ESTEE LAUDER COMPANIES
MALAYSIA CONSUMER PRIVACY POLICY

Last Update: 15 May, 2023

To review in Bahasa Malaysia CLICK HERE.

The Estée Lauder Companies respects your privacy and values the relationship we have with you.

The Estée Lauder Companies has a diverse portfolio of prestige brands. You can find a list of these brands on ELCompanies.com, each referred to in this Privacy Policy as a “Brand”.

This Privacy Policy describes how our Brands in Malaysia collect, use, disclose and safeguard your personal information. Unless otherwise indicated, all Brands in Malaysia follow this Privacy Policy.

References in this Privacy Policy to “we”, “us”, “our”, “ELC” are references to the entity or entities in Malaysia responsible for establishing the purposes for the processing of your personal information. See the Data Controllers section below for details.

TABLE OF CONTENTS


INFORMATION WE PROCESS

We may collect or process the following types of information about you. The specific information we collect about you will vary depending on how you interact with us.


  • Contact information and personal identifiers, such as your name, address, email address, telephone number, and username or social media handle.
  • Device identifiers, such as information about your device like your MAC address, IP address, or other online identifiers.
  • Demographic information, such as your age, or date of birth, sex, and gender.
  • Physical characteristics, such as your hair type and color, skin type, and eye color.
  • Biometric information, such as facial geometry if you use certain of our virtual try-on applications or skin diagnostic tools.
  • Commercial information, such as the products or services you have purchased, returned or considered, and your product preferences.
  • Payment information, such as your method of payment and payment card information (including payment card number, delivery address and billing address).
  • Identity verification information, such as photo identification for in-store pick-ups at one of our retail stores, loyalty member ID, and authentication information (like passwords).
  • Online or network activity information, such as information regarding your interaction with our websites, mobile applications, digital properties, and advertisements, information about your browsing and search history on our websites or mobile applications, and log file information like your browser type and webpages you visit.
  • Geolocation information, such as information that can help identify your physical location (like your GPS coordinates or the approximate location of your device).
  • Audio and visual information, such as recordings of your voice when you call our customer service and images we record through video surveillance in our retail stores.
  • Professional or employment-related information, such as professional licenses or certifications in connection with our professional programs.
  • Health and medical information, such as skincare concerns, diagnoses, medical reports and history.
  • User Content, such as your communications with us and any other content you provide (including photographs and images, videos, reviews, articles, survey responses, and comments).
  • Inferences drawn from or created based on any of the information identified above.

HOW WE COLLECT INFORMATION

We may collect personal information about you from various sources. For example:


  • Directly from you, such as when you make a purchase on one of our websites or in one of our retail stores, contact us with a question or complaint, use one of our mobile applications or virtual try on experiences, create an account on one of our websites, register for one of our brand loyalty programs or marketing lists, respond to a survey, participate in a contest or other promotion, make an appointment or sign-up to attend an event.
  • From your friends or family members, such as when your friend or family member sends you a gift or makes a referral.
  • When you interact with our websites or emails. When you visit our websites, or when you open or click on emails we send you, we (and third parties we work with) may automatically collect information from your browser or device, such as device identifiers and online and other network activity information using technologies such as cookies, pixel tags, and similar technologies. Cookies are small text files that websites place on your Internet-connected device to uniquely identify your browser or to store information or settings in your browser. Pixel tags are small images which are embedded into our websites or emails. We use pixel tags to collect information about your browser or device, how you interact with our websites, or whether you open or click on the emails we send you. Pixel tags also enable us (and third parties we work with) to place cookies on your browser.
  • Through in-store and other offline technologies, such as video surveillance, traffic counting devices and WiFi technology in and around our retail stores, and call recording technology when you speak to customer service.
  • From our business partners and service providers, such as demographic companies, analytics providers, advertising companies and networks, third-party retailers or distributors, and other third parties that we choose to collaborate or work with.
  • From social media platforms and networks, such as Facebook, Instagram, Twitter, Pinterest, and Google. For example, we may obtain your information from a social media platform or network if you interact with us on social media or choose to log-in to our websites using your social media credentials.
  • From other ELC Brands that you have interacted with.

We may combine the information we obtain from the above sources. For example, we may combine information we collect in our stores with information we collect online.

It is voluntary for you to provide your personal information. However, from time to time where you do not provide information requested by us, we may not be able to provide you with your requested goods or services, or respond to your request.

HOW WE USE INFORMATION

We may use the information we have about you:


  • To provide products and services to you, such as fulfilling orders and processing payments, creating, servicing and/or maintaining your account or loyalty program membership, identifying concerns and assisting with product recommendations, and managing current or past purchases.
  • To communicate with you, including to respond to your inquiries or complaints, and to help you place an order.
  • To administer your participation in special events, contests, sweepstakes, surveys or promotions.
  • For marketing and advertising, such as to send you postal mail, text messages, email, push notifications or other messages, show you advertisements for products and/or services tailored to your interests on social media and other websites.
  • To operate and understand your use of our websites and mobile applications, such as to remember your information so you do not have to re-enter it, understand your preferred method of purchasing with us; determine what browser and devices you use to visit our websites or mobile applications; and to evaluate and improve our services, advertisements, websites and mobile applications. For example, we use Google Analytics on our websites. For specific details on how Google collects and uses your personal information when we use its services, please visit: How Google Uses Information From Sites Or Apps That Use Our Services.
  • To operate and improve our business, including to conduct analytics, provide quality assurance and process adverse event or product related claims, conduct research and development, and perform accounting, auditing and other internal business functions.
  • For legal and security purposes, such as to detect, prevent, and prosecute harmful, fraudulent, or illegal activity, loss prevention, identify and repair bugs on our websites or mobile applications, and to comply with applicable legal requirements, relevant industry standards and our policies.

We also may use your information in other ways for which we provide specific notice at the time of collection.

HOW WE SHARE INFORMATION

We may share your personal information with:


  • Our Brands. When you interact with a Brand, we may share your personal information with other Brands. Those other Brands may use your personal information for marketing and advertising and other purposes identified in this Privacy Policy.
  • Our Subsidiaries and Affiliates. We may transfer your personal information to our subsidiaries and affiliates on a need-to-know basis for the purposes identified in this Privacy Policy.
  • Service providers. We may transfer personal information to service providers who perform services on our behalf based on our instructions. We do not authorize these service providers to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements. Examples of these service providers include entities that process credit card payments, fulfill orders, and that provide website and application functionality, hosting, analytics, advertising and marketing services.
  • Parties to a corporate transaction. We also reserve the right to transfer personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution, or liquidation).
  • Advertising Companies. We work with third party advertising companies (such as advertising networks) to serve advertisements on our behalf. For additional information, see the How We Use Information to Advertise Section.
  • Other third parties. In addition, we may disclose personal information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government officials, (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity, (iv) when disclosure of your personal information is otherwise required or permitted by law, or (v) with your consent (such as third-party salons and spas).

HOW YOU CONTROL YOUR INFORMATION

You have rights and choices in connection with the personal information we have about you.


  • Data Subject Rights: Depending on local laws, you may have rights with respect to your personal information. For example, you may be able to request access to the personal information we maintain about you, update and correct inaccuracies in your personal information, and have the personal information deleted or transmitted to a third-party. You may request to access, change, or delete your personal information by emailing us at info@bobbibrown.com.my . We may take reasonable steps to verify your identity when you make a request. You may also have the right to lodge a complaint with a data protection authority.
  • Marketing & Advertising Preferences: Your online account may offer you the ability to edit your marketing preferences. You can also opt-out of receiving marketing communications (such as email, postal mail or text messages) by following the unsubscribe instructions sent within those communications or you can make a request by emailing us at info@bobbibrown.com.my . When you unsubscribe from our marketing communications, we will no longer use the related personal information (such as your email address or phone number) for targeted advertising purposes.
  • Mobile Device & Browser Preferences: Depending on your mobile device or web browser, we may request your location or request to send you push notifications. You can edit your preferences using the settings on your device.
  • Cookie Preferences: You can choose how certain cookies are used in connection with our websites. You can edit your cookie preferences at any time by editing your browser settings or, selecting the “Manage Cookies” link available at the bottom of our Brand websites. For additional details see the HOW WE USE COOKIES Section.

HOW WE USE COOKIES

Cookies are small text files that websites place on your Internet-connected device to uniquely identify your browser or to store information or settings in your browser which allows us to remember you when you come back to our websites and provide you with personalized experiences and advertisements. We use different types of cookies on our websites, including strictly necessary cookies, performance cookies, functional cookies and targeting cookies.

You can view the types of cookies used on our websites and edit your preferences by accessing the “Manage Cookies” link at the bottom of our Brand websites. You can also edit your cookie preferences through your browser settings. When editing your cookie preferences, please note that your settings only apply to the browser you use to submit your opt-out request, so if you use multiple browsers or devices, you must opt-out on each browser, on each device. Your opt-out is enabled using cookies so once you opt-out, if you delete your browser’s saved cookies on a device, you will need to opt-out again on that browser on that device.

Our websites are not designed to respond to “do not track” signals from browsers.

HOW WE USE INFORMATION TO ADVERTISE

We may use, disclose or otherwise process your personal information to advertise our products and services in different ways, including targeted advertising. We work with third party advertising companies (such as advertising networks) to serve advertisements on our behalf. These advertising companies may use cookies, pixel tags and similar technologies to collect device identifiers, online or network activity information, commercial information, or inferences, such as information about the websites you visit over time and the advertisements you click on to deliver advertisements that are targeted to you. You can opt-out of cookie-based advertising based on your visits to our sites by editing your cookie preferences as described in the HOW WE USE COOKIES Section. Please note that even if you opt-out, you may still see ads from us, but the ads will not be targeted based on the websites you visit over time and the advertisements you click on and may therefore be less relevant to you and your interests.

We also work with third-party platforms, including platforms operated by social networks, to show you advertisements or measure the effectiveness of our advertisements. We may convert your email address, telephone number, or other information into a unique value and have these third-party platforms match this unique value with a user on their platform or with other data they may have. This matching enables us to deliver advertisements to you and others on these platforms. You also can request that we refrain from using your personal information in this way by emailing us at info@bobbibrown.com.my.

INTERNATIONAL TRANSFERS

In offering and providing our products and services, your personal information may be transferred, stored or processed in countries other than the country in which the information was originally collected (such as the United States). Those countries may not have the same data protection laws as your country of residence, and your personal information will be subject to applicable foreign laws. When we transfer your personal information to other countries, we will protect that information in the manner described in this Privacy Policy. We will also comply with applicable legal requirements providing adequate protection for the transfer of personal information, such as the conclusion of data transfer agreements, E.U. Standard Contractual Clauses, or other applicable data transfer mechanisms. If you have questions about our data transfers or would like to receive a copy of any applicable data transfer agreements (where required by law), you can submit a request by emailing us at info@bobbibrown.com.my .

HOW WE PROTECT INFORMATION

We maintain administrative, technical, and physical safeguards designed to protect the personal information you provide against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure, or use. We restrict access to personal information on a need-to-know basis to employees and authorized service providers who require access to fulfil their job requirements.

HOW WE TREAT CHILDREN’S INFORMATION

Our products and services are designed for a general audience and are not intended for or directed to children.

UPDATES TO OUR PRIVACY POLICY

This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our personal information practices. We will post a notice on our websites to notify you of any significant changes to our privacy practices and indicate at the top of the Privacy Policy when it was most recently updated.

YOUR DATA CONTROLLERS

A data controller is the entity or entities responsible for establishing the purposes for the processing of your personal information. The data controllers in Malaysia are as follows:

Controller for All BrandsEstee Lauder Malaysia Sdn. Bhd.

HOW TO CONTACT US

If you have any questions or comments about this Privacy Policy or if you would like to exercise your rights, you can contact us by emailing us at info@bobbibrown.com.my .

If we need, or are required, to contact you concerning any event that involves your personal information, we may do so by postal mail, telephone, email or through a notice on our websites.