[Last update 28 March 2023]

The Website (hereinafter the "Website") is published by MONIKA HEILIGMANN LIMITED (owners of the Monika Heiligmann® brand), a company incorporated in London, registered under (15242862), having its registered office located at

372 Old Street, Suite 100, London, United Kingdom, EC1V 9AU

MH undertakes to protect the privacy of all users of its Website (hereinafter the “Visitor”), whether registered as users or as a guest and all clients of Monika Heiligmann® cosmetic skincare products (hereinafter the “Clients”). It undertakes to ensure that the collection and processing of your data be carried out in accordance with the General Data Protection Regulation (GDPR).

 

This privacy policy ("Privacy Policy") explains how MH , and its affiliates, may use the personal information of the Visitors and the Clients. It provides information about the procedures implemented in the collection and use of your data, as well as the options and rights to which you are entitled. By accessing, browsing or otherwise using our website, you accept this Privacy Policy, without limitation or qualification. 

 

If you do not accept this Privacy Policy, you may not be entitled to use fully our website function, or the services said website offers. 

Your personal information

Each Visitor or Client may, at his/her option, provide  MH  with personal information, in order for  MH  to (i) be able to proceed to the checkout of purchases, (ii) better understand our customers’ needs, and (iii) marketing purposes to better understand visitors’ expectations, and to provide information on Monika Heiligmann products or services to visitors who have opted for receiving such information. If the visitor has notified  MH  that he/she does wish to receive any details of Monika Heiligmann® products or services,  MH  may contact the visitor by email or post to provide the visitor with details of Monika Heiligmann products or services or any other information which  MH  believes may be of interest. 

What information do we collect?

  • Identification and contact information (including but not limited to email, mobile number etc.);
  • Payment information;
  • Demographic information (such as gender or birthday- date and month);
  • Preferences and interest (for your replenishment order for instance);
  • Information about your purchases;
  • Information about your browser and browser behavior

There are different levels of information collecting depending on the action you are taking on the website: 

If you place an order, we collect: 

  • Email; 
  • Name; 
  • Billing Address; 
  • Delivery Address; 
  • Telephone; 
  • IP address.

 

If you sign in to create an account, we collect:

  • Email address; 
  • First and last name;
  • Password (but we can’t access that information).
  •  

    Optionally, you can provide: 

  • Birthday;
  • Skin Profile.
  •  

    If you sign to receive our newsletter, we collect: 

  • Email address.
  •  

    If you visit our website, we store session information through a cookie: 

  • Address; 
  • Device ID; 
  • Session token;
  • Referring website. 
  •  

    Personal data can also be collected when participating in a quiz or when communicating with our customer service department.

     

    How are the information collected? 

  • Directly by us
  • By some of our partners for the process or your order: Braintree, Content Square and UPS


  • How do we use the information collected and how long your information remains retained?

    Your personal information will not be kept in a form that allows you to be identified for any longer than is considered necessary by  MH to achieve the purposes for which they have been collected or processed or as it is established in the applicable laws and regulations related to data retention periods. We subsequently anonymize or delete the personal data, except when we need to retain such personal data until the expiry of the legally prescribed period as evidence for civil-law actions which may not exceed five (5) years.

    In case of judicial action initiated, personal information may be stored until the end of said action, including any appeal period.

    The purposes and corresponding retention periods are:

     

    PROCESSING

    LEGAL BASIS

    RETENTION PERIOD

    Prospecting new customers

    Consent 

    Prospect info: 3 years from last contact of prospect

    Managing the “customer account”. Creation, management, deletion of account 

    Consent 

    3 years from last contact of prospect 

    Managing customer base

    Contract execution 

    Bank details: 13 months

    Other data: 3 years from last contact of customer

    Services purposes (delivery…)

    Contract execution

    3 years from last contact of customer

    Analytic activity management 

    Legitimate interest  

    13 months from data collection

    Developing loyalty

    Newsletter, notifications

    Consent 

    3 years from the last contact of customer/prospect

    Managing user support 

    Contract execution

    3 years from last contact of customer 

    Managing requests to exercise rights

    Legal requirement 

    3 years from the request 

    Accounting and payment 

    Contract execution / Legal requirement 

    Statutory retention period for invoices: 10 years 

     

    Who do we share your information with?

     

    The recipients of the data are:

  • MH , its subsidiaries, affiliated companies;
  • Our service providers and sub-contractors, in particular for the purposes of processing your payments;
  • Our insurance company, in the event of claims;
  • The competent authorities, upon request only, in order to meet legal requirements.
  •  

    Besides, we may link to third party sites or services  MH  does not control and which are governed by their own third-party policy.

     

    This policy does not apply to those third-party sites. We strongly advise you to check the privacy policies of all third-party site you visit to find out they treat your personal information.

    UPS Privacy Policy

    UPS is our delivery partner and may access to your information in order to provide delivery services and bring your order to its destination.

     

    General information on UPS you can find here. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in UPS’s privacy policy.

     

    How is your information stored?

    We are particularly mindful to ensure appropriate protection and security of our Information Systems. Specific tools allowing us to detect security breaches have been implemented. The implementation of such tools may incidentally entail access by our security services to personal data. This data will be collected and processed for the exclusive purpose of managing the security breach and, in accordance with applicable data protection regulations.

     

    Is your personal data transferred outside EU?

    MH may use a file sharing and storage service for which the servers or systems may be located outside the European Union, resulting in the transfer of personal data outside the territory of the European Union.

    These transfers are subject to appropriate guarantees for maintain the confidentiality, integrity and security of the personal data in accordance with the GDPR. You can obtain a copy of the protection guarantees by contacting our Data Protection Officer through our Customer Services team.

    Your rights

    In accordance with the applicable data protection regulations, you may withdraw the consent that you have previously given at any time.

     

    You may also refuse, at no cost, to be contacted by MH , in which case he/she will no longer receive details on Monika Heiligmann products or services.

     

    You may access your personal information, have said data rectified, under certain conditions object to its processing or have it deleted. You may also request a copy of all information  MH hold about you in a format compatible and structure that allow you to exercise your rights.

     

    You also have the right to restrict the processing of your personal data and the transfer of said data to third parties.

     

    Lastly, you are entitled to establish guidelines relating to the use of your personal data after your death.

    You may exercise the above-mentioned rights at any time by contacting our Data Protection Officer through our Customer Services team (here).

     

    If, after having contacted us, you believe that your rights regarding your data have not been respected, you may file a claim with your relevant local authority.

    Cookies

    Cookies may be stored on Visitors’ computers’ storage spaces at the time of their connection to the Website.

    Please consult our Cookies Policy page to learn about the types of cookies we use, the reasons why we use cookies and your choice about the use of cookies.

    Security

    Security measures have been employed to ensure security and confidentiality of your data and to ensure, in particular, that your personal data is not altered, modified or deleted and that no unauthorized third party has access to it.

     

    However, you acknowledge that  MH does not control the transfer of data over telecommunication facilities including the Internet. Therefore,  MH warns you against any potential risk involved by the use of the Internet in this respect.

    Modifications to Privacy Policy

    MH hereby informs visitors that this Privacy Policy may be modified at any time, in order, in particular, to comply with any regulatory, jurisprudential, editorial or technical developments. As soon as they are displayed online, each Visitor is deemed to have accepted these modifications without restriction. It is therefore the Visitor’s responsibility to read this Privacy Policy prior to browsing the Website.

    Governing law and jurisdiction

    This Privacy Policy terms and conditions are governed by French law save in relation to the provision and use of personal information where the GDPR will also apply. The competent courts of your country of residence shall have sole jurisdiction over any claim related to this Privacy Policy.

    Klarna's Privacy Notice (UK & US Customers Only)

    In order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.

     

    General information on Klarna you can be found here. Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s privacy policy.