海瑞温斯顿网站隐私条款:您的隐私权

 

 

Harry Winston(海瑞•温斯顿)知道,隐私权是您的一项重要权利,而我们也深知保护隐私是我们的重要责任。所以我们制定了本隐私条款(以下简称“隐私条款”),以阐述我们从我们的各个网站(页脚创建有链接)和我们使用的各种社交网络平台(以下均简称“本网站”)上所收集的信息类型。本隐私条款不适用于我们通过离线——如在零售店收集的信息。本隐私条款描述了我们在收集信息之后将如何使用、披露、保护这些信息,同时还介绍了您可以如何拒绝我们对您的信息的部分使用。

 

下文列出了几条一般原则,在阅读本隐私条款时,请记住这些一般原则:

 

  • 本网站由海瑞•温斯顿公司和其附属公司所有和经营(在本隐私条款中统称为“我们”、“我们的”和其他类似代名词)。

 

  • 加州民法第1798.83节,即《反客户信息披露法》规定,当加州客户要求某些企业提供与为第三方直接营销目的而向第三方披露个人信息有关的披露原则时,企业必须响应加州客户的这些要求。或者,企业可以制定一项政策来规定,不得为第三方直接营销目的向第三方披露客户个人信息,除非客户选择参加共享信息。因此,除了与我们的附属公司共享您的个人信息外,我们不会为第三方直接营销为目的与第三方共享您的信息,除非您同意共享,例如:当您向我们提供信息时勾选了同意共享条款的复选框。但是,我们会为营销目的与我们的附属公司分享您的个人信息。如想获取我们在上一年度为营销目而分享您的个人信息的附属公司的名单,您可以写信给我们,我公司通信地址为海瑞•温斯顿,纽约第五大道718号,邮编NY 10019,写信时请在“标题”行注明“加州反客户信息披露法申请”字样。

 

  • 随着我们业务的发展,本隐私条款会有所变化,因此您需要定期查阅本页面,以确保您可以了解您的个人信息的处理方式。

 

  • 本隐私条款载入使用条款,属于使用条款的一部分,后者作为一个整体指导您使用我们的网站。

 

  • 如果您是非美国公民,您应该了解,您提供给我们的信息将被传送给我们并在美国被处理,并且将受到本隐私条款和美国法律的保护,而美国法律的保护与您所在国家的法律保护有所不同。此外,在登录本网站时,您的计算机或设备上需要安装信息记录程序(cookies)和本地共享对象,这些文件将在下文予以详细阐述。

 

选择参加和选择退出

您有权通过选择参加或选择退出来同意或拒绝我们对您的个人信息的某种使用。例如,当本网站要求您填写个人信息时,您可选择填写或者不填写邮件、电话或通信地址接收我们的消息。您也可以通过登录我们的营销选择专区、网站,或者通过发送署有姓名、地址、邮件和电话等信息的书面申请到clientcare_chs@harrywinston.com,或邮寄到纽约第五大道718号海瑞•温斯顿公司隐私官,或者拨打电话 (212) 315-7900等方式,来通知我们您不希望接收我们的促销消息。此外,还可通过点击邮件中的选择退出的链接来排除促销邮件。请您知晓,在您选择退出接收我们的促销信件后,我们需要一段时间来处理您的退出申请,此外,我们还会继续就您与我们的关系、活动、交易及联系与您保持联系。另外,如您希望想停止接收已经知道您的联系方式的第三方发出的促销信息,请您直接与该第三方联系。

 

本网站收集什么信息?

 

用户提供的信息

 

“个人信息”是指进行个人身份验证或者允许他人与您联系的信息,以及上述信息的一些附带信息。我们收集诸如您的姓名、职业、出生年月、通信地址、邮箱、电话、传真号、照片、性别、网站浏览和交易历史记录、工作史和申请信息、兴趣、爱好和人口统计信息等个人信息。例如,我们会在您注册接收我们的邮件时、索取宣传册时、要求助销人员联系您时、安排参观我们的沙龙时、在我们的网站创建您喜欢的内容清单时、注册索取我们的时事通讯时、参加抽奖和比赛时、完成调查时、在我们的网站上创建聊天室、布告栏、博客或其他社交论坛时,或者使用网站上的“联系我们”或类似功能来提交评论或问题给我们时收集您的个人信息。

 

我们的网站和/或邮件中都有“转告朋友”工具,使用此工具您可将与我们的产品和礼物等有关的信息发送给其他人。还可在我们的网站上为他人购买礼物。当您使用购买礼物时,我们会要求您填写他人的姓名和联系方式,这些信息也受本隐私条款保护。未经他人的同意,我们不会为其他目的使用上述他人信息。

 

使用网站时留下的信息

 

和很多网站一样,当您访问我们的网站时,我们的服务器会自动收集您的IP地址,我们还会将其与您的域名或网络连接服务提供商联系在一起。同时,我们还会收集某些与您使用本网站相关的 “点击流数据”。点击流数据包括您所用计算机或设备、网络浏览器、操作系统和设置、将您链接到本网站的推荐页、页面、您访问时浏览或点击的内容或广告以及您何时访问及访问的持续时间、您下载的内容、您离开本网站后访问的下一个网站以及您在本网站或推荐网站输入的任何查询词条等。

 

 

此外,我们可在本网站上植入各种追踪技术,来收集更多关于您访问网站时的信息。例如:

 

·       Cookies是应某个网站的要求存储到您的计算机或设备上一些小型数据文件。Cookie会为您的网络浏览器分配一个独特的数字标识符,通过使用标识符我们可识别出您是曾经访问过我们网站的用户,并将您使用本网站的信息与和您有关的其他信息,如您使用网站留下的信息和个人信息等联系起来。此外,使用cookies还可用于增强您对本网站的体验感(例如,当您输入密码,保存用户名后,可以快捷登录,将您的登录信息保存到本网站上,存储您所浏览的购物车内容)或者用于收集一般使用信息和综合统计信息以及发现和防止欺诈。大多数浏览器都有检测cookies的设置,您可以使用这些设置来拒绝cookies,但是在某些情况下,拒绝cookies会阻止或妨碍您使用本网站或其功能。点击此处,可了解更多关于使用cookies的信息,包括如何管理或删除cookies。

·       当您使用安装在您的计算机或设备上的媒体播放或其他软件时,本地共享对象(如“Flash cookies”)可能被存储到您的计算机或设备上。本地共享对象运行方式与cookies类似,但是其管理方式与cookies不同。基于本地共享对象是如何被允许存储在您的计算机或设备驱动上的,您可通过软件设置来管理这些本地共享对象。点击此处,可以查看有关管理Flash cookies的信息。

·       HTML5(一些网站页面的编程语言)可能被用于将您的网站使用信息存储到您的计算机或设备上。我们可以检索到这些信息,用于判断访客使用我们网站的方式,确定我们网站的完善方法,以及为我们的用户量身定制网站。

·       像素标签(也称为“透明影像图档”或“网站信标”)是一种微小图形,它通常只有一位像素,我们将像素标签放置在网页或与您的电子通信中以便帮助我们检测我们的内容的有效性。 例如,我们可以通过像素标签来计算在线访问我们的人次,或者验证您是否打开某一封邮件或浏览了某一个网页。

 

这些追踪技术可由我们和/或我们的服务提供商或合伙人代表我们配置。通过使用这些技术,我们可为您分配一个独特的编号,将您使用网站的信息与其他有关您的信息,包括您的个人信息联系起来。

 

不追踪披露

 

本网站不处理由网络浏览器传输的不追踪标题。我们的第三方网络分析供公司 负责收集您超时在线活动信息。第三方不会根据您网络浏览器的DNT设置而更改他们的追踪原则,我们也无法强迫第三方遵守这些DNT设置。

您的信息将被如何使用?

我们或我们的服务提供商会使用所收集到的有关您的信息来执行以下业务功能:

 

·       处理及完成您的交易

·       让用户使用我们的网站和网站功能

·       管理网站和您的注册账户

·       对您的请求、问题和关注做出及时回应

·       通知网上组织的竞赛的获胜方

·       市场调查

·       开发新功能和礼物

·       根据您选择的任何通信首选项,向您发送我们认为您感兴趣的营销信息和其它信件,包括我们和其他公司的产品、服务和活动信息。(您可按照上述选择参加和选择退出权利章节中的说明选择退出接受 我们发出的此类通知)

·       保护我们的权利和财产

·       防止对我们服务的滥用和不正当使用

·       追债及防止欺诈

·       依据您的兴趣和访问我们网站的历史信息,定制我们的网站

·       测试和改进我们提供服务的系统

·       依据您的兴趣和访问我们网站的历史信息,在网页和其他页面为您定制显示广告

·       当个人信息提交给我们时披露的其他目的

为了上述功能,我们会将从各种渠道在不同时间收集到的关于您的信息,包括个人信息和使用网站留下的信息等与由其它来源(包括第三方)收集到的信息,如人口统计信息和最新的联系方式等进行匹配。我们或我们的服务提供商还会使用您的信息针对我们的网站、邮件和其他信息传输活动的感兴趣程度和使用次数作出个体和整体的评估。

 

社交网络

我们在一些社交网络和博客平台上开设有账号,同时还在我们网站上植入了一些第三方的社交网络功能。使用这些平台和功能可以收到一些关于您的个人信息和一些网站使用信息,这些信息均受本隐私条款保护。此外,第三方社交网络平台和博客平台也有它们自己的隐私政策,这些政策说明了第三方是如何使用以及保护其收到关于您的信息。您在我们网站上的活动信息(如“Mary Jane喜欢Diamond Tassel的项链”)会根据这些政策(和您对社交网络账户的隐私设置)在社交网络上公布。

 

我们会与他人共享个人信息和网站使用信息吗?

 

答案是肯定的。由于各种原因,我们会与他人共享所收集到的信息。除了您可能已经预见的与第三方的几种信息共享情况(例如:我们与需要这些信息的第三方共享信息,以便第三方向我们提供服务或在同意遵守保密规定的情况下代表我方提供服务,以及与其他网站的用户共享您主动在网站公共区域上载一些信息外)之外,我们还会以下列方式共享您的信息:

 

·       与我们的附属公司和美国以及海外的零售店

·       在您选择参加共享时,为营销目的和其它目的与非附属第三方共享您的信息

·       如果收集到的信息与竞赛、抽奖、发售或其他促销活动有关,且这些活动是由我们和第三方联合举办的,则会与共同发起人共享您的信息,除非您按照上述选择参加和选择退出章章节中的说明通知我们您不同意共享信息

·       为了保护我们的权利或产权、保护您的安全或他人的安全、验证交易和个人身份、调查或以防欺诈或非法活动、响应政府、执法机关、司法或其它法律口号或者为了遵守法律,我们确实认为必须披露个人信息时

·       出现公司变革或解散事件,如合并、并购、重组、整合、破产、清算、销售资产或停业等事件时

此外,我们还会将一些您使用网站时留下的不包括您的姓名及联系方式的非身份资料信息(包括综合数据)共享给他人使用。

 

 

您的访问权

 

通过登录“我的账户”或网站类似区域、使用以下“联系我们”信息联系我们,您可审查、更新或修改网站用户账户中存储的某些个人信息(如果您在本网站注册了一个账户)。您首先可能需要通过身份确认并提供一些其他详细信息后,我们才会向您提供信息、允许您更改任何错误信息、或者删除任何信息。在删除您的信息时,您需要遵守我们的记录保留政策。

 

以利益为导向的广告和网络分析

我们会通过收集您在我们网站上的在线活动信息来给您提供适合您个人利益的产品与服务广告。我们也会通过第三方广告网站的信息提供适合您个人利益的产品和服务广告。我们隐私条款的这部分内容提供细节信息并说明您如何进行选择。

 

由于我们跟广告伙伴(包括广告网络)合作来进行重新营销和重新定位活动,您可以在其他网站上见到一些广告。我们的广告伙伴使得我们可以将我们的信息以人口、利益导向和环境的方式传达给用户。他们追踪您在一定时间在网上的活动,并使用如第三方的Cookies, 网站服务器登陆,网站信标等自动方式收集您在各个网站上的信息。他们利用这些信息来向您呈现符合您个人利益的广告。我们的广告伙伴收集的信息包括您对参与相关广告网络平台的网站访问,如您浏览过的网页和广告,您在网上进行的活动等。这种数据收集同时发生在我们的网站和参与广告网络的第三方网站上。这一过程也会帮助我们追踪我们广告的有效性。例如,我们基于您之前对我们网站的访问和其他在线活动信息,使用我们广告伙伴的一些目标广告服务在其他网站上向您呈现我们的广告。以下表格列出我们目前具备这些特征的广告合作伙伴和相应的链接,以描述您可以选择排除它们的广告活动。排除并不意味着您不再接收到我们的广告,而意味着您不再接收到根据您一定时间内的网上浏览活动定制的广告。

 

广告伙伴

选择不参与特征

Criteo

www.criteo.com/privacy

DoubleClick

https://code.google.com/archive/p/google-opt-out-plugin/

Google

https://code.google.com/archive/p/google-opt-out-plugin/

Facebook

https://www.facebook.com/help/164968693837950

Instagram

https://www.instagram.com/about/legal/privacy

Adform

http://site.adform.com/privacy-policy/en

 

 

如果一个公司参与一个为用户提供是否接受定制广告提供选择的工业发展项目,您一般也可以通过网络广告倡议网站或通过访问http://www.aboutads.info/choices/ 选择不参与以利益为导向的广告活动。如果您需要了解更多信息,请浏览由网络广告倡议和数字广告联盟操作的网站。

 

我们也可以在我们的网站上使用如谷歌分析服务等第三方网站分析服务。管理这些服务的服务提供商使用cookies, 网络服务器登陆和网站信标等技术帮助我们分析用户如何使用网站。通过这些方式收集的信息(包括用户所在的国家和邮政编码,用户电脑的IP地址)被披漏给这些服务提供商。这些服务提供商然后使用这些信息来评估网站的使用。您可以在我们的网站上让谷歌分析分析您的浏览活动的功能失效。

 

如果您想了解更多关于谷歌网络分析服务,做出有关它在我们网站上收集的信息选择, 请在http://tools.google.com/dlpage/gaoptout?hl=en下载谷歌提供的浏览器附加程序以便我们的网站上让谷歌分析分析您的浏览活动的功能失效。如果您想了解更多关于谷歌分析服务安全的信息和隐私原则,请在http://www.google.com/intl/en/analytics/privacyoverview.html 浏览谷歌提供的谷歌分析概述。

 

 

 

安全

虽然我们一直致力于保护由本网站收集的敏感个人信息的安全和完整性,但是由于网络本身是一个全球开放的通信工具,因此我们无法保证,联网传输的任何信息、在我们系统中存储的任何信息或我们保管的任何信息是绝对安全的,不会受到黑客等其他人的入侵。

 

在您通过邮件或使用网络功能,如网站上的“联系我们”功能与我们进行交流时,您应该意识到您所传输的信息可能是不安全的,有可能被第三方窃取查看。传输过程中或传输后,因第三方错误或非法行为导致您的信息被披露的,我们概不负责。

 

如我们发现,我们保管的关于您的个人信息安全可能受到威胁,我们会设法通知您。如果通知是适当的,我们会尽快及时通知您。如果我们知道您的邮箱地址,我们会发送邮件通知您。但是采用邮件作为发送通知的方式需要获得您的同意。如果您更希望使用美国邮政收取通知,请发送邮件到clientservices@harrywinston.com 更改通知发送方式。

 

“链接”网站

本网站包含一些转录到其它网站的链接、横幅广告、窗体小部件或广告。我们对链接的其它网站不负责,您的信息收集和信息将遵守这些网站上公布的隐私条款(而非本隐私条款)。在您离开本网站,访问其它网站时,我们建议您阅读各个网站的隐私权声明,了解各个网站处理您信息的方式。

 

修改本隐私条款

我们会随时修改本隐私条款。在我们修改本隐私条款后,我们会在本页面上公布更改后的政策,并会注上“最新更新”日期,以方便您了解。在一些情况下(如,我们大幅扩大了对您的个人信息的使用或共享范围),我们还会通过发送邮件到您所注册的邮箱地址等其他方式通知您这些变化。在某些情况下,我们会在取得您同意后,再进行修改。

 

联系我们

如您对我们的隐私保护实践有任何疑问或建议,请联系我们:

Harry Winston Inc.

718 Fifth Avenue, New York, NY, 10019, U.S.A.

 

Phone: +1 (212) 315-7900

发送邮件到clientcare_chs@harrywinston.com也可与我们取得联系。

 

最近更新:2021年3月1日


 

1.        About this Privacy Notice

 

1.1.  This is the privacy notice (“Notice”) of Harry Winston Inc., 718 Fifth Avenue, New York, NY, 10019, U.S.A. Harry Winston Inc. is the data controller for the purpose of this Notice.

 

1.2.     This Notice, together with our Terms of Use, sets out the basis on which we will process any personal data obtained in connection with your use of and interaction with this website or any other online presence administered by us including our social media presences and our applications, (collectively referred to as “Website”). For information about our use of cookies, pixels and social plug-ins, please see our Notice regarding Cookies, Pixels and Social Plug-ins.

 

1.3.     We will post any changes we may make to our Notice on this Website or communicate them to you by email.

 

1.4.     The Notice currently in place dates of May 20th 2018.

2.        What personal data do we collect from you?

 

2.1.     We collect personal data, that you provide to us, such as by filling out a contact form, registering for an account, using interactive features, subscribing to a service, participating in a marketing promotion, ordering a product or a service, requesting information and/or material or complete surveys. Such personal data may consist of:

2.1.1.    contact information (such as name, postal address, email address, and mobile or other telephone number);

2.1.2.    purchase and transaction information;

2.1.3.    payment information (such as your payment card number, expiration date, authorization number or security code, delivery address, and billing address);

2.1.4.    customer service information (such as customer service inquiries, comments, and repair history);

2.1.5.    username and password;

2.1.6.    information regarding your personal or professional interests, date of birth, marital status, demographics, and experiences with our products and contact preferences;

2.1.7.    photographs, comments and other content you provide;

2.1.8.    contact information you provide about friends or other people you would like us to contact; and

2.1.9.    information we may obtain from our third-party service providers.

 

2.2.     We collect metadata, for example details of your visits to the Website, such as traffic data, location data, IP address, browser information, session data, preferences, settings, weblogs and other communication data, which we monitor during your interaction with the Website.

3.        On which basis do we process your personal data?

 

3.1.     We process your personal data for the purposes indicated or obvious at the time of collection and

 

3.1.1.    to which you have agreed, for example by checking a box; or

3.1.2.    for which we are required by applicable laws, for example to comply with data retention requirements regarding data relevant for financial reporting; or

3.1.3.    which is necessary for the performance of a contract, for example if you order items; or

3.1.4.    for which we rely on other legitimate interests, which include:

·              gathering market intelligence, promoting products and services, communicating with and tailoring offers to you;

·              delivering and improving our products or services;

·              management of customer, client, vendor and other relationships, sharing intelligence with internal stakeholders, implementing safety procedures, and planning and allocate resources and budget;

·              monitoring, detecting and protecting the organisation, its systems, network, infrastructure, computers, information, intellectual property and other rights from unwanted security intrusion, unauthorised access, disclosure and acquisition of information, data and system breaches, hacking, industrial espionage and cyberattacks;

·              protecting and developing industry standards; sharing intelligence about individuals or concerns that may have a negative or detrimental impact; and following industry best practices; or

·              complying with industry standards, regulators’ requirements and other requirements related to fraud prevention and anti-money laundering.

4.        For which purposes do we process your personal data?

 

4.1.     We process your personal data for the following purposes:

 

4.1.1.    If you fill out a contact form providing your name, email-address, telephone number, preferences, etc., we use your data for answering your questions, sending you information or performing other tasks you ask us to.

4.1.2.    If you register an account with us, then we process the data required to open that account, for example your name, address, email-address, password, profile picture, third party account data (if you register using your Facebook account, for example), etc. to allow your registration and management of your account.

4.1.3.    If you use our interactive features, we process the data required to use these features to allow you and manage their use, for example, your name and email-address to appear in a ranking and to send you updates regarding the online game in which you participated.

4.1.4.    If you are an existing customer, we may send you advertisement about our products and services using, for example, your name and postal address.

4.1.5.    If you subscribe to a service like our newsletter by providing us with your email-address and name, then we use this data for sending you our newsletter.

4.1.6.    If you participate in a marketing promotion, then we use the data we require from you to allow your participation, for example, to manage your invitation for an event or to determine and contact the winner of a contest.

4.1.7.    If you order a product, material or a service, we need and process the data required to fulfill your order, such as your name, telephone number, delivery address, credit card information, email-address, etc., for example to confirm your order, process your payment, check credit scoring, deliver the ordered items and contact you for delivery purposes.

4.1.8.    If you answer one of our queries and provide us personal data such as name, age, occupation, etc., then we use this data to analyze the query results and draw conclusions therefrom.

4.1.9.    If you consent to receive marketing information where prompted, then we use your data to send you promotional materials and other communications, to communicate with you about, and administer your participation in, special events, contests, sweepstakes, programs, offers, surveys and market research, to provide advertisements to you about our products and services, to tailor your use of the Website, marketing experience, and communications according to your preferences and our terms

4.1.10. If you interact with us on third party social networks, then we process your data for such interaction with you on these networks (our interactions with you on a third party social network would be subject to that network's privacy policies and terms of use).

4.1.11. We process your personal data also to comply with and enforce applicable legal requirements, our Terms of Use, relevant industry standards, contractual obligations and our policies.

 

4.2.    We may process your personal data in a centralized system that allows enhancing your brand experience by tailoring our communication and marketing efforts to make them as relevant and useful as possible for you (profile building). For this we may process, match and enrich your personal data with data received from your interaction with us or from third parties. For example, if you tell us your age, income, hobbies or travel activities then we may mirror this data against your purchase behavior and other information we have obtained from you in order to approach you with offers, invitations or promotions that we believe specifically fit your interests.

 

4.3.    We process metadata that we collect from you to improve our Website, analyze traffic pattern and Website usage, for targeted marketing, to develop and analyze statistics and demographics, or optimize our online presence and marketing efforts.

5.        To whom do we disclose and transfer your personal data?

 

5.1.    We may disclose your personal data to the following recipients or categories of recipients for them to use the data on their own behalf and under their own control (controllers):

 

5.1.1.    Our parent company, The Swatch Group Ltd, Seevorstadt 6, 2501 Biel/Bienne, Switzerland (“Swatch Group”);

5.1.2.    Our affiliates within Swatch Group in the countries where our brand is represented as indicated when we collect your personal data.

 

5.2.     We may disclose your personal data to the following recipients or categories of recipients acting on our behalf and/or as partners (processors), limited to the purpose of the execution of their obligations, which are contractually bound to adhere to an adequate level of data protection when processing your personal data (for example to fulfil orders, deliver packages, process credit card payments, provide customer service, send postal mail and e-mail, store and process data, host websites, remove repetitive data from customer lists, analyse data, provide marketing assistance, execute customer satisfaction surveys, provide customized advertising):

 

5.2.1.    Swatch Group;

5.2.2.    Our data processing center in Switzerland;

5.2.3.    Our affiliates within Swatch Group;

5.2.4.    Our third party service providers.

 

5.3.     We may disclose your personal data to an acquirer if Harry Winston or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

 

5.4.     We may disclose your personal data if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Harry Winston or any member of Swatch Group, our customers, or others. This includes exchanging data with other companies and organizations for the purposes of fraud protection and credit risk reduction.

 

5.5.     We may internationally transfer your personal data, including to countries that are not considered providing an adequate level of data protection by the relevant regulatory bodies, for example to countries not considered by the European Commission or the Swiss Federal Data Protection and Information Commissioner to be providing such level. In such case, we ensure the adequate protection of your personal data by having the recipients adhere to binding contractual obligations in accordance with applicable standards approved by the relevant regulatory bodies or by relying on other safeguards, such as self-certifications, approved by the relevant regulatory bodies. You may contact us for a copy of the contractual and other safeguards in place (see section 9 below).

 

5.6.     This Website may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

6.        For how long do we process your personal data?

 

We process your personal data:

 

·         until you withdraw your consent for future processing, for example until you unsubscribe from our newsletter or delete your account with us;

·         until we are sure that you are satisfied after you have approached us, e.g. to order a catalogue, to ask a question, to request information, to make an appointment or a reservation, etc. but no longer than twelve (12) months after the last contact, unless we can rely on another justification, have informed you otherwise or you have given your consent for a longer retention period;

·         in connection with a purchase you make or in connection with a customer service transaction for the time until the transaction is completed plus at least the warranty period to which we may add a grace period for your benefit, unless we can rely on another justification, have informed you otherwise or you have given your consent for a longer retention period;

·         for as long as you remain our business partner plus ten years, unless we can rely on another justification, have informed you otherwise or you have given your consent for a longer retention period;

·         for as long as laws require us, e.g. legal retention obligations based on bookkeeping or tax laws and regulations.

7.        When do we require your personal data?

 

If you wish to conclude a contract with us, for example if you order items or services, then we are required to obtain from you certain personal data to allow us to enter into this contract, for example, your name, delivery address, place of residence, payment information or contact information. Should you decide not to provide us the required information, we may not conclude this contract with you.

8.        What are your rights?

 

8.1.     You have the right:

 

·          to request from us access to and rectification or deletion of your personal data;

·          to request us to restrict the processing of your personal data, in particular to object to the processing of your personal data for direct marketing purposes; and

·          to request from us to provide you or any person or entity you appointed with a digital file of your personal data (data portability).

 

8.2.     You may withdraw your consent that allows us to process your personal data for the indicated purposes at any time.

 

8.3.     To exercise the above rights, you may contact us as indicated below.

 

8.4.     You also have the right to lodge a complaint with the competent authority.

9.        How can you contact us?

 

For any questions or to exercise your rights, you may contact us as follows:

 

Postal address: Harry Winston Inc., 718 Fifth Avenue, New York, NY, 10019, U.S.A.

 

Telephone number: +1 (212) 315-7900

 

Email-address: clientcare@harrywinston.com

 

For the contact details of our representatives or DPO respectively within the European Union, please see our EU Representatives List.

This Privacy Notice for California Residents supplements the information contained in the Privacy Policy of Harry Winston, Inc. (the “Company” or “we”) and applies solely to all visitors, users, and others who reside in the State of California ("consumers" or "you"). We adopt this policy to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this policy.

 

Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, we have collected the following categories of personal information from our consumers within the last twelve (12) months:

 

Category

Examples

Collected

Business Purpose

Source

A. Identifiers.

A real name, postal address, Internet Protocol address, email address, account name

YES

Performing the following services: customer, advertising, marketing materials, analytic, processing or fulfilling orders, processing payment. Detection or prevention of fraudulent activity.

Customer forms (online and instore), Website

B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

A name, signature, address, telephone number, credit card number, debit card number

 

YES

Performing the following services: customer, marketing materials, analytic, processing or fulfilling orders, processing payment. Detection or prevention of fraudulent activity.

Customer forms (online and instore), Website

C. Protected classification characteristics under California or federal law.

Age, gender

YES

Marketing services

Customer forms (online and instore), Website

D. Commercial information.

Records of personal property, products or services purchased, obtained, or considered

YES

Performing the following services: customer, advertising, marketing, analytic, processing or fulfilling orders, processing payment.

Customer forms (instore)

E. Biometric information.

N/A

NO

N/A

Website

F. Internet or other similar network activity.

Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement

YES

Performing the following services: advertising, marketing, analytic.

Website

G. Geolocation data.

Physical location

YES

Performing the following services: customer, advertising, marketing, analytic.

Website

H. Sensory data.

N/A

NO

N/A

N/A

I. Professional or employment-related information.

N/A

NO

N/A

N/A

J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

N/A

NO

N/A

N/A

K. Inferences drawn from other personal information.

Profile reflecting a person's preferences, behavior

YES

Performing the following services: advertising, marketing, analytic.

Website

 

 

Personal information does not include:

·       Publicly available information from government records.

·       Deidentified or aggregated consumer information.

·       Information excluded from the CCPA's scope, like:

·       health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;

·       personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

 

Sharing of Personal Information

We may share your personal information to a third party for a business purpose. When we share personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

We share your personal information with the following categories of third parties:

·       Service providers.

·       Legal entities under the common control of The Swatch Group Ltd.

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, the Company has disclosed the following categories of personal information for a business purpose:

Category A: Identifiers.

Category B: California Customer Records personal information categories.

Category C: Protected classification characteristics under California or federal law.

Category D: Commercial information.

Category F: Internet or other similar network activity.

Category G: Geolocation data.

 Category K: Inferences drawn from other personal information.

 

Sales of Personal Information

We do not sell your personal information.

 

Your Rights and Choices

The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

Access to Specific Information and Data Portability Rights

You have the right to request that the Company disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request we will disclose to you:

·       The categories of personal information we collected about you.

·       The categories of sources for the personal information we collected about you.

·       Our business or commercial purpose for collecting that personal information.

·       The categories of third parties with whom we share that personal information.

·       The specific pieces of personal information we collected about you (also called a data portability request).

Deletion Request Rights

You have the right to request that the Company delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

1.      Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.

2.      Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

3.      Debug products to identify and repair errors that impair existing intended functionality.

4.      Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

5.      Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

6.      Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.

7.      Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

8.      Comply with a legal obligation.

9.      Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:

·       Calling us at: +1 800 988 4110

·       Emailing us at: ClientCare@harryWinston.com

Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

·       Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.

·       Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.

Making a verifiable consumer request does not require you to create an account with us.

We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

Response Timing and Format

We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:

·       Deny you goods or services.

·       Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.

·       Provide you a different level or quality of goods or services.

·       Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

 

Changes to Our Privacy Policy

The Company reserves the right to amend this privacy policy at our discretion and at any time. When we make changes to this privacy policy, we will post the updated policy on the Website and update the policy's effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.

Contact Information

If you have any questions or comments about this privacy policy, the ways in which the Company collects and uses your information described herein, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

Phone: +1 800 988 4110

Email: ClientCare@harryWinston.com