HCo

Privacy policy

Hazelnuts image hero

 

 

Ferrero Trading Lux S.A. (“Ferrero”) is committed to protecting the privacy of users of this website (the “Website”) and will do everything in its power to ensure that users’ Personal Data is treated with respect to their fundamental rights and freedoms as well as personal dignity, with particular reference to confidentiality.

We at Ferrero have thus prepared this Privacy Policy in order to briefly explain to you how we will collect, use, share and secure your Personal Data. It also describes your choices regarding use, access and correction of your Personal Data.

We may require users to provide certain personal information and details in order to provide our services, and we would therefore like to explain the procedures and ways in which we handle data supplied to us.

This Privacy Policy will also provide you with full information so that you are able to consent to the processing of your Personal Data in an explicit and informed manner, where appropriate.

In general, any information and data which you provide, or which is otherwise gathered by us in the context of the Website will be used by Ferrero in compliance with Regulation (EU) 2016/679 (“GDPR”).

This means, in particular, that any Personal Data processing carried out by Ferrero will respect the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, data minimization, accuracy, integrity and confidentiality.

 

Data Controller

The Data Controller regarding all Personal Data processing operations carried out through the Website is Ferrero, with registered offices at 16, route de Tréves, 2633 Senningerberg - Luxembourg.

Ferrero has appointed a privacy officer. To get in touch with him/her for any information regarding the processing of Personal Data by Ferrero, including a list of its data processors, please contact: privacy@ferrero.com.

 

What information do we collect from you?

As you use the Website and, in particular, as you provide information to the Website in order to access the Website’s services, Ferrero may collect and process information related to you as an individual and which allows you to be identified, either directly or together with additional information (“Personal Data”). This information can be collected by Ferrero both when you choose to provide it (e.g., when you request any services provided by Ferrero over the Website) or simply by analyzing your behavior on the Website.

 

Browsing data

The Website’s operation, as is standard with any websites on the Internet, involves the use of computer systems and software procedures, which collect information about the Website’s users as part of their routine operation, whose transmission is automatic when using Internet communication protocols.

Although Ferrero does not collect this information in order to associate it to specific users, it is still possible that, by their nature and through processing and association with further data held by third parties, such data may permit to identify user, either directly via that information or by using other information collected. As such, this information must also be considered Personal Data.

This information includes several parameters related to your operating system and IT environment, including your IP address, location (country), the domain names of your computer, the URI (Uniform Resource Identifier) addresses of resources you request on the Website, the time of requests made, information about your activities on our Website (for instance, the pages you visit, the goods you view), the method used to submit requests to the server, the dimensions of the file obtained in response to a request, the numerical code indicating the status of the response sent by the server (successful, error, etc.), details on the device (for instance, your computer, tablet or smartphone) which you use to access our Website and so on, by means of cookies and other technologies which allow this tracking.

Such data shall only be used by Ferrero for anonymous, statistical purposes about the use of the Website, without associating them to any identifier of the users, to ensure its correct operation and identify any faults and/or abuse of the Website. This data may also be used for the purposes of investigating liabilities in the event of information crimes committed against the Website.

 

Processing activities

The processing of data shall be made by such procedures, technical and electronic means, which are suitable to protect the confidentiality and security of data and consists of collection, recording, organization, storage, consultation, elaboration, alteration, selection, retrieval, alignment, use, combination, block, communication, dissemination, erasure, and destruction of data, including a combination of two or more of such activities.

 

Why do we process this information? Purposes of processing and legal grounds

Ferrero intends to use your Personal Data, collected through the Website, for the following purposes:

  • To provide answers or services you request, including allowing the creation of an account, to receive information from Ferrero; to verify your identity and assist you, in case you lose or forget your login/password details for any of Ferrero’s registration services; to allow you to create and maintain a registered user profile, to process transactions and enrolments you request, to contact you when necessary and respond to your requests and enquiries, including emails; to send you newsletters you have subscribed to as a service (containing only informative content); and to provide any other services which you may request (“Service Provision”).
    No consent is required for the processing of data for the purposes since such processing is necessary to provide the services requested and, therefore, for the performance of an agreement to which you are a party or for the implementation of measures requested by you prior to entering into an agreement (GDPR art. 6,1b).
    It is not mandatory for you to give Ferrero your Personal Data for these purposes; however, if you do not, Ferrero will not be able to provide any services to you.
  • To provide answers or services you request, including allowing the creation of an account, to receive information from Ferrero; to verify your identity and assist you, in case you lose or forget yourlogin/password details for any of Ferrero’s registration services; to allow you to create and maintain a registered user profile, to process transactions and enrolments you request, to contact you when necessary and respond to your requests and enquiries, including emails; to send you newsletters you have subscribed to as a service (containing only informative content); and to provide any other services which you may request (“Service Provision”).
    No consent is required for the processing of data for the purposes since such processing is necessary to provide the services requested and, therefore, for the performance of an agreement to which you are a party or for the implementation of measures requested by you prior to entering into an agreement (GDPR art. 6,1b).
    It is not mandatory for you to give Ferrero your Personal Data for these purposes; however, if you do not, Ferrero will not be able to provide any services to you.
  • For compliance with laws which impose upon Ferrero the collection and/or further processing of certain kinds of Personal Data, including regulations on contests in case users participate to contests or prizes on our Website (“Compliance ”). When you provide any Personal Data to Ferrero, Ferrero must process it in accordance with the applicable laws, which may include retaining and reporting your Personal Data to officialauthorities for compliance with tax, customs or other legalobligations. No consent is required for the processing of data for this purpose since such processing is necessary to comply with a legalobligation (GDPR, art. 6, 1c).
  • To prevent and detect any misuse of the Website, or any fraudulent activities carried out through the Website (“ Misuse/Fraud”). Processing for this purpose is necessary to pursue Ferrero’s legitimate interests in preventing and detecting fraudulent activities or misuse of the Website (for potentially criminal purposes).
  • To analyze and improve our service provision, enhance the Website,evaluate the effectiveness of Ferrero’s marketing activities andservices, perform statistical and demographics analyses on Ferrero’s corporate clients and registered users (“Analytics”). Processing for this purpose is based on your consent.

Users shall not be required to provide Personal Data to browse public pages of the Website. The provision of Personal Data for the purposes mentioned above is optional, however, failure to provide required data (indicated as such in the registration form, as applicable) mayprevent users from completing registration or availing of related services.

 

Who will be able to access your Personal Data?

In the framework of its activity and for the purposes specified above, your Personal Data may be shared with the following entities (“ Recipients”):

  • Other companies within the Ferrero Group for internal administrative purposes. The full updated list of Ferrero Group companies is available from our Data Protection Officer;
  • Duly appointed data processors, providing specific processing oraccessory services (e.g. storing data, sending out messages for us, web hosting, contests’ management, consumer service, IT services regarding the Website operation, emailing) on Ferrero’s behalf and under its instructions, whose data protection maturity has been checked by Ferrerobefore entering into the required data processing agreement. The fullupdated list of appointed as data processors, which may include othercompanies within the Ferrero Group, is available from our dataprotection officer;
  • Selected individuals authorized by Ferrero to process Personal Data needed to carry out activities strictly related to the provision of the services through the Website (e.g.technical maintenance of network equipment and electroniccommunications networks), who have undertaken an obligation ofconfidentiality or are subject to an appropriate legal obligation of confidentiality (e.g., employees of Ferrero);
  • Public entities, bodies or authorities, in accordance with theapplicable law or binding orders of those entities, bodies orauthorities. We may also disclose your Personal Data when we believe in good faith that disclosure is necessary to protect your safety or the safety of others, investigate fraud, or respond to a governmentrequest.

Public entities, bodies or authorities, in accordance with theapplicable law or binding orders of those entities, bodies orauthorities. We may also disclose your Personal Data when we believe in good faith that disclosure is necessary to protect your safety or the safety of others, investigate fraud, or respond to a governmentrequest.

 

Data Transfer

Personal Data may be transferred to other countries of the European Union where the premises or the servers of Ferrero or of any of its suppliers are located.

Personal Data shall not be transferred outside the territory of the European Union.

 

Children

In order to comply with laws protecting children’s online privacy, Ferrero does not knowingly collect any Personal Data from children under 16.Ferrero takes children’s privacy seriously. As such, we would recommend that a parent or guardian assist and guide any children under 16 which may intend to browse the Website or access the services provided by Ferrero. Children under age 16 should not use Ferrero’s Website or services. In the event that Ferrero learns that it has inadvertently collected Personal Data from a child under the age of 16, Ferrero will promptly delete such information.

If parents/guardians would like to prevent a minor from accessing the Website, programs are easily available which enable control over access to the Internet or specific websites.

 

Security of Personal Data

All Personal Data collected and processed through the Website will be stored and processed so as to minimize the risk of destruction, loss (including accidental loss), unauthorized access / use or incompatible use with the initial purpose of collection. This isachieved by the technical and organizational security measures put in placeby Ferrero. A detailed list of Ferrero’ssecurity measures is available here.

 

Retention of Personal Data

Generally, Ferrero will keep your Personal Data only for as long as strictly necessary, according to the reason for which it was collected:

  • Personal Data processed for Service Provision will be kept by Ferrero for the period deemed strictlynecessary to fulfil such purposes. Information will, however, be kept for longer if we need it to address any claims regarding the services or to protect Ferrero’s interests related to potential liability related to the Service Provision.
  • Personal Data processed for Marketing and Profiling will be kept by Ferrero from the moment you give consent until the latter is withdrawn. Where it is not withdrawn, consent will be asked to be renewed at fixedintervals of 24 months. Once consent is withdrawn (or not given,following a renewal request), Personal Data will no longer be used forthese purposes, although it may still be kept byFerrero as it may be necessary to protect Ferrero’s interests related to potential liability related to this processing. Personal Data processed for Soft Spam will be kept by Ferrero from the moment where it is provided by you to Ferrero until you object to this processing. Once you have objected, Personal Data will no longer be used for these purposes,although it may still be kept by Ferrero, inparticular as may be necessary to protect Ferrero’sinterests related to potential liability related to this processing.
  • Personal Data processed for Compliance will be kept by Ferrero for the period required by the specific legal obligations for which the Personal Data was processed.
  • Personal Data processed for preventing Misuse/Fraud and Analytics will be kept by Ferrero for as long as deemed strictly necessary to fulfil the purposes for which it was collected, but in any case nolonger than 5 years.

After such periods, all data shall be deleted or anonymized, except that data we are required by law to keep for a longer period.

 

What are your rights? How can you exercise them?

 

As a data subject, you are entitled to exercise the following rights, at any time:

  • Obtain confirmation as to the existence of your Personal Data being processed by Ferrero, access and obtain copy of such data;
  • Update, modify and/or rectify your Personal Data where it may be inaccurate or incomplete;
  • Obtain erasure of your Personal Data where you feel that the processing is unnecessary or otherwise unlawful, render Personal Data anonymous, block data whose processing is unlawful or set limits to the processing;
  • Object to the processing of your Personal Data, based on relevant grounds related to your particular situation, which you believe must prevent Ferrero from processing your Personal Data for a given purpose;
  • Object to processing of Personal Data that is made for the purposes of sending advertising material, carrying out direct sales, market researches or for commercial communication;
  • Withdraw your consent to processing (for Marketing and Profiling), where your consent serves as the legal basis for processing – this will not affect the lawfulness of processing carried out prior to your withdrawal.
  • Request the restriction of the processing of your Personal Data, where you feel that the Personal Data processed is inaccurate, or that theprocessing is unnecessary or unlawful, as well as where you have objected to the processing;
  • Portability – you have the right to obtain a copy of the Personal Data you provided to Ferrero in a structured, commonly used and machine-readable format, as well as to request the transmission of those Personal Data to another data controller;

Opt out of interest-based advertising. We partner with a third party tomanage our advertising on other sites. Our third party partner may usecookies or similar technologies in order to provide you advertising basedupon your browsing activities and interests. If you wish to opt out ofinterest-based advertising click here or if located in the European Union click here. Please note you will continue to receive generic ads.

Please note that most of the Personal Data you provide to Ferrero can be changed at any time, including your e-mail preferences, by accessing, where applicable, your user profile created on the Website.

When requesting services via the Website, you may have selected one or more means of communication via which Personal Dataprocessing for Marketing purposes may be carried out (e.g., phone, SMS, email, mail, social media). You may withdraw yourconsent to this processing for all selected means of communication, or you can choose to block specific means only (e.g., if you only withdraw consent for SMS marketing communications, you will not receive furthercommunications via SMS, but may continue to receive them via e-mail), by means of your user profile created on the Website, where applicable.

You can also withdraw consent for Marketing (for communications received via e-mail) by selecting the appropriate link included at the bottom of every marketing message.

reserves the right to partly or fully amend this Privacy Policy, or simply to update its content, e.g., as a result of changes in applicable law. If Ferrero makes any material changes we will notify you by means of a notice on this Website prior to the change becoming effective. Ferrero therefore invites you toregularly visit this Privacy Policy in order to acquaint yourself with the latest, updated version of the Privacy Policy, so that you may remain constantly informed on how Ferrero collects and usesPersonal Data.

At any time, you shall be entitled to exercise the rights established bythe law in force, by addressing the relevant request to our PrivacyDepartment at physical and email address: privacy@ferrero.com.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Finally, you are entitled to file complaints with to your local EU Data Protection Authority or to the data protection authority of Luxembourg (CNPD at https://cnpd.public.lu/fr/support/contact.html), if you believe that we have handled your information in an unlawful manner.

 

Amendments

This Privacy Policy entered into force on May 1st, 2018. Last modified: March 20, 2021

Ferreroreserves the right to partly or fully amend this Privacy Policy, or simply to update its content, e.g., as a result of changes in applicable law. If Ferrero makes any material changes we will notify you by means of a notice on this Website prior to the change becoming effective. Ferrero therefore invites you toregularly visit this Privacy Policy in order to acquaint yourself with the latest, updated version of the Privacy Policy, so that you may remainconstantly informed on how Ferrero collects and usesPersonal Data.