Last updated: 31/03/2025

This privacy policy (“Privacy Policy”) describes how Compagnie des cristalleries de Saint-Louis, a company of the Hermès Group,(“Saint-Louis,” “we,” “our,” or “us”) collect, process, and retain the Personal Information when you use our online websites, electronic forms or mobile applications and offline when you visit our stores or attend our events (collectively, the  “Site(s)” or “Services”), however accessed and/or used, whether via personal computers, mobile devices, tablets or other means.

 

Additionally, please note at Section 1 of this Privacy Policy, which describes our collection and use of Personal Information through our Services, also serves as our Notice at Collection for California residents for purposes of the California Consumer Privacy Act (CCPA).

 

By using our Services, you agree to this Privacy Policy. Any changes to this Privacy Policy will become effective upon posting of the revised Privacy Policy on the Internet, accessible through our Site.

 

This Privacy Policy has been designed to be reasonably accessible to people with disabilities. If you experience any difficulties accessing the information in the Privacy Policy, please click here.

 

You can print the complete text of our Privacy Policy by clicking here.

 

1.         NOTICE AT COLLECTION; COLLECTION AND USE OF PERSONAL INFORMATION

The table below and additional paragraphs immediately following the table are a summary of the categories of Personal Information we have collected over at least the last 12 months, the purposes for collection and use of that Personal Information, and how long we keep each category of Personal Information.

To submit a request to “opt out” of “targeting advertising” or the “sale” or “sharing” of your “personal information” for advertising purposes, as these terms are defined in applicable law, please visit the Privacy Preference Center, or you may choose to enable online, where available, a universal tool that automatically communicates your opt-out preferences, such as the Global Privacy Control. We will process the GPC signal as a request to opt out.

 

Categories of Personal Information We Collect	Our Business or Commercial Purposes for Collection and Use of Your Personal Information
Personal Identifiers such as your name, postal/shipping address, telephone number, title, email address, and username and password.	We do not sell or share your Personal Identifiers. We use this information to: Manage your purchases, services and refunds; Personalize your experience with us, including to send you promotional communications; Manage the events you registered for and/or participated in; Provide you with customer service, including to respond to your inquiries and fulfill and verify requests made pursuant to this Privacy Policy.
Demographic Information, such as gender, race, age, and nationality; some of which are considered Sensitive Personal Information.	We do not sell or share Demographic Information. We use this information to: Facilitate your participation in promotions; Personalize your experience with us, including the advertisements displayed to you on the Site.
Commercial Information, including order details, records of products or services purchased, obtained, or considered, repairs, and other purchasing or consuming histories or tendencies.	We do not sell or share Commercial Information. We use this information to: Provide you with customer service; Personalize your experience with us; Send you promotional communications; Manage the stock of certain types of rare products to allow a fair allocation of the products we sell.
Financial Information, including billing information, payment type or method, charge or credit card number, some of which are considered Sensitive Personal Information.	We do not sell or share your Financial Information. We use it only to complete a purchase, service or refund.
Internet or other Electronic Network Activity Information, such as your IP address, device type and settings, device identifiers, browser type and settings, operating system, ISP and mobile network provider, web beacons, pixels, and usage information, such as the time and date of your visits and the content.	We do not sell, but we do share, your Internet and other Electronic Network Activity Information with third parties for targeted advertising on and off the Site. We also use your Internet and other Electronic Network Activity Information we collect from you to: Help us personalize your experience with us, including the advertisements displayed to you on our Site; Provide access to our Site in a form that can be viewed most easily from your device; Determine the general geographic region from which you are accessing our Site, using your IP address, which allows us to present appropriate content and inform you of special rules or rights that may apply to people in your jurisdiction; Review statistical information about the use of our Site in order to improve its design and functionality, to understand how it is used, and to improve the functionality of our Site; Recognize you, your device or your browser when you use our services so that we can facilitate navigation, and display information more effectively; Measure and improve our advertising campaigns.
General Location Information (e.g., zip code)	We do not sell or share your General Location Information with third parties for targeted advertising on and off the Site. We use the information to: Assist you in your search for nearby services and stores; Personalize your experience with us.
Consumer Health Data you may provide relating to possible adverse reactions to our cosmetic products some of which are considered Sensitive Personal Information.	We do not sell or share this Consumer Health Data. We use this information to: Provide you with customer service.
Profiles and Inferences drawn from your Personal Identifiers, Demographics, Commercial information and your preferences.	We do not sell or share your Profile or Inferences we make about you. Our retail store personnel may create a consumer profile and inferences about you in our system for use in providing you service and recommending products.
Audio and Visual Information, including video footage/photos of you when you are in our store or attend an event, including as collected through our CCTV cameras and video and/or audio security footage.	We do not sell or share Audio Visual Information. We use this information to: ·       Provide you access to our premises; ·       Maintain the security of our premises and the safety of customers, guests, contractors and employees.
Additional Uses For All Categories Listed Above	We may also use all of the Personal Information noted above as we believe necessary: if we determine a policy violation has occurred, to enforce our rights, or to enforce agreements; if we believe such processing is necessary to identify, contact, or bring legal action regarding the rights and property of ourselves or our affiliates; to enforce our rights or protect against unauthorized access to our systems or other inappropriate use of our services, products, or other services; to comply with laws, regulations, court orders and subpoenas or similar requests for information by authorities; to protect your safety and the safety of others; to perform audits; to contact you about Site or policy updates; for research and analytics, including to identify usage trends, and to improve and update our products and services, and to assist us in fraud prevention or investigation, all on the basis of our legitimate interest in the continuation of our commercial activities and the protection of our rights.

 

We do not collect or use any Sensitive Personal Information for any purpose outside the purpose for which it was shared with us, as described in the chart above.

 

Retention. We will retain your Personal Information for as long as is needed to carry out the purposes we’ve described, or as otherwise required by law, and in accordance with the following:

 

Relationship	Retention Period
Potential Customers	Three (3) years from your last action and then deleted or archived to comply with legal retention obligations.
Existing Customers	The duration of our commercial relationship and for up to ten (10) years and then deleted or archived to comply with legal retention obligations.
Cookies and Similar Technologies	Up to 13 months from the moment they were installed on your device.

 

Non-personal information. We may collect, use and share publicly available, aggregate or de-identified information that does not identify you (including information that has been aggregated or de-identified) except as prohibited by applicable law. We do not re-identify de-identified information.

2.         SOURCES OF YOUR PERSONAL INFORMATION

We collect and obtain Personal Information from:

 

Directly from You. We collect Personal Information when you provide it to us directly, offline or online, through a web form or direct communication with us by email, when you create an account online or in our stores; subscribe to our newsletter; use our Sites or Services; purchase products or services on our Sites or in our stores; visit our stores; participate in one of our events; or contact our customer-services.

 

Services Providers and Contractors. We work with service providers and contractors who collect Personal Information on our behalf in order to provide services to us, such as providing, offering and improving products and services, IT development and support, hosting and carrying out marketing and business studies and marketing campaigns, verifying your Personal Information, authenticating payments and processing orders and payments, credit reporting, fulfilment services, and delivery services. We only allow our service providers and contractors to collect and use your Personal Information in connection with the services they provide us and as otherwise permitted by law.

 

Automatically through Cookies and Similar Technologies. We collect your Internet or other Electronic Network Activity Information when you visit and navigate our Services on any device. For more information about our use of Cookies and Similar Technologies to collect Personal Information about you automatically, please refer to the section called Cookie Notice below.

 

Other Users. We also collect Personal Information about you from other users, such as a spouse who contacts us on your behalf or from your friends who provide us with your contact information in order to invite you to events you may be interested in.

3.         DISCLOSURES OF PERSONAL INFORMATION TO OTHER ENTITIES

During at least the past 12 months, we have disclosed your Personal Information outlined in the table above to the following categories of entities:

 

Our Employees. We disclose all categories of Personal Information listed above to Saint-Louis employees that need to have access to your Personal Information and are authorized to process them in order to achieve the aforementioned purposes and who are committed to confidentiality.

 

Hermès Group Companies. We disclose all categories of Personal Information listed above to Hermès group companies: departments in charge of customer relationship, retail, e-commerce, communication, legal affairs, finance, internal audit, IT management and security for the purposes set out in our Privacy Policy and to provide you with a consistent level of service across all Hermès group companies. Please visit http://finance.hermes.com for more details about companies of the Hermès group.

 

Service Providers and Contractors. We disclose all categories of Personal Information listed above to our service providers and contractors. These service providers and contractors may include agencies, ad networks, website developers, and other vendors and suppliers that provide us with technology, services, and/or content related to our operations, payment processing, data analytics, marketing and advertising, website hosting, advertisement auditing, security and integrity of the Site, the quality and safety of the Site, debugging to identify and repair errors that impair existing intended functionality of the Site, internal research, and technical and customer support. These service providers and contractors are only using your Personal Information at our direction and on our behalf.

 

Government Authorities, Legal Rights and Actions. We disclose all categories of Personal Information listed above with various government authorities in response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights or to protect our property; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us. We also may share your Personal Information when we believe it is appropriate to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of Saint-Louis, the Services, our users, customers, or others; and in connection with our General Terms and Conditions of Use and other agreements. We may also use IP addresses or other Device Identifiers to identify users, and may do so in cooperation with copyright owners, Internet Service Providers, wireless service providers or law enforcement agencies in our discretion. Such disclosures may be carried out without notice to you.

 

Acquirers. We may disclose all categories of Personal Information listed above to an acquirer, assignee or other successor entity in connection with, or during negotiations of, any proposed or actual merger, purchase, sale or any other type of acquisition or business combination of all or any portion of our assets, or transfer of all or a portion of our business to another business.

 

Third Parties. We may disclose Internet and Electronic Network Activity Information to a limited number of our advertising and marketing partners to customize advertising to you.

 

Facilitating Requests. We disclose all of the categories of Personal Information listed above at your request or direction.

 

Consent. We disclose all of the categories of Personal Information listed above if we have let you know what information will be shared, with whom, and obtained your consent.

4.         YOUR CHOICES REGARDING YOUR PERSONAL INFORMATION.

A.             Your U.S. State Privacy Rights

If you are a resident of certain states in the U.S., you have the following rights regarding your personal information (subject to certain exemptions):

• Access and Disclosure. You have the right to send us a request, up to two times every 12 months, that we disclose to you the categories of Personal Information we collected about you, the categories of sources from which we collected your Personal Information, the business or commercial purposes for collecting, selling, or sharing your Personal Information, the categories of third parties to whom we have shared your Personal Information, and the specific pieces of Personal Information we have collected about you, and the categories of Personal Information we sold or disclosed. You also have the right to request a portable copy of your Personal Information. In some states, you also have the right to receive information on the categories of third parties or specific third parties with whom we might share your personal information.
• Correction and Deletion.You have the right to send us a request to correct or delete Personal Information we have about you, subject to certain exceptions allowed under applicable law.
• Opt-out of Targeted Advertising, Sale/Share of your Personal Information for advertising purposes. The only Personal Information that we share with any third party is: Internet or other Electronic Network Activity Information (e.g., Cookies, pixels). To opt-out, click here or use the GPC signal triggered through your browser, if available.
• Opt-out Preference Signals; Global Privacy Control (“GPC”). We also honor the Global Privacy Control, a browser-based opt-out signal. We do not respond to other browser-based signals that do not meet appicable state law requirements, which may include older Do Not Track signals.
• Non-Discrimination. You have the right not to be discriminated against for exercising the rights above. Saint-Louis will not discriminate against you because you made any of these requests. We may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. For example, we may retain Personal Information as permitted by law, such as for tax or other recordkeeping purposes, to maintain an active account, and to process transactions and facilitate customer requests.
• No Financial Incentives. We do not offer any programs that would be considered a “financial incentive” for sharing your Personal Information under U.S. state privacy laws.
• How to Submit a Request.To submit a request for access, disclosure, deletion, or correction, email us at contact-GDPR@saint-louis.com or by calling us at +1 212 835 6488. To opt out of the Sale/Share of Personal Information (e.g., Opt out of target advertising), click here or use the opt-out Preference Signal triggered through your browser if available.
• You may also obtain information on how to submit a request in-store by asking a store manager at any of our U.S. retail locations. Please note that any opt-outs through these tools are specific to the device and browser you are using, so you should opt-out for each web browser and on each device you use. Your opt-out preferences will be deleted any time you clear your web browser’s cookie cache. Also note that we may deny certain requests, or fulfill a request only in part, based on our legal rights and obligations. For example, we may retain Personal Information as permitted by law, such as for tax or other recordkeeping purposes, to maintain an active account, and to process transactions and facilitate customer requests.
• How We Verify Your Identity.Whether you submit a request directly on your own behalf, or through an authorized agent, we will take reasonable steps to verify your identity prior to responding to your requests. For example, we may utilize a verification provider to assist with verifying your identity. The verification steps may vary depending on the sensitivity of the Personal Information.

 

In response to a verified request to access, disclose, correct, or delete, we will confirm receipt of this request within 10 business days of receipt of the request where required by law.

 

In response to a verified request for access and disclosure or a portable copy of your Personal Information, we will disclose and deliver the required information to you free of charge within 45 days after receiving the verifiable consumer request. We may extend this time period to deliver information once by an additional 45 days when reasonably necessary. We will provide notice of the extension within the first 45-day period.

 

Following verification of your request to delete, we may require you to separately confirm that you want your Personal Information to be deleted. We will delete the information within 45 days of receiving a verifiable consumer request (subject to certain exceptions). We may extend this time period once by an additional 45 days when reasonably necessary. We will provide notice of the extension within the first 45-day period.

 

Following verification of your request to correct, we may require you to provide documentation if necessary to rebut our own documentation that the Personal Information is accurate. If we determine, based on the totality of the circumstances, that the information is not accurate, we will respond to the request by correcting the information, deleting the information (if deletion of the information does not negatively impact you), or providing you with the name of the source from which we have received the alleged inaccurate information (if we are not the source). We will correct the information within 45 days of receiving a verifiable consumer request. We may extend this time period once by an additional 45 days when reasonably necessary. We will provide notice of the extension within the first 45-day period.

 

Authorized Agent. Applicable law may permit consumers to designate authorized agents to submit requests on their behalf. Under certain applicable laws, an authorized agent is a natural person or a business entity in the applicable state that a person has authorized to act on their behalf subject to the requirements. If you would like to designate an authorized agent to submit a request to know, a request to delete, or a request to correct Personal Information on your behalf, please email us. When submitting the request, please ensure the authorized agent identifies himself/herself/themselves as an authorized agent. You or your authorized agent may provide us with a written power of attorney, executed by you, confirming the authority of the authorized agent with respect to your Consumer request(s), and if we have not received a power of attorney, we may request you verify your own identity and directly confirm you provided the authorized agent permission to submit the request.

• Appeals.You may have a right to appeal decisions concerning your ability to exercise your consumer rights. Please email us to request an appeal concerning decisions on your consumer request.
• Users Under 18. Note that Saint-Louis is not intended for users under the age of 18. We do not knowingly sell Personal Information from anyone under the age of 18. Please see our section titled “Minor Children” below for more information.

B.             Promotional Communications

We do not send you promotional emails unless you have opted-in to receive these communications. If you no longer wish to receive our marketing/promotional emails (e.g., newsletters, invitations, etc.), you may opt out at any time directly from the unsubscribe link included in each promotional email we send to you. Please note that we may continue to contact you to the extent necessary for the purposes of any products or services you have requested and our ongoing business relations. Please note that your opt-out is limited to the email address used to opt-out.

5.         Cookie Notice

A.        Cookies and Similar Technologies.

Our Site collects Personal Information about you through the use of Cookies and Similar Technologies (collectively, “Cookies”) placed by Saint-Louis and third parties. A “cookie” is a tiny file that is stored on your device (e.g., your computer or mobile device). It contains a unique identifier, as well as the address and other information about the site you are visiting. Some Cookies are essential in order to enable you to move around our Site and use its features. Other Cookies collect information about how visitors use the Site (for instance, which pages visitors go to most often, and if they get error messages from web pages).

 

We and third parties may also utilize Similar Technologies like pixels (e.g., web beacons), Flash objects, APIs, and mobile software development kits (SDKs) and tags. These are small strings of code that are placed on our Site, in the emails we send to you, or in our digital advertisements. When you access a page or platform containing one of these technologies, you establish a communication with a web server, which collects certain information about your computer or device. These Cookies and Similar Technologies allow us and third parties to collect Personal Information about you over time and across different websites, apps, and devices when you use our Services.

 

We and our third party partners use Cookies to facilitate Site administration and navigation, to better understand and improve our Site and Services, to determine and improve the advertising shown to you here or elsewhere (e.g., target advertisements), and to provide you with a rich online experience. For example, we use first-party Cookies (such as the Google Analytics cookie) and third-party Cookies (such as the DoubleClick advertising cookie), to inform, optimize, and display ads based on your past visits to the Sites. Our first-party tracking technologies do not track our visitors off our Site. Both first-party and third-party tracking technologies are not used on every page of our Site, nor for every user visit.

B.        Opting Out of Cookies.

• Privacy Preference Center. You can opt-out of our use of Cookies and Similar Technologies for analytics and targeted advertising click here.
• Google Opt-Out. Google requires you to opt out directly with them. You may control your advertising preferences or opt out of certain Google advertising products by visiting the Google Ads Preferences Manager, currently available at https://google.com/ads/preferences. For more information from Google, go to: https://policies.google.com/technologies/partner-sites.
• Global Privacy Control. If you are using a browser that supports the Global Privacy Control (“GPC”), https://globalprivacycontrol.org/, and have enabled the GPC, when you visit our Site, we will interpret that as a request to opt-out of cookie-based targeted advertising or the “sale” or “sharing” of your Personal Information. This opt-out applies only for this browser and on this device.

6.         SECURITY OF YOUR PERSONAL INFORMATION

Saint-Louis has implemented reasonable and appropriate security measures designed to protect your Personal Information against unauthorized access and use. However, the transmission of information via the internet is not completely secure and we cannot ensure the security of your Personal Information transmitted via the internet.

Please take steps to keep your account credentials secure and do not reuse passwords across multiple websites/accounts. You are solely responsible for the security of your account credentials and the activities that occur under your account.

7.         OTHER IMPORTANT INFORMATION

A.        Data Storage Outside the European Economic Union and International Transfers

The Hermès group companies are located worldwide. As a result, Personal Information may be transferred outside the country where you are located. This includes transfers to countries outside the European Union (“EU”) and to countries that do not have laws that provide adequate protection for Personal Information according to the European Commission. To ensure lawful transfers of data, the Hermès group has implemented Binding Corporate Rules (“BCRs”) designed to allow Hermès group companies to transfer Personal Information from the European Economic Area (“EEA”) to other Hermès group companies located outside of the EEA in compliance with the European data protection law. These BCRs have been approved by the European data protection authorities. For more information on Hermès group’s BCRs, please visit this link. For countries where BCRs are not fully recognized as an adequate mechanism, transfers are made on the basis of appropriate contractual clauses approved by the data protection authorities. To obtain a copy of the relevant adequate safeguards, you can send us your request (see below “How to contact us?”). Please visit http://finance.hermes.comfor more details about companies of Hermès group.

B.        Notice of Changes to our Privacy Policy

This Privacy Policy reflects our current practices, and is subject to change and update from time to time. We will notify you about material by prominently posting a notice on our Site and modifying the “Effective Date” at the top of this Privacy Policy to indicate when such changes have come into effect, or otherwise as required by law. If we change this Privacy Policy in a material way, we will inform you through a notice advising of such change at the beginning of this Privacy Policy and on our Site.

C.        MINOR CHILDREN

The Services are a general audience website and we do not knowingly collect any Personal Information (as that term and similar terms are defined under applicable state and federal law) from children younger than the age of eighteen (18). We will delete any Personal Information collected that we later determine to be from a user younger than the age of eighteen (18) in accordance with our legal obligations.

9.         CONTACT US

In issues relating to your account, to withdraw your consent, to ask general questions or to lodge a complaint, please contact our Customer Service:

• By email: contact-GDPR@saint-louis.com
• By phone: +1 212 835 6488

If you have any questions or concerns about our Privacy Policy or data processing, you may contact our Group Data Protection Officer at: contact-GDPR@saint-louis.com.