Privacy Policy

Nespresso Privacy Notice

Effective: 24/7/2018

Please read this privacy notice(“Notice”) carefully to understand our policies and practices regarding your personal data and howWewill treat it. By using a Nespresso website or app, by calling a Nespresso CRC, by ordering in a Nespresso Boutiqueor by otherwise givingus your Personal Data, you agree to this notice. If you do not agree to this notice or otherwise fail to provide necessary Personal Data to us (We will indicateto you when this is the case, for example, by making this information clear in our registration forms), (a) you must not use our websites, or become a Nespresso Club Member and (b) Wemay not be able to provide you with our goods and/or services.This Notice may change from time to time (see Section10). Your continued interaction with us after We make changes is deemed to be acceptance of those changes, so please check the Notice periodically for updates.

This notice provides important information in the following areas:

 

1.      SOURCES OF PERSONAL DATA. 1

2.      PERSONAL DATATHAT WE COLLECT ABOUT YOU AND HOW WE COLLECT IT. 2

3.      COOKIES/SIMILAR TECHNOLOGIES, LOG FILES AND WEB BEACONS. 3

4.      USES MADE OF YOUR PERSONAL DATA. 3

5.      DISCLOSURE OF YOUR PERSONAL DATA. 4

6.     RETENTION OF PERSONAL DATA. 4

7.      STORAGE AND/OR TRANSFER OF YOUR PERSONAL DATA. 5

8.      ACCESS TO YOUR PERSONAL DATA. 6

9.      YOUR CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR PERSONAL DATA. 6

10.    CHANGES TO OUR NOTICE. 7

11.DATA CONTROLLERS &CONTACT. 7

SCOPE OF THIS NOTICE

This Noticeexplains how your personal dataareollected, used, and disclosed by Nespressoentities as listed in the controllers &contact section (Section 11)(“Nespresso”, “We”, Us”). It also tells you how you can access and update yourpersonaldata and make certain choices about how yourPersonal Dataareused.

This Notice covers both our online and offline data collection activities, including Personal DatathatWecollect through our various channels such as websites, social networks, Customer Relationship Centers, Boutiques, points of sales and events.Please note thatWecombine Personal DatathatWecollect via one method (e.g. a Nespresso website) with Personal DatathatWecollect via another method (e.g. a Nespresso offline event).As part of this, We may combine Personal Data that were originally collected by different Nespresso entities. Please see Section 8 for further information on how to object to this.

1.    SOURCES OF PERSONAL DATA

This Notice applies to Personal Data thatWecollect from or about you, through the methods described below(seeSection2), from the following sources:

Nespresso websites. Consumer-directed websites operated byor forNespresso, including sites thatWeoperate under our own domains/URLs and mini-sites thatWerun on third party social networks such as Facebook ("Websites").

Nespresso mobile sites. Consumer-directed mobile sites operated by or for Nespresso.

E-mail, text and other electronic messages. Electronic communications between you and Nespresso.

Nespresso CRC.Calls to our Customer Relationship Centers (“CRC”).

Nespresso Boutiques. Stores managed by Nespresso.

Offline registration forms. Printed registration and similar forms thatWecollect via, for example, in-store demos, contests and other promotions,or events.

Points of Sales.Demonstrators present in physical third party stores to assist you with the registering of your machine and coffee ordering.

Data from other sources. Social networks, publicly available information.

2.    PERSONAL DATATHAT WE COLLECT ABOUT YOU AND HOW WECOLLECT IT

Depending on how you interact with Nespresso (online, offline, over the phone, etc.),Wecollect various types of information from you, as described below.

Personal contact information.This includes any information you provide to Us that would allowUsto contact you, such as your name, postal address, e-mail address, social network details, or phone number

Account login information. Any information that is required to give you access to your specific account profile. Examples include your login ID/email address, screen name, password in unrecoverable form, and/or security question and answer.

Demographic information. Any information that describes your demographic or behavioralcharacteristics. Examples include your date of birth, age or age range, gender, geographic location (e.g. zip code), favorite products, hobbies and interests, and household or lifestyle information.

Technical information about computer/mobile device. Any information about the computer system or other technological device that you useto access one of our Websitessuch as the Internet protocol (IP) address used to connect your computer or device to the Internet, operating system type, and web browser type and version. If you access a Nespresso website via a mobile device such as a smartphone, the collected information willalso include, where permitted, your phone’s unique device ID, advertising ID, geo-location, and other similar mobile device data.

Websites/communication usage information.As you navigate through and interact with our Websites or newsletters, Weuse automatic data collection technologies to collect certain information about your actions. This includes informationsuch as which links you click on, which pages or content you view and for how long, and other similar information and statistics about your interactions,such ascontentresponse times, download errors and length of visits to certain pages. This information is captured using automated technologies such ascookies (browser cookies, flash cookies) and web beacons, and isalso collected through the use of third party tracking services (such as Double Click, Google Analytics, Adobe Dynamic Tag Management and/orOmniture). You have the right to object to the use of such technologies, for further details please see Section 3.

Consumer feedback.This includes information that you voluntarily share withUsabout your experience ofusing our products and services.

Consumer-generated content.This refers to any content that you create and then share withUs on a social network orby uploading it to one of our Websites, including the use ofsocial network apps such as Facebook. Examples include photos, videos, personal stories, or other similar media or content.Where permitted, We collect and publish consumer-generated content in connection with a variety of activities, including contests and other promotions, website community features, consumer engagement, and third party social networking.

Social network information.This refers to any informationthat you share publicly on a social networkor informationthat is part of your profile on a third party social network (such as Facebook) and that you allow the third party social network to share with Us. Examples include your basic account information (e.g. name, email address, gender, birthday, current city, profile picture, user ID, list of friends, etc.) and any other additional information or activities that you permit the third party social network to share. Wereceive your social network profile information (or parts of it) every time you download or interact with a Nespresso web application on a social network such as Facebook,every time you use a social networking feature that is integrated within a Nespresso site (such as Facebook Connect) or every time you interact with Us through a social network. To learn more about how your information from a third party social network is obtained by Nespresso,or to opt-out of sharing such social network information, please visit the website of the relevant social network.

Payment and Financial information. Any information thatWeneed in order to fulfil an order, or that you use to make a purchase, such as your debit or credit card details (cardholder name, card number, expiration date, etc.) or other forms of payment (if such are made available).In any case,Wehandle payment and financial information in a manner compliant with applicable laws, regulations and security standards such as PCI DSS.

Calls to CRC. Communications with a CRC maybe recorded,in accordance with applicable laws,for local operational needs (e.g. for quality or training purposes) and, in certain cases, to archive proof of consent for direct marketing and profiling. Payment card details are not recorded.Where required by law, you will be informed about such recording at the beginning of your call and will have the opportunity to object.

3.    COOKIES/SIMILAR TECHNOLOGIES, LOG FILES ANDWEBBEACONS

Cookies/Similar Technologies.Please see our Cookie Notice to learn how you can manage your cookie settings and for detailed information on the cookiesWeuse and the purposes for whichWeuse them.

Log Files. We collect information in the form of log files that record website activity and gather statistics about your browsing habits. These entries are generated automatically, and helpUsto troubleshoot errors, improve performance andmaintain the security of our Websites.

Web Beacons. Web beacons (also known as “web bugs”) are small strings of code that deliver a graphic image on a web page or in an email for the purpose of transferring data back to Us. The information collected via web beacons may include technical information such as IP Address, as well as information about how you respond to an email campaign (e.g. at what time the email was opened, which links you click on in the email, etc.). We may use web beacons on our Websites or include them in e-mailsthat Wesend to you. We use web beacon information for a variety of purposes, including but not limited to, site traffic reporting, unique visitor counts, advertising, email auditing and reporting, and personalization.

4.    USES MADE OF YOURPERSONAL DATA

The following paragraphs describe the various purposes for whichWecollect and use your Personal Data, and the different types of Personal Data that are collected for each purpose. Please note that not all of the uses below will be relevant to every individual.

Customer service.We use your Personal Datafor customer service purposes, including responding to your enquiries. This typically requires the use of certain personal contact information and information regarding the reason for your inquiry (e.g. order status, technical issue, product question/complaint,general question, etc.).

Contests, marketing and other promotions.With your consent (where required), We use your Personal Data to provide you withinformation about goods or services (e.g. marketing communications or campaigns or promotions). This can be done via means such as email, ads, SMS, phone calls and postal mailings to the extent permitted by applicable laws. Some of our campaigns and promotions may be run on third party websites and/or social networks. This use of your Personal Data is voluntary, which means that you can oppose the processing of your Personal Data for this purpose.

For detailed information on how to modify your preferences about marketing communication, please see Sections 8and 9 below.For more information about our contests and other promotions, please see the official rules or details posted with each contest/promotion.

Social networks :We use your Personal Data when you interact with third party social networking features,such as “Like” functions  to serve you with advertisements and engage with you on social networks. You can learn more about how these features work, the profile datathat We obtain about you, andfind out how to opt out by reviewing the privacy notices ofthe relevant third party social networks.

Personalisation (offline and online).With your consent  (where required), We use your Personal Data(i) to analyse your preferences and habits, (ii) to anticipate your needs based on our analysis of your profile, (iii) to improve and personalise your experience on our Website; to ensure that content from our Website is optimised for you and for your computer or device; and (iv) to allow you to participate in interactive features, when you choose to do so. For example, We remember your login ID/email address or screen name so that you can quickly login the next time you visit our site or so that you can easily retrieve the items you previously placed in your shopping cart. Based on this type of information,and with your consent (where required), Wealso show you specific Nespresso content or promotions that are tailored to your interests.The use of your Personal Data is voluntary, which means that you can oppose the processing of your personal data for this purpose. For detailed information on how to opt-out please refer toSection 8 below.

Order fulfillment. We use your Personal Data to process and ship your orders, inform you about the status of your orders, correct addresses andconductidentity verification and other fraud detection activities. This involves the use of certain personal information and payment information.

Other general purposes (e.g.internal research, analytic, security).In accordance with applicable laws, We use yourPersonal Data for other general business purposes, such as conducting internal marketing and demographic studies and measuring the effectiveness of advertising campaigns. We reserve the right, should you have Club Member accounts, to reconcilethose accounts intoone single account. We also use your Personal Data to ensure our security.

Legal reasons or merger/acquisition.In the event that Nespresso or its assets are acquired by, or merged with, another company including through bankruptcy, We may share your Personal Data with any of our legal successors. We may also disclose your Personal Data to third parties (i) when required by applicable law; (ii) in response to legal proceedings; (iii) in response to a request from a competent law enforcement agency; (iv) to protect our rights, privacy, safety or property, or the public; or (v) to enforce the terms of any agreement or the terms of our Website.

5.    DISCLOSURE OF YOUR PERSONAL DATA

In addition to the Nespresso/Nestléentities (in charge of Nespresso operations) mentioned in the data controllers &contact section(see Section 11), We share your Personal Data with the following types of third party organisation:

Service providers. These are externalcompanies that We useto help Us run our business (e.g. order fulfilment,payment processing, fraud detection and identity verification, debt collection, website operation, support services, promotions, website development, data analysis, CRC,etc.). Service providers, and their selected staff,are only allowed to access and use your Personal Dataon Our behalf for the specific tasks that they’ve been requested to carry out, based on our instructions, and are required to keep your Personal Data confidential and secure. Where required by applicable law, you can obtain a list of the providers processing your Personal Data (see Section 11 to contact Us).

Credit reporting agencies/debt collectors. To the extent permitted by applicable law, credit reporting agencies and debt collectors are externalcompanies that We useto help Us to verify your creditworthiness (in particular for orders with invoice) or to collect outstanding invoices.

Third party companies using Personal Datafor their own marketing purposes.Except in situations where you have given your consent, We do not license or sell your Personal Data to third party companies for their own marketing purposes.

Third party recipients using Personal Datafor legalreasons or due to merger/acquisition.We will disclose yourPersonal Data to third parties for legal reasons or in the context of an acquisition or a merger (see Section 4 for details).

6.    RETENTION OF YOUR PERSONAL DATA

In accordance with applicable laws, We will use your Personal Data for as long as necessary to satisfythe purposes for which your Personal Data was collected (as described in Section 4 above) or to comply with applicable legal requirements.

Personal Data used to provide you with a personalized experience (see Section 4 above for details) will be kept for a duration permitted by applicable laws

7.    DISCLOSURE, STORAGE AND/OR TRANSFER OF YOUR PERSONAL DATA

We use a variety of reasonablemeasures(described below) to keep yourPersonal Data confidential and secure. Please note, however, that these protections do not apply to information you choose to share in public areas such as social networks.

People who can access your Personal Data.Your Personal Data will be processed by our authorized staff, on a need to know basis, depending on the specific purposes for which your Personal Data have been collected (e.g. our staff in charge of customer care matters will have access to your customer record).

Measures taken inoperating environments. We store yourPersonal Data in operating environments that use reasonable security measures to prevent unauthorizedaccess. We follow reasonable standards to protect Personal Data. The transmission of information via the Internet is,unfortunately,not completely secure and althoughWewill do our best to protect your personal information, Wecannot guarantee the security of the data during transmission through our Website.

MeasuresWeexpect you to take. It is important thatyou also play a role in keeping yourPersonal Data safe and secure. When signing up for an online account, please be sure to choose an account password that would bedifficultfor others to guess and never reveal your password to anyone else. You are responsible for keeping this password confidential and for any use of your account. If you use a shared or public computer, never choose to have your login ID/email address or password remembered and make sure to log out of your account every time you leave the computer. You should also make use of any privacy settings or controlsWemay provide you in our Website.

Transfer of your Personal Data. The storage as well as the processing of your Personal Data as described abovemay require that yourPersonal Dataare ultimatelytransferred/transmitted to, and/or stored at, a destination outsideof yourcountryof residence, notably Switzerland and Luxembourg.Where permitted by law, by accepting the terms of this Notice, you agree to such transferring, transmission,storing and/or processing. You also agree that such activities may take placeto or in countries offering a lower level of protection than your country of residence.

8.    ACCESS TO YOURPERSONAL DATA

Access to Personal Data. Where provided by law, you, your successors, representatives and/or proxies have the right to access,review and request a physical or electronic copy of information held about you. You may also have the right to request information on the source of your Personal Data.

These rights can be exercised by sending Us an e-mail to nespresso@scott.mu or writing to us at Scott & Co Ltd - Industrial park 1, Riche Terre, Mauritius attaching a copy of your ID or equivalent details(where requested by Us and permitted by law). If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected.

Please note that any identification information provided to Us will only be processed in accordance with, and to the extent permitted by applicable laws.

Modification and Deletion ofPersonal Data. Where provided by law, you, your successors, representatives and/or proxies may (i) request deletion, correction or revision of your Personal Data; (ii) oppose the data processing;(iii) limit the use and disclosure of your Personal Data; and (iv) revoke consent to any of our data processing activities.

Please note that, in certain circumstances,Wemay not be able to delete your Personal Datawithout also deleting your user account. We may be required to retain some of your Personal Dataafter you have requested deletion,to satisfyourlegal or contractualobligations. We may also be permitted by applicable laws to retain some of your Personal Data to satisfy our business needs.

Where available, our Websites have a dedicatedfeature through whichyou canreview and edit thePersonal Datathat you have provided. Please note thatWerequire our registered consumersto verify their identity (e.g. login ID/email address, password) before they can access or make changes to their account information. This helps prevent unauthorized access to your account.

Notwithstanding this, you can also exercise your rights by sending Us an e-mail to nespresso@scott.mu or writing to us at Scott & Co Ltd - Industrial park 1, Riche Terre, Mauritius attaching a copy of your ID or equivalent details (where requested by Us and permitted by law). If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected.

Please note that any identification information provided to Us will only be processed in accordance with, and to the extent permitted by applicable laws.

9.    YOUR CHOICES ABOUT HOW WEUSE AND DISCLOSE YOUR PERSONAL DATA

We strive to provide you with choices regarding the Personal Datathat you provide to Us. The following mechanisms giveyou the following control over yourPersonal Data:

Cookies/SimilarTechnologies. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being used. Please see Section 3above.

Advertising, marketing and promotions.If you wish to have yourPersonal Data used by Nespresso to promote itsproducts or services, you can indicate so through the relevant tickbox(es) located on the registration form or by answering the question(s) presented by our Trade demonstrators, CRC or boutique representatives.If you decide that you no longer wish to receive such communications, you can subsequentlyunsubscribe from receiving marketing-related communications at any time, by following the instructions provided in each such communication. To opt-out of marketing communications sent by any medium, including third party social networks,you can opt-outat any timeby logging into the Website and adjusting your user preferences in your account profile by unchecking the relevant boxes or by calling our CRC.Please note that, even if you opt-out from receiving marketing communications, you may still receive administrative communications from Us, such as order or other transaction confirmations, notifications about your account activities (e.g. account confirmations, password changes, etc.), and other important announcements.

Personalization (offline and online):Where required by law, if you wish to have yourPersonal Data used by Nespresso to provide you with a personalized experience, you can indicate so through the relevant tickbox(es) located on the registration form or by answering the question(s) presented by our Trade demonstrators, CRC or boutique representatives.If you decide that you no longer wish to benefit from this, you can opt-out at any timeby logging into the Website and adjusting your user preferences in your account profile by unchecking the relevant boxes or by calling our CRC.

Interest Based Advertising.We may partner with ad networks and other ad serving providers (“Advertising Providers”) that serve advertising on behalf of Us and other non-affiliated companies on the Internet.  Some of those advertisements may be tailored to your interests based on information collected on Nespresso sites or on non-affiliated websites over time.  You may visit www.aboutads.info/choices to learn more about this type of advertising, as well as about how to opt-out of interest-based advertising practices from companies that participate in the Digital Advertising Alliance’s (“DAA”) self-regulatory program. Additionally, you may opt-out of this type of advertising in mobile applications from companies that participate in the DAA’s AppChoices app by downloading the app from the iOS or Android app store.  You may also stop the collection of precise location data from a mobile device by accessing your device location service settings.

10. CHANGES TO OUR NOTICE

IfWechange the wayWehandle your Personal Data,Wewill update this Notice. We reserve the right to make changes to our practices and this Notice at any time,pleasecheck back frequently to see any updates or changes to our Notice.

11.  DATA CONTROLLERS &CONTACT

To ask questions or make commentson this Notice and our privacy practices or to make a complaint about our compliance with applicable privacy laws, please contact Us at: Scott & Co Ltd - Industrial park 1, Riche Terre, Mauritius [nespresso@scott.mu] or call our CRC on + (230) 206 9401: 230-2069401

We will acknowledge and investigate any complaint about the way We manage Personal Data (including a complaint that We have breached your rights under applicable privacy laws).

 

Data controllers

Responsible for

Nestlé Nespresso SA (Nestlé Nespresso Ltd)

Avenue de Rhodanie 40, 1007 Lausanne,

Switzerland

All activities

Scott & Co Ltd

Industrial park 1,

Riche Terre, Mauritius

All activities

Nestlé Treasury International S.A.

7, Rue Nicolas Bové

L - 1253 Luxembourg

Website/app related payment card operations.

Point to note: in certain limited cases, another Nestlé or Nespresso entity might be behind the processing of your payment card details.