Go to content
NAOS Logo
PRIVACY POLICY

Effective from [25/11/2025].

Just as we care for your skin, we prioritize the protection of your privacy. When you browse our websites, namely: https://naos.com/en-in

(Hereinafter referred to as the Website(s)”) or when purchasing our products, you may provide us with personal data, either directly or indirectly. Your personal data is valuable and forms a part of your private life. Therefore, we are committed to collecting and processing it with complete transparency.

 

We invite you to read this Privacy Policy (hereinafter referred to as “the Policy”). It provides all the necessary information regarding the data we collect, how we use it, how long we retain it, the measures we implement to protect it, the rights you have, etc.

This Policy may be updated or modified to reflect changes in our practices and applicable regulations. As these modifications take effect immediately, we encourage you to review it regularly.

 

What data is covered by this Policy?

Personal data refers to any information that directly or indirectly identifies a natural person. This includes, for example, your name, email address, phone number, transactional data as well as data related to your consumption habits, skin type etc.

This Policy applies to all personal data that you provide to us or that we collect during your visits to one or more of our websites or when purchasing our products.

Who is the Data Fiduciary?

The data fiduciary is NAOS Skincare India Private Limited (CIN No. U74999MH2014FTC259308), a company incorporated under the Companies Act, 2013 having its registered office at D-605, Tower 2, L&T Seawoods, Sector 40 Nerul, Navi Mumbai, Maharashtra, India – 400706.

Why do we collect your personal data?

We collect your personal data only when necessary.

Specifically, we collect and process your data for the following purposes:

-          To provide services and offers on our websites (e.g. account creation, skin diagnosis etc.);

-          To manage your participation in our loyalty program and grant you, its benefits;

-          To process your product purchases on our websites (e.g., order management, tracking, shipping, etc.) and handle customer relations following your purchase;

-          To ensure the functionality and content of our websites and services to better meet your needs and requests;

-          To better understand you and segment data based on your needs and preferences, allowing us to send personalized information, advice and offers;

-          To respond to your inquiries and provide personalized advice, particularly through our customer service channels (contact forms, social media, phone, etc.);

-          To collect your feedback on our products;

-          To conduct audience analyses and statistical studies, such as measuring websites visits, user activity, subscription rates to our services and the effectiveness of promotional offers;

-          To manage Compliance with legal obligation (handling reports of adverse effects related to our products, conducting safety studies and implementing corrective actions if necessary);

-          To organize product testing and contests;

-          To carry out targeted communications via email or advertising banners on partner sites (analyzing the personal data you provide or data related to your visits on our websites to assess your preferences, needs and interests and display or offer tailored content);

-          If you have given your consent, to send you postal or electronic communications (email, SMS/MMS) about our products, services and activities, which may be personalized;

-          To detect fraudulent behavior on our websites and manage disputes;

-          To ensure the security of our websites and services; and

-          To manage our social media pages.

 

Cookies

We may track your preferences and activities on our website(s). “Cookies” are small data files transferred to your computer’s hardware by a website. They keep a record of your activities on the Website making your subsequent visit to the Website more efficient. Cookies may store a variety of information, including, the number of times that your access a website, registration information and the number of times that you view a particular page or other items on the site. The use of cookies is a common practice adopted by most major sites to better serve their clients. Most browsers are designed to accept cookies, but they can be easily modified to block cookies.


We and our partners place cookies, access and use non-sensitive information from your device to improve our products and personalize ads and other contents throughout this website. You may accept all or part of these operations. To learn more about cookies, partners, and how we use your data, to review your options or these operations for each partner, visit our privacy policy. If your do not agree to our use of cookie, you can block them in your browser setting, but you may lose some functionality on the website.

 

What data is collected, when and for how long?

We collect and process your personal data in a fair and lawful manner. We also ensure that the data, if necessary, is updated so that it does not become outdated.

 

This data may be collected:

-          Either directly from you, for example, when you complete our data collection forms on our websites (e.g., registration form, contact form, etc.);

-          Or indirectly, for example, through our partners (e.g., advertising networks, etc.).

We define the retention periods for your personal data based on the duration necessary to fulfill the purposes of the data collection. Once these purposes have been achieved, we delete your data, unless certain legal obligations require us to retain it.

 

The table below shows when your data is collected, what data is collected, the retention periods and the legal basis on which we rely.

 

Moment of collection

Categories of data collected

 

Retention period

Legal bases / Certain Legitimate uses

You browse on one of our websites or on a third-party partner’s website

We and/or our subcontractors collect certain data through cookies or similar technologies:

 

-your technical connection and navigation data (e.g., your IP address, browser, device information, analytical data, number of clicks and pages viewed, time spent on the Websites or on specific Websites elements; language and country of consultation; geolocation by city, transaction number, identifiers, clicked ads, etc.).

 

For more information, please refer to our Cookie Policy.

13 months from the date of cookie placement or other similar technologies.

Some third-party partners may retain your personal data for a longer period. We encourage you to review their privacy policies. Your cookie preferences will be saved for 6 months. However, our cookie management partner will retain proof of your consent(s) for 5 years.

 

Certain Legitimate uses: For strictly necessary cookies required for the functioning of our websites.

 

Consent: For cookie categories that require your prior consent before being set.

You join our loyalty program, create an account, use your account or complete your profile

We and/or our subcontractors collect and process:

 

-your identification data (e.g., name, surname, email address, postal address, etc.);

-Data related to your consumption habits;

-Data related to your skin type (e.g., oily, dry, etc.)

3 years from the creation of your account or your last activity on the account

Certain Legitimate uses: To provide you with the requested service

You subscribe to one of our commercial communications

We and/or our subcontractors collect and process:

 

-Your identification data (e.g., name, surname, email address, etc.)

 

We also use data related to your consumption habits, preferences, interests, skin type, etc., only if we have previously collected such data through other means (e.g., skin diagnosis, past purchases, etc.).

This enables you with personalized content tailored to your skin and needs.

Until you unsubscribe or for a maximum of 3 years from the date of data collection or your last interaction with us.

Consent: To send you commercial communications.

You participate in a promotional game

The data that we and/or our subcontractors collect and process depend on the specific promotional game:

 

-your identification data (e.g., name, surname, postal or email address, etc.);

-your social media profile (if the promotional game is conducted on one of our social media pages, if you use a social media account to log in or if you voluntarily provide it to us);

-your consumption habits;

-your interests;

-date related to your skin type (e.g., oily, dry, etc.).

Duration necessary for managing the promotional game

Performance of a contract: To provide the requested service (contest participation)

You report an adverse reaction following the use of one of our products

In accordance with regulations, we are required to monitor and record adverse reactions related to the use of our products and to promptly report all serious adverse reactions to the company / competent authority.

When you, a close relative or a healthcare professional report an adverse reaction to our customer and consumer service, we collect and process:

 

-your identification data (e.g., name, surname, email address, phone number, etc.)

-a description of the adverse reaction experienced;

-your consumption habits (e.g., the product used);

-personal life data (e.g., if you are reporting an adverse reaction experienced by a family member)

 

These data allow us to forward your case to our partner so that they may contact you to conduct a medical analysis of your reaction through a detailed questionnaire administered by qualified professionals. For this purpose, our partner will collect and process only the data strictly necessary for the assessment of the adverse event, including:

 

-your identification data (e.g., name, surname, email address, identification number, etc.);

-health-related data (e.g., skin conditions, allergies, medical test results, etc.);

-data related to your consumption habits (e.g., products used);

-data related to your skin type (e.g., oily, dry, etc.);

-data related to your ethnic origins if necessary (e.g., phototype);

-personal life data (e.g., if you are reporting an adverse reaction experienced by a family member).

Our customer and consumer service retains your data for the time necessary to process your request (transmission of information to the relevant and authorized teams, etc.).

 

Our Compliance with legal obligation service retains your data for 3 years from the date of collection. The data are then archived securely for 10 years from the date the product concerned is withdrawn from the market.

 

Our partner retains your data for one year from the date of collection. At the end of the current year, your data is returned to us and our partner proceeds with its destruction

Certain Legitimate uses: Respond to your request

 

Performance of a public interest task or the exercise of official authority: The collection of data as part of health vigilance for reasons of public interest. Its primary objective is to ensure compliance with high standards of quality and safety for our products.

 

When we collect your data, certain information (indicated by asterisks (*)) must be provided in order to benefit from the services offered. Other information is purely optional and allows us to get to know you better, for example, to offer you tailored offers and content.

Do we use profiling?

When we display personalized content or send you personalized communications, we use techniques referred to as “profiling”.

Profiling is defined as any form of automated processing of personal data consisting of using such data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict elements concerning their economic situation, interests, behavior, location, etc.

We may therefore use the personal data collected in accordance with the table above to analyze and predict your preferences. These analyses enable us to display and/or send communications tailored to your interests, needs, skin type or consumption habits.

You have the right to object to the use of your data for profiling purposes at any time. Please refer to the “How can you exercise your rights over your data?” section of this Policy for instructions on how to do so.

How do we collect minors ‘data?\

Our websites are accessible to all individuals, whether adults or minors. We do not knowingly request or collect personal data from children under the age of 18. If we become aware that personal data from a child under 18 has been collected unintentionally, we will promptly delete it from our records. However, prior consent from the holder of parental authority is required for minors under the age of 18 who subscribe to our services or provide us with personal data concerning them.

 

Who are the recipients of your data?

We may be required to share your data with companies, organizations and / or individuals in carrying out the processing described in this Policy. Only the data necessary for them to perform the entrusted service(s) will be shared with them.

We rely on service providers and partners to assist us with:

-          Our commercial operations such as customer relationship management (CRM), content creation, managing our social media, analytics and statistics, managing our loyalty program, etc.;

-          Hosting our websites and the data we collect;

-          Maintaining our IT tools and databases;

-          Managing cases of Compliance with legal obligation, etc.

We select subcontractors, service providers and suppliers who provide sufficient guarantees to ensure the protection, security and confidentiality of your personal data.

We may also share certain personal data about you with social media platforms or search engines (e.g. google, Facebook, etc.) in order to carry out targeted advertising. When we transmit this information, your data is securely encrypted. We do not retrieve any data about you from these companies.

 

Your personal data may also be disclosed to administrative or judicial authorities upon their request, as well as to third parties or recipients authorized to comply with a legal obligation or for the exercise of Certain Legitimate usess.

 

Finally, we may share certain of your data with employees of the NAOS group companies who need to process it as part of the processing activities outlined in this Policy.

 

How do we ensure the security of your data?

We are committed to implementing reasonable measures to ensure that your personal data is adequately protected, taking into account the sensitive nature of certain information. We use various technologies and procedures to ensure that your data is processed in a way that guarantees its protection against loss, destruction, alteration, disclosure or unauthorized access, whether unlawful or accidental.

 

We require an equivalent level of security from our subcontractors and service providers.

 

Where is your data stored?

We process and store your personal data in India.

Most of our subcontractors and service providers store and process your personal data within the European Union. However, we also engage certain subcontractors and service providers who store or process your data in one or more countries outside the European Union. We ensure that data transfers outside the European Union are carried out securely and in compliance with applicable legislation. These transfers are in compliance with applicable regulations and are covered by Standard Contractual Clauses.

 

How can you exercise your rights regarding your data?

In accordance with applicable laws, you have various rights regarding your data:

-          Right to information;

-          Right to access;

-          Right to rectification;

-          Right to erasure;

-          Right to object to processing;

-          Right to withdraw your consent;

-          Right to restriction of processing

-          Right to data portability

-          Right not to be subject to a decision based solely on automated processing that produces legal effects concerning you or significantly affects you

-          Right to object to commercial prospecting, including profiling;

-          Right to issue directives concerning the retention, erasure and communication of your data after death.

You can exercise these rights at any time by emailing bioderma@in.naos.com via our contact form or by postal mail to the address D-605, Tower 2, L&T Seawoods, Sector 40 Nerul, Navi Mumbai, Maharashtra, India – 400706.

 

You will receive a response within one month from the receipt of your request.

 

We deserve the right not to follow up on requests that are clearly unfounded, in accordance with applicable regulations. You will be informed of any refusal made by us.