This policy has been updated in order to comply with the requirements of the General Data Protection Regulation (GDPR) that entered into force on 25 May 2018.
KENZO attaches great importance to the processing, confidentiality and security of your personal data. We are dedicated to offering you personalised services while respecting your privacy and personal choices.
The purpose of this Charter is to inform you clearly, simply and fully about the use by KENZO of the personal data of its customers and/or potential customers (“you” and “your”) as well as the rights and options that you have. We thus invite you to read it carefully and to take note thereof before every interaction with us.
This Charter applies to the customers and visitors of the KENZO Website as well as the customers and potential customers visiting the Boutiques directly operated by KENZO.
KENZO has appointed a Data Protection Officer responsible for ensuring compliance with this Charter and, more generally, compliance with applicable data protection regulations. Our Data Protection Officer can be contacted for any question concerning this Charter according to the modalities shown under heading 3 "Your Rights" of this Charter.
KENZO can modify this Charter from time to time to take into account statutory and regulatory changes as well as to keep you informed of the modifications of our practices concerning the processing of your personal data. Every important modification materially affecting the way in which we use your data shall be notified to you by e-mail and/or information on the Website (for example, a banner, a pop-up window or a push notification), in order to allow you to review the changes made, asses them and, if necessary, object to them or withdraw from a service or functionality.
2. GENERAL INFORMATION
“KENZO”, “we” and “our” refer to KENZO S.A., a joint stock company with share capital of €2,153,040, whose registered office is located at 18 Rue Vivienne, 75002 Paris and which is registered in the Paris Corporate Register under number 402.180.194.
Except in the event of a provision to the contrary, KENZO is the Data Controller of the processing identified in this Charter within the meaning of the regulations applicable concerning personal data and, in particular, of EU Regulation 2016/679 concerning the protection of natural persons in regard to the processing of personal data and the free movement of this data (hereinafter the “GDPR”).
Any personal information that you may transmit directly or indirectly to KENZO (for example, through its subsidiaries) is subject to the regulations in effect concerning the protection of data
3. MANAGEMENT OF PERSONAL DATA BY KENZO
KENZO collects, stores, processes, uses and communicates your personal data when you use our Website www.ikenzoshop.com (the “Website”), you visit our pages on social networks, you make purchases at the KENZO points of sale, you contact KENZO and, more generally, when you join the KENZO community.
3.1 Objectives pursued by KENZO
Kenzo collects your data to:
Reply to your requests, questions and claims:
- Send you our KENZO offers, news and events, according to the means of communication that you have chosen
- Notify you of the online availability of an out-of-stock product (availability warning)
- Inform you of the launching of an event
- Reply to you when you have contacted us (by means of the online contact form or by e-mail/telephone to the customer service).
Manage your integration into the KENZO community, the orders and purchases you make in a Boutique or online and fulfil our contractual and statutory obligations:
- Execution, delivery and monitoring of your orders/purchases (including customs clearance)
- After sales service for any purchase
- Execution of the guarantees applicable for any purchase
- Management of your personal account on the Website
- Management of your request(s) when exercising your rights (see the Section 3 “Your Rights”).
For the legitimate interests of KENZO:
- Ensure the management of our relations with you by keeping updated a centralised database which includes existing and potential customers
- Establish your customer profile in order to manage in a proactive and personalised manner the monitoring of the business relationship. This processing involves the analysis of your user or customer profile to determine what your preferences are and to offer you products that we believe may be of interest to you
- Allow users to recover a shopping cart in progress
- Carry out studies and statistics in order to better understand our clientele and improve our services (internet site, newsletter, effectiveness of advertising campaigns, etc)
- Ensure the security of online transactions as well as prevent fraud and payment incidents (both in KENZO Boutiques and online)
- Ensure the security of goods and persons in KENZO Boutiques (CCTV)
For all these purposes based on our legitimate interest, we make sure to take into account any potential impact that this processing may have on you and more generally on the users of the Website. If we think that your interest or your fundamental rights and freedoms override our legitimate interest, we will then not use your personal data on this basis, and may ask you for your specific consent.
Additional note concerning automated decision-making in the framework of the fight against fraud on Internet
We use automatic fraud detection algorithms to control your online purchases in order to prevent fraudulent transactions and payment incidents. These algorithms analyse the transactional information concerning your order, as well as the information concerning the device from which the order was placed (see section “Data collected by KENZO” for more information) and can result in blocking the transaction. If we consider that the transaction may constitute an attempt at fraud, a manual analysis of the blocked transaction is carried out by our customer service and can lead us to collect additional personal data for the purposes of verifying your identity, the validity of the order, the payment method used, or the delivery envisaged.
3.2 Data collected by KENZO
The term “personal data” means any information allowing you to be directly identified (your last name and first name) or indirectly (the customer identifier that we attribute to you in our systems).
For the purposes specified above, KENZO collects and processes the following categories of data:
- Identification and contact data: for example, your identity, e-mail address, telephone number, the country from which you interact with us, your connection identifiers on the Website, your internal KENZO identifier, etc.
- The information concerning your identity document in limited, specific cases (in particular: additional verification in the framework of the prevention of fraud, verification of cash payments in KENZO Boutiques, verification of the identity of the person exercising the right)
- Data concerning the transaction: for example, the articles chosen, the order number, your postal address for delivery and invoicing, means of payment, banking details, etc.
- Data concerning the monitoring of our business relationship: for example, your customer profile, the history of your purchases, returns and exchanges of articles, the history of your contacts and claims or of your correspondence with our customer service, etc.
- Connection data concerning the terminal used: your IP address, location of the terminal, use or not of a proxy, type of browser and browser information, etc.
- CCTV recordings.
The information communicated directly by you and essential to KENZO to fulfil the purposes pursued is indicated by an asterisk on the various forms that you fill in, both in KENZO Boutiques and online. If you do not fill in these required fields, KENZO cannot reply to your requests and/or supply you with the products and services requested. The other information of the various forms is optional and allows us to know you better in order to meet your expectations more accurately and to be able to send you, if you accept it, information about new KENZO collections, promotions and private sales, events, etc.
In our Boutiques or during events that we organise (for example: fashion shows or private sales in your usual Boutique), we may gather additional personal data under the conditions and for uses that are specifically notified to you on this occasion.
3.3 Retention of your personal data
The data is kept for a period that does not exceed the necessary duration for the purposes for which it has been collected and which are specified above.
Your personal data is kept by KENZO:
- The necessary time to reply to your request, question, or claim: for example, for the duration of registration for the newsletter (i.e. until your deregistration), until the sending of the availability notice of a product, or as long as you maintain your customer account on our Website
- Up to 10 years if you are a “customer”, i.e. you have purchased one of our products or services. This period will be renewed each time you interact with us
- 3 years if you are a “prospect”, i.e. you have never purchased one of our products or services but you are interested in the brand. This period will be renewed each time you interact with us
- 13 months for cookies placed in your computer
- 1 month for CCTV recordings. In the event where the recordings are necessary for the defence of KENZO’s interests in the framework of criminal proceedings, the images are then extracted from the system and kept for the duration of the proceedings
- 24 hours to carry out the processing of abandoned shopping cart reminded
- The time of judicial, criminal or commercial proceedings when the data is necessary for the defence of the rights and interests of KENZO.
The data is then deleted definitively from our systems or anonymised so that you are no longer identified or identifiable.
3.4 Recipients of the data – Sharing of the data with third parties
Your personal data are addressed to KENZO employees and can also be transmitted to/accessible by KENZO subsidiaries. KENZO employees are authorised to access the personal data solely in the course of their functions. Controls are put in place to ensure that the access granted matches the needs of their functions.
Your data is also transmitted to/accessible by third party service providers to whom we call upon to fulfil the purposes described in this Charter and, in particular:
- Financial institutions,
- Detection and prevention of fraud service providers,
- Technical and technological service providers and suppliers,
- Logistics, transport and delivery services providers,
- Communication, marketing and advertising service providers and partners.
Your data can also be transmitted to third parties and, in particular, to the customs authorities, representatives of the police, Courts of Justice and governmental and regulatory authorities: (a) if we believe that a disclosure of information is necessary by virtue of applicable laws or legal or regulatory proceedings (for example, in reply to a summons or a judicial order) or (b) to protect and defend our rights, and the rights and security of third parties, including to defend ourselves against legal actions. Even if the disclosure of information to these authorities is not an obligation for us, we can choose, at our discretion, to provide them with our assistance if need be.
Some of these recipients are located outside of the European Economic Area in countries whose level of protection of personal data is not comparable to that of the European Union. When we transfer your personal data to these countries, we ensure the continuous security of your data and subject the transfers to appropriate guarantees, by means of the signature of the standard contractual clauses of the European Commission.
When you access our KENZO pages on social networks, your browser is subject to the confidentiality policies of these social networks, over which we have no control.
3.5 Security and confidentiality of the data
KENZO has taken all the technical and organisational measures to protect the confidentiality and security of the personal data processed, in view of its nature and the risks of processing and to prevent that it is distorted, damaged, destroyed or that unauthorised third parties have access thereto.
KENZO has, in particular, implemented the following measures:
- KENZO’s information systems are subject to physical and logical protection in accordance with the state-of-the-art, regularly assessed and improved. Backup procedures of KENZO’s information systems are regularly executed.
- Access to the data is limited to the sole employees of KENZO authorised because of their functions, with these employees being subject, furthermore, to contractual confidentiality obligations.
- KENZO’s service providers and sub-contractors are bound by written commitments to take security measures that are sufficient to ensure the protection of your personal data in accordance with the applicable legislation.
- KENZO’s Website is protected by a SSL encryption process making the data illegible during its transmission on the internet.
We remind you that KENZO does not control all the risks relating to the functioning of Internet and we draw your attention to the existence of eventual risks inherent to its use and its functioning.
4. YOUR RIGHTS
We undertake to guarantee the exercising of the rights that you have pursuant to the personal data protection regulations. You can thus exercise the following rights at any time:
- Right to information: you have the right to obtain clear, transparent and comprehensible information about the way in which we use your personal data and about your rights. You will find all of this information in this Charter. If you wish to have additional information, we invite you to contact our Data Protection Officer (see contact details below).
- Right of access: you have the right to obtain a copy of the personal data that we possess about you.
- Right of rectification: you have the right to have your personal data rectified if it is inaccurate or obsolete and/or to supplement it if it is incomplete.
- Right of deletion/ right to oblivion: you have the right to have your data deleted or suppressed.
- Right of objection to personalised marketing: you can at any time request that you should no longer receive commercial communications about our offers, news and events.
- Right to withdraw your consent: you can at any time withdraw your consent to the processing of your personal data when this processing is based on your consent.
- Right to the restriction of processing: you have the right under certain conditions to request that the processing of your personal data be temporarily suspended.
- Right to the portability of the data: you have the right to request that your personal data be transmitted to you in a format allowing it to be used in another database.
You can exercise these rights or ask any question concerning the management of your personal data by contacting:
Our Data Protection Officer:
- By letter to:
For the attention of the Data Protection Officer (DPO)
18 Rue Vivienne
Our customer service:
- By means of the online contact form
If we consider it necessary to be able to identify you, we can ask you for proof of identity.
You can also exercise your rights of rectification and/or of objection to marketing directly:
- Under the dedicated heading of your personal KENZO account
- By using the deregistration link shown at the bottom of each e-mail or by sending STOP to the number indicated in each sms
- In the Boutique with the vendor.
You also have the right to submit to the French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés or “CNIL”), 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07, any complaint relating to the way in which KENZO collects and processes your data. If you reside in another country of the European Union, we invite you to contact the data protection authority of the place where your main residence is or of the place from which you have been in contact with KENZO.
5.1 What is a cookies?
A cookie is a text file that can be stored in a dedicated area of your Terminal's* hard disk when viewing an online service using your browser. A cookie file enables its issuer to identify the terminal on which it is stored during the cookie's validity or registration period.
* the Terminal means the hardware (computer, tablet, smartphone, etc.) that you use to view or display a website, application, advert, etc.
5.2 The Cookies we issue on our website
When you visit our Site, we may, subject to your choices, install various cookies on your Terminal to enable us to recognize your Terminal's browser during the validity period of the cookie concerned.
The Cookies we issue have the following purposes:
- establish statistics and volume of visits and use of our Site's various constituent elements (sections and contents visited, visitor paths), enabling us to enhance the interest and ergonomics of our services, and the visibility of the content we publish;
- enable or facilitate your browsing of the Site, or provide you online communication services that you use when browsing, and thus:
- adapt the presentation of our Site to your Terminal's display preferences (language used, display resolution, operating system used, etc.) when you visit our Site, suitable for your Terminal's display or data-reading hardware or software;
- memorize information from a form you have completed on our Site (registration or logging in to your account) or concerning products, services or information you selected on our Site (service subscribed, contents of an order basket, wishlist, etc.);
- afford you access to reserved personal spaces on our Site, such as your account, using logins or data you may previously have disclosed to us; and
- implement security measures, for example when you are requested to log in again to a content or service after a certain length of time.
5.3 Cookies issued on our website by third parties
5.3.1 Cookies issued through third-party applications embedded on our Site: We may include on our Site computer applications from third parties designed to enable you to share the content of our Site with others, or to acquaint others with your viewing or your opinion concerning content on our Site. This is particularly the case for the "Share" and "Like" buttons provided by the social networks (such as Facebook, Twitter, etc.).
A social network providing an application button of this kind is likely to identify you through that button, even if you have not used that button when browsing our Site. This type of application button can enable the social network concerned to track your browsing of our Site simply through the fact of your social network account being activated on your Terminal (open session) while you are browsing our Site.
We have no control over the process used by social networks to collect information on your browsing of our Site that is associated with the personal data in their possession. We recommend that you view the privacy policies of the social networks to be aware of the purposes of use, particularly for advertising, of the browsing information they may collect using the application buttons. These privacy policies must in particular allow you to make choices on those social networks, particularly by changing the settings of your user accounts on each of those networks.
5.3.2 Cookies issued on our website by third parties: Our Site may contain cookies issued by third parties (communication agencies, audience measurement companies, etc.) enabling them, for the validity period of those cookies:
- to collect browsing information relating to the Terminals viewing our Site, and particularly to measure the effectiveness of our paid referencing campaigns with search engines.
5.4 Your cookie management choices
We use the Ghostery Enterprise Site Notice, which acts as a Cookie Consent Tool, to provide you with clear and comprehensive information on third-party technology suppliers who work to improve the user experience on our Site and to ensure relevant targeting of future messages sent to you. Moreover, this Consent Tool gives our users control over the way their information is used.
You can find the relevant information by clicking on the "Cookie Consent" button in the lower right-hand corner of your screen. This opens a new window containing detailed information on each of the technology suppliers that are on the Site, and you have the choice of whether to disable the trackers individually or all at once.
You may at any time express and change your cookie choices, using the methods described below.
5.4.1 The choices afforded you by your browser:
You can configure your browser so as to have the cookies recorded on your Terminal or, on the other hand, to reject them, either systematically or according to their issuer. You can also configure your browser so that a cookie can be proposed for acceptance or refusal individually, before a cookie can be stored on your Terminal. For further information, view the section "How do you make your management choices, depending on the browser you use?".
(a) Cookie consent
Storage of a cookie on a terminal is basically dependent on the wish of the Terminal user, which can be expressed and changed at any time, free of charge, through the choices afforded by the user's browser.
If you have configured your browser to accept storage of cookies on your Terminal, the cookies embedded in the pages and contents you have viewed may be stored temporarily in a dedicated space on your Terminal. They will be readable there solely by their issuer.
(b) Cookie rejection
If you reject the storing of cookies on your Terminal, or if you delete those that are recorded there, you may thereafter be deprived of a certain number of functions, which are, nevertheless, necessary for browsing certain spaces on our Site. This would happen if you attempted to access our content or services requiring you to log in. This would also happen whenever we or our service providers are unable to recognize, for technical compatibility purposes, the type of browser used by your Terminal, its language and display settings or the country from which your Terminal appears to be logged on to the Internet.
Where applicable, we decline all responsibility for any consequences arising from the degraded operation of our services due to our being unable to store or view the cookies you have rejected or deleted that are required for operating such services.
(c) How do you make your management choices, depending on the browser you use?
Each browser has a different configuration for managing cookies and your choices. This configuration is described in your browser's help menu, informing you how to change your cookie management choices.
For Internet Explorer 8.0 and above:
1. Choose the "Tools" menu, then "Internet Options"
2. Click on the "Confidentiality" tab
3. Use the cursor to select the level required.
For Mozilla Firefox:
1. Choose the "Tools" menu, then "Options"
2. Click on the "Privacy" icon
3. Locate the "cookies" menu and select the options you want.
1. Choose the "Settings" menu
2. Click on "Show advanced parameters" and go to the "Confidentiality" paragraph
3. Click on "Content parameters".
1. Choose the "File" menu, then "Preferences"
2. Click on the "Privacy" icon
3. Define your settings.
1. Tap the top right-hand key
2. Go to "Settings", then "Confidentiality and security"
3. Define your settings.
For Dolphin in Android
1. In the menu, go to "More", then to "Settings"
2. Choose the Confidentiality menu, then "Security"
3. Define your settings in the "Cookies" menu.
For Safari in iOS
1. In the "Settings" application, choose "Safari"
2. In the "Confidentiality" section, go to "accept cookies"
3. Define your settings.
5.5 If you share your terminal with others
If your Terminal is used by more than one person and a single terminal has several browsers, we cannot be certain that the services and advertising sent to your Terminal actually correspond to your own use of that Terminal, as opposed to the use of that Terminal by another user.
Where this is the case, sharing the use of your Terminal with others and the configuration of your browser's cookie settings are matters of your free choice and own responsibility.
For further information on cookies and their use, you can view the information provided by the French data protection agency, the Commission Nationale de l’Informatique et des Libertés (CNIL), at the following address: http://www.cnil.fr.