Privacy Policy

How You Control Your Personal Data

You are in control of your personal data. You can exercise your rights and change your preferences anytime.

Data Subject Rights Requests

Depending on your location (the jurisdiction in which you are a resident), you may have different data subject rights available to you. These may include requests for access, erasure, rectification/correction, to opt out of receiving marketing emails or texts, object to our use of your email address or phone number for advertising, etc. To submit a Data Subject Rights requests for your jurisdiction, click here.

You can also tell us to stop sending you email and text messages by following the opt-out instructions sent with these communications. Please be aware that we may need to keep certain information to honor your choices (e.g., if you tell us to stop sending marketing emails, we will need your email address on file so that our systems remember that you no longer wish to receive marketing communications to that email address).

Also, there are some situations where we may be unable to grant your request (e.g., deleting transaction data where we have a legal obligation to keep it, or for fraud prevention, security, or to protect the privacy of others, or for the establishment, exercise, or defense of legal claims, among other things).



Traditional Online Behavioral Advertising

How You Exercise Choice as to Interest-Based Ads

Advertising Industry Opt-Outs

For the U.S., to exercise choice with respect to interest-based advertising, you can utilize the opt-out mechanism provided by the Digital Advertising Alliance (“DAA”) by clicking here (for browsers) orhere (for app-based opt-outs).

The Network Advertising Initiative (“NAI”) has developed a tool that allows consumers to opt out of certain Interest-based Ads delivered by NAI members' ad networks. To learn more about opting out of such targeted advertising or to use the NAI tool, see http://www.networkadvertising.org/choices/.

For Europe, you may click here to learn more about the DAA-Europe’s opt-out program.

For Canada, you may click here to learn more about the DAA Canada’s opt-out program.

To opt-out of Unified ID 2.0 globally click here.

Please be aware that, even if you opt-out of certain kinds of interest-based ads, you may continue to receive other ads. Further, opting out of one or more NAI or DAA members only means that those selected members should no longer under the DAA / NAI rules deliver certain targeted ads to you. This will affect services provided by the applicable DAA / NAI members but does not mean you will no longer receive any targeted content and/or ads from non-participating parties. Also, if your browsers are configured to reject cookies when you visit the opt-out page, or you subsequently erase your cookies, use a different Device or web browser(s), or use a non-browser-based method of access, your DAA / NAI browser-based opt-out may not, or may no longer, be effective. Mobile device opt-outs will not affect browser-based Interest-based ads even on the same device, and you must opt-out separately for each device. We are not responsible for the effectiveness of, or compliance with, any third party opt-out options or programs or the accuracy of their statements regarding their programs.

You can also prevent or reduce getting interest-based ads on websites by declining cookies in your browser(s), or on mobile devices by declining the “access to data” requests that apps usually present when you install them or by adjusting the ad tracking settings on your device.

Please note that you may also receive personalized ads based on your email address or phone number, if you have provided those to us for marketing purposes. To opt out of that usage, please contact us.

You will still see “contextual” ads even if you opt out of interest-based ads. Even if we stop sending you interest-based ads, you will still get ads from our brands on your computer or mobile devices. These ads, however, are based on the context of the sites you visit and are called contextual ads. Unlike interest-based ads which are based on pages you visit on your mobile phone or computer viewing activities over time and across unrelated services, contextual ads are ads shown to you based on the context of the specific site you are visiting. For example, you still may see an ad for one of our baby care brands while looking at nursery products online because these sites traditionally have had mostly new or expecting parents as visitors. You should also know that we may still collect information from your computer or devices and use it for other purposes like evaluating how our websites work, for consumer research, or detecting fraud, pursuant to applicable laws.

How You Can Control Cookies

You can set your browser to refuse all cookies or to indicate when a cookie is being sent to your computer. However, this may prevent our sites or services from working properly. You can also set your browser to delete cookies every time you finish browsing.

When you opt-out of interest-based advertising, an opt-out cookie is sent to your browser that indicates that you no longer want to receive interest-based ads. Your opt-out cookie will be deleted if you decide to delete all cookies on your browser. This means that you will need to opt-out again on each browser where you have deleted cookies if you still do not want to receive interest-based ads.

In some markets and on some of our websites, we offer a cookie consent management platform which allows you to exercise choice with respect to certain categories of cookies. If this is available, this may appear as a cookie banner and/or as an icon that is visible on the applicable websites. We may also provide similar technology in mobile apps, which, if available, will be accessible through the applicable app’s settings menu.

U.S. State Privacy Laws

See our “U.S. State Privacy Notice “ below for information required by certain state privacy laws, and information regarding privacy rights under such laws.

Additional Information for EEA, Switzerland, and UK Residents

If you live in the EEA, Switzerland or the UK, or are physically in the EEA, Switzerland, or the UK, you may access the personal data we hold about you, request that inaccurate, outdated, or no longer necessary information be corrected, erased, or restricted, and ask us to provide your data in a format that allows you to transfer it to another service provider. You also may withdraw your consent at any time where we are relying on your consent for the processing of your personal data. And you may object to our processing of your personal data (this means ask us to stop using it) where that processing is based on our legitimate interest (this means we have a legitimate reason for using the data for a certain purpose and this reason is not outweighed by your interest in P&G not using it). To make a request, click here.

If you would like more information about data protection and your personal data rights in general, please visit the European Data Protection Supervisor’s site at https://edps.europa.eu/data-protection/ or the UK Information Commissioner’s Office site at https://ico.org.uk. If you are not happy with our response to your requests, you may lodge a complaint with the data protection authority in your country.

Consumer Research Participants

To make a request with respect to personal data we may have as part of your participation in one of our research studies, please see the contact information provided on your consent form or call or visit your research center.

How We Gather & Use Personal Data

Like most brands, we collect personal data as you interact with us or when you share personal data with third parties that in turn can be shared with us. We do this respectfully and carefully to protect your rights. Personal data can help us better understand your interests and preferences as a consumer and a person.

How We Collect Personal Data

We collect personal data about you in many ways and from many places. Some of the personal data we collect may include personal data that can be used to identify you; for example, your name, email address, telephone number, or postal address. In some jurisdictions, things like IP address or cookie and mobile device identifiers may also be considered personal data.

You Share it Directly

You give us your personal data when signing up for an account on our websites or mobile apps or by calling or emailing us. We may ask for things like your name, email or home address, date of birth, payment information, your age, gender, the number of people in your family, and the way you want us to send you information about our products and services—for example, to your home address, email address, or by texting you.

You Interact with Websites & Emails

We may use technologies that automatically collect information when you visit our sites, view our advertisements, or use our products or services. For example, we use cookies (a tiny file stored on your computer’s browser) to tell us what browser and operating system you are using, your IP address, and about your online activities such as web pages you visit, links you click, or whether you have or have not opened an email from us.

You Use Mobile Apps & Other Devices

To give you the best possible user experience, we may use technologies that collect information from your phone when you use our mobile apps or our “smart” devices in your home. You consent to this when downloading the app or installing household internet connected devices. This information could include your mobile phone or other device advertising ID, information about your phone’s operating system, how you use the app or device, your physical location, and other information that is considered personal data in some jurisdictions. You will get a pop-up notice on your phone or device that gives you the option to accept or reject allowing us to know your precise geolocation (exactly where you are standing or where you are accessing the internet) or to collect or access other personal data, as required by the applicable laws.

You Connect with Partners or Third Parties

We may get information that other companies share with or sell to us. For example, you may have given consent for another company to share your personal data with us when you signed up for telecom services or a retailer loyalty points program. Where possible, we may also collect personal data from publicly available sources, such as from internet postings, blog entries, videos, or social media sites. We may also receive personal data from other companies, such as consumer data resellers, who are in the business of collecting or aggregating information about you sourced from publicly available databases (in line with local legal requirements as applicable) or from consent you have given to their use and subsequently our use of your personal data. This might include information about your income level, age, gender, number of people in your family, and products you have bought on the internet or from stores in your neighborhood.

General Ways We Use Personal Data

We use your personal data to help us meet our purpose of touching and improving the lives of people like you every day around the world. For example, we use your information to:

  • Perform services for you

  • Identify and authenticate you to our different marketing programs and websites

  • Administer and maintain our financial incentive, rewards, discounts (e.g., price or service coupons) and loyalty programs (collectively, “Rewards Programs”)

  • Respond to your questions or requests for information

  • Provide customer service

  • Send transactional messages (such as account statements or confirmations)

  • Send marketing communications about our products or services (or the products or services of our partners), survey, and invitations

  • Process your payment for the products you buy from us

  • Process and issue refunds and collections

  • Send you products or samples you have requested

  • Help you manage your Gillette site or app preferences

  • Allow you to enter our contests or sweepstakes

  • Interact with you on social media

  • Better understand your interests and preferences and serve you and others like you with relevant offers and communications

  • Serve you with relevant ads and serve others, who, having a profile like yours, may be interested in hearing from us, with relevant ads through custom audiences and look-alike audiences. For example, we may upload your hashed email address into a social media service and ask that social media service to send our ads to you and to people who have similar interests as you, including in other countries, based on data it has about you and about other people

  • Measure and track the effectiveness of advertising campaigns

We also use your personal data for internal business purposes such as:

  • Quality control, training, and analytics

  • Safety maintenance and verification

  • System administration and technology management, including optimizing our websites and applications

  • Security purposes, including detecting threats and protecting against malicious or fraudulent activity

  • Recordkeeping and auditing interactions with consumers, including logs and records maintained as part of transaction information

  • Risk management, audit, investigations, reporting and other legal and compliance reasons

We may also use your personal data to better understand you, including:

  • For internal research

  • To design and develop products, services and programs that delight our consumers

  • To identify prospective consumers

How We Use Cookies

Cookies are small files sent to your computer as you surf the web. They store useful information about how you interact with the websites you visit.

We use cookies in several ways, such as:

  • to allow you to browse the website and use its features

  • to serve you with relevant advertising and measure the effectiveness of such advertising

  • to ensure that you are not shown an ad more than you should be (called “frequency capping”)

  • to learn more about the way you interact with Gillette content

  • to help us improve your experience when visiting our websites

  • to remember your preferences, such as a language or a region, so there is no need for you to customize the website on each visit

  • to identify errors and resolve them

  • to analyze how well our websites are performing

Types of Cookies We Use

Strictly Necessary Cookies: These cookies (also sometimes referred to as “essential”) allow the page to load or provide some essential functionality without which the page would not work (i.e., store your data in a shopping cart).

Functional Cookies: These cookies allow sites to remember what you prefer when you come back again. For example, if you choose to read the site in French on your first visit, the next time you come back the site will appear automatically in French. Not having to select a language preference every time makes it more convenient, more efficient, and user-friendly for you.

Advertising Cookies: These cookies can be used to learn about what interests you generally might have, based, for example, on the websites you visit and the products you buy. That data allows us to send you ads for products and services that better fit the things you like or need. It also allows us to limit the number of times you see the same advertisement.

Analytics Cookies: These cookies tell us how you use our websites, like which pages you visited and which links you clicked. This helps us measure and improve the performance of our websites. We use different analytics cookies in different jurisdictions. In many cases, we use Google Analytics cookies to monitor the performance of our sites. Our ability to use and share information collected by Google Analytics about your visits to our sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.

Social Media Cookies: These cookies, that areset by a range of social media services that we have added to the site, allow you to share our content with your friends and networks and enable us to reach you with ads on those social platforms related to your visits on our sites. The cookies of some social media sites, e.g., Facebook, are also used for ad targeting.

Interest-Based Advertising

When you visit our partner sites, we can show you ads or other content we believe you would like to see. For example, you may receive advertisements for Gillette if we notice that you are visiting sites that talk about fashion and lifestyle. And from that information we may conclude that could well be interested in knowing about great shaving products. In this way, we intend to send you relevant information about our products that might be of benefit to you. To learn more about your choices regarding interest-based advertising see “How you exercise choice as to your interest-based ads” section.

We Learn from Groups of Consumers Sharing Similar Interests: We may place you into a particular group of consumers who show the same interests. For example, we may put you in the group of “razor aficionados” if we see you frequently purchase razors online or you could be a “bargain-shopper” if we notice you use online coupons or look for discounts or sales. We may infer these things about you based on your activity on certain web pages, links you click on our websites and other websites you visit, mobile applications you use, or our brand emails you view and links you click in the emails, as well based on other information we have collected, such as from retailer partners and other third parties. We group together cookie and device IDs to help us learn about general trends, habits, or characteristics from a group of consumers who all act similarly online and/or offline. By doing this, we can find and serve many others who “look like” those already in the group and thereby send them what we believe will be relevant and beneficial product offers and information.

We Link Other Information to Your Cookie and Device IDs: Your cookie and device IDs may be supplemented with other information, such as information about the products you buy offline or information that you provide directly to us when creating an account on our sites. We generally do this in ways that will not directly personally identify you. For example, we could know that cookie ID ABC12345 belongs to the razor aficionado group based on a person’s web site visits, age, gender, and shopping habits. Should we want to personally identify your cookie or device information (web and app viewing history), we will do so in accordance with applicable laws.

We May Know You Across Your Computers, Tablets, Phones and Devices: We may know that cookie ID ABC12345 is from a computer that that may be connected to the same person or household owning the mobile phone with device ID EFG15647. This means that you may search for grooming products on your laptop, click on a Google search result link which we have sponsored, and then later see an ad for our Gillette brand on your mobile phone. We might assume or deduce that the same person owns the computer and phone because, for example, they sign on to the same Wi-Fi network every day at the same time. Understanding what devices seem to be used by a person or household helps us limit the number of times you see the same ad across your devices. And this is important because that way you don’t get annoyed at us for spamming you with the same ad and we don’t pay for such repetitive ads that we don’t want you to receive.

Addressable Media: When you provide us with your personal data via our sites or apps, we will use an encryption of that data – or a substitute identifier such as The Trade Desk's UID2 -- to serve you with ads we think you may like. We do this generally by uploading a pseudonymized version (replaced with artificial letters or numbers) of your email address, phone number, or your mobile advertising ID to a platform that offers ad space (e.g., Facebook, YouTube, Instagram, TikTok, etc.). We also use that same data to serve you advertising through what is called the open web. This means you may see relevant ads from us on sites like nytimes.com or apps or other places like digital TV that participate in online auctions of their ad inventory.

Advanced Matching: Some of our sites use the Advanced Matching features offered by Social Media Platforms to its advertisers (e.g. Facebook’s Advanced Matching, TikTok’s Advanced Matching, etc.). Through Advanced Matching, we will send some of the personal data you enter on our site form fields (e.g., your name, email address, and phone number – not any sensitive or special category data) in a pseudonymized format to the Social Media Platform, or the Social Media Platform Pixel will pseudonymize and pull that data automatically, for the purpose of helping associate you with your browser cookie or device ID. We do this so that we can better target and measure the effectiveness of our advertising on the respective Social Media platforms. This is how we can know that if we showed you an ad on a given Social Media Platform, you clicked on it, came to our site and bought something – or not – and therefore whether we should continue to buy ads on that Social Media Platform – or not.

Google Analytics Advertising Features: Some of our sites use Google Remarketing Lists for Search Ads with Analytics (“RLSA”), which is a service they offer to advertisers. When individuals visit our sites, Google Analytics collects data about their visits. If a visitor is signed into their Google account, we are able to provide that user with interest-based advertising when they conduct a Google search for terms related to the site they visited. For example, if you are signed into a Google account when visiting our Head & Shoulders website, we may provide you with Head & Shoulders advertising when you search for “dandruff shampoo” on Google. Our ability to use and share information collected by Google Analytics about your visits to our sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. To understand how Google uses data when you use our partners' sites or apps, visit here. You may opt out of Google Analytics at any time.

Other Technologies We May Use

Proximity-Based Beacons: Beacons send one-way signals to mobile apps you install on your phone over very short distances to tell you, for example, what products are on-sale as you walk through a store. Beacons only talk to your device when you get close enough and after you have given consent within the mobile application associated with a particular beacon. In turn, apps may provide us location information to help customize advertising and offers to you. For example, when you are near a beacon in the skin care section of a supermarket, we may send you a $4 off coupon.

Pixels: These are small objects embedded into a web page but are not visible. They are also known as "tags,” “web bugs,” or "pixel gifs." We use pixels to deliver cookies to your computer, monitor our website activity, make logging into our sites easier, and for online marketing activities. We also include pixels in our promotional email messages or newsletters to determine whether you open them and click on their links. This helps us understand whether you are an active user (which will prevent your data from being deleted due to inactivity). It also helps us measure the effectiveness of our marketing efforts, and derive insights and analysis, that we will use to personalize the content of our communication and to guide our marketing decisions (for example, if you opened an email but did not click on the links in it, we may decide to retarget you on Facebook).

Mobile Device Identifiers and SDKs: We use software code in our mobile apps to collect information as you use our apps which is like what cookies collect on our websites. This will be information like your mobile phone identifiers (iOS IDFAs and Android Advertising IDs) and the way you use our apps.

Precise Geolocation: We may receive information about your exact location from things like global positioning system (GPS) coordinates (longitude and latitude) when you use our mobile apps. You will always get a pop-up notice on your phone or device asking for you to accept or reject allowing us to know exactly where you are in the world. You should understand that we will not always ask for consent to know generally that you are in a broader city, postal code, or province. For example, we do not consider it to be precise location if all we know is that you are somewhere in Manila, Philippines.

Site and App Content

Plugins: Our websites may include plugins from other companies such as social networks. An example of a plugin is the Facebook “Like” button. These plugins may collect information (e.g., the URL of the page you visited) and send it back to the company that created them. This may happen even if you do not click on the plugin. These plugins are governed by the privacy policy and terms of the company that created them, even though they appear on our sites.

Logins: Our websites may allow you to log in using your account with another company such as, for example, “Login with Facebook.” When you do this, we will have access only to the information that you have given us consent to receive from your account settings in the other company’s account you’re using to log in with.

User Content: Some of our sites and apps will allow you to upload your own content for contests, blogs, videos, and other functions. Please remember that any information you submit or post becomes public information. We do not have control over how others may use the content you submit to our sites and apps. We are not responsible for such uses in ways that may violate this privacy policy, the law, or your personal privacy and safety.

Links: Gillette sites may include links to other sites, which we do not control. Those sites will be governed by their own privacy policies and terms, not ours.

How We Disclose Data

With Your Consent

When we have your consent, we may disclose your personal data to others, such as select partners so they can send you offers, promotions, or ads about products or services we believe you may be interested in.

Online Platforms and Ad Tech Companies

Our websites and applications may make available contact information, unique identifiers, inferred and derived information, online and technical information and geolocation data with online platforms and ad tech companies to help us serve you relevant advertisements and offers, subject to applicable legal requirements, which may include consent and/or opt-outs. We do not sell your personal data to marketers outside of Gillette in exchange for monetary compensation.

Vendors

We may disclose or otherwise make available your personal data to our vendors (including “service providers” and “processors” defined under applicable laws, which we collectively refer to as “service providers” or “vendors” herein) who help us run our business. This includes hosting our sites, processing payment information for the purchases made by you through our sites, delivering our emails and marketing communications to you, analyzing the data we collect, helping us with sales attribution (e.g., to see if we showed you an ad on a platform site and then you bought a product from us) and sending you the products and services you requested. We also disclose or otherwise make available your personal data with lawyers, auditors, consultants, information technology and security firms, and others who provide services to us. We disclose or otherwise make available only the personal data needed for these companies to complete the tasks we request or, where permitted by applicable law, use the personal data for certain internal purposes such as security or fraud detection. We instruct our service providers to appropriately process and protect your personal data.

Payments for Purchases

Payments for purchases made through some of our sites are completed using a third-party vendor’s online payment system. For these sites, Gillette does not have access to your credit card information provided for purchases and does not store or disclose your credit card information as part of your purchases through these third-party systems. The personal or financial information you provide to our online payment system on these sites is subject to the third-party’s privacy policy and terms of use and we recommend you review these policies before providing any personal or financial information.

Legal and Similar Reasons

If a brand or one of our businesses that controls your personal data, or some or all of its business assets, are sold to another company, your personal data will be disclosed to that company. We may also disclose your information to companies who help us protect our rights and property, or when required by law, legal processes, government authorities or as reasonably necessary to protect the rights or interests of ourselves or others.

Types of Data We Collect

As a large company, with many products and businesses in many countries around the world, we collect the following types of personal data to best serve our consumers.

Please be aware that this is a comprehensive list of various types of personal data we collect and that we only collect it when have a lawful basis to do so (for example when we have your consent, or when we need this information for the performance of a contract to which you are party, or when the processing is necessary based on our legitimate interest or for compliance with a legal obligation). Many of these types almost certainly will not apply to you. If you want to know what data we actually have about you, just ask.

What We Typically Collect

Contact Information: Data elements in this category include names (including nicknames and previous names), titles, mailing address, email address, telephone/mobile number and contact information for related persons (such as authorized users of your account).

General Demographics & Psychographics: Data elements in this category include personal characteristics and preferences, such as age range, marital and family status, race and ethnicity (for example, in relation to information you provide in relation to your haircare or skincare purchases or preferences), shopping preferences, languages spoken, loyalty and rewards program data, household demographic data, data from social media platforms, education and professional information, hobbies and interests and propensity scores from third parties (likelihood of purchase, experiencing a life event, etc.).

Transaction and Commercial Information: Data elements in this category include customer account information, qualification data, purchase history and related records (returns, product service records, records of payments, credits etc.), records related to downloads and purchases of products and applications, non-biometric data collected for consumer authentication (passwords, account security questions), customer service records.

Unique IDs & Accounts Details: Data elements in this category include unique ID number (such as customer number, account number, subscription number, rewards program number), system identifiers (including username or online credentials), device advertisers, advertising IDs and IP address.

Online & Technical Information: This includes internet or other electronic network activity information. Data elements in this category include IP addresses, MAC addresses, SSIDs or other device identifiers or persistent identifiers, online user IDs, encrypted passwords, device characteristics (such as browser information), web server logs, application logs, browsing data, viewing data (TV, streaming), website and app usage, first party cookies, third party cookies, web beacons, clear gifs and pixel tags.

Inferred Information: This includes information derived from other personal data listed in this section. We create inferred and derived data elements by analyzing our relationship and transactional information. Data elements in this category include propensities, attributes and/or scores generated by internal analytics programs.

What We Sometimes Collect

Precise Geolocation: Data elements in this category include precise location (such as latitude/longitude).

Health-Related Information: Data elements based on how it is collected include:

  • Information collected from consumer programs (such as when you register on our brand sites, participate in our rewards programs, or purchase our products)

    • General health and symptom information

    • Pregnancy-related information, such as due date

  • Consumer Research Studies where you have provided your informed consent

    • Information about physical or mental health, disease state, medical history or medical treatment or diagnosis, medicines taken and related information

  • Information collected when you contact us to report a complaint or an adverse event occurring in connection with the use of one of our products

Financial Account Information: Data elements in this category include bank account number and details and payment card information (e.g., when you make a purchase directly with a brand or receive a credit from a brand).

Government-Issued IDs: Data elements in this category include governmental ID and Tax ID (e.g., for winners of a contest in jurisdictions where we are required to collect that information).

Audio Visual Information: Data elements in this category include photographs, video images, CCTV recordings, Call Center recordings and call monitoring records, and voicemails (e.g., for research, when you visit our facilities, or when you call us).

Smart Devices and Sensor Information: Data elements in this category include smart device records, IoT products (e.g., from an Oral B app-connected toothbrush).

Data About Children: Data elements in this category may include the number of children you have, your children’s genders, and ages.

Biometric Information: Data elements in this category include facial recognition data, and a mathematical representation of your biometric identifier, such as the template maintained for comparison (e.g., for healthcare research studies). We will retain this biometric data for as long as necessary to fulfil the purpose(s) of collection or processing unless we are required to retain it longer for legal or regulatory compliance purposes, or to exercise or defend our legal interests. We have implemented commercially reasonable protocols to safeguard and, when appropriate, to permanently delete or dispose of such biometric data.

Children’s Personal Data

We follow all applicable data protection laws when collecting personal data online from children. For example, in the EEA, Switzerland, Serbia, and the UK we do not collect personal data from children under 16 years of age without the consent of the holder of parental responsibility over the child, unless a lower age is provided for by the local laws – provided that such lower age is not below 13 years. Similarly, in the U.S., we obtain verified parental consent when collecting personal data from children younger than 13. We do not use personal data of children for targeted advertising.

How We Protect Your Information

Your privacy is important. That’s why we respect it by taking steps to protect your personal data from loss, misuse, or alteration.

We respect your personal data and take steps to protect it from loss, misuse, or alteration. Where appropriate, these steps can include technical measures like firewalls, intrusion detection and prevention systems, unique and complex passwords, and encryption. We also use organizational and physical measures such as training staff on data processing obligations, identification of data incidents and risks, restricting staff access to your personal information, and ensuring physical security including appropriately securing documents when not being used.

International Transfers

P&G has its head offices in the United States, regional offices in Singapore, Dubai, Geneva and Panama and further P&G service centers in other countries, like Costa Rica or Philippines. As a multinational company, P&G undertakes data transfers, either within the P&G group of entities, or when sharing your data with service providers or selected partners that may store, process, or access your data in a country other than the one in which it was collected, including the United States.

As far as EU citizens are concerned, (but also citizens of Switzerland, UK and Serbia for example) this means that their data may be processed outside of the European Economic Area (EEA), either in countries have been recognized by the European Commission to offer adequate data protection, like the United Kingdom (from where, for example, some of our fulfillment, return and contact center services are managed for the EU region), or Switzerland (where our EU headquarters are located), or in other countries that are not deemed, by the European Commission, as offering such level of data protection. For such transfers of data, because special safeguards need to be foreseen to ensure that the protection travels with the data, we use the EU Standard Contractual Clauses, standardized and pre-approved model data protection clauses. You can find the latest version of the approved EU Standard Contractual Clauses, including the different transfer modules, here. Our transfer agreements also incorporate the standard data protection clauses issued in accordance with UK, Swiss and Serbian data protection law If you have any questions with reference to our data transfer agreements, please contact us.

For non-EEA and UK data, we perform such transfers based on your consent, or on our contracts, where so required by local law.

EEA, UK and Serbia Privacy

This section includes information that is required to be disclosed in respect of our processing of personal data of EEA country, UK and Serbian residents. It aims to provide increased transparency into our processing, retention, and transfer of EEA, UK and Serbian residents personal data that is in line with the letter and spirit of the General Data Protection Regulation (“GDPR”) and the GDPR as incorporated into UK law by the Data Protection Act 2018 and amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019. Certain information, such as the Entities and list of Data Controllers, as well as the legal bases for processing explained under “Processing and Retention” below only apply to processing of personal data of EEA country, UK and Serbia residents. The retention periods described below, however, apply more broadly to personal data of residents of the states described above in the U.S. State Privacy Notice.

Entities

A data controller is the entity which directs the processing activity and is principally responsible for the data.

Data Controller

Procter & Gamble UK

The Heights, Brooklands, Weybridge, Surrey KT13 0XP



Automated Decision-Making and Profiling

Automated decision-making implies making a decision using automated means without human involvement. Profiling is a form of automated processing of personal data consisting of the use of personal data to evaluate certain personal characteristics of an individual for the purpose of analyzing or predicting, for example, that individual’s personal preferences, interests, likely behavior, etc.

As you have read in this Privacy Policy, we collect a variety of types of personal information both from you and from other commercially available sources. This data is combined and analyzed, including sometimes using algorithms, to identify links between certain behaviors and personal characteristics. Gillette users who have similar characteristics or have performed similar actions are likely to share similar interests in our products: based on this analysis, segments of Gillette consumers are created and targeted accordingly with relevant offers via email, online advertising, and social media.

This process allows us to customize our communications to your declared or inferred interests. However, we will not conduct any automated decision-making processes, including profiling, that can produce legal effects or that can similarly significantly affect your rights and freedoms, as per Art. 22(1) and (4) of the GDPR and, should we want to engage in more intrusive profiling and tracking practices, we will always inform you and ask for your consent before doing so.

Processing and Retention

As a general rule, we keep your data for only as long as it is needed to complete the purpose for which it was collected or as required by law. We may need to keep your data for longer than our specified retention periods to honor your requests, including to continue keeping you opted out of marketing emails, or to comply with legal or other obligations. This section tells you the type of data we collect, the purposes for which we use it, why such uses comply with the law (legal basis, as required by certain non-U.S. Privacy Laws such as the GDPR), and how long we usually keep it (retention period).

Marketing

Types of Data: Email, name, phone number, postal address, your affinities, your interests, your logged in browsing behavior on our sites or apps, your answers to our surveys, your participation in our promotional campaigns, your profession, your habits, what you bought, the photos or videos you upload, information about your children and your home, your family composition, the number of people in your household, your hair type, your skin type, your favorite scent, whether you have a pet, health-related information (for example your pregnancy due date), etc.

Why We Collect This Data: To send you materials and relevant communication, including advertisements, marketing our products or services or the products or services of our partners.

Legal Basis: Your consent for sending you email and SMS. Our legitimate interest for postal marketing (unless consent is required according to country laws). Your consent for the collection and analysis of the information contained on the purchase receipts you upload if we want to use it to personalize our marketing communication and advertisements to you.

Depending on the case, we may rely on our legitimate business interests or on your consent for the enrichment and combination of your registration data (including data that you disclose to us when interacting with our services, such as brand preferences, clipped coupons, etc.),with attributes, interests, demographic data obtained from commercially available sources or other third parties, for the processing your email address, phone number, or your mobile advertising ID to serve you with relevant advertising across different media channels, including on social media platforms, via custom audiences and look-a-like audiences.

Your explicit consent for the processing of any special category data.

Retention PeriodUntil you request to delete the personal data or withdraw your consent. If you do not make such a request, the personal data will be deleted on the following schedule:

Email: after <50 months of all-channel inactivity.

SMS: after <50 months of all-channel inactivity.

Postal Address: after <50 months of all-channel inactivity.

We define inactivity through several internal criteria that indicate a user’s lack of interaction with our programs and communications. For example, if you do not log in, or do not open/click on our emails, we will consider you “inactive” and delete your data after a certain number of months of prolonged inactivity, as stated above. These retention periods should be regarded as the maximum allowed and may be shorter in certain countries in line with local requirements.

For Italy Data Subjects: As far as personal data collected for personalization of our communication and offers is concerned (profiling), we keep it for 36 months as of the collection date, unless you ask for it to be deleted earlier.

Contests

Types of Data: Email, name, phone number, sometimes home address and, other data as relevant.

Why We Collect This Data: To provide contest participants with information about the contest, including announcing the winner(s) of the contest and sending the prizes.

Legal Basis: Performance of a contract.

Retention Period: For 24 months unless local law requires us to retain it longer.

Product Purchases

Types of Data: Email, name, phone number, payment information (including bank account IBAN or PayPal details), sometimes other data as relevant.

Why We Collect This Data: To process your purchases of our products, cashback offers, or warranties and to send you the relevant transactional communications.

Legal Basis: Performance of a contract.

Retention Period: As long as necessary to fulfill your order and follow up with communications about your order unless local law requires us to retain it longer. We also generally retain data for 24 months for cashback offers and 10 years for warranties.

Contact Us

Types of Data: Email, name, phone number, sometimes other data as relevant.

Why We Collect This Data: To address your inquiries and make sure we follow up appropriately or as may be required by law or Gillette policy.

Legal Basis: Our legitimate business interest in managing consumer inquiries and, by that, improving our processes and products, as well as your consent for special category data which may be collected in some adverse event cases.

Retention Period: From 0 to 10 years, depending on the nature of the inquiry, our legitimate interests for processing the data, and our legal obligations.

Research

Types of Data: Email, name, phone number, address, age, gender, race/ethnicity, identifiable photos or videos, sometimes other data as relevant (such as biometric data, health-related data).

Why We Collect This Data: To test our product ideas, learn about your preferences and practices, study/address product-related matters, or research for product development and innovation so that we can improve our products and the lives of our consumers.

Legal Basis: Your consent.

Retention Period: We will retain the non-biometric personal data collected as part of substantive clinical research for as long as we need it for the purpose for which it was collected, and/or for as long as may be required to retain it by local law or regulation, which may be up to 25 years. For non-clinical research, we will retain your substantive non-biometric personal data for a maximum of 5 years. For biometric data, we will retain for as long as necessary to fulfil the purpose(s) of collection or processing, unless we are required to retain it longer for legal or regulatory compliance purposes, or to exercise or defend our legal interests. We will retain your signed informed consent documents.

Traditional Online Behavioral Advertising

Types of Data: Advertising cookies, device ID, behavioral data such as page views, and other data like demographic information such as gender and age.

Why We Collect This Data: To learn about your Internet interests and customize the ads we send you.

Legal Basis: We will obtain your consent for the deployment of cookies on our own websites in accordance with ePrivacy requirements. When we place our tags on third party websites or buy data from third party vendors, we require that our partners obtain your consent before our tag is deployed or your data is shared with us.

Depending on the case, we may rely on our legitimate business interests or on your consent for the processing your email address, phone number, or your mobile advertising ID to serve you with relevant advertising across different media channels

Retention Period: We will retain advertising cookie data for thirteen months from the date we collect it or until you opt out, whichever is earlier.

Ratings and Reviews

Types of Data: Email, nickname, device ID and IP address.

Why We Collect This Data: To allow you to post ratings or reviews on our digital properties, to keep evidence of the authenticity of your reviews, to syndicate your ratings and reviews out to third party websites, and in some cases, to contact you regarding the review.

Legal Basis: Your consent

Retention Period: We will retain your email address, nickname, device ID and IP address for authenticity purposes and for as long as the respective rating/review is used or until the product with which the rating/review is associated gets discontinued, whichever is earlier.

Reporting a data breach to the authorities

Gillette will seek to report potential data breaches within 72 hours of knowledge of such breaches to the relevant authorities responsible for monitoring the security of personal data.

Contact Us

Still have a question or concern? We’re here to help.

Please contact us directly with any questions or concerns you may have about your privacy and our data protection practices or if you are a consumer with a disability and need a copy of this notice in an alternative format. If you have an inquiry that is specific to our data protection officer, such as a suspected data breach, please state that in your message. You may also write to our Data Protection Officer at 1 Procter & Gamble Plaza, Cincinnati, OH 45202, U.S.A.

Procter & Gamble Ireland, The Graan House, Units E1 and E14, Calmount Business Park, Dublin 12, Ireland acts as our representative in the UK and EU in accordance with Art. 27 GDPR.