Privacy Policy
Contents
-
Who are we?
-
What information is covered by this Privacy Notice?
-
What information do we collect from you?
-
How do we use your personal information?
-
Do we use your personal information for direct marketing?
-
Sharing your data with third parties
-
Where do we transfer your personal information?
-
What are your rights (EEA residents only)?
-
Do we use CCTV?
-
How do we protect your personal information?
-
How long do we keep your personal information?
-
How do we deal with children's privacy?
-
How can you contact us?
-
Which version of this Privacy Notice applies?
JAO is committed to safeguarding your privacy and ensuring the highest level of security for your personal information. This Privacy Notice explains the types of personal information we collect, how we use that information, who we share it with, and how we protect it.
Please carefully read the following to understand our practices regarding your personal information.
1. Who are we?
This Privacy Notice applies to information collected by Emeis Cosmetics Pty Ltd, JAO UK Limited, and their affiliated entities worldwide (referred to herein as "JAO", "we", "us" or "our").
The personal information we collect is controlled by JAO UK Limited, located at Hay's Galleria, 1 Hay's Lane, Hay's Lane House, 3rd Floor, London, SE1 2HD (registered number 05192303), Emeis Cosmetics Pty Ltd, located at 23 Waterloo Road, Collingwood VIC 3066, Australia (ACN registration: 007 409 001), and relevant local corporate affiliates. For the purposes of applicable data protection laws, the relevant JAO entity, as set out in section 14 below, is a data controller of your personal information.
2. What information is covered by this Privacy Notice?
This Privacy Notice covers all personal information processed by JAO, meaning information that, either alone or in combination with other data, allows you to be identified directly or indirectly.
3. What information do we collect from you?
We may collect information about you from the following sources:
3.1 Information we receive from you
We may collect personal information (such as your name, postal and email address, telephone number, date of birth, title, payment information, health, and other details) that you provide when:
• Visiting our website and registering an account or purchasing products.
• Completing a profile card at one of our JAO retail stores or counters.
• Corresponding with us.
3.2 Information we collect about you
When you visit our website, we may use cookies and other technologies to automatically collect the following information:
• Technical details, including your IP address, login information, browser type and version, website referrals, device identifier, location, browser plug-ins, operating system, platform, page response times, and errors.
• Details about your visit, including pages visited before and after, and products viewed or searched for.
• Interaction details such as scrolling, clicks, and mouseovers.
If your browser accepts cookies, visiting JAO's website will store a cookie on your hard drive. Cookies allow us to gather information about your computer, including your IP address, browser type, operating system, domain name, and referring website. We use cookies to track and collect data on website usage.
Types of cookies we use:
• Strictly necessary cookies for website operation and legal compliance.
• Performance cookies for website analysis and improvement.
• Functionality cookies for personalized content and user preferences.
• Targeting cookies for advertising relevant products based on your interests.
We also use third-party cookies for enhanced functionality and advertising. You can manage cookie preferences through your browser settings.
4. How do we use your personal information?
Purpose How We Use Your Information Justification Provide information about products and services Utilize order history to develop, market, and provide products or information. Send newsletters and marketing materials. Necessary for contractual obligations and legitimate interests. Process payments and prevent fraud Process payment details to fulfill orders and protect against fraudulent transactions. Legitimate interests and contractual obligations.
Deliver purchased products and services Use name and contact details to fulfill contractual obligations. Necessary for contract performance. Understand product usage and inform development Process health information for account updates. Conduct internal research, analytics, and planning. Legitimate interests in product development and customer experience. Enhance website experience Analyze website activity to improve user experience and troubleshoot issues. Legitimate interests in website optimization. Detect fraudulent activity Analyze device details to identify suspicious transactions. Legitimate interests in fraud prevention. Assess website usage Review website data to understand user activities and preferences. Legitimate interests in website optimization and personalization.
Analyze sales data and customer preferences Utilize geographic data for market research and product development. Legitimate interests in product improvement and marketing. Understand customer preferences Review information provided in customer profiles for personalized service. Legitimate interests in customer service and product customization. Process exchanges or returns Handle personal information to manage exchanges or returns.
Necessary for contract performance. Address requests or complaints Use contact details to respond to inquiries or complaints. Necessary for contractual obligations.
5. Do we use your personal information for direct marketing?
We only use your information for marketing purposes with your consent. You can opt out at any time by contacting us. Marketing communications include opt-out options.
Sharing your data with third parties
6. We may share personal information with:
• JAO group companies: For account registration, product delivery, customer support, and marketing.
• Service providers: For services like IT, marketing, auditing, and legal compliance. We ensure they only use data for specified purposes.
• Third parties as permitted by law: To comply with legal obligations or protect our rights, safety, or security.
• Business transfers: In case of mergers, acquisitions, or asset transfers, provided recipients adhere to this Privacy Notice.
We do not sell personal information to third parties. Links to third-party websites have separate privacy policies.
7. Where do we transfer your personal information?
JAO operates globally, and personal information may be transferred to:
• EEA, Switzerland, Australia, New Zealand, Japan, Hong Kong, Singapore, Malaysia, Macau, Taiwan, Korea, USA, Canada, and Brazil.
Transfers follow applicable data protection laws, including EU standard contractual clauses.
8. What are your rights?
You have rights regarding your personal information, including:
• Access: Request a copy of your data.
• Rectification: Correct inaccurate data.
• Deletion: Request removal of unnecessary data.
• Restriction: Limit processing in certain cases.
• Portability: Transfer data to another controller.
• Objection: Object to processing for legitimate interests.
• Withdraw Consent: Opt out of consent-based processing.
You can exercise these rights by contacting privacy@jao.com.
9. Do we use CCTV?
CCTV is used for security and crime prevention. Contact us for more details.
10. How do we protect your personal information?
We implement security measures to protect data, including access controls, encryption, and regular audits. However, due to Internet risks, we cannot guarantee complete security.
11. How long do we keep your personal information?
We retain data as long as necessary for the intended purpose and legal compliance. We delete or anonymize obsolete information.
12. How do we deal with children's privacy?
We do not knowingly collect data from individuals under 16 without parental consent. If we receive such data, we delete it promptly.
13. How can you contact us?
For questions or concerns, email privacy@jao.com. Specific data controllers are listed for different regions.
14. Which version of this Privacy Notice applies?
This Privacy Notice is written in English. In case of discrepancies, the English version prevails. Changes to the notice will be communicated on our website.
Effective Date: November 30, 2023