implement sufficient security measures to protect the Personal Data they have agreed to process, in accordance with applicable requirements under personal data protection laws. However, Christian Dior Couture does not control all risks related to the operation of the Internet and draws your attention to the inherent risks of using any website.

6. Third party websites

There may be links to third-party websites (such as LVMH Group affiliates’ websites) that We do not control, and which are governed by their own confidentiality and personal data protection policies. This Privacy Statement does not apply to third-party websites. Please review the confidentiality and personal data protection policies of the third-party websites that You visit to understand how they process your Data. Christian Dior Couture shall not be liable for any use of your Data by any third parties.

PARFUMS CHRISTIAN DIOR - CANDIDATE PRIVACY STATEMENT

Statement relating to the protection of your personal data collected in the context of recruitment

This Privacy Statement for Candidates (hereinafter the “Privacy Statement”) is intended to provide visitors and users (“You”) of the www.dior.com website, as well as of all the Dior’s websites with .com, .it, .ru, .co, .jp, .cn domain names suffixes (hereinafter collectively the “Website”) with information relating to how the Maison Parfums Christian Dior (hereinafter “Parfums Christian Dior” or “We/Us”) processes your personal data (hereinafter the “Personal Data” or “Data”) and about your rights in this respect.

Parfums Christian Dior places the highest priority and takes the utmost care to protect your Personal Data.

 

  1. Who are we? Who is the Data Controller of your Personal data?

During your recruitment experience, and in order to inform you in advance, the Data Controller will be Parfums Christian Dior within the meaning of the regulations applicable to personal data and in particular with regard to article 24 of the Regulations (EU) 2016/679 (hereinafter "GDPR").

As an example, referring to some of the Maison iconic products:

  • J’adore

  • Miss Dior

  • Capture Total

Parfums Christian Dior S.A. (head office), a public limited company under French law with its head office located at 33 avenue Hoche, Paris 8, France, registered with the Paris Trade and Companies Register under number 552 065 187 and represented by Laurent Kleitman in his capacity as President Director General Parfums Christian Dior,

And all Parfums Christian Dior affiliates

The Dior soul is expressed in each of the Maison's products and in the attention paid to each stage of their manufacture. From Grasse in Paris to the Jardins Dior, Parfums Christian Dior sublimates the finest materials so that each of its creations contributes to its aura around the world.

2. What is a “personal data”?

Personal Data refers to any information or pieces of information that could identify You either directly (e.g. your name, surname, email, home address, etc.) or indirectly (e.g. through pseudonymized data, such as a unique ID number, etc.). It may also include unique identifiers like your computer’s IP address.

3. Why and how do We use the Personal Data that We collect?

3.1 How do We collect your Personal Data?

 We collect your Personal Data as follows:

  • directly from You when You use our Website and our services (completion of various forms on the Website, direct communication with Us through our institutional departments, etc.);

  • automatically when You access or use the Website (technical details, IP address, browsing information, etc.).

3.2 What Data do We collect?

We collect several types of Personal Data about You:

 Personal Data that We collect directly from You

We collect Personal Data that You provide directly when You use our Website.

This is specifically the case when You:

  • interact with Us through the contact forms,

  • register to receive our newsletters or institutional documentation,

  • apply to job offers.

The categories of Personal Data that We collect include:

  • Identification and contact information: e.g., last name, first name, mailing address, contact details needed to identify You when You interact with Us,

  • Application information: e.g., last name, first name, email address, telephone number, professional experience and all the information You provide by sending your application and/or your curriculum vitae: photo, skills, education level, spoken languages, salary expectations, home address, hobbies, family status, etc.  We only collect and store this Data in connection with the management of our own job offers and do not use them for any other purposes, including for commercial purposes.

Personal Data that We collect automatically

We automatically collect certain Data about You when You access or use the Website, specifically:

  • Technical information: We collect information about the device that You use to login, as well as your use of the Website (g., operating system, type of browser used, whether a proxy is used, location of the device inferred from your IP address that identifies your computer, access time, accessed pages and the link that enabled You to access our Website),

  • Browsing information: We use tracking technologies to collect Data about You when You use our Website.

3.3 On what legal grounds and for which purposes do We use the Data that We collect?

 In accordance with current personal data protection regulations, We only collect Personal Data when We have a legal basis to do so.

Personal Data is collected either:

        i.          based on pre-contractual measures

       ii.          based on your consent,

      iii.          in our legitimate interest, or

     iv.          to meet our legal obligations.

(i) We collect your Personal Data on the basis of pre-contractual measures, in particular in the context of the processing of applications (CV and motivation letter) and management of interviews.

(ii) We collect Personal Data based on your consent, for the following purposes

  • Share opportunities that can match your profile and keep you up to date on the life of Maison Dior,

 (iii) We collect Personal Data based on our legitimate interest, for the following purposes:

  • ·        to manage your requests and queries: We use your Data to send You the information You request,

  • to defend our interests in the event of a dispute or court action,

  • to manage cybersecurity of the Website,

  • to prevent fraudulent acts in order to ensure the security of our assets and contents.

(iv) We may also store your Personal Data when the law requires Us to do so or to defend our legal rights.

3.4 Who has access to your Data? 

3.4.1 Accessibility within Parfums Christian Dior

Your Data is processed by the Maison Parfums Christian Dior for the purposes described above and are only accessible to Parfums Christian Dior personnel who need to know it to perform their duties.

In this respect, your Personal Data is processed by the following departments of the Maison Parfums Christian Dior and/or other Maisons of the LVMH Group:

  • Parfums Christian Dior Institutional Communication Department and Financial Communication Department for the management of your requests and queries, as well as to send You newsletters;

  • Parfums Christian Dior Human Resources department to manage your applications to job offers;

  • Parfums Christian Dior Security Department to manage cybersecurity of the Website;

  • Parfums Christian Dior Fraud and Legal Departments to manage fraudulent acts or legal claims if any.

3.4.2 Accessibility by third parties

Certain third parties may have access to your Data, specifically:

(i) our subcontractors and service providers acting for technical and logistical reasons (carriers, Website hosting, security and maintenance providers, fraud management service providers, technical service providers responsible for sending e-mails and newsletters, anti-spam and anti-bot services, recruitment agencies which may provide Us with advice on the management of our candidates’ databases and help with the selection of profiles within such databases, etc.);

(ii) other LVMH Group affiliates for recruitment purposes: when you apply to an LVMH Group affiliate’s job offer, this affiliate collects and processes your Data as independent data controller. In such case, your Data will be processed according to this affiliate’s personal data protection policy, which You may obtain by contacting it directly. Likewise, the rights You enjoy pursuant to personal data protection laws must be directly enforced against it;

(iii) any authority, court or other third party when disclosure is required by law, regulations or a judicial decision, or if such disclosure is necessary to protect and defend our rights.

3.5 Is any Personal Data transferred outside of the European Economic Area?

Your Data is processed in France by the Maison Parfums Christian Dior. However, We may rely on certain service providers, which are located abroad or which themselves rely on processors located abroad, including outside of the European Economic Area (EEA) in countries where personal data protection laws differ from those that apply in the EEA.

With reference to the data relating to applications, the LVMH Group has adopted binding corporate rules ("BCR") which the French Supervisory Authority (the CNIL) has declared to be compliant with current legislation and suitable for offering an adequate level. of protection in case of data transfer within the Group, also outside the European Economic Area.

3.6 How long do We store your Data?

Data is stored as long as required for the purpose for which it was collected and, in any case, will be destroyed at the end of such period.

Please see the list below for additional details about these periods.

Any transfer of your Data outside of the EEA will take place with appropriate safeguards in place that comply with applicable personal data protection regulations. Upon request, We will provide You with a copy of applicable safeguards.

  • Purpose: Management of your requests and queries

  • Data categories: Identification Data (last name, first name, mailing address, contact details needed to identify You when You interact with Us).

  • Period of storage before erasure: Duration required to manage your requests and queries. Your Data will then be either deleted or anonymized, unless we need to keep it to meet our legal obligations for the applicable statutory retention period.         

 

  • Purpose: Sending You our newsletters

  • Data categories: Your email address

  • Period of storage before erasure: Duration of your subscription. Then, the Data will be destroyed or anonymized.

 

  • Purpose: Management of your applications to job offers

  • Data categories: Application information

  • Period of storage before erasure: Duration of two (2) years from when the Data has been provided or from the last contact with You. At the end of this 2-year period, Parfums Christian Dior may contact You to know whether You want Parfums Christian Dior to keep retaining your Personal Data, for the purpose of informing You of an opportunity that may arise and match your career aspirations and skills. In any event, your Data will be erased at your request, within a maximum period of 1 month from your request.

 

  • Purpose: Security of the Website

  • Data categories: Technical information of your device (IP address, device type, browser ID, etc.)

  • Period of storage before erasure: 6 months, then the Data is either deleted or anonymized.

 

  • Purpose: Disputes/complaints

  • Data categories: Data concerning the dispute/complaint

  • Period of storage before erasure: Duration of the complaint + 5 years from the complaint.

  • In the event of a court action: duration of proceedings through full enforcement of the legal decision or settlement agreement

4. What are your rights in relation to your Data?

 4.1 Access, rectification and portability

 In accordance with current regulations, You have the right to access your Data. You may also request correction of Your Personal Data should they be inaccurate. Depending on the purpose of processing, You also have the right to have incomplete Personal Data completed.

To respond to your request, We may ask You to provide Us with a proof of your identity. We may also need to ask You for additional information or supporting documents. We will make every effort to respond to your request as soon as possible.

You may, to the extent provided for by law, exercise your right to Data portability which allows You to retrieve, in an interoperable format, the Personal Data that You provided to Us.

4.2 Right to erasure of your Data and to limitation of the processing of your Data

 You may request erasure of your Personal Data if:

  • You believe that our processing of your Personal Data is no longer needed for the purposes described in this Privacy Policy,

  • You believe that the processing is unlawful or You contest the accuracy of the Data We process about You,

  • You withdrew your consent to the processing of your Data.

Alternatively, to the extent provided for by law, You may request limitation of the processing of your Data.

Please note that despite the exercise of your right to erasure or processing limitation, We will store some of Your Personal Data when the law requires Us to do so, or to exercise or defend our rights.

4.3 Right to establish instructions for the management of your Personal Data after your death

For France and when mandatory local provisions so provide, You may determine how You want Us to handle your Personal Data upon your death.

4.4 Procedure to exercise your Data protection rights

Vous pouvez exercer vos droits en matière de protection des Données selon les modalités suivantes ou si vous avez des questions ou réclamations concernant le traitement de vos données personnelles.

You also have the right to contact Dior’s lead Supervisory Authority, the CNIL, at any time in order to file a complaint against Dior’s data protection and privacy practices. The CNIL can be contacted by using

the following information:

Commission Nationale de l'Informatique et des Libertés – CNIL

3 Place de Fontenoy
TSA 80715 - 75334 Paris, Cedex 07
Phone. +33 1 53 73 22 22
Fax +33 1 53 73 22 00
Website: http://www.cnil.fr/

 

We also wish to inform you about the contacts of other authorities in Europe that you can find and contact on the website of the European Data Protection Board: https://edpb.europa.eu/about-edpb/board/members_en

When the processing of your Data is based on your consent (e.g., subscription to the newsletter), You may withdraw your consent at any time without justification. This right can be exercised by changing your options regarding subscriptions to our newsletters by clicking on the hyperlink provided for this purpose in each email We send You.

5. How is your Personal Data secured?

Parfums Christian Dior uses technical and organizational measures that comply with French and EU legal and regulatory requirements, to keep your Data secure and confidential. Under written agreements, Parfums Christian Dior requires its service providers and processors to provide safeguards and implement sufficient security measures to protect the Personal Data they have agreed to process, in accordance with applicable requirements under personal data protection laws. However, Parfums Christian Dior does not control all risks related to the operation of the Internet and draws your attention to the inherent risks of using any website.

6. Third party websites

There may be links to third-party websites (such as LVMH Group affiliates’ websites) that We do not control, and which are governed by their own confidentiality and personal data protection policies. This Privacy Statement does not apply to third-party websites. Please review the confidentiality and personal data protection policies of the third-party websites that You visit to understand how they process your Data. Parfums Christian Dior shall not be liable for any use of your Data by any third parties.