INTRODUCTION
Sisley Cosmetics USA Inc. and its affiliates in the United States (collectively, Sisley, us, our, or we) are committed to protecting the privacy of your personal information. This Privacy Policy describes what personal information we collect about you, what we do with that information, your choices with respect to how we process your personal information, and our information privacy practices. Please read this entire Privacy Policy before providing your personal information to us.
This Privacy Policy applies to us and to the Sisley website (www.sisley-paris.com), and other websites and applications that we link to this Privacy Policy (these websites and applications are, together, the Sites). This Privacy Policy applies to our collection and use of your personal information when you access or use the Sites, contact our customer service team, engage with us on social media, shop at our stores, or otherwise interact with us.
This Privacy Policy is incorporated into our Terms and Conditions, which apply when you use the Sites.
CONSENT
By providing personal information to us, you consent to our collection, use, and disclosure of that information according to the terms of this Privacy Policy.
You have options for refusing or withdrawing consent, as described in this Privacy Policy. However, in some cases the law allows or requires us to continue using or disclosing certain pieces of personal information for particular purposes, even after you withdraw consent. Refusing or withdrawing consent may limit our ability to provide products and services to you. For example, if you do not allow us to process your credit card information and name, we may not be able to take your payment and therefore we may not be able to sell a product or service to you.
We may, from time to time, ask you to update your consent to ensure that our files remain accurate and to comply with our legal obligations.
HOW WE COLLECT, USE, AND DISCLOSE PERSONAL INFORMATION
Personal Information
For purposes of this Privacy Policy, “personal information” is information that identifies, relates to, describes, can reasonably be associated with, or could reasonably be directly or indirectly be linked to, a particular consumer or household.
Personal information does not include:
- • Information lawfully available from government records.
- • Information that Sisley has a reasonable basis to believe is lawfully available to the general public.
- • Information made available by a person to whom you have disclosed the information (provided that you have not restricted the information to a specific audience).
- • De-identified or aggregated consumer information.
- • Information covered by certain health information privacy laws.
- • Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FCRA), and the Gramm-Leach-Bliley Act (GLBA).
- • Lawfully-obtained, truthful information that is a matter of public concern.
Personal Information Collected
The table below describes the categories of personal information Sisley has collected about consumers during the past 12 months, and for each category—if applicable—(a) the categories of sources from which we collected the personal information; (b) the business or commercial purposes for which we collected the personal information; and (c) the categories of third parties (and contractors and service providers) to whom we disclosed the personal information.
“Business or commercial purposes” include:
- • Account services: Offering services such as maintaining and servicing customer accounts; providing customer service; processing or fulfilling orders and transactions; verifying customer information; processing payments; providing financing; providing analytic services; or providing similar services.
- • Advertising and marketing services: Providing advertising and marketing services to consumers on our own behalf.
- • Audits: Auditing our current and related transactions with consumers (for example, counting and verifying ad impressions, auditing compliance).
- • Change of control: Performing activities to effect a merger, acquisition, bankruptcy, or other transaction involving a change of corporate control.
- • Commercial and economic interests: Advancing our commercial or economic interests.
- • Debugging: Identifying and repairing errors that impair existing intended functionality.
- • Legal obligations: Performing activities to comply with our legal responsibilities.
- • Improving our products and services: Performing activities to verify, maintain, and improve our products and services.
- • Internal research: Conducting internal research related to technological development and demonstration.
- • Security and fraud detection: Performing activities to promote security and integrity; for example, detecting security incidents, detecting and protecting against fraudulent and deceptive activity, and prosecuting those responsible.
Where we say “Yes” to having collected personal information in a particular category, we have not necessarily collected each example in that category. The personal information we collect about any particular consumer will depend on the type and amount of interaction the consumer has with us.
| Category of Personal Information | Have we collected PI in this category from consumers in the past 12 months? | Categories of sources from which we collect PI | Business or commercial purposes for which we collect PI | Categories of third parties (and contractors and service providers) to which we disclose PI for business purposes |
|---|---|---|---|---|
| A. Identifiers. May include real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. | Yes | • The consumer • A consumer’s friends or family members who send gifts of our products and services, or who refer consumers to us • Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies • Financial and payment technology providers |
• Account services • Advertising and marketing services • Audits • Commercial and economic interests • Debugging • Legal obligations • Improving our products and services • Internal research • Security and fraud detection |
• Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies • Financial and payment technology providers • Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies • Financial and payment technology providers |
| B. Personal information described in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)). May include name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. | Yes | • The consumer • A consumer’s friends or family members who send gifts of our products and services, or who refer consumers to us • Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies • Financial and payment technology providers |
• Account services • Advertising and marketing services • Audits • Commercial and economic interests • Debugging • Legal obligations • Improving our products and services • Internal research • Security and fraud detection |
• Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies • Financial and payment technology providers |
| C. Characteristics of Protected Classification under California or Federal Law. May include age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | Yes | • The consumer • Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies |
• Account services • Advertising and marketing services • Commercial and economic interests • Debugging • Improving our products and services • Internal research |
• Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies |
| D. Commercial information. May include records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Yes | • The consumer • Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies • Financial and payment technology providers |
• Account services • Advertising and marketing services • Audits • Commercial and economic interests • Debugging • Legal obligations • Improving our products and services • Internal research • Security and fraud detection |
• Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies • Financial and payment technology providers |
| E. Biometric information. May include genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, face prints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | No | N/A | N/A | N/A |
| F. Internet or other electronic network activity information. May include browsing history, search history, information on a person’s interaction with a website, application, or advertisement. | Yes | • The consumer • Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies |
• Account services • Advertising and marketing services • Commercial and economic interests • Debugging • Improving our products and services • Internal research |
• Sisley’s contractors and service providers • Social media providers • Operating systems and platforms • Web and data analytics companies |
| G. Geolocation data. May include physical location or movements. | No | N/A | N/A | N/A |
| H. Sensory data. May include audio, electronic, visual, thermal, olfactory, or similar information. | No | N/A | N/A | N/A |
| I. Professional or employment-related information. May include current or past job history or performance evaluations. | No | N/A | N/A | N/A |
| J. Education information as defined in the Family Educational Rights and Privacy Act (FERPA). May include education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | No | N/A | N/A | N/A |
| K. Inferences drawn from other personal information. May include a profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | No | N/A | N/A | N/A |
| L. Sensitive personal information. See chart below | No | N/A | N/A | N/A |
The chart below states whether we have collected personal information in certain “sensitive” categories in the last twelve (12) months:
| Category | Collected? |
|---|---|
| (A) Personal information that reveals: | |
| a person’s social security, driver’s license, state identification card, or passport number. | No |
| a person’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account. | No |
| a person’s precise geolocation. | No |
| a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership. | No |
| the contents of a person’s mail, email, and text messages unless Sisley is the intended recipient. | No |
| a consumer’s genetic data. | No |
| (B) The processing of biometric information for the purpose of uniquely identifying a person. | No |
| (C) Personal information collected and analyzed concerning a person’s health. | No |
| (D) Personal information collected and analyzed concerning a person’s sex life or sexual orientation | No |
How Long We Keep Your Personal Information
We generally keep consumers’ personal information for as long as reasonably needed to meet the business and commercial purposes for which we collected it (described in the table above), and to fulfill our legal obligations. Various factors may be relevant to determining how long we keep personal information, including:
• the purposes for which we collected the personal information;
• your preferences and how you engage with our products and services;
• any legal or regulatory requirements that apply to the personal information; and
• whether we need the personal information to protect our own rights (for example, in actual or potential litigation).
Categories of Personal Information We Have Disclosed For A Business Purpose
In the past 12 months, we have disclosed consumers’ personal information from the following categories for one or more business purposes:
• A, B
Third Parties to Whom We Disclose Personal Information For A Business Purpose
In the past 12 months, we have disclosed consumers’ personal information for one or more business purposes to our contractors and service providers, and to the following categories of third parties:
• Social media providers
• Operating systems and platforms
• Web and data analytics companies
• Financial and payment technology providers
Selling Personal Information, and Sharing It For Cross-Context Behavioral Advertising
In the last 12 months:
• We have not, and during the period of time that this Privacy Policy is posted, we will not, sell your personal information, such as your name, email address, phone number, or postal address.
We have not communicated personal information to third parties for cross-context behavioral advertising. Our advertising partners may use cookies and other technologies to collect information about you, and may use those identifiers to show ads that are targeted to your interests. For information about how to opt-out of having your web browsing information used for these purposes, please see the “Advertising and Analytics Services Provided by Others” (Section 7).
USER ACCOUNTS
Account Security
We may enable you to set up an account with a username and password to access and use certain features of the Site. You agree to provide us with accurate account information and acknowledge that you are responsible for keeping your account login information secret. We are not responsible for any loss or damage arising from your failure to comply with this requirement.
Account Termination
We may in our sole discretion suspend or close your account and terminate your registration at any time and without prior notice, including if you breach any of your obligations set out in this Privacy Policy. We are not required to give a reason for termination.
OUR CHAT FUNCTION
If you choose to use our chat function, please be aware that certain of our authorized service providers, and our parent company (c.f.e.b. SISLEY, located in France), have simultaneous access to the chat in real time.
SECURITY FOR PERSONAL INFORMATION
We have implemented reasonable security procedures and practices, appropriate to the nature of the personal information we collect, to protect the personal information from unauthorized or illegal access, destruction, use, modification, or disclosure.
ADVERTISING AND ANALYTICS SERVICES PROVIDED BY OTHERS
We may allow others to provide analytics services and serve advertisements on our behalf across the Internet and in mobile applications. These entities may use cookies, web beacons, device identifiers and other technologies to collect information about you about your use of the Site and other websites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in apps, links clicked, and conversion information. This information may be used by us and others to, among other things, analyze and track data, determine the popularity of certain content, deliver advertising targeted to your interests on our Site and other websites, and better understand your online activity. Our Site may use Google Analytics, a web-based analytics service provided by Google, Inc. (“Google”). For more information on how Google uses data when you use our Site or Service, please follow this link: https://policies.google.com/technologies/partner-sites. You may be able to opt-out of some or all of Google Analytics features by downloading the Google Analytics opt-out browser add-on, available at, https://tools.google.com/dlpage/gaoptout. For more information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please visit http://optout.aboutads.info.
We may also work with third parties to serve ads to you as part of a customized campaign on third-party platforms (such as Facebook, Microsoft or Google). As part of these ad campaigns, we or third-party platforms may convert information about you, such as your email address and phone number, into a unique value that can be matched with a user account on these platforms to allow us to learn more about your interests and to serve you advertising that is customized to your interests. Note that the third-party platforms may offer you choices about whether you see these types of customized ads.
We partner with Rakuten Advertising, who may collect personal information when you interact with our site. Rakuten Advertising may collect personal information when you interact with our digital property, including IP addresses, digital identifiers, information about your web browsing and app usage and how you interact with our properties and ads for a variety of purposes, such as personalization of offers or advertisements, analytics about how you engage with websites or ads and other commercial purposes. For more information about the collection, use and sharing of your personal data and your rights, please use the below links.
Rakuten Advertising
Privacy Policy : https://rakutenadvertising.com/legal-notices/services-privacy-policy/
Your Rights : https://rakutenadvertising.com/legal-notices/subject-requests/
YOUR CHOICES
Account Information
You may update and correct your online account information by logging in to your account or emailing us at [email protected]. If you wish to deactivate your account, please email us at [email protected], but note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time.
Cookies
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Site.
Promotional Communications
Promotional Communications. You may opt out of receiving promotional emails from Sisley by following the instructions in those emails or by sending an email to [email protected]. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.
CONTACT INFORMATION
If you have any questions about this Privacy Policy, or wish to exercise any rights or choices described in it, you may contact us:
- - by phone at (toll free) 1-855-747-2948
- - by e-mail [email protected]
- - through the contact form on the Site
- - by mail to the following address:
SISLEY COSMETICS USA INC.
360 Lexington Avenue, 19th Floor
New York, New York 10017
Attn: Customer Service
CHANGES TO OUR PRIVACY POLICY
We may modify this Privacy Policy at any time. We will post the revised policy here, which will be effective as soon as it is posted. We suggest you periodically review this Privacy Policy for any changes. You can determine when this Privacy Policy was last revised by referring to the “Last Updated” legend at the top of this page. By continuing to use the Sites after we make changes, you will be deemed to have agreed to the changes.
ADDITIONAL NOTICE TO CALIFORNIA RESIDENTS
California Privacy Rights
The California Privacy Rights Act (CPRA) provides you, as a California resident, with specific rights regarding your personal information:
• The right to ask us to delete the personal information we collected from you, subject to certain exceptions.
• The right to ask us to correct inaccurate personal information we maintain about you, taking into account the nature of the information and the purposes for which we process it.
• The right to request information about our collection and disclosure of your personal information:
- the categories of personal information we collected about you during the applicable time period;
- the categories of sources from which your personal information was collected;
- the business or commercial purpose for collecting your personal information;
- a list identifying:
the categories of your personal information we sold or shared during the applicable time period; and
the categories of third parties to/with whom we sold or shared your personal information during the applicable time period;
- a separate list identifying:
the categories of your personal information we disclosed for a business purpose during the applicable time period; and
the categories of persons to whom we discloses your personal information for a business purpose during the applicable time period.
• The right to request a copy of the specific pieces of personal information we obtained from you in a format easily understandable by the average consumer (and to the extent technically feasible, in a structured, commonly used, machine-readable format).
• The right to tell us to limit our use of any sensitive personal information we collect (see Section 3.2) to (i) what is necessary to perform the services or provide the goods reasonably expected by an average customer who requests those goods and services; (ii) activities related to certain business purposes; and (iii) comply with regulations regarding opt-out preference signals.
• We cannot and will not discriminate against you for exercising any of these rights, including (i) denying you goods or services; (ii) charging you different prices or rates for goods or services; (iii) providing you a different level or quality of goods or services; or (iv) suggesting that you will receive a different price, rate, level, or quality. However, this does not prevent us from offering loyalty, rewards, premium features, discounts, or club card programs consistent with the law, or from charging you a different price or rate—or providing you a different level or quality of goods or services—if the difference is reasonably related to the value your personal information provides to us.
You may exercise these rights by contacting us using any of the methods in Section 9 of this Privacy Policy. We may need to verify your identity or authority to make the request, and confirm the personal information relates to you. Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
We will do our best to respond to your request within 45 days, but if we need more time, we’ll reach out to you as soon as possible and let you know the reason.
Our Collection of Personal Information
Section 3 of this Privacy Policy contains:
• A list of the categories of personal information we have collected about consumers in the past 12 months;
• The categories of sources from which consumers’ personal information is collected;
• The business or commercial purpose for collecting consumers’ personal information;
• The categories of third parties to whom we disclose consumers’ personal information;
• A statement that we have not sold or “shared” consumers’ personal information in the past 12 months; and
• A list of categories of personal information we have disclosed about consumers for a business purpose in the past 12 months.
Additional Information About Financial Incentives
If you refuse to give opt-in consent for a financial incentive program, we must wait at least 12 months—or as otherwise allowed by law—before asking again.
Third Party Marketing
California residents are entitled once per year to request and receive certain information regarding our disclosure, if any, of certain elements of your personal information to third parties for their direct marketing purposes during the past calendar year. To make a request, please use any of the contact methods listed in Section 9 of this Privacy Policy. You must include your full name, email address, and postal address in your message. In response to your request, we will provide you with a notice describing the cost-free means to opt out of our sharing your personal information with third parties, if the third party will use it for their direct marketing purposes.
FINANCIAL INCENTIVE
We may offer you various financial incentives, such as discounts and special offers, when you provide us with personal information such as your name and email address. When you sign-up for our loyalty program, email list or other discounts and special offers, you opt-in to a financial incentive. At the time you opt-in, we will clearly describe the material terms of the financial incentive program. You may opt-out of a financial incentive at any time by opting out from our emails or closing your loyalty member account.
Generally, we do not assign monetary or other value to personal information, however, California law requires that we assign such value in the context of financial incentives. In such context, the value of the personal information is related to the estimated cost of providing the relevant financial incentive(s) for which the information was collected.
CHILDREN’S INFORMATION
We comply with all applicable privacy laws including, but not limited to, the CPRA and the Children's Online Privacy Protection Act (COPPA) and associated Federal Trade Commission (FTC) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about the Sites, wish to find out if your child has accessed our services, or wish to remove your child's personal information from out servers, please contact us at [email protected].
We do not knowingly accept personal information from anyone under 13 years old, in violation of applicable laws, without consent of a parent or guardian. If we discover that a child under the age of 13 has provided personal information to us, we will make efforts to delete the child’s information in accordance with the COPPA. If you believe that your child under 13 has provided personal information to us without your consent, please contact us at [email protected].
INFORMATION ON PUBLIC AREAS OF OUR SITE
Any information you submit in a public area of our Sites – such as on a social media page, user comments, comments on any Sisley blogs, reviews or comments on any ratings or review feature, questions or answers on a question and answer application or other public forum – will not be treated as confidential and may be publicly disclosed. This applies to personal information, so please consider your public postings before doing so. Additionally, information posted on social media pages will be subject to the terms governing those pages and websites.