GDPR

Privacy Policy

of the DERMALIGHTS Website

Effective date: February 02, 2020

We are committed to protecting the privacy of those who visit our Website and use our Products online. This Privacy Policy explains how we collect your Personal Data on our Website or via our Online Products, how we protect that data, and the rights you have regarding the use of that data. Please read this Privacy Policy carefully.

WHO ARE WE?
This Privacy Policy applies to our website you are currently visiting ( www.dermalights.fr ) and our products, offers,
features, tools or resources offered through our Website (collectively, the "Online Products"). The party responsible for processing your Personal Data collected via our Online Products, as defined in Art. 4(7) of the RGPD, is OVERBYING SA, Rue de la Grotte 6, c/o DYN SA, 1003 Lausanne, Switzerland.

WHAT DATA IS COLLECTED ABOUT ME AND HOW
ARE THEY USED?
The Personal Data we collect: 
Personal Data is information that identifies you or your company.
may be used to identify or contact you ("Personal Data"). Such Personal Data may include your name, postal or e-mail address, telephone number, date of birth (primarily for eligibility purposes) and billing and credit card or Paypal information.

We collect Personal Data from you when you use our Website or when you register for our Products online, as described in more detail in this Privacy Charter.

In all such cases, we will only process Personal Information that you provide directly to us or that we automatically collect from you, as set out in this Privacy Policy. Unless otherwise defined in this Privacy Policy or unless you have given us permission to do so, we will not use or share your Personal Data other than as set out in this Privacy Policy.

How we collect and use your Personal Information:
In the following section, you will find information about how we
collect your Personal Data, the purposes for which we process them and the legal bases on which we do so. If the legal basis on which we process your Data is to serve our legitimate interests, you may contact us using the contact details above if you require further information about our legitimate interests. If we rely on your consent as the legal basis for processing your Personal Data, you have the right to revoke your consent at any time with effect as described below or by contacting us using the contact details above. This will not affect the processing of your Personal Data until revocation. This also applies where we rely on your consent or our legitimate interests in other parts of this Privacy Policy.

We automatically collect information, including Data at when you browse our Website or when you visit our website. Use our online Products, such as your IP address, browser type, your operating system, error logs and other information
similar. This aggregated information does not allow us to identify you.
and we use them to analyze trends, to administer the Website and to
collect general information on its use.

The legal basis for this processing of your Personal Data is
constituted by our legitimate interests (Art. 6(1)(f) of the GDPR) to customize the
content of our services in accordance with the user's preferences and in accordance with
further enhance our online Products.

You may, at your discretion, provide us with demographic information
(such as your occupation and the number of children you have). If you
made, we will be able to offer you a more personalized experience on
our Website. The legal basis for this processing of your Data is as follows
personal is constituted by our legitimate interests (Art. 6(1)(f) of the DPMR) in customizing the content of our services in accordance with the preferences of
the user and to further improve our online Products.

  • If you buy in our online shop

If you place an order in our online shop without creating an account, you will be asked to provide your name, mailing address, address, phone number, e-mail address and billing address, your payment details, your e-mail address and
your phone number.


We will use your name and email address to send you a order confirmation by e-mail and a shipment confirmation e-mail.


We will also use your payment information to process the payment as part of the order and your mailing address and other contact information to ship your order. This processing of your Personal data is necessary to process your order; the
legal basis for this processing of your Personal Data is therefore Art. 6(1)(b) of the GDR. Please note that you are contractually bound, to provide us with this Personal Data and that without it, we will not be able to


will not be able to send you communications related to your
orders, or to satisfy your order.
If we send you news about services
We use your Personal Data to send you
important announcements and news on our Website or online Products.
When you create an account, we send you a welcome email
to provide you with transactional information about your subscription, or
to verify your username and password. These ads and
service news contains important information that will be of interest to you.
relate to your use of our Website and/or Online Products.
The processing of your Personal Data for these purposes is necessary for the following purposes
for the execution of our services. The legal basis for this processing of your
Personal data is therefore Art. 6(1)(b) of the GDPMR. Please note
that you are contractually obliged to provide us with this Data at
personal character and that without them, we will not be able to
send you service-related communications.
If you contact our customer service

If you contact our customer service, we will contact you to
respond to your requests for information, provide you with the services that
you ask, and manage your request. We will communicate with you by
e-mail or telephone, depending on your preferences.
This processing of your Personal Data is necessary to
the performance of our services; the legal basis for this processing of your Data
of a personal nature is therefore Art. 6(1)(b) of the GDPMR. Please note that you
are contractually obliged to provide us with this Data of a personal nature.
and that without them, we will not be able to send you the information you need.
customer service-related communications.
If you subscribe to newsletters and other marketing communications
When you subscribe to our Products online or elsewhere on our Site
Web, you have the option of giving your consent to receive
newsletters and other information about our products and services. If you
If you "accept", we will send you promotional newsletters, and you will be able to
will inform about offers, events and surveys by e-mail and via our
platforms on social networks. The legal basis for this treatment of your
data is your consent (Art. 6(1)(a) of the GDPR) or, if you are a
customer or a current subscriber, our legitimate interest (Art. 6(1)(f) of the
RGPD) to provide you with relevant marketing information. Please note that
you are not legally required to provide us with your Personal Data.
personal. However, without them, we will not be able to help you.
send our newsletters and other information described above. You
have the opportunity to unsubscribe from these types of communication at any time.
the moment by following the instructions to this effect in the communication in
question.

COOKIES
We use cookies and similar technologies such as pixel tags,
web beacons and other identifiers to help us customize our Website and Online Products for you, remember your preferences, and
to understand how users use our Website and Internet Products and to personalize our marketing communications.

A cookie is a small data file containing a string of characters that is sent to your computer when you visit a website. When you visit a website again, the cookie enables that website to recognize your browser. The length of time a cookie will remain on your computer or mobile device will depend on whether it is a "persistent" or "session" cookie. Our Website uses both types of cookies. Session cookies will remain on your device only until you stop browsing. 

Persistent cookies remain on your computer or mobile device until they expire or are deleted.
We use the following types of cookies on our Website:
Strictly Necessary Cookies: These cookies are essential to you
in order to use our Website and Online Products.
Performance Cookies: These cookies collect information about how the Site is used.
from which you use our Web Site. We use this data to optimize
our Website and to facilitate your navigation on the Website and your use of
and to make it easier to use our online Products.
Functional Cookies: These cookies enable our Website and our
Online products to remember the choices you make using our Site
Web and personalize your experience.
Third Party Cookies: Third party cookies are cookies set by sites
internet and/or third parties. These cookies are used on our Website to
improve our Internet Products or help us provide more effective advertising.
relevant. These cookies are subject to the privacy policies of
external service providers who install them on your browser.
Visit www.youronlinechoices.eu to learn more about your options and the
way of refusing these third party cookies.
Analytical Cookies: We use analytical cookies to help us to
understand how users navigate through our Website and how to
they made it. We use different providers for site analysis
like Google Analytics, Hot Jar, Optimizely and Exact Target. These cookies are
subject to the respective privacy policies of the service providers
and to learn more about your options and how to opt out of these external
analytical cookies, visit the website of these providers for more information.
details.
You are not obliged to accept cookies in order to use our Website. Good
that most browsers are initially configured to accept
cookies, you can reset your browser to notify you when
you receive a cookie or to reject cookies in general. Most browsers provide instructions on how to do this in the "Help" section of the toolbar. Although you are not required to accept our cookies to access our Website, if you reject cookies, certain products, offers, features or resources on our Website (including certain Online Products) may not function properly and you may experience a loss of convenience.

We use cookies on the basis of our legitimate interests
(Art. 6(1)(f) of the GDPR) to optimize our Website and Internet Products, to
personalize your user experience and to offer you ads tailored to your interests. Finally, please note that advertisers and other third parties may also use their own cookies when you click on their advertisements or links to their site or service on or from our Website. This Privacy Policy does not govern the use by such third party sites or third party providers of third party advertising.

SOCIAL PLUG-INS AND OTHER THIRD PARTY FEATURES
Our Website contains links to or features from other websites. This Privacy Policy covers DERMALIGHTS' privacy practices only and does not cover the privacy practices of third party sites or features. We are not responsible for the privacy policies and/or privacy practices of third parties. When you link to another site or use the service of a third party, you should read the Privacy Policy of that site or service.

HOW WE SHARE AND DISCLOSE INFORMATION TO INDIVIDUAL CHARACTER


We will not share, sell, transfer or disseminate your Personal data to third parties, unless required by law in accordance with Art. 6(1)(c) EPMR, unless it is necessary for the purposes of your contract in accordance with Art. 6(1)(c) EPMR, unless the third party acts as a subcontractor on our behalf in accordance with Art. 28 EPMR or you have given us your express consent in accordance with Art. 6(1)(a) EPMR. We use third party service providers who offer or perform services on our behalf and we share your Personal Data with these providers to the extent necessary for them to perform their services on our behalf. In particular, we use a direct mail company to send email marketing messages, payment service providers to bill you for goods and services and for credit card processing, providers specializing in payment collection and fraud screening, a shipping company to fulfill orders, a call center provider to facilitate customer service, social networks and other agencies to manage our advertising campaigns, a cloud provider for our CRM system and an external provider to host our online store. Some of the companies with whom we share your Personal Data as described above are located outside the European Economic Area.
In order to ensure sufficient protection of your Personal Data in these cases, we use the standard data protection clauses adopted by the European Commission in accordance with Art. 46(2)(c) of the DPMR with these companies or the certifications of these companies under the EU-US Privacy Shield in accordance with Art. 45(1) of the DPMR. You may request additional information by contacting us via the contact details below.
Any sharing of your Personal Data with other DERMALIGHTS entities or service providers will be done in accordance with the
data protection legislation in force and will be limited to what is necessary to ensure that the
is necessary. We have carefully selected these companies and we constantly ensure that they comply with our instructions. These companies are contractually bound not to use your Personal Data for purposes other than those described in this Privacy Policy. The legal basis on which we share your Personal Data with these companies is Art. 28(1) of the DPMR or our legitimate interests in soliciting these companies to provide the services described above (Art. 6(1)(f) of the DPMR).

We may also be required to disclose your personal data to
government authorities or law enforcement authorities in response to a request
legitimate interest of a public authority or if we must do so in order to comply with a legal obligation, including to meet national security or law enforcement requirements pursuant to Art. 6(1)(c) of the GDPR. We may also disclose your information in order to serve our legitimate interest in enforcing or satisfying our Terms and Conditions or claims, to protect our rights or the rights of a third party, to protect the safety of individuals or to prevent illegal activities (including for fraud protection and credit risk reduction purposes) in accordance with Art. 6(1)(f) of the GDRP.

If required by applicable data protection legislation, we will obtain your prior consent before sharing your Personal Data with other companies. In such cases, the legal basis is Art. 6(1)(a) of the DPMR.

ARE MY PERSONAL DATA USED TO
OTHER PURPOSES?
Unless otherwise specified in this Privacy Charter,
we will only use the Personal Data for the purposes described above or otherwise as we indicate to you at the time we provide you with the Personal Data.
will request this data. If your Personal Data is processed at
purposes other than those described in this Charter for the Protection of Life
private or for purposes other than those for which your Personal Information is used.
If your personal information was originally collected, we will provide you with information about these other purposes and any other relevant information as set out in this Privacy Policy.

WHAT ARE MY RIGHTS?
You have the following rights:
Right of access (Art. 15 of the RGPD):
You have the right to request confirmation of the processing of your Data from
personal character and, where appropriate, to request access to the Data at
personal character that we hold about you.
Right of rectification (Art. 16 of the RGPD) :
You have the right to request the correction of Personal Data
that would be inaccurate.
Right of erasure (Art. 17 RGPD) :
You have the right to request the deletion of the Data of a personal nature
within a reasonable period of time in certain circumstances, for example if your Personal Data is no longer required for the purposes of
which they were collected or if you withdraw the consent to which you have consented.
our treatment is based on Art. 6(1)(a) of the GDPR and where there is no
other legal grounds for processing.
Right to restriction of processing (Art. 18 of the RGPD) :
You have the right to ask us to restrict the treatment of your
Personal data in certain circumstances, e.g. if you
consider that the Personal Data we process about you
are incorrect or illegal.
Right to data portability (Art. 20 of the GDR) :
Under certain circumstances, you have the right to receive your Data at
personal character that you have provided to us, in a structured format,
commonly used and machine-readable, and you have the right to
transmit this information to another controller without hindrance
or ask us to do it.
Right of opposition (Art. 21 of the RGPD) :
You have the right to object to the processing of your Personal Data within
certain circumstances, especially if we treat them on the basis of
legal interests (Art. 6(1)(f) of the GDPR) or if we use them for
marketing purposes.
You may enforce the above rights by contacting us via the
contact details below.

RIGHT TO LODGE A COMPLAINT WITH THE PROTECTION AUTHORITY
DATA
You have the right to lodge a complaint with a supervisory authority, by
private individual in the EU Member State where you have your habitual residence, place of work or the place of the alleged breach if you consider that our processing of your Personal Data violates applicable data protection legislation. Please contact us using the contact details provided below and we will help you to find the competent supervisory authority.

DATA RETENTION
We store your Personal Data and other information
for as long as is necessary to enable you to use our Website and Online Products, to provide you with our services, to comply with applicable laws (including those relating to record keeping), to resolve disputes with any party and to enable us to conduct our business. If you have a question about a particular retention period for certain types of Personal Data we process about you, please contact us using the contact details provided below.

AUTOMATED INDIVIDUAL DECISION MAKING
We do not use your Personal Data to make decisions with legal or similar effects for you solely on the basis of the automated processing of your Personal Data.

WHOM SHOULD I CONTACT IF I HAVE QUESTIONS ABOUT COMPLIANCE WITH THE LAW?
OF PRIVACY?
If you have any questions about our Privacy Policy or believe that we are not complying with the terms of our published Privacy Policy or with applicable privacy legislation, please contact us at the address below.
data protection, please contact our data protection officer at the following e-mail address: support@dermalights.fr.

MODIFICATION TO THIS PRIVACY POLICY
PRIVATE
We may amend this Privacy Policy from time to time. We will post any changes to this Privacy Policy here. Please check this Privacy Policy regularly.