privacy & data protection

PRIVACY STATEMENT – PARFUMS CHRISTIAN DIOR

Last Updated: 04/09/2024 

Confidentiality and security of your personal data are important to us. We would like to offer you personalized services while respecting your privacy and choices. 

This Privacy Statement (“Statement”) is provided by The Maison Parfums Christian Dior (together, “Christian Dior,” “Dior,” “Maisons,” “we” or “us”), a luxury retail and wholesale brand with its global headquarters in Paris, France. 

The purpose of this Statement is to inform you in a transparent and simple manner about the processing of the personal data that you provide or that we collect through the different touchpoints you use to interact with us (e.g. in store, client services, dior.com, social media, digital apps, events), about possible transfers to third parties, as well as your rights and options to control your personal data and protect your privacy.

• Who we are?
• What data may we collect or receive about you?
• How do we collect or receive your data?
• For what purposes are your data used by Dior?
• For how long may we keep it?
• Who may access your data?
• How do we protect it and keep it confidential?
• How do we address cross-border protections?
• How are consumer preferences and individual rights addressed?
• What additional protections that we provide for residents of certain regions?
• How does Dior protect children's privacy?
• How does Parfums Christian Dior use your data to serve the models and functionalities of generative AI?
• Contact Us

WHO are we?

The Maison Parfums Christian Dior

Parfums Christian Dior SA (head office), a public limited company under French law whose head office is located at 33, avenue Hoche, 75008 Paris, France, and all of the affiliates of Parfums Christian Dior with whom you share your information.

“Parfums Christian Dior Hong Kong Limited, a company governed by Hong Kong SAR law whose registered office is at 34/F Dorset House, Taikoo Place, Quarry Bay, Hong Kong”.

Parfums Christian Dior is a story of dreams, glamor, creativity and excellence. The Maison, which has unique expertise, is made up of talented and ambitious professionals who are committed to perpetuating the Dior heritage and transmitting their passion for beauty.

WHAT data may we collect or receive about you?

"Personal data" means any information that could reasonably identify you either directly (e.g. your name) or indirectly (e.g. through a unique client ID number). 

The personal data we collect depends upon the touchpoint of our interaction and is also limited to that which is relevant and appropriate for the interaction. Unless you choose to interact with us via other touchpoints, such as (but not limited to) by making a purchase on our site, signing up for one of our programs (for example: My Exclusive Loyalty Program by Parfums Christian Dior) or services, using our apps, communicating with us via email, phone or submitting online forms, or posting a comment or a like online, our data collection is limited to the use of ‘cookies’ for website visitors.

For customers and other individuals who sign up for programs or services or otherwise interact with us beyond browsing our site via the touchpoints described above, for example, we collect certain relevant information from you.  The information we collect is related to the particular transaction as well as our overall relationship with you.  For example, if you make purchases from Dior.com or in our stores, we must collect information to process (and, if relevant, fulfill and ship) your order. For customers and other individuals who sign up for our programs or services, we generally collect your contact details, contact preferences, and information that will allow us to make recommendations to you about our products or services that may be of interest.  We may centralize the information pertaining to our customers so that we have it organized in one place, as this helps us manage our relationship with you as well as your choices and preferences. Or, if you subscribe to our personalized newsletter, we collect your email address.

We invite you to keep us regularly informed in writing of any change in your contact details. 

We Collect and Use Limited Sensitive Information.

As described above, we collect personal data that is described under some laws as sensitive personal data,” special categories of personal data, sensitive personal information, or similar terms (collectively referred to here as “Sensitive Personal Data”).  Here, we provide more information about which categories of the personal data described above may be designated as Sensitive Personal Data, and how we use these categories of Sensitive Personal Data.  We only use Sensitive Personal Data to provide you goods and services, and do not use such information to infer characteristics about you. Depending on what you choose to provide and how we interact with you, we may collect:

• Account log-ins to provide Dior products and services. Account login information is used to identify an active user on any site that requires login. Login information includes first and last name and corresponding email for such account, as well as the associated account password.
• Financial information to process your orders. We collect and use credit or debit card information and required security or access codes in order to process payments and fulfill any order you make.
• Passport-related information to process your orders. We may collect passport or other government-issued ID information in connection with an order, including when you are purchasing a product in a country other than that in which you live, in order for you to make purchases free of value added tax (VAT).
• Self-reported data regarding undesirable side-effects to fulfill legal cosmetovigilance obligations. If you have a medical reaction to a Parfums Christian Dior product and choose to complete a questionnaire about those side effects and/or provide us with photos or other self-reported data, our client services and quality control team will evaluate the information and determine whether to provide it to a health regulator to fulfill legal cosmetovigilance obligations.

HOW do we collect or receive your data?

We may collect or receive data via the following touchpoints:

• Use of Dior.com (and separate domain names of the Dior.com website adapted for specific jurisdictions)
• In-store, including in communication with our salesperson.
• Dior events you attend.
• Public Relations relationship and communication.
• Contact with the Client Services.
• Forms you complete (in store or online);

• During your purchase journey, you will be able to choose between i) logging into your existing Dior account, ii) creating a new account, or iii) paying as a Guest.

• Digital apps you use.
• Digital experiences such as virtual beauty technology in store (if you choose to use that technology were offered via a retailer), or our third-party vendors may receive data via virtual try-on online;
• Loyalty or rewards program you benefit from.
• Dior social media pages you visit or interact with, or other social media pages on which you post Dior content or comments;
• Digital media advertising you click on;
• Search engines’ paid advertising you click on;
• Retailers (such as Department Stores) in which you have purchased a Dior product and in which you consented (e.g. via an iPad) to have your details shared with one of the Dior Maisons to receive its communications; or
• Surveys or satisfaction questionnaires you answer.

Insofar as this Statement is applicable to Hong Kong, In relation to our programs and events, the personal data essential to Dior is indicated by an asterisk on each personal data collection form. If you do not provide the data marked with an asterisk, this may affect the products and services that we can provide to you. Other information is optional and allows us to know you better and to improve our communications and services to you.

FOR WHAT PURPOSES are your data used by Dior?

Depending on the context in which your data is collected, we use your data for:

• the provision of Dior products and services, including the management of your orders, the management of personalized content, communications and interactions with Dior (digital or otherwise), and providing customer support;
• the facilitation of showing you what your selected product would look like on you (in relation to using our virtual beauty and try-on technology, though when online, all processing for providing the feature is done by our third-party vendors’ proprietary technology), and for certain in-store virtual try-ons, offering you the option of receiving your photo via email;
• the management of your account and profile (for example, in order to simplify your navigation through our different country-specific websites, if you navigate to another country your customer account will automatically be duplicated in that market. This means that it will not be necessary to create a new customer account);

• analyze the performance of our Maison on social networks in order to produce statistical analyses (studies of results by country, influence of the Maison and analysis of the campaigns implemented).
• analyze your preferences and habits, anticipate your needs from your consumer profile and your publications/mentions on social networks.
• personalised customer experience: we may provide you with personalized communications by means of email, postal mail, SMS or calls based on the communication preferences you have indicated and your consumer profile (where permitted) (if you have an account, please connect to either your Parfums Christian Dior account to modify your channel preferences. Otherwise you can contact our customer service (see "Contact Us" section below)). With your free, specific, informed and unambiguous consent (where required), we use your personal data to send you personalized communications based on your interests (newsletters, offers, invitations and surveys).
• the provision of your personal data to third party platforms so that they may provide you with personalized ads when you use their services and identify other people with a similar profile to you so that they may send similar ads to those people

In the latter two interactions (“analyzing your preferences and habits” & “providing you with a personalized customer experience”), when we send personalized communications or content, we may use so-called profiling techniques. For the sake of transparency within this Statement, profiling is currently defined as any kind of automated processing of personal data which consists of using that personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict elements relating to the preferences, interests, behaviour or location of that natural person. In these circumstances, you have the right to opt-out, meaning the right to withdraw your consent by unsubscribing or see the “Contact Us” section below.

The legal basis for the processing of your data can be, depending in which context your data is collected:

• Your consent, both express and implied to the extent permitted by the application legislations (e.g. to manage our tailored services, managing your browsing via cookies);
• The performance of a contract (e.g. managing your access to your customer account, processing and tracking your orders, your subscription to our loyalty program);
• A legal obligation when processing is required by law (e.g. retention of purchase invoices, cosmetovigilance for Parfums Christian Dior products); or
• Our legitimate interest: improve our products and services, prevent fraud, secure our tools or tailor our communications.

FOR HOW LONG may we keep it? 

Unless otherwise stated, we only keep your personal data for as long as we need it to fulfill the purpose of collection, to meet your needs, or to comply with our legal or business obligations, and to fulfill the purposes described above in this Privacy Statement. By way of example:

- for customers (i.e.: those that have a customer account) or Client ‘Guests’ (i.e. those that do not have a customer account but have made a purchase as a “Guest”), we keep your data up to 5 years from the last interaction with us (i.e: last purchase)

- for prospective customers (i.e. those that have not made a purchase and do not have a customer account, but are registered for our communications), we keep your data up to 3 years from the last interaction with us (i.e: participation in an event)

When you choose to use our Virtual Try-On tool, no photos or images are kept or stored beyond the end of the session.  

When we no longer need to use your personal data, it is removed from our systems and records or anonymized so that you can no longer be identified from it.

We use the following criteria to determine how long to retain personal data:

• Our relationship with you, and the products and services we provide to you.
• Your requests to us regarding your information, or our products or services.
• Any legal obligations to retain the data, or for our own legal purposes (such as enforcing our agreements or litigation);
• Recommendations and legal requirements, including applicable international, national, federal and state statutes; and
• Technical considerations and feasibility, and level of protections in place for your personal data.

WHO may access your data?

We communicate your information, including if possible, in a form that does not allow a direct identification, to:

• Other Dior entities as well as department stores where you buy our products in order to provide you with identical personalized service worldwide. 

• Our trusted third-party providers, including other entities of the LVMH group, acting as subcontractors according to our instructions and on our behalf only.

For example, we entrust certain services to third parties responsible for delivering a product to you, payment service providers and transaction security against fraud, third parties who assist us in the organization of our events, third parties providing services IT, digital communication and public relations agencies, third parties who assist us in customer care, third parties who assist us in qualitative surveys of our products, programs or services.

• Third parties including the LVMH group wishing to know your preferences and consumption trends for our programs and services in order to improve visibility, accessibility and performance

• Our trusted third-party partners assist us in the management of your orders. In particular, we entrust certain services to third parties responsible for delivering a product to you, to payment service providers and to providers ensuring the security of anti-fraud transactions. 

• Third-party partners, who provide advertising, marketing, website performance, analytics, and similar services for Dior, including cookies or other trackers, including for the purposes of behavior-based targeted advertising. 

Before transferring data between different countries, we take into account the risks that this operation could create for the data; where appropriate, we rely on the mechanisms in place, such as the Data Privacy Framework in the United States or standard contractual clauses, to ensure that your rights relating to your data are protected. Where data is shared with third parties, we require them to guarantee the same protection for your data as we do. 

Please note that these third-party partners may act as data controllers; in such cases, they have their own privacy policies. These third parties include: 

• Third parties in the event of a change of control, for legal reasons, or with your prior consent
• Third parties wishing to know your main interests to constitute similar audiences and target prospects that match your profile. In the context of this specific data processing, Dior is not the Data Controller relating to prospecting and you will not be subject to prospecting, your data is only used to constitute profiles similar to yours

We illustrate some examples below:
- Facebook (Privacy policy accessible here)
- Google (Privacy policy here)
- Instagram (Privacy policy accessible here)
- Tiktok (Privacy policy available here)
- Snapchat (Privacy policy available here)
- Bing (Privacy policy available here)
- Pinterest (Privacy policy available here)
- Twitter (Privacy policy available here)

• Third parties conducting statistics on our performance on social networks on our behalf
• Third parties such as IAS (International Accreditation Service), which assists us, for example, in finding out the exposure rate of our created formats. For more information, their privacy policy is available here.

How is your data shared with the LVMH group?

What is the context of the processing?  

Parfums Christian Dior belongs to the LVMH Group, which comprises many exceptional Maisons that offer high quality products and services in all sectors including Fashion & Leather Goods, Perfumes & Cosmetics, Watches & Jewelry, Wines & Spirits, Selective Retailing and Hospitality, Culture & leisure. The list of all LVMH Maisons is available at https://www.lvmh.com. If you are customer of our Maison, you may also be a customer of other LVMH Maisons. 

What is the purpose of the processing?

We endeavor to improve your experience by proposing personalized offers and services and customized marketing communications that correspond to your interests. This relies on knowing your preferences and interests. 

How is the processing conducted?

If you consent, we will share the purchases you have made with us during the last 3 years with LVMH, our parent company, in a pseudonymous way (which means that your name and your contact details will not be sent to LVMH). Your purchases will be analyzed and matched with purchases made from other Maisons of the LVMH Group where you have given a similar consent. Each Maison that has your consent will receive back from LVMH generalized information concerning your purchasing habits and preferences. 

Who is the Data Controller?

Parfum Christian Dior will remain the sole data controller which means that it is the company that is responsible for the information that you provide to it. LVMH acts as our data processor, or service provider, and will not use your data for any purpose other than the one described above. For example, LVMH will not use your data for its own purposes, will not contact you for marketing purposes based on the data we provide, and will not share information about you with Maisons of the LVMH Group to which you are not a customer and/or to whom you have not given consent. 

HOW do we protect it and keep it confidential? 

We have adopted reasonable and appropriate physical, technical and organizational security safeguards to protect your data from loss, misuse, alteration, destruction or access by unauthorized third parties. The Internet, wireless networks and information storage are not 100% secure. We cannot guarantee the security of your personal data stored or sent to us. We encourage you to take precautions to protect your personal data. For example, in creating your account on dior.com, entering a personal password complying with our security requirements is compulsory and part of this Privacy Statement.

The security safeguards that we have adopted are commensurate with the sensitivity of the particular data collected.  For example, credit, debit and other payment information is subject to stricter security measures. 

Regarding your purchases, your bank details are encrypted through Dior servers. Payments are made via a secure payment platform which is PCI-DSS certified, supplemented by control measures, to ensure the security of purchases made and to fight against fraud. 

We also require our partners and group companies to uphold a substantially similar level of protection for your data. The measures are evaluated and updated to address new threats and challenges, as well as new legal requirements in the countries where we operate.  

To the maximum extent allowed by applicable law, you agree and acknowledge that Dior will not be liable or responsible for use or disclosure of your information that is the result of unauthorized or illegal access to our systems or those of our vendors, agents, contractors, affiliates, or partners. If you have reason to believe that the security of your communications or personal data has been compromised, please notify us immediately using the contact information below.

HOW do we address cross-border protections? 

Because Dior operates in many countries across the world, some of your data may be collected, accessible or stored outside of your country of residence.  You should know that the data protection and security requirements differ from place to place and may not offer the same level of protection as those in your home country.  Nevertheless, Dior and our group companies have taken steps to ensure an adequate level of protection of your data irrespective of where it is located, such as by using data transfer methods approved by the European Commission (where the data protection laws are considered to be the strongest worldwide).  We also require our third-party partners to fulfill applicable data transfer obligations in relation to the personal data that they receive on our behalf. 

In this context:

- Parfums Christian Dior and all of its affiliates have entered into a Data Processing and Transfer Agreement

- In specific cases and roles, Christian Dior Couture and Parfums Christian Dior have entered into a Data Processing and Transfer Agreement

How are consumer preferences and individual rights addressed?

In accordance with applicable laws and requirements, Dior and its group companies have put in place measures to guarantee respect for the rights of individuals with regard to personal data that we (or our third parties) have about them. This includes, for example, the right to know the data that we hold about you or to obtain a copy, as well as the limited rights to modify your data, to request erasure or to object to the processing of your data. We encourage those who have given their data to us to keep it up to date (for example, if you change your email address, address or telephone number), so that we keep your correct information in our files. We also encourage consumers to update their preferences with us, for example regarding products and frequency of contact, so that we can customize our service to suit your expectations and needs. Finally, we offer individuals the right to withdraw their consent from our programs and offers at any time. To do this, or to exercise any of these other rights, please use or the contact possibilities in the section "How to contact us" below. For people wishing to access their data, we also need authentication to ensure that we do not provide personal data to an unauthorized person. 

What additional rights are provided for residents of certain regions? 

Dior has adopted the data protection and security practices described in this Statement for all individuals within scope.  In addition, we also recognize and have addressed data protection and security measures that are required on a local or regional level.  This includes, for example, those required for residents of the European Union/European Economic Area under the EU General Data Protection Regulation (GDPR) 2016/679

 In particular, the GDPR provides the following rights (with some exceptions):  

• The right to be informed: you have the right to obtain clear, transparent and easily understandable information about how we use your personal data, and your rights. You will find all this information in this Statement.

• The right of access: you have the right to access to the personal data Dior holds about you.

• The right of rectification: you have the right to have your personal data rectified if it is incorrect or outdated and / or completed if it is incomplete.

• The right to erasure / right to be forgotten you have the right to have your personal data erased or deleted. Please note this is not an absolute right, as we may have legal or legitimate grounds for retaining your personal data.

• The right to object to direct marketing: you can unsubscribe or opt out of our direct marketing communication at any time. You are able to do so by clicking on the “unsubscribe” link in any email or communication we send you. You are also able to request to receive non-personalized communications about our products and services.

• The right to withdraw consent at any time for data processing based on consent: You can withdraw your consent to our processing of your data when such processing is based on consent; and

• The right to data portability: you have the right to move, copy or transfer data from our database to another. This only applies to data that you have provided, where processing is based on a contract or your consent, and the processing is carried out by automated means.

You are also entitled to determine your personal data protection guidelines and directives in the event of death or extern circumstances.

You also have the right to contact the data protection authority of your country in order to lodge a complaint against the data protection and privacy practices of Dior.

We also wish to inform you about the contacts of other authorities in Europe that you can find and contact on the website of the European Data Protection Board: https://edpb.europa.eu/about-edpb/board/members_fr. 

We may require proof of your identity and full details of your request before we process it.

How does Dior protect children's privacy?

Minors

Parfums Christian Dior is particularly committed to respecting the privacy of minors and avoids collecting personal data on minors under 18 years of age* without their parents' consent.

In some cases, we need to obtain your consent to process your personal data, which we will do by means of a checkbox ☐ which you can click or not.

If you are over 18 years old*, you can give your consent to the processing of your personal data on our website and therefore click on the dedicated check box.

If you are under 18 years old*, you cannot give your consent alone and therefore click on the dedicated checkbox. You must obtain the consent of your parents or legal representative to use our services.

To find out more about how we handle your personal data, we invite you to read the full Privacy Policy. If you do not understand what is written on this page, or if you have any doubts about the use of your personal data, we advise you to speak to your parents or any other legal representative.

For holders of parental authority

Parfums Christian Dior may process the personal data of your minor child.

If you create an account on our website on behalf of your child in your capacity as a parent or guardian, please be aware that your child's personal data will be processed by Parfums Christian Dior in accordance with this Statement. 

If your child under the age of 18 is browsing our website and his/her consent is required, we invite you in your capacity as the holder of parental authority to consent to the processing of your child's personal data in accordance with the Hong Kong Personal Data Privacy Ordinance  and to the extent applicable, Article 8§1 of the GDPR and Article 45 of the French Data Protection Act (Loi Informatique et Libertés). As the holder of parental authority, you undertake to participate in your children's online activities to prevent data relating to your children under the age of 18 from being processed without your consent.

As the parent or guardian of a minor user, you can exercise your rights on behalf of your child and support him or her in doing so. In particular, you can request the deletion of your child's account. To do so, simply fill in the rights exercise form available here".

How does Parfums Christian Dior use your data to serve the models and functionalities of generative AI?

What is generative AI?

Generative AI is the use of computer models to create new content. These models are a form of artificial intelligence trained by a large amount of information from different types of data, such as text and images. By studying this information, it is possible to identify relationships and associations between different types of content and to propose new content enriched with instructions and questions from its customers and prospects. 

Where does Parfums Christian Dior obtain model training information?

Parfums Christian Dior uses external sources (e.g. Azure OpenAI) to train its models. It is part of a private LVMH body and relies on shared information about its products and services (e.g. publication of customer comments and opinions).

Data from Parfums Christian Dior products and services does not feed external sources such as Azure OpenAI, nor the LVMH AI model. 

Why does Parfums Christian Dior use artificial intelligence services?

Parfums Christian Dior relies on its legitimate interest to develop and improve its Artificial Intelligence for the purpose of developing its products and responding to its customers' needs. 

Confidentiality and generative AI

Parfums Christian Dior develops solutions to protect the confidentiality of personal data in terms of collection, use and sharing. Depending on the use, appropriate measures are implemented (automatic anonymization of nominative data, for example). Parfums Christian Dior customer data is not fed into any external source (neither LVMH AI nor Azure OpenAI). 

Updates to this Statement

Dior reserves the right to change this Statement at any time at its sole discretion and will post the date it was last updated at the top of this Statement. Such changes shall be effective immediately upon posting them to Dior’s website, or otherwise providing them to you. We will provide additional notice to you if we make any changes that materially affect your privacy rights. 

CONTACT US

If you have any general questions or concerns about how we process and use your personal data or would like to exercise any of your privacy rights, you may contact us at the Maison below that processes your personal information. Please note that you should direct any inquiries you may have about your data directly to the Maison that may hold your personal information. Each Maison manages its own database and cannot provide information about the data that may be held by the other Maison. 

The Maison Parfums Christian Dior

• By email to: [email protected].
• By phone to Dior Customer Service Centre relevant number of your location as provided here: CONTACT | DIOR