Privacy Policy
Updated March 1, 2023
Commonly asked questions about how we collect, store and use your personal data, as defined in applicable laws.
Do we sell your personal data for monetary compensation?
Do we disclose your personal data to third-party partners?
Do we receive personal data from other companies you have given permission to?
Do we use your personal data for better product recommendations and site experiences?
Do we give you control of your personal data?
You are in control of your personal data. You can exercise your rights and change your preferences anytime.
Depending on your location (the jurisdiction in which you are a resident), you may have different data subject rights available to you. These may include requests for access, erasure, rectification/correction, to opt out of receiving marketing emails or texts, object to our use of your email address or phone number for advertising, etc. To explore what privacy rights are available in your jurisdiction, click here.
You can also tell us to stop sending you email and text messages by following the opt-out instructions sent with these communications. Please be aware that we may need to keep certain information to honor your choices (e.g., if you tell us to stop sending marketing emails, we will need your email address on file so that our systems remember that you no longer wish to receive marketing communications to that email address).
Also, there are some situations where we may be unable to grant your request (e.g., deleting transaction data where we have a legal obligation to keep it, or for fraud prevention, security, or to protect the privacy of others, among other things).
Advertising Industry Opt-Outs
For the U.S., to exercise choice with respect to interest-based advertising, you can utilize the opt-out mechanism provided by the Digital Advertising Alliance (“DAA”) by clicking here (for browsers) or here (for app-based opt-outs).
The Network Advertising Initiative (“NAI”) has developed a tool that allows consumers to opt out of certain Interest-based Ads delivered by NAI members' ad networks. To learn more about opting out of such targeted advertising or to use the NAI tool, see http://www.networkadvertising.org/choices/.
For Europe, you may click here to learn more about the DAA-Europe’s opt-out program.
For Canada, you may click here to learn more about the DAA Canada’s opt-out program.
Please be aware that, even if you are able to opt out of certain kinds of interest-based ads, you may continue to receive other ads. Further, opting out of one or more NAI or DAA members only means that those selected members should no longer under the DAA / NAI rules deliver certain targeted ads to you. This will affect services provided by the applicable DAA / NAI members but does not mean you will no longer receive any targeted content and/or ads from non-participating parties. Also, if your browsers are configured to reject cookies when you visit the opt-out page, or you subsequently erase your cookies, use a different Device or web browser(s), or use a non-browser-based method of access, your DAA / NAI browser-based opt-out may not, or may no longer, be effective. Mobile device opt-outs will not affect browser-based Interest-based Ads even on the same device, and you must opt-out separately for each device. We are not responsible for the effectiveness of, or compliance with, any third parties’ opt-out options or programs or the accuracy of their statements regarding their programs.
You can also prevent or reduce getting interest-based ads on websites by declining cookies in your browser(s), or on mobile devices by declining the “access to data” requests that apps usually present when you install them or by adjusting the ad tracking settings on your device.
Please note that you may also receive personalized ads based on your email address or phone number, if you have provided those to us for marketing purposes. To opt out of that usage, please contact us.
You will still see “contextual” ads even if you opt out of interest-based ads Even if we stop sending you interest-based ads, you will still get ads from our brands on your computer or mobile devices. These ads, however, are based on the context of the sites you visit and are called contextual ads. Unlike interest-based ads which are based on pages you visit on your mobile phone or computer viewing activities over time and across unrelated services, contextual ads are ads shown to you based on the context of the specific site you are visiting. For example, you still may see an ad for one of our baby care brands while looking at nursery products online because these sites traditionally have had mostly new or expecting parents as visitors. You should also know that we may still collect information from your computer or devices and use it for other purposes like evaluating how our websites work, for consumer research, or detecting fraud.
You can set your browser to refuse all cookies or to indicate when a cookie is being sent to your computer. However, this may prevent our sites or services from working properly. You can also set your browser to delete cookies every time you finish browsing.
Deleting cookies also deletes your opt out when you opt out of interest-based advertising, an opt-out cookie is sent to your browser that indicates that you no longer want to receive interest-based ads. Your opt-out cookie will be deleted if you decide to delete all cookies on your browser. This means that you will need to opt-out again on each browser where you have deleted cookies if you still do not want to receive interest-based ads.
In some markets and on some of our websites, we offer a cookie consent management platform which allows you to exercise choice with respect to certain categories of cookies. If this is available, this may appear as a cookie banner and/or as an icon that is visible on the applicable websites. We may also provide similar technology in mobile apps, which, if available, will be accessible through the applicable app’s settings menu.
If you have provided your personal data via visiting certain of our Nordic sites or partner sites including:
You may exercise your data subject rights by clicking here.
See our “
“ below for information required by certain state privacy laws, and information regarding privacy rights under such laws.If you live in the EEA or the UK, or are physically in the EEA or the UK, you may access the personal data we hold about you, request that inaccurate, outdated, or no longer necessary information be corrected, erased, or restricted, and ask us to provide your data in a format that allows you to transfer it to another service provider. You also may withdraw your consent at any time where we are relying on your consent for the processing of your personal data. And you may object to our processing of your personal data (this means ask us to stop using it) where that processing is based on our legitimate interest (this means we have a reason for using the data).
To make a request, click here.
If you would like more information about data protection and your personal data rights in general, please visit the European Data Protection Supervisor’s site at https://edps.europa.eu/data-protection/ or the UK Information Commissioner’s Office site at https://ico.org.uk. If you are not happy with our response to your requests, you may lodge a complaint with the data protection authority in your country.
Procter and Gamble España SA adheres to the Code of Conduct for Data Protection in AUTOCONTROL, accredited by the Spanish Data Protection Agency and therefore is subject to its extrajudicial system of data processing complaints when related to data protection and advertising, available for those interested on the website www.autocontrol.es.
If you are a dental professional and have provided your personal data to us as part of one of our professional outreach programs, including through https://www.dentalcare.com, please contact us through your local P&G representative, e.g. Oral-B.
To make a request with respect to personal data we may have as part of your participation in one of our research studies, please see the contact information provided on your consent form or call or visit your research center.
Like most brands, we collect personal data as you interact with us or when you share personal data with third parties that in turn can be shared with us. We do this respectfully and carefully to protect your rights. Personal data can help us better understand your interests and preferences as a consumer and a person.
We collect personal data about you in many ways and from many places. Some of the personal data we collect may include personal data that can be used to identify you; for example, your name, email address, telephone number, or postal address. In some jurisdictions, things like IP address or cookie and mobile device identifiers may also be considered personal data.
You give us your personal data when signing up for an account on our websites or mobile apps or by calling or emailing us. We may ask for things like your name, email or home address, date of birth, payment information, your age, gender, the number of people in your family, and the way you want us to send you information about our products and services—for example, to your home address, email address, or by texting you.
We may use technologies that automatically collect information when you visit our sites, view our advertisements, or use our products or services. For example, we use cookies (a tiny file stored on your computer’s browser) to tell us what browser and operating system you are using, your IP address, and about your online activities such as web pages you visit, links you click, or whether you have or have not opened an email from us.
To give you the best possible user experience, we may use technologies that collect information from your phone when you use our mobile apps or our “smart” devices in your home. You consent to this when downloading the app or installing household internet connected devices. This information could include your mobile phone or other device advertising ID, information about your phone’s operating system, how you use the app or device, your physical location, and other information that is considered personal data in some jurisdictions. You will get a pop-up notice on your phone or device that gives you the option to accept or reject allowing us to know your precise geolocation (exactly where you are standing or where you are accessing the internet).
We may get information that other companies share with or sell to us. For example, you may have given consent for another company to share your personal data with us when you signed up for telecom services or a retailer loyalty points program. We may also collect personal data from publicly available sources, such as from internet postings, blog entries, videos, or social media sites. We may also receive personal data from other companies, such as consumer data resellers, who are in the business of collecting or aggregating information about you sourced from publicly available databases (in line with local legal requirements as applicable) or from consent you have given to their use and subsequently our use of your personal data. This might include information about your income level, age, gender, number of people in your family, and products you have bought on the internet or from stores in your neighborhood.
We use your personal data to help us meet our purpose of touching and improving the lives of people like you every day around the world. For example, we use your information to:
Perform services for you
Identify and authenticate you to our different marketing programs and websites
Administer and maintain our financial incentive, rewards, discounts (e.g., price or service coupons) and loyalty programs (collectively, “Rewards Programs”)
Respond to your questions or requests for information
Provide customer service
Send transactional messages (such as account statements or confirmations)
Send marketing communications, survey, and invitations
Process your payment for the products you buy from us
Process and issue refunds and collections
Send you products or samples you have requested
Help you manage your P&G site or app preferences
Allow you to enter our contests or sweepstakes
Interact with you on social media
Better understand your interests and preferences and serve you and others like you with relevant offers and communications
Serve you with relevant ads and serve others with relevant ads through look-alike audiences. For example, if you sign up for marketing emails for laundry detergents in the U.S., we may upload your hashed email address into Facebook in France to find consumers there who, according to Facebook, “look like” you so we can serve them an ad on Facebook.
Measure and track the effectiveness of advertising campaigns
We also use your personal data for internal business purposes such as:
Quality control, training, and analytics
Safety maintenance and verification
System administration and technology management, including optimizing our websites and applications
Security purposes, including detecting threats and protecting against malicious or fraudulent activity
Recordkeeping and auditing interactions with consumers, including logs and records maintained as part of transaction information
Risk management, audit, investigations, reporting and other legal and compliance reasons
We may also use your personal data to better understand you, including:
For internal research
To design and develop products, services and programs that delight our consumers
To identify prospective consumers
Cookies are small files sent to your computer as you surf the web. They store useful information about how you interact with the websites you visit. You can learn more about how to control cookies
.We use cookies for a number of reasons, such as:
to serve you with relevant advertising and measure the effectiveness of such advertising
to ensure that you are not shown an ad more than you should be (called “frequency capping”)
to learn more about the way you interact with P&G content
help us improve your experience when visiting our websites
to remember your preferences, such as a language or a region, so there is no need for you to customize the website on each visit
to identify errors and resolve them
to analyze how well our websites are performing
Strictly necessary These cookies (also sometimes referred to as “essential”) allow the page to load or provide some essential functionality without which the page would not work (i.e., store your data in a shopping cart).
Performance cookies These cookies allow sites to remember what you prefer when you come back again. For example, if you choose to read the site in French on your first visit, the next time you come back the site will appear automatically in French. Not having to select a language preference every time makes it more convenient, more efficient, and user-friendly for you.
Advertising cookies These cookies can be used to learn about what interests you generally might have, based, for example, on the websites you visit and the products you buy. This can also help us infer things about you such as your age, marital status, and how many kids you may have. That data allows us to send you ads for products and services that better fit the things you like or need. It also allows us to limit the number of times you see the same advertisement.
Analytics cookies These cookies tell us how our websites are working. We use different analytics cookies in different jurisdictions. In many cases, we use Google Analytics cookies to monitor the performance of our sites. Our ability to use and share information collected by Google Analytics about your visits to our sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.
When you visit our partner sites, we can show you ads or other content we believe you would like to see. For example, you may receive advertisements for Tide® laundry detergent if we notice that you are visiting sites that sell children’s clothing or school supplies. And from that information we may conclude that you have children and therefore could well be interested in a powerful laundry-cleaning product. In this way, we intend to send you relevant information about our products that might be of benefit to you. To learn more about your choices regarding interest-based advertising go
.We learn from groups of consumers sharing similar interests We may place you into a particular group of consumers who show the same interests. For example, we may put you in the group of “razor aficionados” if we see you frequently purchase razors online or you could be a “bargain-shopper” if we notice you use online coupons or look for discounts or sales. We may infer these things about you based on your activity on certain web pages, links you click on our websites and other websites you visit, mobile applications you use, or our brand emails you view and links you click in the emails, as well based on other information we have collected, such as from retailer partners and other third parties. We group together cookie and device IDs to help us learn about general trends, habits, or characteristics from a group of consumers who all act similarly online and/or offline. By doing this, we can find and serve many others who “look like” those already in the group and thereby send them what we believe will be relevant and beneficial product offers and information.
We link other information to your cookie and device IDs Your cookie and device IDs may be supplemented with other information, such as information about the products you buy offline or information that you provide directly to us when creating an account on our sites. We generally do this in ways that will not directly personally identify you. For example, we could know that cookie ID ABC12345 belongs to the razor aficionado group based on a person’s web site visits, age, gender, and shopping habits. Should we want to personally identify your cookie or device information (web and app viewing history), we will do so in accordance with applicable laws.
We may know you across all of your computers, tablets, phones, and devices We may know that cookie ID ABC12345 is from a computer that that may be connected to the same person or household owning the mobile phone with device ID EFG15647. This means that you may search for diapers on your laptop, click on a Google search result link which we have sponsored, and then later see an ad for our Pampers® brand diapers on your mobile phone. We might assume or deduce that the same person owns the computer and phone because, for example, they sign on to the same WiFi network every day at the same time. Understanding what devices seem to be used by a person or household helps us limit the number of times you see the same ad across all of your devices. And this is important because that way you don’t get annoyed at us for spamming you with the same ad and we don’t pay for such repetitive ads that we don’t want you to receive.
Addressable Media When you provide us with your personal data via our sites or apps, we will use an encryption of that data – or a substitute identifier such as The Trade Desk's UID2 -- to serve you with ads we think you may like. We do this generally by uploading a pseudonymized version (replaced with artificial letters or numbers) of your email address, phone number, or your mobile advertising ID to a platform that offers ad space (e.g., Facebook, YouTube, Instagram, TikTok, etc.). We also use that same data to serve you advertising through what is called the open web. This means you may see relevant ads from us on sites like nytimes.com or apps or other places like digital TV that participate in online auctions of their ad inventory.
Advanced Matching Some of our sites use the Advanced Matching features offered by Social Media Platforms to its advertisers (e.g. Facebook’s Advanced Matching, TikTok’s Advanced Matching, etc.). Through Advanced Matching, we will send some of the personal data you enter into our site form fields (e.g., your name, email address, and phone number – not any sensitive or special category data) in a pseudonymized format to the Social Media Platform, or the Social Media Platform Pixel will pseudonymize and pull that data automatically, for the purpose of helping associate you with your browser cookie or device ID. We do this so that we can better target and measure the effectiveness of our advertising on the respective Social Media platforms. This is how we can know that if we showed you an ad on a given Social Media Platform, you clicked on it, came to our site and bought something – or not – and therefore whether we should continue to buy ads on that Social Media Platform – or not.
Google Analytics Advertising Features: Some of our sites use Google Remarketing Lists for Search Ads with Analytics (“RLSA”), which is a service they offer to advertisers. When individuals visit our sites, Google Analytics collects data about their visits. If a visitor is signed into their Google account, we are able to provide that user with interest-based advertising when they conduct a Google search for terms related to the P&G site they visited. For example, if you are signed into a Google account when visiting our Head & Shoulders website, we may provide you with Head & Shoulders advertising when you search for “dandruff shampoo” on Google. Our ability to use and share information collected by Google Analytics about your visits to our sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. To understand how Google uses data when you use our partners' sites or apps, visit here. You may opt out of Google Analytics at any time.
Proximity-based beacons: Beacons send one-way signals to mobile apps you install on your phone over very short distances to tell you, for example, what products are on-sale as you walk through a store. Beacons only talk to your device when you get close enough and after you have given consent within the mobile application associated with a particular beacon. In turn, apps may provide us location information to help customize advertising and offers to you. For example, when you are near a beacon in the skin care section of a supermarket, we may send you a $4 off coupon.
Pixels These are small objects embedded into a web page but are not visible. They are also known as "tags,” “web bugs,” or "pixel gifs." We use pixels to deliver cookies to your computer, monitor our website activity, make logging into our sites easier, and for online marketing activity. We also include pixels in our promotional email messages or newsletters to determine whether you open and act on them.
Mobile device identifiers and SDKs We use software code in our mobile apps to collect information similar to what cookies collect on the internet. This will be information like your mobile phone identifiers (iOS IDFAs and Android Advertising IDs) and the way you use our apps. Similar to cookies, we collect device information automatically as you use our apps.
Precise geolocation We may receive information about your exact location from things like global positioning system (GPS) coordinates (longitude and latitude) when you use our mobile apps. You will always get a pop-up notice on your phone or device asking for you to accept or reject allowing us to know exactly where you are in the world. You should understand that we will not always ask for consent to know generally that you are in a broader city, postal code, or province. For example, we do not consider it to be precise location if all we know is that you are somewhere in Manila, Philippines.
Plugins Our websites may include plugins from other companies such as social networks. An example of a plugin is the Facebook “Like” button. These plugins may collect information (e.g., the URL of the page you visited) and send it back to the company that created them. This may happen even if you do not click on the plugin. These plugins are governed by the privacy policy and terms of the company that created them, even though they appear on our sites.
Logins Our websites may allow you to log in using your account with another company such as, for example, “Login with Facebook.” When you do this, we will have access only to the information that you have given us consent to receive from your account settings in the other company’s account you’re using to log in with.
User content Some of our sites and apps will allow you to upload your own content for contests, blogs, videos, and other functions. Please remember that any information you submit or post becomes public information. We do not have control over how others may use the content you submit to our sites and apps. We are not responsible for such uses in ways that may violate this privacy policy, the law, or your personal privacy and safety.
Links P&G sites may include links to other sites, which we do not control. Those sites will be governed by their own privacy policies and terms, not ours.
When we have your consent, we may disclose your personal data to others, such as select partners so they can send you offers, promotions, or ads about products or services we believe you may be interested in. For example, people who receive P&G emails from our diaper brands such as Pampers® may also consent to hear about baby formulas made by other companies.
Our websites and applications may make available contact information, unique identifiers, inferred and derived information, online and technical information and geolocation data with online platforms and ad tech companies to help us serve you relevant advertisements and offers, subject to applicable legal requirements, which may include consent and/or opt-outs. We do not sell your personal data to marketers outside of P&G in exchange for monetary compensation. Please see the U.S. State Privacy Notice section of the privacy policy below for additional information.
We may disclose or otherwise make available your personal data to our vendors (including “service providers” and “processors” defined under applicable laws, which we collectively refer to as “service providers” or “vendors” herein) who help us run our business. This includes hosting our sites, delivering our emails and marketing communications to you, analyzing the data we collect, helping us with sales attribution (e.g., to see if we showed you an ad on a platform site and then you bought a product from us) and sending you the products and services you requested. We also disclose or otherwise make available your personal data with lawyers, auditors, consultants, information technology and security firms, and others who provide services to us. We disclose or otherwise make available only the personal data needed for these companies to complete the tasks we request or, where permitted by applicable law, use the personal data for certain internal purposes such as security or fraud detection. We instruct our service providers to appropriately process and protect your personal data.
Payments for purchases made through some of our sites are completed using a third-party vendor’s online payment system. P&G does not have access to your credit card information provided for purchases and does not store or disclose your credit card information as part of your purchases through these third-party systems. The personal or financial information you provide to our online payment system is subject to the third-party’s privacy policy and terms of use and we recommend you review these policies before providing any personal or financial information.
If a brand or one of our businesses that controls your personal data, or some or all of its business assets, are sold to another company, your personal data will be disclosed to that company. We may also disclose your information to companies who help us protect our rights and property, or when required by law, legal processes or government authorities or as reasonably necessary to protect the rights or interests of ourselves or others.
As a large company, with many products and businesses in many countries around the world, we collect the following types of data in order to best serve all of our consumers.
Please be aware that this is a comprehensive list of various types of personal data we collect, and many of these types almost certainly will not apply to you. If you want to know what data we actually have about you, just ask.
Contact Information Data elements in this category include names (including nicknames and previous names), titles, mailing address, email address, telephone/mobile number and contact information for related persons (such as authorized users of your account).
General Demographics & Psychographics Data elements in this category include personal characteristics and preferences, such as age range, marital and family status, race and ethnicity (for example, in relation to information you provide in relation to your haircare or skincare purchases or preferences), shopping preferences, languages spoken, loyalty and rewards program data, household demographic data, data from social media platforms, education and professional information, hobbies and interests and propensity scores from third parties (likelihood of purchase, experiencing a life event, etc.).
Transaction and Commercial Information Data elements in this category include customer account information, qualification data, purchase history and related records (returns, product service records, records of payments, credits etc.), records related to downloads and purchases of products and applications, non-biometric data collected for consumer authentication (passwords, account security questions), customer service records.
Unique IDs & Accounts Details Data elements in this category include unique ID number (such as customer number, account number, subscription number, rewards program number), system identifiers (including username or online credentials), device advertisers, advertising IDs and IP address.
Online & Technical Information This includes internet or other electronic network activity information. Data elements in this category include: IP address, MAC address, SSIDs or other device identifiers or persistent identifiers, online user ID, encrypted password, device characteristics (such as browser information), web server logs, application logs, browsing data, viewing data (TV, streaming), website and app usage, first party cookies, third party cookies, web beacons, clear gifs and pixel tags.
Inferred Information This includes information derived from other personal data listed in this section. We create inferred and derived data elements by analyzing our relationship and transactional information. Data elements in this category include propensities, attributes and/or scores generated by internal analytics programs.
Precise Geolocation Data elements in this category include precise location (such as latitude/longitude).
Health-related Information Data elements based on how it is collected include:
Information collected from consumer programs (such as when you register on our brand sites, participate in our rewards programs, or purchase our products)
General health and symptom information
Pregnancy-related information, such as due date
Consumer Research Studies where you have provided your informed consent
Information about physical or mental health, disease state, medical history or medical treatment or diagnosis, medicines taken and related information
Financial account information Data elements in this category include bank account number and details and payment card information (e.g., when you make a purchase directly with a brand or receive a credit from a brand).
Government-issued IDs Data elements in this category include governmental ID and Tax ID (e.g., for winners of a contest in jurisdictions where we are required to collect that information).
Audio Visual Information Data elements in this category include photographs, video images, CCTV recordings, Call Center recordings and call monitoring records, and voicemails (e.g., for research, when you visit our facilities, or when you call us).
Smart Devices and Sensor Information Data elements in this category include smart device records, IoT products (e.g., from an Oral B app-connected toothbrush).
Data About Children Data elements in this category may include the number of children you have, your children’s diaper sizes, their genders, and ages.
Biometric Information Data elements in this category include facial recognition data, and a mathematical representation of your biometric identifier, such as the template maintained for comparison (e.g., for healthcare research studies). We will retain this biometric data for no more than three years from the individual's last interaction with us, unless we are required to retain it longer for legal or regulatory compliance purposes, or to exercise or defend our legal interests. We have implemented commercially reasonable protocols to safeguard and, when appropriate, to permanently delete or dispose of such biometric data.
We follow all applicable data protection laws when collecting personal data online from children. For example, in the EEA and the UK we do not collect personal data from children under 16 years of age without the consent of the holder of parental responsibility over the child, unless a lower age is provided for by the local laws – provided that such lower age is not below 13 years. Similarly, in the U.S., we obtain verified parental consent when collecting personal data from children younger than 13.
Your privacy is important. That’s why we respect it by taking steps to protect it from loss, misuse, or alteration.
We respect your personal data and take steps to protect it from loss, misuse, or alteration. Where appropriate, these steps can include technical measures like firewalls, intrusion detection and prevention systems, unique and complex passwords, and encryption. We also use organizational and physical measures such as training staff on data processing obligations, identification of data incidents and risks, restricting staff access to your personal information, and ensuring physical security including appropriately securing documents when not being used.
Your personal data may be transferred to, stored, and processed in a country other than the one in which it was collected, including the United States. For example, we may store your personal data on a server in the United States because that is where a particular database is hosted; and that data may be “transferred” again when one of our marketers accesses it from Switzerland to send you a product sample. For EEA and UK data, we perform such transfers, both between P&G entities and between P&G and our service providers, using contractual protections that EEA and UK regulators have pre-approved (known as model contract clauses). If you would like a copy of a transfer agreement, contact us. For non-EEA and UK data, we perform such transfers based on your consent, or on our contracts, where so required by local law.
Click here to review the beginning of our Global Privacy Policy.
This U.S. State Privacy Notice applies to “Consumers” as defined under U.S. privacy laws, specifically the California Consumer Privacy Act, including as amended by the California Privacy Rights Act (“CCPA”), the Virginia Consumer Data Privacy Act (“VCDPA”),the Colorado Privacy Act, the Utah Consumer Privacy Act, Connecticut’s Act Concerning Personal Data Privacy and Online Monitoring, and any other U.S. privacy laws, as each are amended and as and when they become effective, and including any regulations thereunder (collectively, the “US Privacy Laws”). This U.S. State Privacy Notice is a supplement to this Privacy Policy. In the event of a conflict between any other P&G policy, statement, or notice and this U.S. State Privacy Notice, this U.S. State Privacy Notice will prevail as to Consumers and their rights under the applicable U.S. Privacy Laws.
This U.S. State Privacy Notice is designed to provide you with notice of our recent personal data practices over the prior 12 months from the “Last Updated” date of this Privacy Policy. This U.S. State Privacy Notice will be updated at least annually. This U.S. State Privacy Notice also applies to our current data practices such that it is also meant to provide you with “notice at collection,” which is notice of personal data (also referred to in some of the U.S. Privacy Laws as “personal information”) we collect online and offline, and the purposes for which we process personal data, among other things required by the U.S. Privacy Laws. For any new or substantially different processing activities that are not described in this U.S. State Privacy Notice, we will notify you as required by the U.S. Privacy Laws, including by either notifying you at the time of collecting personal data, or by updating this U.S. State Privacy Notice earlier than required. We reserve the right to amend this U.S. State Privacy Notice at our discretion and at any time.
Generally, we collect, retain, use, and disclose your personal data for our business purposes and commercial purposes. Business purposes are purposes which are generally not tied to an opt-out right under the U.S. Privacy Laws, such that they do that do not implicate “Sale,” “Sharing,” or “Targeted Advertising” as defined under U.S. Privacy Laws (see the “
” section below.)Our business purposes include the purposes listed above in the “
” and “” sections. Our business purposes also include the disclosure of personal data (which may include all the categories of personal data in the table below) to the recipients noted in the table below.Commercial purposes, on the other hand, are generally associated with an opt-out right under the U.S. Privacy Laws, in particular where they involve Sales, Sharing, or Targeted Advertising as defined under applicable U.S. Privacy Laws. Examples include where Third-Party Digital Businesses (defined below) collect your personal data via third-party cookies, and when we or such Third-Party Digital Businesses process personal data for certain advertising purposes.
The table immediately below describes the categories of personal data we collect in the left column. The middle column provides examples of data types within the applicable categories, which, in some instances, include the personal data types/categories listed above under “
.” The right column states the categories of recipients that receive such personal data as part of disclosures for business purposes, as well as disclosures which may be considered a Sale or Share under certain U.S. Privacy Laws.| Category of Personal Data | Examples of Personal Data Types within Category | Categories of Recipients |
|---|---|---|
| 1. Identifiers and Contact Information | Contact information, Unique IDs & Accounts Details, Online and Technical Information, Financial Account Information, Government-issued IDs | Disclosures for Business Purposes: • Software and other business Vendors (“Business Vendors”) • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: Third-Party Digital Businesses and Retail Partners |
| 2. Personal Records | Contact information, Unique IDs & Accounts Details, Financial Account Information, Government-issued IDs | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: Third-Party Digital Businesses |
| 3. Personal Characteristics or Traits | General Demographics & Psychographics, Data About Children, Inferred Information, Health-related information | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: Third-Party Digital Businesses and Retail Partners |
| 4. Customer Account Details / Commercial Information | General Demographics & Psychographics, Transaction and Commercial Information, Online & Technical Information | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: Third-Party Digital Businesses and Retail Partners |
| 5. Biometric Information | Biometric Information | Disclosures for Business Purposes: • Business Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| 6. Internet Usage Information | Transaction and Commercial Information, Online & Technical Information, Smart Devices and Sensor Data | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: Third-Party Digital Businesses |
| 7. Location Data | Imprecise Location Data, Precise Geolocation Data | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| 8. Audiovisual and Similar Information | Audio Visual Information, Smart Devices and Sensor Data | Disclosures for Business Purposes: • Business Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| 9. Professional or Employment Information | General Demographics & Psychographics | Disclosures for Business Purposes: • Business Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| 10. Non-public Education Records | Not applicable in non-HR contexts (which are not within the scope of this notice) | |
| 11. Inferences from Collected Information | General Demographics & Psychographics, Inferred Information | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: Third-Party Digital Businesses and Retail Partners |
| Category of Personal Data | Examples of Personal Data Types within Category | Categories of Recipients |
|---|---|---|
| Account information and Credentials | Financial Information. In addition, we may store your P&G account log-ins in combination with a password in our systems. | Disclosures for Business Purposes: • Business Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| Precise Geolocation Data | Precise geolocation data | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| Racial or Ethnic Origin | General Demographics & Psychographics | Disclosures for Business Purposes: • Business Vendors • Marketing Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| Biometric Information | Biometric information | Disclosures for Business Purposes: • Business Vendors • Affiliates and Related Entities Sale/Sharing: N/A |
| PI Concerning a Consumer’s Health | Health-related Information | Disclosures for Business Purposes: • Business Vendors • Affiliates and Related Entities Sale/Sharing: Third-Party Digital Businesses and Retail Partners *This personal data would not include health diagnostic information but is related to demographic or purchase data that may help us determine which products you may be interested in. |
Certain U.S. Privacy Laws require us to either disclose length of time we intend to retain each category of personal data listed above, or if that is not possible, the criteria used to determine the period of time it will be retained. Because there are so many different types of personal data in each category, and so many purposes and use cases for different data, we have determined that it is not possible to disclose in a clear manner how long we intend to retain each category as they are defined in the applicable U.S. Privacy Laws. However, we do discuss retention in relation to certain processing activities, including certain types of personal data in relation to such processing activities, along with the criteria that are used in relation to the same, below in our “
” section.As described in further detail below, subject to meeting the requirements for a Verifiable Consumer Request (defined below), we provide Consumers – which are, for clarity, residents of certain states – the privacy rights described in this section. For residents of states without Consumer privacy rights, we will consider requests but will apply our discretion in how we process such requests. For states that have passed consumer privacy laws, but are not yet in effect, we will also consider applying state law rights prior to the effective date of such laws but will do so in our discretion.
As permitted by the U.S. Privacy Laws, any request you submit to us is subject to an identity verification process (“Verifiable Consumer Request”) as described below in the “Verifying Your Request” section below. We will not fulfill your request unless you have provided sufficient information for us to reasonably verify you are the Consumer about whom we collected personal information.
To make a request, please submit your request to us by one of the methods below. For further instructions on how to submit a Do Not Sell/Share/Target request, for non-cookie PI (as defined below), please go to the “
” section below.Calling us at (877) 701-0404
Visiting our Preference Center (which can be reached by the “Your Privacy Choices” link in the footer of our websites or via the Settings menu in our mobile applications)
Some personal data we maintain about you is not sufficiently associated with enough of your other personal data for us to be able to verify that it is your particular personal data (e.g., clickstream data tied only to a pseudonymous browser ID). We do not include that personal data in response to those requests. If we deny a verified request, we will explain the reasons in our response. You are not required to create a password-protected account with us to make a Verifiable Consumer Request. We will use personal data provided in a Verifiable Consumer Request only to verify your identity or authority to make the request and to track and document request responses, unless you also gave it to us for another purpose.
We will make commercially reasonable efforts to identify personal data that we collect, process, store, disclose, and otherwise use and to respond to your privacy requests. We will typically not charge a fee to fully respond to your requests; provided, however, we may refuse to act upon a request, if your request is excessive, repetitive, unfounded, or overly burdensome. If we determine that we may refuse a request, we will give you notice explaining why we made that decision.
To help protect your privacy and maintain security, we take steps to verify your identity before granting you access to your personal data or considering your deletion request. Upon receipt of your request, we will send you a verification form by email or postal mail. To complete your request, please respond to the verification form when you receive it. To verify your identity, we may require you to provide any of the following information: Name, email address, postal address, or date of birth.
We will review the information provided as part of your request and may ask you to provide additional information via e-mail or other means as part of this verification process. We will not fulfill your Right to Know (Categories), Right to Know (Specific Pieces/Portability), Right to Delete, or Right to Correction request unless you have provided sufficient information for us to reasonably verify you are the Consumer about whom we collected personal data. The same verification process does not apply to opt-outs of Sale or Sharing, or limitation of Sensitive Personal Data requests, but we may apply some verification measures if we suspect fraud.
The verification standards we are required to apply for each type of request vary. We verify your categories requests and certain deletion and correction requests (e.g., those that are less sensitive in nature) to a reasonable degree of certainty, which may include matching at least two data points provided by you with data points maintained by us, which we have determined to be reliable for the purpose of verifying you. For certain deletion and correction requests (such as those that relate to personal data that is more sensitive in nature) and for specific pieces requests, we apply a verification standard of reasonably high degree of certainty. This standard includes matching at least three data points provided by you with data points maintained by us, which we have determined to be reliable for the purpose of verifying you, and may include obtaining a signed declaration from you, under penalty of perjury, that you are the individual whose personal data is the subject of the request.
If we cannot verify you in respect of certain requests, such as if you do not provide the requested information, we will still take certain actions as required by certain U.S. Privacy Laws. For example:
If we cannot verify your deletion request, we will refer you to this U.S. State Privacy Notice for a general description of our data practices.
If we cannot verify your specific pieces request, we will treat it as a categories request.
You may designate an authorized agent to submit a request on your behalf by submitting a request in the manners described above. If you are an authorized agent who would like to make a request, the U.S. Privacy Laws require that we ensure that a request made by an agent is a Verifiable Consumer Request (except Do Not Sell/Share requests) and allow us to request further information to ensure that the Consumer has authorized you to make the request on their behalf. Generally, we will request that an agent provide proof that the Consumer gave the agent signed permission to submit the request, and, as permitted under the U.S. Privacy Laws, we also may require the Consumer to either verify their own identity or directly confirm with us that they provided the agent permission to submit the request. To make a request as an authorized agent on behalf of a Consumer, click here.
You may appeal a denial of your request by clicking here.
You have the right to request, twice in a 12-month period, the following information about the personal information we have collected about you during the past 12 months:
the categories of personal information we have collected about you;
the categories of sources from which we collected the personal information;
the business or commercial purposes for which we collected or sold the personal information;
the categories of third parties to whom we sold or shared the personal information, by category or categories of personal information for each category of third parties to whom the personal information was sold or shared;
the categories of personal information about you that we disclosed for a business purpose, and the categories of persons to whom disclosed that information for a business purpose.
You have the right to request a transportable copy of the specific pieces of personal data we collected about you in the 12-month period preceding your request. Please note that personal data is retained by us for various time periods, so there may be certain information that we have collected about you that we do not even retain for 12 months (and thus, it would not be able to be included in our response to you). Please also note that you may be limited under your applicable state’s law to making a certain number of “right to know” requests in any 12-month period.
In addition, you have the right to request that we delete certain personal information we have collected from you.
Please understand that P&G cannot delete personal data in those situations where our retention is required for our own internal business purposes or otherwise permitted by relevant U.S. Privacy Laws (such as fraud prevention or legal compliance). In these situations, we will retain your personal data in accordance with our records retention program and securely delete it at the end of the retention period.
You have the right to request that we correct inaccuracies that you find in your personal data maintained by us. Your request to correct is subject to our verification (discussed above) and the response standards in the applicable U.S. Privacy Laws.
Certain personal data qualifies as “sensitive personal data” or “sensitive personal information” under U.S. Privacy Laws, which we refer to in this U.S. State Privacy Notice as “Sensitive Personal Data”. Some U.S Privacy Laws require consent for the processing of Sensitive Personal Data, which can be revoked, subject to certain exceptions and exemptions (for example, if the processing of your Sensitive Personal Data is required to provide a product or service specifically requested by you). Depending on your state of residence, you have the right to revoke such consent, if applicable, and/or direct businesses to limit their use and disclosure of Sensitive Personal Data if they use or disclose it beyond certain internal business purposes. You can make a request using the methods set forth above.
Under the various U.S. Privacy Laws, Consumers have the right to opt-out of certain processing activities. Some states have opt-outs specific to Targeted Advertising activities - which California’s law refers to as “cross-context behavioral advertising”, and others simply as Targeted Advertising - which involve the use of personal data from different businesses or services to target advertisements to you. California provides Consumers the right to opt-out of Sharing, which includes providing or making available personal information to third parties for such Targeted Advertising activities, while other states provide Consumers the right to opt-out from processing personal information for Targeted Advertising more broadly. There are broad and differing concepts of the Sale of personal data under the various U.S. Privacy Laws, all of which at a minimum require providing or otherwise making available personal data to a third party.
Third-Party digital businesses, including online platforms (Google, Amazon, Facebook, etc.) and AdTech companies such as Demand Side Platforms which help us place advertisements (“Third-Party Digital Businesses”) may associate cookies and other tracking technologies that collect personal data about you on our apps and websites, or otherwise collect and process personal data that we make available about you, including digital activity information. Giving access to personal data on our websites or apps, or otherwise, to Third-Party Digital Businesses could be deemed a Sale and/or Sharing and could implicate Targeted Advertising under some U.S. Privacy Laws. Therefore, we will treat such personal data collected by Third-Party Digital Businesses (e.g., cookie ID, IP address, and other online IDs and internet or other electronic activity information) as such, and subject to the opt-out requests described above. In some instances, the personal data we make available about you is collected directly by such Third-Party Digital Businesses using Tracking Technologies on our websites or apps, or our advertisements that are served on third-party sites (which we refer to as “cookie PI”). However, certain personal data which we make available to Third Party Digital Businesses is information that we have previously collected directly from you or otherwise about you, such as your email address (which we refer to below as “non-cookie PI”).
When you opt-out pursuant to the instructions below, it will have the effect of opting you out of Sale, Sharing, and Targeted Advertising, such that our opt-out process is intended to combine all of these state opt-outs into a single opt-out. Instructions for opting out are below. Please note that there are distinct instructions for opting out of cookie PI and non-cookie PI, which we explain further, below.
Opt-out for non-cookie PI: If you would like to submit a request to opt-out of our processing of your non-cookie PI (e.g., your email address) for Targeted Advertising, or opt-out of the Sale or Sharing of such data, make an opt-out request here.
Opt-out for cookie PI: If you would like to submit a request to opt-out of our processing of your cookie PI for Targeted Advertising or opt-out of the Sale/Sharing of such personal data, you need to exercise a separate opt-out request on our cookie management tool. To do so, visit “Your Privacy Choices” here and click “Do Not Sell or Share My Personal Information / Opt-Out of Targeted Advertising” and follow the instructions for the toggle. This is because we have to use different technologies to apply your opt-outs of cookie PI and of non-cookie PI. Our cookie management tool enables you to exercise such an opt-out request and enable certain cookie preferences on your device.
A similar tool is available for our mobile applications, which you can access via the “Do Not Sell or Share My Personal Information / Opt-Out of Targeted Advertising” option in the Settings menu.
If you are using the same browser, your opt-out preference will be noted and remembered across our different websites. You must exercise your preferences separately on each of our mobile applications that you use, if you use a different browser than the one on which you originally opted out, and on each device that you use. Since your browser opt-out is designated by a cookie, if you clear or block cookies, your preferences will no longer be affective, and you will need to enable them again via our cookie management tool.
For more information about how we have shared your personal data with third parties such that it constitutes a “Sale” or “Share” under CCPA during the 12-month period prior to the date this privacy policy was last updated, please refer to the chart above. We do not knowingly Sell or Share personal data of minors older than 13 years of age and under 16 years of age without their consent.
Some of the U.S. Privacy Laws require businesses to process GPC signals, which is referred to in California as opt-out preference signals (“OOPS”), which are signals sent by a platform, technology, or mechanism, enabled by individuals on their devices or browsers, that communicate the individual’s choice to opt-out of the Sale and Sharing of personal data. To use an OOPS/GPC, you can download an internet browser or a plugin to use on your current internet browser and follow the settings to enable the OOPS/GPC. We have configured the settings of our consent management platform to receive and process GPC signals on our website and mobile applications, which is explained by our consent management platform here.
We also collect and use your personal data to administer and maintain Rewards Programs (defined above in “How We Use Your Data”), which may be considered a “financial incentive” under one or more of the U.S. Privacy Laws.
We use all of the categories of personal data disclosed in the above table, excluding “biometric information,” “professional or employment information, and “non-public education records,” to administer and maintain such Rewards Programs. We use personal data to verify your identity, offer unique rewards, track your program status, and to facilitate the exchange of program points for products, promotional materials, training workshops, and other items. You can opt-in to a Rewards Program by signing up on the applicable rewards page. If you opt-in to participate in any of our Rewards Programs, you may withdraw from participation at any time by contacting us using the contact details in this Privacy Policy or in accordance with the instructions set forth in the applicable Rewards Program’s terms and conditions.
Under certain U.S. Privacy Laws, you may be entitled to be informed as to why financial incentive programs, or price or service differences, are permitted under the law, including (i) a good-faith estimate of the value of your personal data that forms the basis for offering the financial incentive or price or service difference, and (ii) a description of the method we used to calculate the value of your personal data. Generally, we do not assign monetary or other value to personal data. However, in the event we are required by law to assign such value in the context of Rewards Programs, or price or service differences, we have valued the personal data collected and used as being equal to the value of the discount or benefit provided, and the calculation of the value is based upon a practical and good-faith effort often involving the (i) categories of personal data collected (e.g., names, email addresses), (ii) the use of such personal data for our marketing and business purposes in accordance with this Privacy Policy and our Rewards Programs, (iii) the discounted price offered (if any), (iv) the volume of consumers enrolled in our Rewards Programs, and (v) the product or service to which the Rewards Programs, or price or service differences, applies. The disclosure of the value described herein is not intended to waive, nor should be interpreted as a waiver to, our proprietary or business confidential information, including trade secrets, and does not constitute any representation with regard to generally accepted accounting principles or financial accounting standards. We deem the value of the personal data to be reasonably related to the value of the rewards, and by subscribing to these Rewards Programs you indicate you agree. If you do not, do not subscribe to the Rewards Programs.
Non-Discrimination
You have the right not to receive discriminatory treatment for the exercise of your privacy rights described in this U.S. State Privacy Notice. We will not deny, charge different prices for, or provide a different level or quality of goods or services if you choose to exercise your rights.
Click here to see request metrics from the previous calendar year.
We may offer interactive services which allow teens under the age of 18 to upload their own content (e.g., videos, comments, status updates, or pictures). This content can be removed or deleted any time by following the instructions on our sites. If you have questions about how to do this, contact us. Be aware that such posts may have been copied, forwarded, or posted elsewhere by others and we are not responsible for any such actions. You will, in such cases, have to contact other site owners to request removal of your content.
We provide California residents with the option to opt-out to sharing of “personal information,” as defined by California’s “Shine the Light” law, with third parties (other than with Company affiliates) for such third parties’ own direct marketing purposes. California residents may exercise this opt-out, request information about our Shine the Light law compliance, and/or obtain a disclosure of third parties we have shared information with and the categories of information shared. To do so contact us at 1 Procter & Gamble Plaza, Cincinnati, OH 45202, U.S.A. (Attn: Privacy). You must put the statement “Shine the Light Request” in the body of your correspondence. In your request, please attest to the fact that you are a California resident and provide a current California address for your response. This right is different than, and in addition to, CCPA rights, and must be requested separately. We are only required to respond to one request per Consumer each year. We are not required to respond to requests made by means other than through the provided mail address. We will not accept Shine the Light requests by telephone or by fax, and are not responsible for requests not labeled or sent properly, or that are incomplete.
This section includes information that is required to be disclosed in respect of our processing of personal data of EEA country and UK residents. It aims to provide increased transparency into our processing, retention, and transfer of EEA and UK residents personal data that is in line with the letter and spirit of the General Data Protection Regulation (“GDPR”) and the GDPR as incorporated into UK law by the Data Protection Act 2018 and amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019. Certain information, such as the Entities and list of Data Controllers, as well as the legal bases for processing explained under “Processing and Retention” below only apply to processing of personal data of EEA country and UK residents. The retention periods described below, however, apply more broadly o personal data of residents of the states described above in the U.S. State Privacy Notice.
Different P&G entities may be the controller of your personal data. A data controller is the entity which directs the processing activity and is principally responsible for the data. The chart below identifies our data controllers for EU country data. For example, when you register for email on one of our French websites, the P&G entity listed next to that country name will be the controller of that personal data (e.g., Procter & Gamble France SAS).
| Countries | Data Controller |
|---|---|
| Austria | Procter & Gamble Austria – Zweigniederlassung der Procter & Gamble GmbH, Wiedner Gürtel 13, 100 Wien |
| Belgium | Procter & Gamble Distribution Company (Europe) BVBA For P&G Healthcare: P&G Health Belgium BVBA, Temselaan 100, 1853 Strombeek-Bever |
| Bulgaria | Procter & Gamble Bulgaria EOOD, Sofia 1404, Bd. Bulgaria nr. 69, Bulgaria |
| Croatia | Procter & Gamble d.o.o. za trgovinu, Bani 110, Buzin, 10010 Zagreb, Croatia |
| Czech Republic | Procter & Gamble Czech Republic s.r.o., 269 01 Rakovnik, Ottova 402, Czech Republic |
| EU Countries Not Listed | Procter & Gamble International Operations SA, Route de Saint-Georges 47 1213 PETIT-LANCY Geneve |
| France | Procter & Gamble France SAS For P&G HealthCare: Procter & Gamble Pharmaceuticals France SAS / P&G Health France SAS 163/165 quai Aulagnier, 92600 Asnières-sur-Seine |
| Germany | Procter & Gamble Service GmbH, Sulzbacher Strasse 40, 65824 Schwalbach am Taunus For P&G Health: P&G Health Germany GmbH, Sulzbacher Strasse 40, 65824 Schwalbach am Taunus |
| Greece | P&G Hellas Ltd. 49 Ag. Konstantinou str., 15124 Maroussi – Athens, Greece |
| Hungary | Procter & Gamble Magyarország Nagykereskedelmi Kkt, 1082 Budapest, Kisfaludy utca 38., Hungary |
| Ireland | Procter & Gamble UK, The Heights, Brooklands, Weybridge, Surrey KT13 0XP |
| Italy | Procter & Gamble Srl, viale Giorgio Ribotta 11, 00144 Roma |
| Netherlands | Procter & Gamble Nederland B.V., Watermanweg 100, 3067-GG Rotterdam New address as of April 27, 2020: Weena 505, 3013 AL Rotterdam |
| Poland | Procter and Gamble DS Polska sp z o.o., ul. Zabraniecka 20, 03-872 Warszawa, Poland |
| Portugal | Procter & Gamble Portugal, Productos de Consumo Higiene de Saude, S.A., S.A. Edificio Alvares Cabral 3º, Quinta da Fonte, 2774-527 Paço D'Arcos, Portugal |
| Romania | For contests: Procter & Gamble Distribution SRL, 9-9A Dimitrie Pompei Blvd., Building 2A, District 2, Bucharest 020335, Romania For other sites: Procter & Gamble Marketing Romania SR, 9-9A Dimitrie Pompei Blvd., Building 2A, District 2, Bucharest 020335, Romania |
| Slovakia | Procter & Gamble, spol. s.r.o., Einsteinova 24, 851 01 Bratislava, Slovakia |
| Spain | Procter & Gamble España, S.A , Avenida de Bruselas, 24, 28108 Alcobendas, Madrid, Spain |
| United Kingdom | Procter & Gamble UK Seven Seas Limited, The Heights, Brooklands, Weybridge, Surrey KT13 0XP |
As a general rule, we keep your data for only as long as it is needed to complete the purpose for which it was collected or as required by law. We may need to keep your data for longer than our specified retention periods to honor your requests, including to continue keeping you opted out of marketing emails, or to comply with legal or other obligations. This section tells you the type of data we collect, the purposes for which we use it, why such uses comply with the law (legal basis, as required by certain non-U.S. Privacy Laws such as the GDPR), and how long we usually keep it (retention period).
Types of Data Email, name, phone number, postal address, your affinities, your interests, your logged in browsing behavior on our sites or apps, your profession, your habits, what you bought, the photos or videos you upload, information about your children and your home, your family composition, the number of people in your household, your hair type, your skin type, your favorite scent, whether you have a pet, health-related information (for example your pregnancy due date), etc.
Why We Collect This Data To send you materials, including advertisements, marketing our products or services or the products or services of our partners.
Legal Basis Your consent for email and SMS and any special category data, and, where we obtain it, consent for postal. Legitimate interests for everything else (e.g., for advertising).
Retention Period Until you request to delete the personal data or withdraw your consent. If you do not make such a request, the personal data will be deleted on the following schedule:
email: after <50 months of all-channel inactivity. We define inactivity through several internal criteria.
SMS: after <50 months of all-channel inactivity. We define inactivity through several internal criteria.
postal address: after <50 months of all-channel inactivity. We define inactivity through several internal criteria.
These retention periods may be shorter in certain countries in line with local requirements.
Types of Data Email, name, phone number, sometimes other data.
Why We Collect This Data To provide contest participants with information about the contest, including announcing the winner(s) of the contest.
Legal Basis Performance of a contract.
Retention Period For 24 months unless local law requires us to retain it longer.
Types of Data Email, name, phone number, payment information (including bank account IBAN or PayPal details), sometimes other data.
Why We Collect This Data To process your purchases of our products, cashback offers, or warranties and to send you relevant communications related to that purchase.
Legal Basis Performance of a contract.
Retention Period As long as necessary to fulfill your order and follow up with communications about your order unless local law requires us to retain it longer. We also generally retain data for 24 months for cashback offers and 10 years for warranties
Types of Data Email, name, phone number, sometimes other data.
Why We Collect This Data To address your inquiries and make sure we follow up appropriately or as may be required by law or P&G policy.
Legal Basis Our legitimate business interest in managing consumer inquiries and improving our processes and products, as well as your consent for special category data which may be collected in some adverse event cases.
Retention Period From 0 to 10 years, depending on the nature of the inquiry, our legitimate interests for processing the data, and our legal obligations.
Types of Data Email, name, phone number, address, identifiable photos or videos, sometimes other data.
Why We Collect This Data To test our product ideas and learn about your preferences and practices so that we can improve our products and the lives of our consumers.
Legal Basis Your consent.
Retention Period We will retain the personal data collected as part of substantive clinical research for as long as we need it for the purpose for which it was collected, and/or for as long as may be required to retain it by local law or regulation, which may be up to 25 years. For non-clinical research, we will retain your substantive personal data for a maximum of 5 years. We will retain your signed informed consent documents.
Types of Data Advertising cookies, device ID, demographic information such as gender and age, behavioral data such as page views, and other data.
Why We Collect This Data To learn about your Internet interests and customize the ads we send you.
Legal Basis We will obtain your consent for the deployment of cookies on our own websites in accordance with ePrivacy requirements. When we place our tags on third party websites or buy data from third party vendors, we require that our partners obtain your consent before our tag is deployed or your data is shared with us.
Depending on the case, we may rely on our legitimate business interests or on your consent for the processing your personal data to serve you with relevant advertising across different media channels.
Retention Period We will retain this data for thirteen months from the date we collect it or until you opt out, whichever is earlier.
Personal data breach means a breach of security leading to the accidental, or unlawful, destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
Confirmed or suspected data breaches should be reported promptly to P&G’s Data Protection Officer. All data breaches will be logged by the Data Protection Officer to ensure appropriate tracking of the types and frequency of confirmed incidents for management and reporting purposes.
An individual who wishes to complain about how their personal information may have been breached may lodge their complaint directly with the Data Protection Officer by email: nigeriadpo.im@pg.com.
The complaint should include:
a detailed description of the security incident that caused the data breach,
the type of personal data that was affected by the data breach,
the identity of the affected person,
and any other information that may be requested by the Data Protection Officer.
Any such complaints should be reported within 72 (seventy-two) hours of the occurrence of the suspected or confirmed data breach.
P&G will seek to report potential data breaches within 72 hours of knowledge of such breaches to the relevant authorities responsible for monitoring the security of personal data.
Still have a question or concern? We’re here to help.
Please contact us directly with any questions or concerns you may have about your privacy and our data protection practices or if you are a consumer with a disability and need a copy of this notice in an alternative format. If you have an inquiry that is specific to our data protection officer, such as a suspected data breach, please state that in your message. You may also write to our Data Protection Officer at 1 Procter & Gamble Plaza, Cincinnati, OH 45202, U.S.A.
Procter & Gamble Ireland, The Graan House, Units E1 and E14, Calmount Business Park, Dublin 12, Ireland acts as our representative in the UK and EU in accordance with Art. 27 GDPR.