How You Control Your Personal Data
You are in control of your personal data. You can exercise your rights and change your preferences anytime.
Data Subject Rights Requests
Depending on your location (the jurisdiction in which you are a resident), you may have different data subject rights available to you. These may include requests for access, erasure, rectification/correction, to opt out of receiving marketing emails or texts, object to our use of your email address or phone number for advertising, etc. To submit a Data Subject Rights requests for your jurisdiction, click here.
You can also tell us to stop sending you email and text messages by following the opt-out instructions sent with these communications. Please be aware that we may need to keep certain information to honor your choices (e.g., if you tell us to stop sending marketing emails, we will need your email address on file so that our systems remember that you no longer wish to receive marketing communications to that email address).
Also, there are some situations where we may be unable to grant your request (e.g., deleting transaction data where we have a legal obligation to keep it, or for fraud prevention, security, or to protect the privacy of others, or for the establishment, exercise, or defense of legal claims, among other things).
Traditional Online Behavioral Advertising
How You Exercise Choice as to Interest-Based Ads
Advertising Industry Opt-Outs
For the U.S., to exercise choice with respect to interest-based advertising, you can utilize the opt-out mechanism provided by the Digital Advertising Alliance (“DAA”) by clicking here (for browsers) orhere (for app-based opt-outs).
The Network Advertising Initiative (“NAI”) has developed a tool that allows consumers to opt out of certain Interest-based Ads delivered by NAI members' ad networks. To learn more about opting out of such targeted advertising or to use the NAI tool, see http://www.networkadvertising.org/choices/.
For Europe, you may click here to learn more about the DAA-Europe’s opt-out program.
For Canada, you may click here to learn more about the DAA Canada’s opt-out program.
To opt-out of Unified ID 2.0 globally click here.
Please be aware that, even if you opt-out of certain kinds of interest-based ads, you may continue to receive other ads. Further, opting out of one or more NAI or DAA members only means that those selected members should no longer under the DAA / NAI rules deliver certain targeted ads to you. This will affect services provided by the applicable DAA / NAI members but does not mean you will no longer receive any targeted content and/or ads from non-participating parties. Also, if your browsers are configured to reject cookies when you visit the opt-out page, or you subsequently erase your cookies, use a different Device or web browser(s), or use a non-browser-based method of access, your DAA / NAI browser-based opt-out may not, or may no longer, be effective. Mobile device opt-outs will not affect browser-based Interest-based ads even on the same device, and you must opt-out separately for each device. We are not responsible for the effectiveness of, or compliance with, any third party opt-out options or programs or the accuracy of their statements regarding their programs.
You can also prevent or reduce getting interest-based ads on websites by declining cookies in your browser(s), or on mobile devices by declining the “access to data” requests that apps usually present when you install them or by adjusting the ad tracking settings on your device.
Please note that you may also receive personalized ads based on your email address or phone number, if you have provided those to us for marketing purposes. To opt out of that usage, please contact us.
You will still see “contextual” ads even if you opt out of interest-based ads. Even if we stop sending you interest-based ads, you will still get ads from our brands on your computer or mobile devices. These ads, however, are based on the context of the sites you visit and are called contextual ads. Unlike interest-based ads which are based on pages you visit on your mobile phone or computer viewing activities over time and across unrelated services, contextual ads are ads shown to you based on the context of the specific site you are visiting. For example, you still may see an ad for one of our baby care brands while looking at nursery products online because these sites traditionally have had mostly new or expecting parents as visitors. You should also know that we may still collect information from your computer or devices and use it for other purposes like evaluating how our websites work, for consumer research, or detecting fraud, pursuant to applicable laws.
How You Can Control Cookies
You can set your browser to refuse all cookies or to indicate when a cookie is being sent to your computer. However, this may prevent our sites or services from working properly. You can also set your browser to delete cookies every time you finish browsing.
When you opt-out of interest-based advertising, an opt-out cookie is sent to your browser that indicates that you no longer want to receive interest-based ads. Your opt-out cookie will be deleted if you decide to delete all cookies on your browser. This means that you will need to opt-out again on each browser where you have deleted cookies if you still do not want to receive interest-based ads.
In some markets and on some of our websites, we offer a cookie consent management platform which allows you to exercise choice with respect to certain categories of cookies. If this is available, this may appear as a cookie banner and/or as an icon that is visible on the applicable websites. We may also provide similar technology in mobile apps, which, if available, will be accessible through the applicable app’s settings menu.
U.S. State Privacy Laws
See our “U.S. State Privacy Notice “ below for information required by certain state privacy laws, and information regarding privacy rights under such laws.
Additional Information for EEA, Switzerland, and UK Residents
If you live in the EEA, Switzerland or the UK, or are physically in the EEA, Switzerland, or the UK, you may access the personal data we hold about you, request that inaccurate, outdated, or no longer necessary information be corrected, erased, or restricted, and ask us to provide your data in a format that allows you to transfer it to another service provider. You also may withdraw your consent at any time where we are relying on your consent for the processing of your personal data. And you may object to our processing of your personal data (this means ask us to stop using it) where that processing is based on our legitimate interest (this means we have a legitimate reason for using the data for a certain purpose and this reason is not outweighed by your interest in P&G not using it). To make a request, click here.
If you would like more information about data protection and your personal data rights in general, please visit the European Data Protection Supervisor’s site at https://edps.europa.eu/data-protection/ or the UK Information Commissioner’s Office site at https://ico.org.uk. If you are not happy with our response to your requests, you may lodge a complaint with the data protection authority in your country.
Consumer Research Participants
To make a request with respect to personal data we may have as part of your participation in one of our research studies, please see the contact information provided on your consent form or call or visit your research center.
How We Gather & Use Personal Data
Like most brands, we collect personal data as you interact with us or when you share personal data with third parties that in turn can be shared with us. We do this respectfully and carefully to protect your rights. Personal data can help us better understand your interests and preferences as a consumer and a person.
How We Collect Personal Data
We collect personal data about you in many ways and from many places. Some of the personal data we collect may include personal data that can be used to identify you; for example, your name, email address, telephone number, or postal address. In some jurisdictions, things like IP address or cookie and mobile device identifiers may also be considered personal data.
You Share it Directly
You give us your personal data when signing up for an account on our websites or mobile apps or by calling or emailing us. We may ask for things like your name, email or home address, date of birth, payment information, your age, gender, the number of people in your family, and the way you want us to send you information about our products and services—for example, to your home address, email address, or by texting you.
You Interact with Websites & Emails
You Use Mobile Apps & Other Devices
To give you the best possible user experience, we may use technologies that collect information from your phone when you use our mobile apps or our “smart” devices in your home. You consent to this when downloading the app or installing household internet connected devices. This information could include your mobile phone or other device advertising ID, information about your phone’s operating system, how you use the app or device, your physical location, and other information that is considered personal data in some jurisdictions. You will get a pop-up notice on your phone or device that gives you the option to accept or reject allowing us to know your precise geolocation (exactly where you are standing or where you are accessing the internet) or to collect or access other personal data, as required by the applicable laws.
You Connect with Partners or Third Parties
We may get information that other companies share with or sell to us. For example, you may have given consent for another company to share your personal data with us when you signed up for telecom services or a retailer loyalty points program. Where possible, we may also collect personal data from publicly available sources, such as from internet postings, blog entries, videos, or social media sites. We may also receive personal data from other companies, such as consumer data resellers, who are in the business of collecting or aggregating information about you sourced from publicly available databases (in line with local legal requirements as applicable) or from consent you have given to their use and subsequently our use of your personal data. This might include information about your income level, age, gender, number of people in your family, and products you have bought on the internet or from stores in your neighborhood.
General Ways We Use Personal Data
We use your personal data to help us meet our purpose of touching and improving the lives of people like you every day around the world. For example, we use your information to:
Perform services for you
Identify and authenticate you to our different marketing programs and websites
Administer and maintain our financial incentive, rewards, discounts (e.g., price or service coupons) and loyalty programs (collectively, “Rewards Programs”)
Respond to your questions or requests for information
Provide customer service
Send transactional messages (such as account statements or confirmations)
Send marketing communications about our products or services (or the products or services of our partners), survey, and invitations
Process your payment for the products you buy from us
Process and issue refunds and collections
Send you products or samples you have requested
Help you manage your Gillette site or app preferences
Allow you to enter our contests or sweepstakes
Interact with you on social media
Better understand your interests and preferences and serve you and others like you with relevant offers and communications
Serve you with relevant ads and serve others, who, having a profile like yours, may be interested in hearing from us, with relevant ads through custom audiences and look-alike audiences. For example, we may upload your hashed email address into a social media service and ask that social media service to send our ads to you and to people who have similar interests as you, including in other countries, based on data it has about you and about other people
Measure and track the effectiveness of advertising campaigns
We also use your personal data for internal business purposes such as:
Quality control, training, and analytics
Safety maintenance and verification
System administration and technology management, including optimizing our websites and applications
Security purposes, including detecting threats and protecting against malicious or fraudulent activity
Recordkeeping and auditing interactions with consumers, including logs and records maintained as part of transaction information
Risk management, audit, investigations, reporting and other legal and compliance reasons
We may also use your personal data to better understand you, including:
For internal research
To design and develop products, services and programs that delight our consumers
To identify prospective consumers
Cookies are small files sent to your computer as you surf the web. They store useful information about how you interact with the websites you visit.
to allow you to browse the website and use its features
to serve you with relevant advertising and measure the effectiveness of such advertising
to ensure that you are not shown an ad more than you should be (called “frequency capping”)
to learn more about the way you interact with Gillette content
to help us improve your experience when visiting our websites
to remember your preferences, such as a language or a region, so there is no need for you to customize the website on each visit
to identify errors and resolve them
to analyze how well our websites are performing
Types of Cookies We Use
Strictly Necessary Cookies: These cookies (also sometimes referred to as “essential”) allow the page to load or provide some essential functionality without which the page would not work (i.e., store your data in a shopping cart).
Functional Cookies: These cookies allow sites to remember what you prefer when you come back again. For example, if you choose to read the site in French on your first visit, the next time you come back the site will appear automatically in French. Not having to select a language preference every time makes it more convenient, more efficient, and user-friendly for you.
Advertising Cookies: These cookies can be used to learn about what interests you generally might have, based, for example, on the websites you visit and the products you buy. That data allows us to send you ads for products and services that better fit the things you like or need. It also allows us to limit the number of times you see the same advertisement.
Social Media Cookies: These cookies, that areset by a range of social media services that we have added to the site, allow you to share our content with your friends and networks and enable us to reach you with ads on those social platforms related to your visits on our sites. The cookies of some social media sites, e.g., Facebook, are also used for ad targeting.
When you visit our partner sites, we can show you ads or other content we believe you would like to see. For example, you may receive advertisements for Gillette if we notice that you are visiting sites that talk about fashion and lifestyle. And from that information we may conclude that could well be interested in knowing about great shaving products. In this way, we intend to send you relevant information about our products that might be of benefit to you. To learn more about your choices regarding interest-based advertising see “How you exercise choice as to your interest-based ads” section.
We Learn from Groups of Consumers Sharing Similar Interests: We may place you into a particular group of consumers who show the same interests. For example, we may put you in the group of “razor aficionados” if we see you frequently purchase razors online or you could be a “bargain-shopper” if we notice you use online coupons or look for discounts or sales. We may infer these things about you based on your activity on certain web pages, links you click on our websites and other websites you visit, mobile applications you use, or our brand emails you view and links you click in the emails, as well based on other information we have collected, such as from retailer partners and other third parties. We group together cookie and device IDs to help us learn about general trends, habits, or characteristics from a group of consumers who all act similarly online and/or offline. By doing this, we can find and serve many others who “look like” those already in the group and thereby send them what we believe will be relevant and beneficial product offers and information.
We Link Other Information to Your Cookie and Device IDs: Your cookie and device IDs may be supplemented with other information, such as information about the products you buy offline or information that you provide directly to us when creating an account on our sites. We generally do this in ways that will not directly personally identify you. For example, we could know that cookie ID ABC12345 belongs to the razor aficionado group based on a person’s web site visits, age, gender, and shopping habits. Should we want to personally identify your cookie or device information (web and app viewing history), we will do so in accordance with applicable laws.
We May Know You Across Your Computers, Tablets, Phones and Devices: We may know that cookie ID ABC12345 is from a computer that that may be connected to the same person or household owning the mobile phone with device ID EFG15647. This means that you may search for grooming products on your laptop, click on a Google search result link which we have sponsored, and then later see an ad for our Gillette brand on your mobile phone. We might assume or deduce that the same person owns the computer and phone because, for example, they sign on to the same Wi-Fi network every day at the same time. Understanding what devices seem to be used by a person or household helps us limit the number of times you see the same ad across your devices. And this is important because that way you don’t get annoyed at us for spamming you with the same ad and we don’t pay for such repetitive ads that we don’t want you to receive.
Addressable Media: When you provide us with your personal data via our sites or apps, we will use an encryption of that data – or a substitute identifier such as The Trade Desk's UID2 -- to serve you with ads we think you may like. We do this generally by uploading a pseudonymized version (replaced with artificial letters or numbers) of your email address, phone number, or your mobile advertising ID to a platform that offers ad space (e.g., Facebook, YouTube, Instagram, TikTok, etc.). We also use that same data to serve you advertising through what is called the open web. This means you may see relevant ads from us on sites like nytimes.com or apps or other places like digital TV that participate in online auctions of their ad inventory.
Advanced Matching: Some of our sites use the Advanced Matching features offered by Social Media Platforms to its advertisers (e.g. Facebook’s Advanced Matching, TikTok’s Advanced Matching, etc.). Through Advanced Matching, we will send some of the personal data you enter on our site form fields (e.g., your name, email address, and phone number – not any sensitive or special category data) in a pseudonymized format to the Social Media Platform, or the Social Media Platform Pixel will pseudonymize and pull that data automatically, for the purpose of helping associate you with your browser cookie or device ID. We do this so that we can better target and measure the effectiveness of our advertising on the respective Social Media platforms. This is how we can know that if we showed you an ad on a given Social Media Platform, you clicked on it, came to our site and bought something – or not – and therefore whether we should continue to buy ads on that Social Media Platform – or not.
Other Technologies We May Use
Proximity-Based Beacons: Beacons send one-way signals to mobile apps you install on your phone over very short distances to tell you, for example, what products are on-sale as you walk through a store. Beacons only talk to your device when you get close enough and after you have given consent within the mobile application associated with a particular beacon. In turn, apps may provide us location information to help customize advertising and offers to you. For example, when you are near a beacon in the skin care section of a supermarket, we may send you a $4 off coupon.
Pixels: These are small objects embedded into a web page but are not visible. They are also known as "tags,” “web bugs,” or "pixel gifs." We use pixels to deliver cookies to your computer, monitor our website activity, make logging into our sites easier, and for online marketing activities. We also include pixels in our promotional email messages or newsletters to determine whether you open them and click on their links. This helps us understand whether you are an active user (which will prevent your data from being deleted due to inactivity). It also helps us measure the effectiveness of our marketing efforts, and derive insights and analysis, that we will use to personalize the content of our communication and to guide our marketing decisions (for example, if you opened an email but did not click on the links in it, we may decide to retarget you on Facebook).
Mobile Device Identifiers and SDKs: We use software code in our mobile apps to collect information as you use our apps which is like what cookies collect on our websites. This will be information like your mobile phone identifiers (iOS IDFAs and Android Advertising IDs) and the way you use our apps.
Precise Geolocation: We may receive information about your exact location from things like global positioning system (GPS) coordinates (longitude and latitude) when you use our mobile apps. You will always get a pop-up notice on your phone or device asking for you to accept or reject allowing us to know exactly where you are in the world. You should understand that we will not always ask for consent to know generally that you are in a broader city, postal code, or province. For example, we do not consider it to be precise location if all we know is that you are somewhere in Manila, Philippines.
Site and App Content
Logins: Our websites may allow you to log in using your account with another company such as, for example, “Login with Facebook.” When you do this, we will have access only to the information that you have given us consent to receive from your account settings in the other company’s account you’re using to log in with.
Links: Gillette sites may include links to other sites, which we do not control. Those sites will be governed by their own privacy policies and terms, not ours.
How We Disclose Data
With Your Consent
When we have your consent, we may disclose your personal data to others, such as select partners so they can send you offers, promotions, or ads about products or services we believe you may be interested in.
Online Platforms and Ad Tech Companies
Our websites and applications may make available contact information, unique identifiers, inferred and derived information, online and technical information and geolocation data with online platforms and ad tech companies to help us serve you relevant advertisements and offers, subject to applicable legal requirements, which may include consent and/or opt-outs. We do not sell your personal data to marketers outside of Gillette in exchange for monetary compensation.
We may disclose or otherwise make available your personal data to our vendors (including “service providers” and “processors” defined under applicable laws, which we collectively refer to as “service providers” or “vendors” herein) who help us run our business. This includes hosting our sites, processing payment information for the purchases made by you through our sites, delivering our emails and marketing communications to you, analyzing the data we collect, helping us with sales attribution (e.g., to see if we showed you an ad on a platform site and then you bought a product from us) and sending you the products and services you requested. We also disclose or otherwise make available your personal data with lawyers, auditors, consultants, information technology and security firms, and others who provide services to us. We disclose or otherwise make available only the personal data needed for these companies to complete the tasks we request or, where permitted by applicable law, use the personal data for certain internal purposes such as security or fraud detection. We instruct our service providers to appropriately process and protect your personal data.
Payments for Purchases
Legal and Similar Reasons
If a brand or one of our businesses that controls your personal data, or some or all of its business assets, are sold to another company, your personal data will be disclosed to that company. We may also disclose your information to companies who help us protect our rights and property, or when required by law, legal processes, government authorities or as reasonably necessary to protect the rights or interests of ourselves or others.
Types of Data We Collect
As a large company, with many products and businesses in many countries around the world, we collect the following types of personal data to best serve our consumers.
Please be aware that this is a comprehensive list of various types of personal data we collect and that we only collect it when have a lawful basis to do so (for example when we have your consent, or when we need this information for the performance of a contract to which you are party, or when the processing is necessary based on our legitimate interest or for compliance with a legal obligation). Many of these types almost certainly will not apply to you. If you want to know what data we actually have about you, just ask.
What We Typically Collect
Contact Information: Data elements in this category include names (including nicknames and previous names), titles, mailing address, email address, telephone/mobile number and contact information for related persons (such as authorized users of your account).
General Demographics & Psychographics: Data elements in this category include personal characteristics and preferences, such as age range, marital and family status, race and ethnicity (for example, in relation to information you provide in relation to your haircare or skincare purchases or preferences), shopping preferences, languages spoken, loyalty and rewards program data, household demographic data, data from social media platforms, education and professional information, hobbies and interests and propensity scores from third parties (likelihood of purchase, experiencing a life event, etc.).
Transaction and Commercial Information: Data elements in this category include customer account information, qualification data, purchase history and related records (returns, product service records, records of payments, credits etc.), records related to downloads and purchases of products and applications, non-biometric data collected for consumer authentication (passwords, account security questions), customer service records.
Unique IDs & Accounts Details: Data elements in this category include unique ID number (such as customer number, account number, subscription number, rewards program number), system identifiers (including username or online credentials), device advertisers, advertising IDs and IP address.
Online & Technical Information: This includes internet or other electronic network activity information. Data elements in this category include IP addresses, MAC addresses, SSIDs or other device identifiers or persistent identifiers, online user IDs, encrypted passwords, device characteristics (such as browser information), web server logs, application logs, browsing data, viewing data (TV, streaming), website and app usage, first party cookies, third party cookies, web beacons, clear gifs and pixel tags.
Inferred Information: This includes information derived from other personal data listed in this section. We create inferred and derived data elements by analyzing our relationship and transactional information. Data elements in this category include propensities, attributes and/or scores generated by internal analytics programs.
What We Sometimes Collect
Precise Geolocation: Data elements in this category include precise location (such as latitude/longitude).
Health-Related Information: Data elements based on how it is collected include:
Information collected from consumer programs (such as when you register on our brand sites, participate in our rewards programs, or purchase our products)
General health and symptom information
Pregnancy-related information, such as due date
Consumer Research Studies where you have provided your informed consent
Information about physical or mental health, disease state, medical history or medical treatment or diagnosis, medicines taken and related information
Information collected when you contact us to report a complaint or an adverse event occurring in connection with the use of one of our products
Financial Account Information: Data elements in this category include bank account number and details and payment card information (e.g., when you make a purchase directly with a brand or receive a credit from a brand).
Government-Issued IDs: Data elements in this category include governmental ID and Tax ID (e.g., for winners of a contest in jurisdictions where we are required to collect that information).
Audio Visual Information: Data elements in this category include photographs, video images, CCTV recordings, Call Center recordings and call monitoring records, and voicemails (e.g., for research, when you visit our facilities, or when you call us).
Smart Devices and Sensor Information: Data elements in this category include smart device records, IoT products (e.g., from an Oral B app-connected toothbrush).
Data About Children: Data elements in this category may include the number of children you have, your children’s genders, and ages.
Biometric Information: Data elements in this category include facial recognition data, and a mathematical representation of your biometric identifier, such as the template maintained for comparison (e.g., for healthcare research studies). We will retain this biometric data for as long as necessary to fulfil the purpose(s) of collection or processing unless we are required to retain it longer for legal or regulatory compliance purposes, or to exercise or defend our legal interests. We have implemented commercially reasonable protocols to safeguard and, when appropriate, to permanently delete or dispose of such biometric data.
Children’s Personal Data
We follow all applicable data protection laws when collecting personal data online from children. For example, in the EEA, Switzerland, Serbia, and the UK we do not collect personal data from children under 16 years of age without the consent of the holder of parental responsibility over the child, unless a lower age is provided for by the local laws – provided that such lower age is not below 13 years. Similarly, in the U.S., we obtain verified parental consent when collecting personal data from children younger than 13. We do not use personal data of children for targeted advertising.
How We Protect Your Information
Your privacy is important. That’s why we respect it by taking steps to protect your personal data from loss, misuse, or alteration.
We respect your personal data and take steps to protect it from loss, misuse, or alteration. Where appropriate, these steps can include technical measures like firewalls, intrusion detection and prevention systems, unique and complex passwords, and encryption. We also use organizational and physical measures such as training staff on data processing obligations, identification of data incidents and risks, restricting staff access to your personal information, and ensuring physical security including appropriately securing documents when not being used.
P&G has its head offices in the United States, regional offices in Singapore, Dubai, Geneva and Panama and further P&G service centers in other countries, like Costa Rica or Philippines. As a multinational company, P&G undertakes data transfers, either within the P&G group of entities, or when sharing your data with service providers or selected partners that may store, process, or access your data in a country other than the one in which it was collected, including the United States.
As far as EU citizens are concerned, (but also citizens of Switzerland, UK and Serbia for example) this means that their data may be processed outside of the European Economic Area (EEA), either in countries have been recognized by the European Commission to offer adequate data protection, like the United Kingdom (from where, for example, some of our fulfillment, return and contact center services are managed for the EU region), or Switzerland (where our EU headquarters are located), or in other countries that are not deemed, by the European Commission, as offering such level of data protection. For such transfers of data, because special safeguards need to be foreseen to ensure that the protection travels with the data, we use the EU Standard Contractual Clauses, standardized and pre-approved model data protection clauses. You can find the latest version of the approved EU Standard Contractual Clauses, including the different transfer modules, here. Our transfer agreements also incorporate the standard data protection clauses issued in accordance with UK, Swiss and Serbian data protection law If you have any questions with reference to our data transfer agreements, please contact us.
For non-EEA and UK data, we perform such transfers based on your consent, or on our contracts, where so required by local law.
EEA, UK and Serbia Privacy
This section includes information that is required to be disclosed in respect of our processing of personal data of EEA country, UK and Serbian residents. It aims to provide increased transparency into our processing, retention, and transfer of EEA, UK and Serbian residents personal data that is in line with the letter and spirit of the General Data Protection Regulation (“GDPR”) and the GDPR as incorporated into UK law by the Data Protection Act 2018 and amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019. Certain information, such as the Entities and list of Data Controllers, as well as the legal bases for processing explained under “Processing and Retention” below only apply to processing of personal data of EEA country, UK and Serbia residents. The retention periods described below, however, apply more broadly to personal data of residents of the states described above in the U.S. State Privacy Notice.
A data controller is the entity which directs the processing activity and is principally responsible for the data.
Procter & Gamble UK
Automated Decision-Making and Profiling
Automated decision-making implies making a decision using automated means without human involvement. Profiling is a form of automated processing of personal data consisting of the use of personal data to evaluate certain personal characteristics of an individual for the purpose of analyzing or predicting, for example, that individual’s personal preferences, interests, likely behavior, etc.
This process allows us to customize our communications to your declared or inferred interests. However, we will not conduct any automated decision-making processes, including profiling, that can produce legal effects or that can similarly significantly affect your rights and freedoms, as per Art. 22(1) and (4) of the GDPR and, should we want to engage in more intrusive profiling and tracking practices, we will always inform you and ask for your consent before doing so.
Processing and Retention
As a general rule, we keep your data for only as long as it is needed to complete the purpose for which it was collected or as required by law. We may need to keep your data for longer than our specified retention periods to honor your requests, including to continue keeping you opted out of marketing emails, or to comply with legal or other obligations. This section tells you the type of data we collect, the purposes for which we use it, why such uses comply with the law (legal basis, as required by certain non-U.S. Privacy Laws such as the GDPR), and how long we usually keep it (retention period).
Types of Data: Email, name, phone number, postal address, your affinities, your interests, your logged in browsing behavior on our sites or apps, your answers to our surveys, your participation in our promotional campaigns, your profession, your habits, what you bought, the photos or videos you upload, information about your children and your home, your family composition, the number of people in your household, your hair type, your skin type, your favorite scent, whether you have a pet, health-related information (for example your pregnancy due date), etc.
Why We Collect This Data: To send you materials and relevant communication, including advertisements, marketing our products or services or the products or services of our partners.
Legal Basis: Your consent for sending you email and SMS. Our legitimate interest for postal marketing (unless consent is required according to country laws). Your consent for the collection and analysis of the information contained on the purchase receipts you upload if we want to use it to personalize our marketing communication and advertisements to you.
Depending on the case, we may rely on our legitimate business interests or on your consent for the enrichment and combination of your registration data (including data that you disclose to us when interacting with our services, such as brand preferences, clipped coupons, etc.),with attributes, interests, demographic data obtained from commercially available sources or other third parties, for the processing your email address, phone number, or your mobile advertising ID to serve you with relevant advertising across different media channels, including on social media platforms, via custom audiences and look-a-like audiences.
Your explicit consent for the processing of any special category data.
Retention PeriodUntil you request to delete the personal data or withdraw your consent. If you do not make such a request, the personal data will be deleted on the following schedule:
Email: after <50 months of all-channel inactivity.
SMS: after <50 months of all-channel inactivity.
Postal Address: after <50 months of all-channel inactivity.
We define inactivity through several internal criteria that indicate a user’s lack of interaction with our programs and communications. For example, if you do not log in, or do not open/click on our emails, we will consider you “inactive” and delete your data after a certain number of months of prolonged inactivity, as stated above. These retention periods should be regarded as the maximum allowed and may be shorter in certain countries in line with local requirements.
For Italy Data Subjects: As far as personal data collected for personalization of our communication and offers is concerned (profiling), we keep it for 36 months as of the collection date, unless you ask for it to be deleted earlier.
Types of Data: Email, name, phone number, sometimes home address and, other data as relevant.
Why We Collect This Data: To provide contest participants with information about the contest, including announcing the winner(s) of the contest and sending the prizes.
Legal Basis: Performance of a contract.
Retention Period: For 24 months unless local law requires us to retain it longer.
Types of Data: Email, name, phone number, payment information (including bank account IBAN or PayPal details), sometimes other data as relevant.
Why We Collect This Data: To process your purchases of our products, cashback offers, or warranties and to send you the relevant transactional communications.
Legal Basis: Performance of a contract.
Retention Period: As long as necessary to fulfill your order and follow up with communications about your order unless local law requires us to retain it longer. We also generally retain data for 24 months for cashback offers and 10 years for warranties.
Types of Data: Email, name, phone number, sometimes other data as relevant.
Why We Collect This Data: To address your inquiries and make sure we follow up appropriately or as may be required by law or Gillette policy.
Legal Basis: Our legitimate business interest in managing consumer inquiries and, by that, improving our processes and products, as well as your consent for special category data which may be collected in some adverse event cases.
Retention Period: From 0 to 10 years, depending on the nature of the inquiry, our legitimate interests for processing the data, and our legal obligations.
Types of Data: Email, name, phone number, address, age, gender, race/ethnicity, identifiable photos or videos, sometimes other data as relevant (such as biometric data, health-related data).
Why We Collect This Data: To test our product ideas, learn about your preferences and practices, study/address product-related matters, or research for product development and innovation so that we can improve our products and the lives of our consumers.
Legal Basis: Your consent.
Retention Period: We will retain the non-biometric personal data collected as part of substantive clinical research for as long as we need it for the purpose for which it was collected, and/or for as long as may be required to retain it by local law or regulation, which may be up to 25 years. For non-clinical research, we will retain your substantive non-biometric personal data for a maximum of 5 years. For biometric data, we will retain for as long as necessary to fulfil the purpose(s) of collection or processing, unless we are required to retain it longer for legal or regulatory compliance purposes, or to exercise or defend our legal interests. We will retain your signed informed consent documents.
Traditional Online Behavioral Advertising
Types of Data: Advertising cookies, device ID, behavioral data such as page views, and other data like demographic information such as gender and age.
Why We Collect This Data: To learn about your Internet interests and customize the ads we send you.
Legal Basis: We will obtain your consent for the deployment of cookies on our own websites in accordance with ePrivacy requirements. When we place our tags on third party websites or buy data from third party vendors, we require that our partners obtain your consent before our tag is deployed or your data is shared with us.
Depending on the case, we may rely on our legitimate business interests or on your consent for the processing your email address, phone number, or your mobile advertising ID to serve you with relevant advertising across different media channels
Retention Period: We will retain advertising cookie data for thirteen months from the date we collect it or until you opt out, whichever is earlier.
Ratings and Reviews
Types of Data: Email, nickname, device ID and IP address.
Why We Collect This Data: To allow you to post ratings or reviews on our digital properties, to keep evidence of the authenticity of your reviews, to syndicate your ratings and reviews out to third party websites, and in some cases, to contact you regarding the review.
Legal Basis: Your consent
Retention Period: We will retain your email address, nickname, device ID and IP address for authenticity purposes and for as long as the respective rating/review is used or until the product with which the rating/review is associated gets discontinued, whichever is earlier.
Reporting a data breach to the authorities
Gillette will seek to report potential data breaches within 72 hours of knowledge of such breaches to the relevant authorities responsible for monitoring the security of personal data.
Still have a question or concern? We’re here to help.
Please contact us directly with any questions or concerns you may have about your privacy and our data protection practices or if you are a consumer with a disability and need a copy of this notice in an alternative format. If you have an inquiry that is specific to our data protection officer, such as a suspected data breach, please state that in your message. You may also write to our Data Protection Officer at 1 Procter & Gamble Plaza, Cincinnati, OH 45202, U.S.A.
Procter & Gamble Ireland, The Graan House, Units E1 and E14, Calmount Business Park, Dublin 12, Ireland acts as our representative in the UK and EU in accordance with Art. 27 GDPR.