This Policy was last updated on 2021/03/31

NAOS Canada Inc. and NAOS USA Inc. (“NAOS”) are the distributors of the BIODERMA products in the United States and Canada and of the Institut Esthederm products in Canada.

NAOS is committed to respecting and protecting the confidentiality of its customers’ personal information. The purpose of this privacy policy (“Policy”) is to explain how and for what purposes we collect, use, share or otherwise process personal information and how we protect the confidentiality of your personal information when you interact with NAOS.

If you are a California resident, please visit the California Privacy Notice section below for supplemental information and disclosures regarding the rights of California residents.

Table of Contents

  • Policy Coverage
  • Definition of Personal Information
  • Collection of Personal Information
  • Use of Personal Information
  • Sharing of Personal Information
  • Cookies and Similar Technologies
  • Your Privacy Choices
  • Protection of Personal Information
  • Retention of Personal Information
  • Cross-Border Transfers of Personal Information
  • Accessing and Correcting your Personal Information
  • Age of Users
  • California Privacy Notice
  • Contact Information

 

Policy Coverage

This Policy applies to NAOS’s operations in North America whenever you interact with us, either through our BIODERMA websites (www.bioderma.us and www.bioderma.ca) or our Institut Esthederm website (www.esthederm.ca and www.esthederm.us), social media pages, mobile applications or otherwise. It applies, for instance, if you communicate with us by email, register as a user and set up a user account and password on our websites, order merchandise online, sign up for Club BIODERMA or Cercle Esthederm in order to receive promotional or other material, or participate in a promotion, contest, product survey or product review.

 

Definition of Personal Information

In this Policy, “personal information” generally means information (regardless of its format) about an identifiable individual. This may include, for example, your name, contact information, home address, email address, birth date and information relating to your account with us (as the case may be). It may also include other types of more technical information, but only when this information can, directly or indirectly, identify you as an individual. Information that is anonymized and cannot be associated with an identifiable individual is not considered to be personal information.

 

Collection of Personal Information

NAOS may collect personal information about you in the following situations:

When you create an account. We collect the personal information you provide to create your account on our website: your name, contact information (email and mailing address, billing address, phone number) and password.

When you subscribe to our newsletter. We collect the email address, first name and last name you provide when you subscribe to our newsletter.

When you join the BIODERMA Club or the Cercle Esthederm. We collect the personal information you provide when you register to become a member of the BIODERMA Club of the Cercle Esthederm, as is necessary to provide you with the program’s benefits: your name, contact information (email, phone number and mailing address), demographic information (age and gender), skin type and skin conditions.

When you order merchandise online. We collect personal information you provide when you complete an order to purchase merchandise online, as necessary to process your order: your name, contact information (email address, street address, billing address and shipping address) and payment information (which is processed by a third-party payment processor). We also collect information about your purchases.

When you communicate or interact with us. We collect personal information you provide when you communicate or interact with us, for instance through email, telephone, on social media or through a feature on our websites (such as the live chat feature or the contact form on our websites).

When you browse our websites. We collect certain information automatically when you browse our website, using cookies and similar technologies. We treat this information as “personal information” when it may be associated with an identifiable individual, for example if we are able to associate this information with you because you browse while you are logged on your account. Please review “Cookies and Similar Technologies” below for more information.

 

Use of Personal Information

We may use your personal information for the following purposes or otherwise with your consent:

To process orders. We use your personal information to process your order, to ship items you have ordered and to advise you on the status of your order.

To recommend relevant products and content. We use your personal information (for example your purchase history and the website pages you have visited) to provide a personalized service such as recommending relevant products and content on our websites.

To communicate with you, including for marketing purposes. We use personal information communicate with you in order to provide you with relevant promotional materials and other information on our products and services, surveys, contests, promotions and special offers. For instance, we send to members news and information about Club BIODERMA and Cercle Esthederm. You may choose not to receive promotional materials or cancel your subscription to Club BIODERMA or Cercle Esthederm. Instructions will be provided in the emails by which you receive the promotional material on how to unsubscribe.

For research and development purposes. We may use personal information to conduct marketing and performance research in order to assess our customer service and to help us improve our services and product offerings. When required by law, we will use de-identified information for these purposes.

To manage our business operations. We may use your personal information for general business purposes such as ensuring the security of our systems and websites, satisfying audits and other assessments, or facilitating the sale of one or more parts of our businesses, reorganizing our businesses and obtaining and submitting insurance claims.

For other purposes permitted or required by law. We will not use personal information for any other reasons without your consent, unless permitted or required to do so by law, for instance in order to comply with a legal obligation or as necessary to protect the rights, including proprietary rights, and interests of NAOS.

 

Sharing of Personal Information

NAOS may share your personal information in the following circumstances or otherwise with your consent:

Among NAOS entities. We may share personal information among entities within the NAOS group of companies for the purposes described in this Policy. This allows each entity to comply with applicable laws, regulations and requirements, and ensures that your information is consistent, accurate and up to date. In addition, it increases the quality and relevance of the services you receive and improves your interactions with NAOS through easier access to your information within the group.

Service providers. We may transfer personal information to our service providers, agents, vendors or other organizations that provide services to NAOS, for the purposes set out in this Policy. Service providers who may be provided with personal information include shipping companies, backup and server hosting providers, IT software and maintenance providers. In particular, we share your name and credit card information to payment processing providers who process your purchases on our websites.

Sale or transfer of our business or other transaction. In the event of a sale of all or substantially all of our assets, NAOS may provide the prospective purchaser with your personal information, who may use same strictly for purposes of evaluating the proposed transaction, or after acquiring the assets, for the operation and management of the affairs of the acquired business, or for other purposes set out in this Policy.

For other purposes permitted or required by law. We will not use the information for any other reasons without your consent, unless permitted or required to do so by law, for instance in in response to a legal procedure or demands from government authorities.

 

Cookies and Similar Technologies

We collect certain information automatically when you browse our website, using cookies and similar technologies. This information may include, for example: your IP address, your region and approximate location, your web browser and the language used, your operating system and the site from which you accessed our website.

1. Cookies

Cookies are small text files stored on your computer that allow us to remember information about you. We use cookies for the following purposes:

  • Strictly necessary cookies: We use cookies that are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but that will cause some parts of the site not to work. These cookies do not store any personal information.
  • Performance cookies (Google Analytics): Performance cookies (we use Google Analytics) allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.

Google Analytics collects information about the pages you visit, your IP address (which implies location), and other browsing-related data. Google may set and read cookies in your browser. You can learn more by visiting this information page from Google: “How Google uses information from sites or apps that use our services”.

Google provides a tool for opting out of Google Analytics in case you don’t want to participate.

  • Marketing cookies: We use a marketing database management program that deploys a cookie when a user interacts with marketing communications, such as a marketing email or a marketing-based landing page on our website. This cookie collects personal information such as your name, which pages you visit on our website, how you arrived at our website, and your purchases from NAOS. Collected information is used to evaluate the effectiveness of our marketing campaigns or to provide better targeting for marketing.

2. Location services

When you use our mobile-optimized website or our mobile application, we may receive information about your location and your mobile device, which information could include a unique identifier for your device. This information may be used and stored by us or by our service providers in order to provide you with location-based services, search results, and other personalized content. You will receive notifications only if you have accepted to receive such notifications. You may be able to control or disable location services in your device’s settings menu. We recommend you contact your mobile service carrier or the manufacturer of your particular device in order to obtain any information as to controlling or disabling location services.

 

Your Privacy Choices

You have choices about the way NAOS handles your personal information.

Withdrawing your consent. You may withdraw your consent at any time upon reasonable written notice to our Privacy Officer at the address indicated below. The length of such reasonable notice will vary in accordance with the reasons the Personal Information was collected. If you withdraw your consent after you have signed up for Club BIODERMA or Cercle Esthederm, your email address will be deleted from our mailing list, and you will no longer receive any promotional material, unless you sign up again.

Managing cookies. You can delete cookies from your computer by erasing your browsing data from your browser. You can also refuse them by adjusting your browser settings. However, if you refuse the cookies, you will not be able to access some of the site’s pages or features.

 

Protection of Personal Information

We take all means to the best of our ability to protect your personal information. In this regard, we have adopted security measures to ensure confidentiality and safeguarding of your personal information.

 

Retention of Personal Information

NAOS will retain your Personal Information as long as necessary for the purposes described in the Policy, or for such other period as may be required by law.

 

Cross-Border Transfers of Personal Information

NAOS is part of a global group of companies and, as a result, your personal information may be transferred outside of the jurisdiction where you are located. Some of our service providers may also access, process or store your personal information outside of the country where we are located and where you reside. When your personal information is used or stored in a jurisdiction other than where you are residing, it may be subject to the law of this foreign jurisdiction, including any law permitting or requiring disclosure of the information to the government, government agencies, courts and law enforcement in that jurisdiction.

 

Accessing and Correcting your Personal Information

You may be entitled to access your personal information and request the correction of inaccurate information, subject to limited exceptions set out in applicable laws.

To access and correct your personal information, please submit a written request to our Privacy Officer at the address below in “Contact Information”.

If you are a California resident, please visit the California Privacy Notice section below for more information about the rights you may have.

 

Age of Users

You must be at least 13 years of age to create an account on our websites. It is our policy not to collect personal information of persons under the age of 13 years without the consent of a parent or legal guardian and NAOS will not knowingly collect or maintain any personal information on any person under the age of 13 years without such consent. If it is brought to our attention that personal information of a person under the age of 13 has been submitted to us without the required consent, such personal information will be deleted on the written request of a parent or legal guardian.

 

California Privacy Notice

If you are a California consumer, please review the following information about our privacy practices surrounding how and why we collect, use, disclose and share your personal information and the rights you may have under the California Consumer Privacy Act (“CCPA”).

1. Notice at collection and use of personal information

Depending on how you interact with us, we may collect the categories of personal information listed above in “Collection of Personal Information” above, for the business or commercial purposes described in this same section.

2. What information we have collected, the sources from which we collected it, and our purpose for collecting the information, in the preceding 12 months

Important: We do not sell your personal information.

In the preceding 12 months, depending on how you have interacted with us, we may have collected the categories of personal information listed above in “Collection of Personal Information” above, from the categories of sources listed in this section, and we may have used it for the business or commercial purposes identified in “Use of Personal Information” above.

In the preceding 12 months, we may have disclosed for a business purpose personal information we collect as detailed in “Sharing of Personal Information” above.

3. California residents’ rights under the CCPA

California residents have the following rights under the CCPA:

Accessing your information. You have the right to request that we disclose information regarding your personal information (past 12 months), including, but not limited to:

  • Personal information collected (specific pieces and categories)
  • Business purpose of collection
  • Sources of collection
  • Information sharing with third parties (categories of personal information disclosed and categories of third parties)

Deletion. You have the right to request the deletion of your personal information, subject to certain exceptions (for example when retaining the information is necessary for us).

Non-discrimination. We will not discriminate against you for exercising any of your CCPA rights.

4. Submitting a request

To submit your data subject privacy request, click here.

Verifiable consumer request. We will only respond to verifiable consumer requests made by you or your authorized agent. We will verify your identity according to the information that you used to interact with us (account sign ups, loyalty sign ups, email sign ups) along with other information you submit (such as name, address, phone number).

Timing. We will try to respond to requests within 45 business days.  Should we need more time, we will contact you to let you know.

 

Contact Information

Should you wish to communicate with our Privacy Officer for any of the reasons mentioned in this Policy, or should you have any questions on our Policy, please contact our Privacy Officer at:

 

BIODERMA (United States)

Privacy Officer

info@bioderma.us

NAOS USA, Inc. PMB 472, 2801, Centerville Road
First Floor, Wilmington, DE 19808-1609

 

BIODERMA (Canada)

Privacy Officer

info@bioderma.ca

Naos Canada Inc. 4200, boul. St Laurent, Bureau 525
Montréal (Québec) H2W 2R2, Canada

 

Institut Esthederm (United States and Canada)

Privacy Officer

cercle@esthederm.ca

Naos Canada Inc. 4200, boul. St Laurent, Bureau 525
Montréal (Québec) H2W 2R2, Canada

Receive our latest news!