HR Privacy Notice

Back on Top
English (U.S.)
English (U.S.)
English (U.S.)

SUMMARY PRIVACY NOTICE & NOTICE AT COLLECTION

UPDATED JULY 2025

L’Oréal USA S/D Inc. and its subsidiaries, including SalonCentric Inc., (collectively, “L’Oréal”, “We”, “Us”, “Our”) are providing this Summary Privacy Notice (“Notice”) to notify You of key information about how We collect and use personal information about employees, former employees, emergency contacts, beneficiaries, and external staff (i.e., individuals who are not employed by Us and who have access to Our facilities and/or corporate network) (collectively, “Employees”). There is a separate notice located on the L’Oréal Careers website for job applicants available here. Our Detailed Privacy Notice is available here. This Notice and the detailed Privacy Notice does not apply to information collected if You engage with Us as a consumer.

What Types of Personal Information Do We Collect and for What Purposes?

We collect personal information that You provide to Us, personal information collected throughout the course of Your engagement with Us (e.g., performance reviews, disciplinary processes, participation in voluntary benefits), and personal information collected from third parties. The personal information that We collect about You will depend on, for example, Our relationship or interaction with You. For example:

  • For employees: We need personal information about You to commence, perform, and terminate Your engagement with Us and for performing related obligations. This includes to administer Your offer letter, Your employment, or other commitments We have made to You (e.g., to provide health insurance and other benefits); to manage Our workforce; administer payroll; to evaluate leave requests made by employees; to determine fitness for duty; as part of the reasonable accommodation process; during an investigation of misconduct related to work; to evaluate and report on the demographic makeup of Our workforce (e.g., diversity reporting); and for various other purposes related to the employment relationship.
  • Former employees: We use, personal information for legal compliance, to defend legal claims, and to administer and provide benefits to which You are entitled or have accrued (e.g., pension, stock options, employee stock purchase program, etc.).
  • For external staff: We use personal information to manage Your engagement with Us and provide access to Our facilities and information systems.
  • For emergency contacts/beneficiaries: We use personal information to contact You and to administer and provide benefits.

We collect the following categories of personal information:

 

Categories of Personal Information 

Examples

Identifiers

  • full name,
    address,
  • telephone number,
  • online identifiers,
  • internet protocol address,
  • email address,
  •  account name, social handle, or moniker

Internet or similar network activity

All activity on L’Oréal’s information systems, such as internet or online information, browsing history, application data (such as data from Office 365, Teams, Outlook, or internal business processes), system and application usage, search history, smart device and sensor data, stored documents and emails, usernames and passwords, and information regarding interaction with Our Sites. This includes:

  • Browsing history
  • Search history
  • Information on Your interaction with a website, application, or advertisement
  • Smart device and sensor data

Payment Information

  • Credit or debit card information
  • Bank account or other information needed to process payments
  • Information to process payments and prevent fraud

Legally Protected Characteristics

Characteristics of protected classes or groups under state or federal law. For example:

  • Age (40 and over)
  • Race, ethnicity, national origin
  • Sex, gender identity, gender expression
  • Marital status

Purchasing Information

  • Products or services purchased, obtained, or considered (i.e., in the company store)
  • Other purchasing or consuming histories or tendencies
  • User-generated content

Geolocation Data

Geolocation data includes information such as the following:

  • General location information indicating the general physical location of you or your device (e.g., IP address or zip code)
  • Precise information about your location if you allow us (or a third party who provides it to us) to collect it

Audio Visual Information

  • Photographs that you upload or share with us.
  • CCTV video recorded at our facilities.
  • Call center recordings
  • Video images

 Audio/Visual information described in this Section does not refer to biometric identifiers or biometric information.

Professional or employment-related personal
information

  • Career/profession
  • Salary/compensation
  • Benefits
  • Beneficiary designations
  • Goals
  • Talent management
  • Disciplinary action
  • Employment contract(s)
  • Employment history
  • Performance reviews
  • Personnel files
  • Training
  • Eligibility to work
  • Background checks
  • Professional credentials (e.g., professional license)

Education information

  • School records
  • Schools attended
  • Dates attended
  • Degree(s) earned
  • Academic achievements

Other Information Considered Personal Information*

 

*Some information in this category is
addressed in other categories as well.

  • Name,
  • contact details such as telephone number and address,
  • financial information, such as retirement account information,
    insurance,
  • other financial account number and balance,
  • payment card details including credit and debit card numbers,
  • signature (including electronic signature),
  • driver’s license or state ID number,
  • education,
  • employment,
  • physical characteristics or descriptions, as well as medical and health information

Inferences drawn from any of these personal information categories

Inferences based on personal information about an individual to create a summary about, for example: the employee’s characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

 

A more detailed description of the information We collect and how We use this information is available in HOW WE USE PERSONAL INFORMATION ABOUT YOU and HOW WE COLLECT PERSONAL INFORMATION ABOUT YOU sections of the Detailed Privacy Notice.

When Do We Share Personal Information?

We do not believe We sell Employees’ personal information. However, We may share or disclose personal information to Our service providers, in connection with providing employee benefits, to complete a transaction requested by You, when required by law (e.g., to tax and social security authorities), in response to legal process (e.g., a subpoena, civil discovery request, court order), when required in an emergency (e.g., where the health or safety of an Employee is endangered), and in the course of a corporate transduction (e.g., a sale or reorganization of Our company).

More information is available in the HOW WE SHARE PERSONAL INFORMATION ABOUT YOU section.

How Long Do We Retain Personal Information?

We store and retain personal information about Employees for as long as is needed to fulfil the purposes described in this Notice or as otherwise required by law. Typically, this means We keep personal information about Employees until the end of Your work relationship with Us plus a reasonable period afterwards to respond to employment or work-related inquiries or to deal with any legal matters (e.g., judicial or disciplinary actions), document the proper termination of Your employment or work relationship (e.g., to tax authorities), or to provide You with ongoing pensions or other benefits.




L’Oréal USA Detailed Employee Privacy Notice

L’Oréal USA S/D, Inc. and its subsidiaries, such as SalonCentric, Inc., collect personal information from or about employees, independent contractors, family members, and beneficiaries (collectively, “Employees”). When We say “Us”, “Our”, or “We”, We are referring to L’Oréal USA, Inc., if You are engaged by L’Oréal USA S/D, Inc., and SalonCentric, Inc., if You are engaged by SalonCentric, Inc.

This Privacy Notice (“Notice”), together with any other notices provided at the point of data collection describes the types of information We collect from You directly, from Your interactions with Us, how We use it, how We protect it, and rights available to You. This Notice applies to the handling of personal information about You as an employee, former employee, emergency contact, beneficiary, or as external staff (i.e., individuals who are not employed by L’Oréal and who have access to L’Oréal facilities and/or corporate network). This Notice does not apply to any use of L’Oréal products or services as a consumer or outside of Your employment or assignment with L’Oréal. Use of the term ‘employee’ does not indicate in any way that an individual is an employee, and this Notice does not form part of any contract of employment and does not confer any contractual right on You or place any contractual obligation on Us. We may amend Our Privacy Notice at any time.

In addition, other personal information processing may be performed by Our parent, L’Oréal SA, at a global level. Detailed information is provided in the L’Oreal Group Global HR Policy.


HOW WE USE PERSONAL INFORMATION ABOUT YOU

General Description

Examples of Personal Information
Used

Example

 

(A) To administer the offer letter, onboarding, and engagement with Us (including conducting background screening),

 

(B) for payroll and compensation management, as well as benefits and insurance administration and management,

 

(C) for purposes of human resources management, such as establishment, maintenance, and termination of employment or other relationships;

 

(D) records management,

 

(E) to communicate with You; and

 

(F) fulfill other commitments We have made to You

 

 

 

Identifiers and Audio/Visual Information (identification data), such as name, photograph, date of birth, government identifiers, employee ID number, badges (including photograph)

Other personal information (contact information), such as home address, telephone number(s), mobile number(s), email address(es), and emergency contact details

Professional/Employment Information and Education Information (hiring data), such as applicant qualifications, past employment, interview notes, references, immigration status and documentation, residency permits and visas, national ID, passports, results of background checks, and other official documentation in support of eligibility for employment (e.g.,Form I-(9))

Professional and Employment- Information/Geolocation (employment data), such as information related to qualifications, role at L’Oreal, role changes, resignation/termination, resume/CV, location, performance and disciplinary records (quartery and year-end reviews, individual performance data, etc.), academic/professional qualifications, criminal records data, immigration status and documentation, clock in/clock out, geolocation, residency permits and visas, national ID/passport, occupational health assessments and work-related accidents, training, and employee resource group participation

Professional and Employment-Information/ Purchasing Information (benefits data), such as information related to employment benefits We provide to You (including purchases at the company store), spouse and dependent information, health information, vacation, leaves of absence (including religious and familial obligations, as well as physical and mental health data concerning You or Your family members), and accommodations information.

Personal and Employment information/Other Personal Information (incapacity data), such as personal information contained in absence records, medical forms, reports or certificates, and records related to accommodations or adjustments.

Payment Information/Other Personal Information (financial data), such as banking details, tax information, payroll information, withholdings, salary, expenses, company allowances, and bonuses and incentives

Other information You Choose to share with Us, including hobbies, social preferences, answers to feedback surveys, and participation in voluntary programs

Hiring/Onboarding: During the hiring process, We collect and use personal information about You (including identification data, contact data, hiring data, and inferences) to determine suitability and eligibility for a role. This includes verifying qualifications, administering background checks/drug testing, and establishing Your right to work.

Compensation and Benefits: We use personal information about You (including identification data, contact data, employment data, benefits data, financial data, incapacity data) to manage payroll, taxes, and benefits, as well as to process work-related claims and leaves of absence. This includes vehicle fleet management and associated data, including registration number, car allowances to an employee, administrative car, and management of company cars. It also includes restaurant and catering management.

General Personnel Management: We use personal information about You (including identification data, contact data, employment data, financial data, other information you choose to share with Us) for scheduling, time, and attendance management, manage incentives, for reimbursement of business costs and expenses (including reviewing details of transactions made using corporate credit cards, corporate and business travel (including dates, flight number or travel identification, airline or transport, passenger number, ETD, DTA), and expenses submitted for reimbursement), allocate and manage duties and responsibilities, assessing rehire eligibility, employee certification, licensing, and regulatory requirements; plan and allocate work and measuring hours; support HR administration and management, maintain and process general records necessary to manage the engagement; and maintain emergency contact and beneficiary details.

Communication: We use personal information about You and Your emergency contacts (identification data, contact data, employment data, benefits data, other information You choose to share with Us) to identify and communicate with individuals and/or emergency contacts and plan beneficiaries. This includes compiling employee directories, sending documents or items to home addresses, managing and responding to emergencies, including by contacting emergency contacts, family members, dependents, or other individuals in the event of an emergency.
To manage virtual or in-person events. This may include information on Your spouse or child where appropriate. We collect and use Personal information when You visit Us online to register for an event, attend an event, ask for event information, download content, or participate in the event.

Some data is shared with L’Oréal’s Headquarters (L’Oréal S.A.) for purposes of global HR management.

For performance management, development, and training.

Identifiers and Audio/Visual Information (identification data), such as name, photograph, date of birth, government identifiers, employee ID number, badges

Other personal information (contact data), such as home address, telephone number(s), mobile number(s), email address(es), and emergency contact details

Professional and Employment Information/Education Information (employment data), such as information related to qualifications, role at L’Oreal, role changes, resignation/termination, resume/CV, office location, academic/professional qualifications

Payment Information/Other Personal Information (financial data), such as banking details, tax information, payroll information, withholdings, salary, expenses, company allowances, and bonuses and incentives

Professional and Employment Information (performance and management data), such as information related to performance evaluations or reviews (colleague and manager feedback), appraisals, output from talent programs and formal/informal performance management processes, disciplinary actions and grievances, learning/skill data (professional qualification and memberships, professional training, etc.), and training and development plans.

Inferences (human capital management data), such as identifying certain correlations about individuals and success on the job

Performance Management: We use personal information about You (including identification data, contact data, employment data, performance and management data, human capital management/inferences data, financial data) to review how You are performing and to help determine Your work performance requirements and career development needs.

Training/Learning/Development Management: We use personal information about You (including identification data, contact data, employment data) to help Us with creating and updating training and other development opportunities, understanding the effectiveness of our training and learning materials, succession planning, business contingency planning, as well as to enforce mandatory training completions. These programs may be run by external companies.

To evaluate and report on the demographic makeup of Our workforce, where required or otherwise allowed by law (e.g., diversity reporting)

Identifiers (identification data), such as name, photograph, date of birth, government identifiers, employee ID number, badges

Other personal information (contact data), such as home address, telephone number(s), mobile number(s), email address(es), and emergency contact details

Protected Classification Information/Other Personal Information (demographic data), ), such as date of birth, gender, race/ethnicity, veteran status, disability, sexual orientation and gender expression, information related to other demographic categories.

Legal & Regulatory Compliance: We use personal information about You (including identification and contact data and demographic data) to comply with applicable local, state, and federal Equal Opportunity Employment laws.

General Personnel Management: We use personal information about You (including identification and contact data and demographic data) as necessary to help us understand the diversity of our workforce, and to support diversity, equity, and inclusion business initiatives to serve our consumers and our employees, and in compliance with federal anti-discrimination laws; and to investigate complaints, grievances, and suspected violations of L’Oréal Policies.

To maintain and protect the safety and security of Our employees, vendors, customers, other workers, Our services, Our property, or the public. This includes incident management (threat investigations, medical emergencies, and crisis reporting).

Identifiers and Audio/Visual (identification data), such as name, photograph, date of birth, government identifiers, employee ID number, badges

Other personal information (contact data), such as home address, telephone number(s), mobile number(s), email address(es), and emergency contact details

Professional and Employment information/Education Information (employment data), such as information related to qualifications, role at L’Oreal, role changes, resignation/termination, resume/CV, office location, performance and disciplinary records, academic/professional qualifications, criminal records data, immigration status and documentation, residency permits and visas, national ID/passport, occupational health assessments and work-related accidents, and training.

Professional and Employment Information/ Other Personal Information (health and safety data), such as personal data in audits, risk assessments, and incident reports.

Professional and Employment Information (professional qualifications and regulatory data), such as certifications and unique regulatory identifiers.

Audio/Visual Information, Internet or Other Network Activity Information, Geolocation, Inferences (systems and asset data), such as information required to provide access to L’Oréal’s computing resources such as IP addresses, log files, login information, software/hardware inventories, internal communications, video and audio recordings, and information collected by applications provided to Employees such as employee communications tools and platforms. This also includes information used for security and business continuity purposes and information required to use L’Oreal physical site, including from swipe card entry records, CCTV, phone call logs, access, and security controls.

Physical security management: We use personal information about You (such as identification data, contact data, employment data, system and asset data) to manage physical security, including controlling and enabling access to Our premises and physical assets, and to protect the private, confidential, and proprietary information of L’Oreal, its Employees, customers, and third parties.

Health and Safety: We use personal information about You (such as identification data, contact data, employment data, system and access data, health and safety data, professional qualifications and regulatory data) for employee health and safety; to respond to incidents, and to provide or facilitate medical care; to track health risks and implement appropriate health and safety measures; and to manage professional certifications/licenses

To provide You with required tools and technology, IT administration, including application support and development, administer and provide security for Our IT assets (e.g., control and enable access to systems and resources), to manage Your access to these resources in line with Your job role, ensure the security of Our systems and resources, maintaining internal networks and IT systems, providing IT support, IT security monitoring, and incident response.

Identifiers and Audio/Visual Information (identification data), such as name, photograph, date of birth, government identifiers, employee ID number, badges.

Other personal information (contact data), such as home address, telephone number(s), mobile number(s), email address(es), and emergency contact details.

Professional and Employment information/Education Information (employment data), such as information related to qualifications, role at L’Oreal, role changes, resignation/termination, resume/CV, office location, performance and disciplinary records, academic/professional qualifications, criminal records data, immigration status and documentation, residency permits and visas, national ID/passport, occupational health assessments and work-related accidents, and training.

Audio/Visual Information, Internet or Other Network Activity Information, Geolocation, Inferences (systems and asset data), such as information required to provide access to L’Oréal’s computing resources such as IP addresses, log files, login information, software/hardware inventories, internal communications (including contents), video and audio recordings, and information collected by applications provided to Employees such as employee communications tools and platforms (i.e., phone calls, call logs, text messages, chat logs, application usage, mobile browsing, mobile email communications, etc). This also includes information used for security and business continuity purposes and information required to use and/or access a L’Oreal physical site, including from CCTV, access, and security controls.

Technical Support to Our Employees:  We use personal information about You (including identification data, contact data, employment data, systems and asset data) to operate IT systems and to provide You with access to them, management of tickets and requests, to provide technical support, including maintenance for HR information and other IT systems

Security of L’Oréal Systems: We use personal information about You (including identification data, contact data, employment data, systems and asset data, and inferences) to provide and monitor access to L’Oréal IT systems and networks & preventing unauthorized access to or use of information systems, electronic devices, network, and data, such as firewall monitoring, anti-spam and virus protection, and other monitoring, to protect the private, confidential, and proprietary information of L’Oreal, its Employees, customers, and third parties.
For more information, please see Our “monitoring” section below.

For other legitimate purposes, such as day-to-day business operations, to conduct investigations and disciplinary actions, corporate governance, and compliance with laws and regulations.

any category of personal information We maintain about You.

Day-to-Day Business Operations: We use personal information about You for other purposes reasonably required for day-to-day operations, such as managing Our relationship with Employees, accounting, financial reporting, business analytics (e.g., HR activity follow-up via reporting and analytics, cost controlling, KPI setting and processing, risk management, etc.), employee surveys, operational and strategic business planning, business animation and operations (i.e., salesforce bonus and goal management, mystery shopping, management of productivity in plants and distribution centers), real estate management, business travel, communicating with employees, and expense management.

Investigations and Disciplinary Actions. We use personal information about You to investigate and support decisions on disciplinary actions or terminations, conduct grievance management, or to detect fraud or other types of wrongdoing.

Corporate Governance: We may use personal information about You for planning, managing, and carrying out restructuring, redundancies, or other change programs including appropriate consultation, selection, alternative employment searches and related management decisions; evaluating or conducting a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal data information by Us is among the assets transferred.

Compliance with Law: We may use personal information about You to comply with applicable state and federal laws, including labor, employment, tax, benefits, workers’ compensation, disability, equal employment opportunity, workplace safety, and related laws; and to enforce Our legal rights and obligations, and for any purpose in connection with any legal claims, reports of violations, or allegations made by, against, or otherwise involving, and to otherwise comply with lawful requests by public authorities, discovery requests, or where otherwise required or permitted by applicable laws, court orders, government regulations, or regulatory authorities.


Employee Monitoring:

We physically and electronically monitor Our offices, and use of Our IT and communications systems, for specific purposes. For example, We may monitor Employees’ activity and presence in Our offices with badge readers, sign-in sheets, and surveillance/CCTV cameras to make sure Our premises are used primarily for business purposes and to protect the health and safety of Our Employees and other visitors and guests. We monitor Our IT and communication systems through automated tools such as network authentication and wireless connectivity hardware and software, anti-malware software, website filtering, spam filtering, security software for cloud-based applications, access and transaction logging, and mobile device management solutions to make sure systems are used for business purposes, have sufficient capacity for the needs of Our business, and are protected against threats. Additionally, We may monitor individual activity. For example, in a distribution center, number of picks, number of pallets moved, non-productive activities, individual time allotted to an activity, etc; while in factories, actual activity time of production lines. More information on electronic monitoring is available in the Information Security and Electronic Resources Policy.

Where permitted by law, We may also carry out monitoring for other purposes such as:

  • to prevent unauthorized access to Our offices and to protect Employees, authorized visitors, and Our property;
  • network and device management and support;
  • proof of business transactions and archiving;
  • Analytics, training, and evaluation of Employees;
  • protection of confidential information, intellectual property and other business interests;
  • to monitor for, and conduct investigations of, breaches of L’Oréal policies and procedures, or other unlawful or improper acts;
  • for compliance with a legal obligation; and
  • other legitimate purposes as permitted by applicable law.

In the process of monitoring Our offices, systems, network, and work-related activities, We may come across Employees’ or Employee applicants’ personal information. Pursuant to the Information Security and Electronic Resources Policy, all Employee work product as well as tools used to generate that work product, wherever stored, belongs to L’Oréal.

COVID 19:

L’Oréal USA may require Employees to provide proof of COVID-19 vaccination or get tested for COVID-19 on a weekly basis.

Before entering a L’Oréal USA facility, We may ask You to provide certain personal information (e.g. health symptoms) or conduct a temperature check (where legally allowed). The personal information We may collect and process about You is above what We would ordinarily collect. The sole purpose of collecting this data is for the wellbeing of Our Employees and guests. Such information is limited to what is necessary, considering the local laws and guidance by health professionals to manage and contain the virus.

We may collect name, phone number, department, whether You have had COVID-19 symptoms, been in contact with a person who has tested positive or diagnosed with COVID-19 or has been requested/required to self-quarantine by government executive order or by health officials. As You travel through different areas of the workplace, We may collect additional personal information such as location data (e.g. through the use of badge readers or cameras), including to confirm any individuals with whom You may have been in close contact.

The information We collect about You under this Section, in combination with other information We may have about You, will only be used to determine whether You will be able to gain access to a L’Oréal USA facility, ensure social distancing to reduce the potential risk of exposure to Our Employees, to prevent the spread of COVID-19 (i.e., contact tracing), to comply with legal or regulatory requirements, to maintain and protect the safety and security of personnel and Our facilities. Medical information such as records of vaccination or testing will be kept separate from Your general personnel file.

L’Oréal Charitable Contributions:

For eligible Employees (i.e., part or full-time Employees, interns, apprentices, or visiting researchers) who enroll in L’Oreal USA Gives Back or other charitable contribution program L’Oreal may offer from time-to-time, We collect and use personal information about You to enable voluntary personal donations of money or volunteer hours to eligible organizations (i.e., certain non-profits or non-governmental organizations). L’Oreal USA Gives Back (or other charitable contribution program L’Oreal may offer from time-to-time) is a voluntary benefit program.

L’Oréal Group-Provided Services:

The L’Oreal Group, which includes L’Oreal S.A. and L’Oreal USA S/D, Inc. (and its subsidiaries and affiliates) collect and use personal information about Employees. Given the international scope of the L’Oreal Group, the L’Oreal Group has adopted global harmonized strategies, processes, and rules concerning the collection and use of personal information about Employees, which includes the use of standardized IT tools (i.e., OneHR, OnePayroll, etc.). For more information, please review the L’Oreal Group Employee Privacy Notice. Such harmonized processes include the following:

  1. Employee administrative management, including use of identification information, contact information, and professional information, to manage directories and organizational charts on a global basis and harmonization of global payroll management, salary policies, analytics, headcount determinations, communicate with Employees, and implement global reward systems and policies within the L’Oréal Group.
  2. Performance and career management & mobility, including use of identification information, contact information, professional information, and inferences, to manage and develop talent on a global level, organize succession plans, harmonize global performance and talent management, and national and international mobility management;
  3. Long-Term Incentive & Employee Share Ownership Plan management, including use of identification information, contact information, benefits information, and professional and employment information, to implement and maintain employee benefit programs and plans;
  4. Participating in the Employee Survey, including use of identification information, contact information, professional information, and responses to survey questions, to measure satisfaction at work;
  5. Administration of the Speak-Up Program and other ethics programs, including use of identification information, contact details, description of events reported, information collected during an investigation, and internet and online network browsing data (e.g., IP address, transfer logs, IT traces, etc.), to manage ethical alerts, investigate inquiries, manage the whistleblowing process, and to harmonize the management of ethical and whistleblowing processes across the L’Oreal Group.
  6. Global Management of IT Devices, including identification information, contact information, professional information, and data specific to the use of a device (serial number of IT tools, user ID, etc.), to manage and allocate access rights and authorizations regarding each IT device and tool provided and management of implementation of an IT device.
  7. Global Management of IT Tools (phone, O365, Printers, Internet), including use of identification information, contact information, identification and authentication to an IT tool, professional information, and data specific to the use of the IT tool (user ID, action performed using the device or tool, voice messages, date, time, and duration of calls or meetings, etc.), to manage and allocate access rights and authorizations, manage the implementation of IT tools, manage identification and authentication/access to the tool, etc..
  8. Global Management of Collaboration Tools (Yammer, SharePoint, OneDrive, telephone network and lines), including use of identification information, contact information, professional information, identification and authentication to the IT tool, metadata (local/national/international calls, incoming call number, number called, date of call, duration), and invoicing data, to manage collaboration and communication tools, route information, cost management, and harmonization of communication tools within the L’Oreal Group.
  9. Global Management of IT security, including use of identification information, contact information, localization data (traceability of internet access, and access to business tools), connection data (e.g., User ID, URL of visited sites, time and duration of connection, logs, IP addresses, meta-data regarding IT tool usage, etc.), and contents uploaded/attached, to manage IT security, detect and prevent IT security events and incidents, implementation of security devices, and harmonization of management of IT security within the L'Oreal Group.
  10. For Travel Security and other Employee Health and Safety Services, including use of identification information, contact details, information about travels, food preferences, and incident reporting, for the management of safety and security during travels and events, management of incident reporting, to send alerts in the event of danger or risk, and management of emergencies

HOW WE COLLECT PERSONAL INFORMATION

Primarily the personal information We process is provided directly by Employees, such as during Your application for employment or engagement, the onboarding process, or on an ad hoc basis during Your employment or engagement. This includes personal and basic work details about You as well as diversity, and equity and inclusion data.

We receive information from third party sources to update or supplement information You provide, or We collect automatically, such as when We perform background screening checks. During the recruitment process, We may request references from third parties and carry out screening and vetting processes using third party sources. These may include credit and employment history checks. We also receive information from Your direct supervisor (in respect of performance reviews) or, from time to time, other managers, or colleagues (e.g., while conducting an investigation, performance reviews/360 reviews, etc.). We may also receive personal information about You from other third parties, such as former employers, third parties performing servicers on Our behalf, publicly available information, tax authorities, or benefit providers. If You are external staff, We will receive information provided by Your employer of record. For example, pre-engagement references, employment history, language(s) spoken, I-9 documentation, compensation, and voice and video recordings.

In some cases, data may be collected indirectly from monitoring devices or by other means (for example, building and location access control and monitoring systems, closed circuit television cameras, telephone logs and recordings, email, and Internet access logs).

You may provide Us with personal information about other people, including Your beneficiaries, dependents, and other family members or friends. It is Your responsibility to inform these individuals of any such data You intend to provide to Us, and of the use of such data carried out by Us, as detailed in this Notice.

HOW WE SHARE PERSONAL INFORMATION

Personal information is shared to carry out the purposes described above. For example, internally Your direct and indirect supervisor, HR professionals supporting Your work area, IT teams to organize access and manage and provide tools and information systems; relevant HR and management staff of another L’Oreal entity if Your manager is working in another entity, and, in some cases, certain colleagues will have access to some of personal information about You where relevant to their role (i.e., depending on Your position and processes implemented (e.g., sales animation)). Certain basic personal information, such as Your name, location, job title, contact information and any published skills and experience profile may also be accessible to other staff, such as via company directories. Additionally, authorized representatives of Our internal control functions, such as compliance, information security, corporate security, audit, and legal, may also be granted access to personal information about You.

Sharing may also occur in connection with the following:

Third Parties Providing Services On Our Behalf:

To enable third parties to provide services on behalf of L’Oréal. We rely on third parties to perform a range of business operations on Our behalf, and We may disclose personal information to service providers under contract with L’Oréal without Your prior consent. Service providers may also use Your personal information for their internal business purposes, such as process or product improvement, but are not permitted to use personal information for their own independent marketing or other purposes.

Such service providers might include, for example,

  • Companies that provide products or services to Us, including scheduling, time, and attendance management providers, payroll support services, providers that support employee benefit administration and management, relocation assistance, providers that assist Us with required government reporting, pension administrators, human resource services, learning management services, mentoring services, analytics providers, other providers that assist with the administration and management of Our benefit programs (e.g., employee stock purchase program), background screening providers, expense reimbursement administration and management, health and safety experts, event organizing, environmental, health, and safety software providers, and facility management (space management, space optimization, help with hoteling).
  • Third parties that assist and help Us in providing IT services, such as platform providers, hosting services, master data management, maintenance and support on Our databases as well as on Our software and applications that may contain data about You (such services could sometimes imply access to Your data to perform the required tasks).
  • Third parties that assist Us with bot and fraud detection and prevention, legal, compliance, and risk management.

Categories of personal information shared (depending on the specifics of the business transaction) with these third parties include identifiers, internet or network activity, geolocation data, purchasing information, protected classifications, professional or employment-related information, audio-visual information, other categories of personal information, geolocation information, payment information, other information, and inferences generated from the foregoing categories of information.

Complete Requested Transactions

To complete a transaction You requested. For example, to provide You with promised benefits, information about You is shared with Our third-party benefit providers. If You elect to participate in an optional benefit, information about You is shared with the third-party provider of such benefit to complete the enrollment You requested. Additionally, We use and share personal information about You to enable voluntary personal donations of money or volunteer hours to eligible organizations (i.e., certain non-profits or non-governmental organizations).

We may provide Employees the opportunity to participate in voluntary career development programs such as mentoring or other educational programs, and We may provide general information to these third parties such as name, email address, location, and title. You may be asked to provide additional information to participate. This is voluntary and will only be provided by You. Prior to participation, please review the privacy policy of the provider.

If You are external staff, personal information about You will be shared with Your employer of record, which may include for example, position information, payroll information, attendance and absence data, information related to physical security, and feedback-related information.

Additionally, We provide the opportunity to post content in a public (i.e., accessible to the general L’Oreal population) forum (i.e., post questions/comments during meetings, comment in forums, etc.). If You decide to submit information or permit Us to post it in these public forums, the information will be publicly available.

L’Oréal Group; Business Transfers:

We share personal information about You with other members of the L’Oréal Group where required to, for example, run global processes, carry out Group-wide reporting, or assist with workforce planning. For example, if you have a strategic employee profile with internationally oriented functions; according to professional skills you maintain (i.e., data is shared with HR staff or project managers of another L’Oreal entity in the context of managing international mobility or inter-team projects); or in connection with L’Oreal S.A.’s role in managing and operating HR information systems (e.g., OneHR, OnePayroll, etc.), managing other IT systems, and compiling statistics on L’Oreal employees worldwide. Other members of the L’Oréal Group may access information about You when they perform services on behalf of L’Oréal USA and, unless prohibited under applicable law, for use on their own behalf for the purposes described in this Notice.

As We continue to develop Our business, We may sell or purchase assets. If another entity acquires Us or Our assets, personal information, and any other information that We have collected may be disclosed to a potential purchaser and/or its legal/professional advisors and subsequently transferred as one of the transferred assets. Also, if any bankruptcy or reorganization proceeding is brought by or against Us, all such information may be considered an asset of Ours and as such may be sold or transferred to third parties.

Legal & Other Operational Disclosures:

L’Oréal may transfer and disclose information, including personal information about You, and any other information that We have collected, to third parties to comply with a legal obligation when We believe in good faith that the law requires it; at the request of governmental authorities conducting an investigation; to verify or enforce Our policies; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of Our Employees, third parties, visitors, or the public. More specifically, We may transfer or disclose personal information about You:

  •  ✓ as required by applicable law (e.g., to tax and social security authorities);

     ✓ in response to legal process (e.g., a subpoena, civil discover request, or court order);

     ✓ in the course of a corporate transaction (to the extent not prohibited by applicable law and subject to a confidentiality agreement) (e.g., as may be necessary for a potential purchaser to conduct due diligence);

     ✓ when necessary to protect L’Oréal’s legitimate interests or to prevent harm to others (to the extent not prohibited by applicable law) (e.g., to defend against a legal claim);

     ✓ to seek legal advice from external lawyers and advice from other professionals such as accountants, management consultants, etc. (such as entities or contractors in charge of audit and financial controls); or

     ✓ when required in an emergency where the health or safety of an Employee is endangered (e.g., an accident at work).

Additionally, while conducting business it may be necessary for certain Employees to register with federal agencies (e.g., the Cybersecurity and Infrastructure Security Agency (“CISA”)) to allow the federal government to assess/conduct security reviews and background checks in such areas as regulatory compliance (e.g., chemical purchase, storage, shipment). Only authorized and training personnel will have access to this personal information. The collection, storing, processing, and deletion of such personal information is governed by the Federal agency collecting and storing the information.

HOW LONG DO WE RETAIN PERSONAL INFORMATION?

We store and retain personal information about Employees for as long as is needed to fulfill the purposes described in this Notice or as otherwise required by law. Typically, this means We keep personal information about Employees until the end of Your work relationship with Us plus a reasonable period of time afterwards to respond to employment or work-related inquiries or to deal with any legal matters (e.g., judicial or disciplinary actions), document the proper termination of Your employment or work relationship (e.g., to tax authorities), or to provide You with ongoing pensions or other benefits.

California Privacy Rights Act Information

We have collected the following categories of personal information in the previous 12 months:

  1. Identifiers — Personal unique identifiers, such as full name, address, telephone number, online identifiers, internet protocol address, email address, account name, social handle, or moniker
  2. Other Personal Information — Name, contact details such as telephone number and address, financial information such as retirement account information, insurance, other financial account number and balance, payment card details including credit and debit card numbers, signature (including electronic signature), driver’s license, state or other government ID number, education, employment, physical characteristics or descriptions, as well as medical and health information
  3. Characteristics of Protected Classes — Characteristics of protected classes or groups under state or federal law, such as age, race, ethnicity, national origin, sex, sexual orientation, gender identity, gender expression, military status, or marital status
  4. Internet or Other Electronic Network Activity Information — all activity on L’Oréal’s information systems, such as internet or online information, browsing history, application data (such as data from Office 365, Teams, Outlook, or internal business processes), system and application usage, search history, smart device and sensor data, stored documents and emails, usernames and passwords, and information regarding interaction with Our Sites or advertisements
  5. Geolocation Data — Geolocation data, such as device location. This includes information indicating the general physical location of Your or Your device (e.g., IP address or zip code) and precise information about Your location if You allow Us (or a third party who provides it to Us) to collect it
  6. Purchasing Information — Products or services purchased, obtained, or considered (i.e., in the company store)
  7. Audio and Visual Information — Audio, electronic, visual, thermal, olfactory, or similar information, such as call and video recordings, photographs that You upload or share with Us, CCTV video recorded at Our facilities, call center recordings, and video images. The Audio and Visual Information described in this section does not mean or refer to biometric identifiers or biometric information (collectively, “Biometrics”).
  8. Professional or Employment Information — Professional or employment-related information, such as salary/compensation, benefits, beneficiary designations, talent management, disciplinary action, employment contract(s), employment history, performance reviews, professional designations, personnel files, training, visa status, business expenses, use of company products, and pre-hire documents job applications, resumes, background check information, drug test information, candidate evaluations).
  9. Education Information —Education information, such as school records, schools attended, dates attended, degree(s) earned, academic achievements, and related information; and
  10. Inferences — Inferences based on personal information about an individual to create a summary about, for example: the employee’s characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

The sources from which We collect personal information are summarized in the “HOW WE COLLECT INFORMATION” section. The business or commercial purposes of collecting personal information are as summarized in our Notice at Collection, and as described in more detail in our Detailed Privacy Notice in the “HOW WE USE PERSONAL INFORMATION” section. For more information about the categories of personal information We share or disclose for a business or commercial purpose, and the categories of recipients, please see the “HOW WE SHARE PERSONAL INFORMATION” section.

Under the California Consumer Rights Act California residents have the following rights (subject to certain limitations). Please note, while California provides individuals with the ability to opt-out of any ‘sales’ or ‘sharing of personal information for the purpose of cross-contextual behavioral advertising’ We do not believe We ‘sell’ or ‘share’ personal information about Employees, so opt-out is not available. Additionally, California also provides individuals with the ability to limit the use of sensitive personal information to certain enumerated purposes if a company uses the sensitive personal information to infer characteristics about a consumer. While We do collect information that is sensitive, We do not use this information to infer characteristics about You and/or we use sensitive personal information only for the enumerated purposes so We do not provide an option to limit the use of sensitive personal information.

Access to Information

Residents of California have the right to request that We disclose information about our collection and use of personal information about them , including:

  • Categories of personal information We collected
  • Categories of sources for the personal information We collected
  • Our business purpose for collecting personal information
  • The categories of third parties with whom We share that personal information
  • The specific personal information We collected about You

Deletion

Residents of California have the right to request that We delete personal information about You that We directly collected from You and retained, subject to certain exceptions. Once We receive and confirm Your verifiable request, We will delete (and direct our service providers to delete) personal information about You from our records, unless an exception applies.

We may deny a deletion request where retaining the information is necessary for Us or our service providers. For example, data may need to be kept to:

  1. Complete a transactions for which We collected the personal information, provide a good or service requested by You, or as reasonably anticipated within the context of Your relationship with Us or to otherwise perform a contract between You and Us;
  2. Track consumer complaints or product issues;
  3. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity;
  4. To identify and repair errors that impact existing intended functionality;
  5. Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
  6. Compliance with the California Electronic Communications Privacy Act;
  7. Research in the Public Interest;
  8. Comply with a legal obligation;
  9. Enable solely internal uses that are reasonably aligned with expectations based on Your relationship with Us; or
  10. Otherwise use personal information, internally, in a lawful manner that is compatible with the context in which You provided Us the information.

Please note, in the context of Our relationship with Employees, it is unlikely We will delete personal information if We receive a deletion request due to these exceptions.

Correction

Residents of California have the right to request We correct inaccurate personal information We maintain about You. In responding to Your request, We will take into account the nature of the personal information as well as the purposes for the processing of such personal information.

Submitting a Request

To submit a request please click here or contact BEST HR.

Only You or a person that You authorize to act on Your behalf, may make a request related to Your personal information. You may also make a verifiable consumer request on behalf of Your minor child.

The verifiable consumer request must:

  • Provide sufficient information that allows Us to reasonably verify You are the person about whom We collected personal information or an authorized representative of the person who wishes to make a request.

We may not be able to respond to Your request or provide You with personal information if We cannot verify Your identity or authority to make the request and confirm the personal information relates to You. Information provided to submit a request will only be used for request purposes.

You may designate an agent to submit requests on Your behalf. We will need the agent to provide Us with Your signed permission to act on Your behalf. We may also require You to verify Your identity with Us directly and confirm that You provided the agent permission to submit the request on Your behalf.

Timing

We will endeavor to respond to a verified consumer request within 45 days. If We require more time, We will inform You of the reason and extension in writing.

We do not charge a fee to process or respond to a verified consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will provide explanation and a cost estimate prior to completing the request.

You may only make a request for access or data portability twice within a 12-month period.

Non-Discrimination

We will not discriminate against You for exercising any of Your privacy rights.

SECURING INFORMATION ABOUT YOU

L’Oréal maintains reasonable safeguards to protect personal information against loss, unauthorized use, disclosure, or destruction and when transferring information for processing and requires third parties providing services on our behalf to do the same. However, no electronic data transmission or storage of information can be guaranteed to be 100% secure. Please note that We cannot ensure or warrant the security of any information You transmit to Us.

CROSS-BORDER TRANSFERS

This Notice applies to Employees in the United States and is in accordance with the laws of the United States. We may transfer Your personal information to a jurisdiction other than the United States, including to countries that may not have the same level of protections as the United States.

UPDATES TO THIS NOTICE

Please note, we may change this Notice at any time and any changes will be effective immediately upon the publication of revisions.

HOW TO CONTACT US

If You have any questions about Privacy, please contact Us at:

[email protected]
L’Oréal:              866-813-7876
SalonCentric :    888-250-3723