COOKIE POLICY

1.    DESCRIPTION AND SCOPE OF DATA PROCESSING
We use cookies on our website. Cookies are small text files that are assigned to the browser you are using and stored on your hard disk by means of a characteristic string, and through which certain information flows to the body that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer and therefore cannot cause any damage. They serve to make the internet offer more user-friendly and effective overall, i.e. more pleasant for you.
Cookies can contain data that make it possible to recognize the device used. In some cases, however, cookies only contain information about certain settings that are not personally identifiable. However, cookies cannot directly identify a user


2.    WHAT TYPES OF COOKIES DO WE USE?
A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. With regard to their function, cookies are again differentiated between:
Here's a list of the cookies we use and what we use them for:
• Functional cookies: With these cookies, the website is able to provide advanced functionality and personalization. They may be set by us or by third parties whose services we use on our websites. If you do not allow these cookies, some or all of these services may not function properly.
• Strictly necessary cookies: These cookies are required for the website to function and cannot be disabled in your systems. Generally, these cookies are set only in response to actions you take that correspond to a service request, such as setting your privacy preferences, logging in, or filling out forms. You can set your browser to block these cookies or to notify you about these cookies. However, some areas of the website will not function if you do so. These cookies do not store any personal data.
• Marketing cookies: These cookies may be set by our advertising partners through our website. They may be used by these companies to profile your interests and show you relevant ads on other websites. They do not directly store personal information, but are based on a unique identification of your browser and Internet device. If you do not allow these cookies, you will experience less targeted advertising.
• Performance cookies: These cookies allow us to count visits and traffic sources so that we can measure and improve the performance of our website. They help us answer questions about which pages are the most popular, which are the least used, and how visitors move around the site. All information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies, we will not be able to know when you visited our website

3.    LEGAL BASIS FOR DATA PROCESSING
Any use of cookies that is not strictly necessary for the use of this website and its services is only permitted with your express and active consent pursuant to Article 6 (1) sentence 1 lit. a GDPR. This applies in particular to the use of cookies for marketing purposes and functional cookies.

4.   THE COOKIES AND MODIFICATIONS WE USE ON OUR WEBISTE
An overview of all cookies that we use on our website, including the name of the cookie, purpose, host, duration and type can be found in the cookie settings below. There you can also decide which cookies you want to allow and which not. Click on the different category headings to learn more and change the default settings

In the following, we would like to inform you about further analysis tools and plugins that we use on our website and for which we partly require your consent. Whether consent is required, you can see in the following description of the respective service: Vimeo, Adobe Analytics,Youtube, OneTrust, nr-data.net, Adobe Site Catalyst, Google Analytics, Facebook Pixel.
5.   SOCIAL MEDIA PLUGINS
(1) We currently use the following social-media-plugins: Facebook, Instagram,and YouTube, which are only loaded if you have previously activated the function through your consent. Through the plugins, we offer you the opportunity to interact with the social networks and other users. The legal basis for the use of the plug-ins is Art. 6 para. 1 p. 1 lit. a GDPR, i.e. the integration only takes place after your consent.
(2) The plugin provider stores the data collected about you as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for non-logged-in users) for the display of tailored advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plugin provider to exercise this right. The data transfer takes place regardless of whether you have an account with the plugin provider and are logged in there. If you are logged in to the plugin provider, your data collected by us will be directly assigned to your account with the plugin provider. If you click the activated button and, for example, link to the page, the plugin provider also saves this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid an assignment to your profile with the plugin provider.
(3) The information collected is stored on servers of the providers, in the case of international providers also outside Europe. For these cases, the provider has, according to its own information, imposed a standard on itself that corresponds to the former EU-US Privacy Shield and has promised to comply with applicable data protection laws in the international transfer of data. We have also agreed so-called standard data protection clauses with the providers, the purpose of which is to ensure compliance with an appropriate level of data protection in the third country.
(4) The revocation of your consent is possible at any time, without affecting the permissibility of the processing until the revocation. The easiest way to revoke your consent is via our Consent Manager or via the functions of the social media providers.
(5) For more information on the purpose and scope of data collection and processing by the plugin provider, please refer to the privacy policies of these providers below. There you will also receive further information about your rights in this regard and setting options for protecting your privacy.
• Instagram: https://www.instagram.com/about/legal/privacy/#
• Pinterest: https://policy.pinterest.com/en/privacy-policy#
• YouTube: https://www.google.com/intl/en/policies/privacy/
• Facebook: https://www.facebook.com/privacy/policy
• Twitter: https://twitter.com/de/privacy

PRIVACY POLICY

1.    Name and address of the Controller and information about our Data

Protection Officer
The data controller (or equivalent) [DLAP1] within the meaning of the General Data Protection Regulation (GDPR)the Personal Data (Privacy) Ordinance (Cap. 486) and other national data protection laws of the member states as well as other applicable data protection laws and regulations is:
KPSS Hong Kong Limited
Unit A, 30/F, Tower A, Billion Centre, No.1 Wang Kwong Road,Kowloon Bay,Kowloon, Hong Kong
 It will be referred to as “we”, “us” or “Controller” in this Privacy Policy. In this Privacy Policy, “personal data” refers to any information through which you can be directly or indirectly identified as an individual. “Kao Group” refers to our parent entity, Kao Corporation in Japan, and each of its affiliates and/or subsidiaries (each affiliate or subsidiary including us referred to as "Kao Company"). 
We may update this Privacy Policy from time to time. Where we are required to do so by applicable law, we will seek your consent to such changes.
 2.    Categories of Personal Data and Processing Purposes - What personal data do we process about you and why?

The types of personal data we process about you and what we process it for depend on the relationship we have with you and the products or services that we provide to you. We may also process your personal data for any purposes directly related to the below.

2.1  Metadata
You may use this Website without providing any personal data about you directly. In this case, we will collect only the following metadata that result from your usage of the Website: browser type and version, operating system and interface, website from which you are visiting us (referrer URL), webpage(s) you are visiting on our Website, date and time of accessing our Website and internet protocol (IP) address. Your IP address will be used to enable your access to our Website. The other metadata will be used to improve the quality and services of our Website and services by analyzing the usage behavior of our users.
2.2  Contact form
On our website, we offer you the opportunity to contact us via a contact form. To be able to process your request, we need to collect the following information from you, which can also include personal data: your email address and message contents. The provision of further personal data (for example your name) is possible, but not mandatory. The personal data that you provide us in the context of this contact form will be used to answer your inquiry / contact request and for the associated technical administration.
2.3  Newsletter
If you request to receive our newsletter, we process the following information from you, which can also include personal data: your email address. The provision of further personal data (being your name, salutation and contact information) is possible, but not mandatory. We process such personal data for purposes of providing the newsletter about products, services, news, offers, promotions and events which we think may be of interest to you to the extent permitted by applicable law and analyzing your interests for marketing purposes. We may not do so unless we have received your consent and you can withdraw your consent without charge at any time by contacting us (see Section 8 below). In particular, your salutation and your name are requested in order to provide you with a personalized experience.
Under certain circumstances, the newsletter will not be sent by the Controller, but by another Kao Company (in particular Kao Germany GmbH). In this case, this Kao Company will receive your email address and if applicable, name, salutation and contact information from us to facilitate them in sending you the newsletter about products, services, news, offers, promotions and events which we think may be of interest to you, which may be for our commercial gain. We may not share your personal data with this Kao Company without your consent, and you can withdraw your consent without charge at any time by contacting us (see Section 8 below).

2.4  Become a stockist
On our website, we offer you the opportunity to become a stockist. For this we need the following personal data from you: your email address. The provision of further personal data (for example your name) is possible, but not mandatory. The personal data that you provide us in this context will be used to contact you regarding your interest as a stockist. If you want to become a stockist, we may request and subsequently process further data from you (e.g. being your name, salutation and contact information) that is necessary for our business relationship.
2.5  Salon finder
On our website you have the opportunity to find the nearest salons to your location that offers our products. You have the option of having your location determined by geolocation based on your IP address or by manually entering a postal code or address. We process such information for the purposes of facilitating your search for salons near you on our Website.

3.    Processing Basis and Consequences - What is the legal justification for processing your personal data and what happens if you choose not to provide it?
The provision of your personal data is not required by a statutory or contractual obligation. The provision of your personal data is necessary to enter into a contract with us or to receive our services/products as requested by you. The provision of your personal data is voluntary for you. Not providing your personal data may result in disadvantages for you. If you do not provide us personal data that is required for the purposes described in this Privacy Policy, we may not be able to administer and manage our relationship with you (such as communicate with you or perform our contract with you, if any), which in some cases may mean we are unable to continue with your engagement with us if applicable, or we may be prevented from complying with our legal obligations. However, unless otherwise specified, not providing your personal data will not result in legal consequences for you.



4.    Categories of Recipients and International Transfers - Who do we transfer your personal data to and where are they located?
We may transfer your personal data to third parties for the processing purposes described above as follows:

  • Within the Kao Group: Any Kao Company may receive your personal data as necessary for the processing purposes described above. Depending on the categories of personal data and the purposes for which the personal data has been collected, different internal departments within the Kao Company may receive your personal data. Moreover, other departments within the Kao Company may have access to certain personal data about you on a need to know basis, such as the legal department, the finance department or internal auditing.
  • With data processors: Certain third parties, whether affiliated or unaffiliated, may receive your personal data to process such data under appropriate instructions ("Processors") as necessary for the processing purposes described above, such as Website service providers, order fulfilment providers, customer care providers, marketing service providers, IT support service providers, and other service providers who support us in maintaining our relationship with you. The Processors will be subject to contractual obligations to implement appropriate technical and organizational security measures to safeguard the personal data, and to process the personal data only as instructed.
  • Other recipients: We may transfer - in compliance with applicable data protection law - personal data to law enforcement agencies, governmental authorities, judicial authorities, legal counsel, external consultants, or business partners. In case of a corporate merger or acquisition, personal data may be transferred to the third parties involved in the merger or acquisition. Except as otherwise stated in this Privacy Policy, we will not disclose your personal data to third parties for advertising or marketing purposes or for any other purposes without permission. Any access to your personal data is restricted to those individuals that have a need-to-know in order to fulfill their job responsibilities.
We will obtain your consent to the disclosure of your personal data where we are required to do so under applicable law
International transfers: The personal data that we collect or receive about you may be transferred to and processed by recipients that are located inside or outside the jurisdiction where it was collected. We will take all necessary measures to ensure that transfers out of the applicable jurisdictions are adequately protected as required by applicable data protection law.

5.    Retention Period - How long do we keep your personal data?
We take appropriate technical, physical and organizational measures to ensure that your personal data is secured against unauthorized or accidental access, processing, erasure, loss or use.
Your personal data will be retained as long as necessary to provide you with the services and/ or products requested by you. Once your relationship with us has ended or the purpose for which the data is processed is otherwise satisfied, we will remove your personal data from our systems and records and/or take steps to properly anonymize it so that you can no longer be identified from it, unless we need to keep your information to comply with legal or regulatory obligations to which the Kao Company is subject, e.g. taxation purposes – see below.
In some cases, we may be required by applicable law to retain certain of your personal data for a period of time after the relevant taxation year. We may also retain your personal data after the termination of the contractual relationship if your personal data are necessary to comply with other applicable laws or if we need your personal data to establish, exercise or defend a legal claim, on a need to know basis only. To the extent possible, we will restrict the processing of your personal data for such limited purposes after the termination of the contractual relationship.


6.    Your Rights - What rights do you have and how can you assert your rights?
Subject to, and to the extent permitted by applicable data protection law, you may have various rights in relation to the personal data we collected and/or hold about you. If you are a resident in Hong Kong, this includes the right to: (i) request access to your personal data; and (ii) request rectification of your personal data.
Please note that these aforementioned rights might be limited under the applicable local data protection law.


7.    Cookies and other tracking technologies
This Website uses cookies and other tracking technologies. For further information, please visit our Cookie Policy.
This Website may contain links to and from third party websites from time to time. These websites have their own privacy policies which would apply, which you should read carefully before you submit any personal data on such websites. We are not responsible for the content of these websites or their privacy policies, nor do we have any control over personal data that is submitted to these websites.


8.    Questions and Contact Information
If you have any questions about this Privacy Policy or if you want to exercise your rights as stated above in Section 6, please contact us at dataprivacy.emea@kao.com or info@kpss-hair.com.hk if you are a resident in Hong Kong.

Page Top