Policy regarding cookies and other trackers

You can download and archive this document in PDF format by clicking here. To open the PDF file, you can use the free software Adobe Reader (available on www.adobe.ie) or a similar program that can handle PDF files

This policy was updated on 10th December 2021 .

Clarins UK places great importance on the protection of user’s privacy and its obligations in accordance with the legal provisions in force.

When browsing our website, cookies and other trackers are likely to be stored and/or read on your device (computer, smartphone, tablet, etc.).

This page allows you to better understand how cookies work, what principles we apply, and how to manage your preferences. Please, read also our Privacy Policy.

1 - What is a cookie or tracker?

Cookies or trackers designate all mechanisms aimed at storing information on your device, or accessing information already stored on your device. This may include HTTP cookies as well as other technologies such as local shared objects, local storage, device fingerprinting, identifiers generated by operating systems (IDFA, IDFV, Android ID, etc.), hardware IDs (MAC address, serial number, etc.), etc.

2 - Why trackers are used on our website and what are the principles we apply?

Trackers requiring consent

We ask for your consent before storing and/or reading trackers on your device, and we notify you of the purpose of the trackers used as well as the identity of our partners so that you can make an informed decision in this regard.

- Performance & Analytics : These trackers allow us to analyse your navigation and measure the audience of our site, to improve the quality of our services.

Company

Name

Source

Lifespan

Description

Contentsquare

_cs_c

clarins.com

13 months

Contains the user consent state (not expressed, granted, withdrawn).

Contentsquare

_cs_cvars

clarins.com

While the session lasts

Includes the session's Custom variables URL encoded

Contentsquare

_cs_id

clarins.com

13 months

Contains the following data separated by dots: user ID, user creation timestamp, number of visits, last pageview timestamp, last visit timestamp, timestamp of the last time this visitor was drawn, cookie expiration date, cookie SameSite attribute, cookie Secure attribute value (0/1).

Contentsquare

_cs_s

clarins.com

30 minutes

Contains the number of pages viewed in the current session and the recording type: ".1" (not recorded for Session Replay), ".3" (to include a visitor for Session Replay recording service) or ".5" (to include a visitor for Session Replay recording service after a specific trigger).

Adobe

uuid230

clarins.com

It is set once until it disappears from client browser then a new value is regenerated.

It contains a UUID (Universally Unique Identifier, ex: 22dd36b2-6719-4a7d-b3c1-0d3a51dad73d). It is set once until it disappears from client browser then a new value is regenerated. The aim of that identifier is to identify clients from the first contact. It may be deposited by a landing page (to associate unknown customer activities to a recipient) or simply by a regular delivery.

Adobe

nlid

clarins.com

Session cookie

It contains both broadlogId and deliveryId that are set whenever the user clicks on a link in an email. The aim of that cookie is to know which delivery and client has generated traffic or actions on a website. Indeed by positioning trackers (calls to URLs of the tracking server) we are able to create logs because we know the 3 mandatory fields: recipientId (with the broadlogId), deliveryId and tagId (the URL we use)

Commanders Act

TCAUDIENCE

clarins.com

365 days

Used to store the user segment for user targeting.

Commanders Act

WID
(domain: .commander1.com​)

clarins.com

Session

Used to identify when the browser is closed in order to split page views into multiple functional sessions.

Commanders Act

_TCCookieSync

clarins.com

/

Used to store the date of the last cookie synchronisation with the partner (set in local storage by default, and cookie if local storage not available).

Commanders Act

_TCCookieSync

clarins.com

365 days

Used to store the date of the last cookie synchronisation with the partner (set in local storage by default, and cookie if local storage not available).

Commanders Act

TCSESSION
(domain: .commander1.com​)

clarins.com

Session

Used to calculate MIX metrics based on the session.

Commanders Act

TCREDIRECT

clarins.com

Session

Used to deduplicate clicks (if redirect, just store the page view and ignore the click).

Commanders Act

TCREDIRECT
(domain: .commander1.com​)

clarins.com

Session

Used to deduplicate clicks (if redirect, just store the page view and ignore the click).

Commanders Act

TCLANDINGURL
(domain: .commander1.com​)

clarins.com

Session

Used to store landing page URL for MIX raw data.

Commanders Act

TCID
(domain: .commander1.com​)

clarins.com

365 days

Visitor identifier used to compute deduplicated statistics per user (for campaign and on-site tracking, segmentation, ...). TrustCommander uses this cookie to measure statistics for privacy banner performance after a visitor provided consent. Before users provided consent TrustCommander uses the TCPID cookie to measure anonymous statistics for privacy banner.

Commanders Act

CAID
(domainfirstClient)

clarins.com

365 days

The CAID is the user identifier for cookie 1st

Commanders Act

tC_Sync

clarins.com

/

Technical cookie that is used to store the timestamp of the last cookie sync that was performed for this user agent. A cookie sync matches the visitor ID of Commanders Act solutions (TCID) with the visitor ID of other solutions. Cookie sync is optional and can be deactivated by Commanders Act users via the Commanders Act support.

Commanders Act

tc_cj_v2
(domain: .commander1.com​)

clarins.com

365 days

Used for user customer journey storage for tag deduplication (channel and source storage).

Commanders Act

tc_cj_v2_cmp
(domain: .commander1.com​)

clarins.com

365 days

Used for user customer journey storage for tag deduplication (campaign storage).

Commanders Act

tc_cj_v2_med
(domain: .commander1.com​)

clarins.com

365 days

Used for user customer journey storage for tag deduplication (medium storage).

Commanders Act

TCREDIRECT_DEDUP
(domain: .commander1.com​)

clarins.com

Session

Used when the deduplication is based on MIX tracking (so the MIX tracking is taken into account and not the landing page tracking)

Commanders Act

tc_sample_{idsite}_{idrule}

clarins.com

365 days

Used for visitor and session sampling in the TagCommander rules.

Commanders Act

tc_cj_v2

clarins.com

365 days

Used for user customer journey storage for tag deduplication (channel and source storage).

Commanders Act

TCPID

clarins.com

6 months

Used to identify visitors exposed to the privacy banner (not encoded contrary to TCID, so visitors can be retrieved in the privacy raw data export). TrustCommander uses this cookie to measure statistics for privacy banner usage until visitors provide consent for the TCID cookie. With this 2-cookie system, TrustCommander is the only CMP that has been granted the right of exemption from consent for statistical measurement by the French CNIL. https://www.cnil.fr/fr/solutions-pour-les-cookies-de-mesure-daudience​

Commanders Act

TC_OPTOUT (default)

clarins.com

396 days

Used for user status storage (optin or optout) and Privacy banner display.

Commanders Act

TC_OPTOUT_categories (default)

clarins.com

396 days

Used to display the optin/optout categories in the Privacy Center if the user re-open it.

Commanders Act

TC_PRIVACY (default)

clarins.com

6 months

Used for user status storage (optin or optout) and Privacy banner display.

Commanders Act

TC_PRIVACY_CENTER (default)

clarins.com

6 months

Used to display the optin/optout categories in the Privacy Center if the user re-open it.

Commanders Act

TC_PRIVACY_IAB_VENDORLIST

clarins.com

Unlimited

Used to cache the IAB TCF Global Vendor List to optimise the response time of the IAB TCF consent API.

Commanders Act

TC_PRIVACY_TCF

clarins.com

Unlimited

Used to cache the IAB TCF Consent API Response to optimise the response time of the APII.

Akamai

RT

7 days

Doesn't contain personal information but it contains various pieces of information about the visitor's session, such as number of visited pages, session start time, last visited url and etc

Google

_ga

clarins.com

2 years

Used to distinguish users.

Google

_gid

clarins.com

24 hours

Used to distinguish users.

Google

_gat

clarins.com

1 minute

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

Google

AMP_TOKEN

clarins.com

30 seconds to 1 year

Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.

Google

_ga

clarins.com

2 years

Used to distinguish users.

Google

_gcl_au

clarins.com

90 days

used to help advertisers determine how many times users who click on their ads end up taking an action on their site, such as making a purchase. Cookies used for measuring conversion rates aren’t used to personalize ads.

Google

NID

clarins.com

6 months

This cookie contains a unique ID used to remember your preferences and other information such as your preferred language, how many search results you prefer to have shown on a results page (for example, 10 or 20), and whether you want to have Google’s SafeSearch filter turned on.

Google

SID

clarins.com

2 years

Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content

Google

HSID

clarins.com

2 years

Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content

Google

SID

clarins.com

2 years

Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content

Google

__Secure-HSID

clarins.com

2 years

Used for security purposes to store digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time which allows Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorised parties. This can also be used for targeting purposes to show relevant & personalised ad content

- Targeted advertising: These trackers are used to make advertising more relevant to you and your interests. The personalization of advertising may include various technical operations such as:

  • Selecting advertising based on your profile;
  • Fighting against click fraud;
  • Billing advertising services (affiliates campaigns, etc.);

· Measuring targets which are the most interested in advertising to better understand the audience.

Company

Name

Source

Lifespan

Description

Facebook

fbp

clarins.com

90 days

Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience

Facebook

fbc

clarins.com

90 days

Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience

Facebook

fr

clarins.com

90 days

Used by Facebook to deliver, measure and improve the relevancy of ads, with a lifespan of 90 days

Facebook

oo

clarins.com

5 years

Used by Facebook to help you opt out of seeing ads from Facebook based on your activity on third-party websites

Facebook

AA003

clarins.com

90 days

Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience

Facebook

tr

clarins.com

Session

Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience

Facebook

ATN

clarins.com

2 years

Used by Facebook to to personalise content (including ads), measure ads, produce analytics and provide a safer experience

Microsoft Bing

_uetsid

clarins.com

Session

This is a cookie utilised by Microsoft Bing Ads to store a unique, non-personally identifiable ID representing a signed-in user. It allows us to engage with you if you have previously visited our website.

Microsoft Bing

_uetvid

clarins.com

15 days

This is a cookie utilised by Microsoft Bing Ads to store a unique, non-personally identifiable ID representing a signed-in user. It allows us to engage with you if you have previously visited our website.

Microsoft Bing

MUIDB

clarins.com

2 years

Used by Microsoft advertising to anonymously identify user sessions to help us measure the effectiveness of our marketing campaigns.

Microsoft Bing

MUID

clarins.com

2 years

Used by Microsoft advertising to anonymously identify user sessions to help us measure the effectiveness of our marketing campaigns.

Rakuten Advertising Attribution

stc[site id]

clarins.com

1 year (topped up on each interaction)

Stores website user ID, traffic source IDs, page view and order count on client domain.

Rakuten Advertising

rmStore or
rmStore[MID]

clarins.com

30 days

Holds configuration for conversion code and stores affiliate and search click IDs on client domain

Rakuten Advertising

rmgconsent

clarins.com

13 months

Rakuten Advertising global consent cookie on Rakuten Advertising domains

Rakuten Advertising

rmlconsent_[domain]

clarins.com

13 months

Domain specific local consent cookie on client domain

Rakuten Advertising

rmco

clarins.com

localStorage

Stores consent information on client domain

Rakuten Advertising

rmco_cs

clarins.com

localStorage

Indicator whether consent was given on client domain

Rakuten Advertising

rmco_jsv

clarins.com

localStorage

Purpose IDs consented on client domain

Rakuten Advertising

rmuid

clarins.com

1 year

Rakuten Advertising ID on Rakuten Advertising domains

Rakuten Advertising Affiliate

lsn_statp

clarins.com

1 year

Consumer ID

Rakuten Advertising Affiliate

lsclick_midNNNNN (NNNNN is the MID for the advertiser that the click belongs to)

clarins.com

730 days

Holds click date and publisher ID

Wunderkind

BounceX - Smart Tag

clarins.com

No expiry

Wunderkind may leverage cookies to track user history across pages and sessions. Cookies allow us to maintain information about end-users, improve the user shopping experience, and make intelligent segmentation decisions when serving onsite, triggered email and SMS campaigns.

Wunderkind’s identity technology relies on pseudonymous observed browser, network, and device level signals. While our identity technology does leverage cookies where available, it is not reliant upon them.

Trade Desk

Trade Desk

clarins.com

30 Days

Track website traffic, build retargeting audiences.

Placed once on the header or footer of the website, can track traffic across all pages. Can also be placed in Google Tag Manager

- Personalised content: These trackers are used to personalise the editorial content of our site and the display of our products and services based on the browsing habits associated with your device.

Company

Name

Source

Lifespan

Description

AB Tasty

ABTasty

clarins.com

13 months

Test data

AB Tasty

ABTastySession

clarins.com

1 session

Session and referrer Identification

AB Tasty

ABTastyData

clarins.com

browser limit

Stores visited pages, events, transactions and segments in local storage

AB Tasty

ABTastyUA

clarins.com

session

Stores user agent in session storage

AB Tasty

ABTastyGeoloc

clarins.com

session

Stores geolocation in session storage

Movable Ink

_micpn

clarins.com

4 days from the time of email/webpage click

Used to associate Client Campaigns with user clicks/page view events

Movable Ink

_mibhv

clarins.com

Expires 13 months from the time of email/webpage click

Used to associate Client Company and Unique User Identifier with user clicks/page view events.

Insider

INSOPTOUT

clarins.com

1 year

Stores opt-out status of current user

Insider

customDataSet-*

clarins.com

30 days

Custom segmentation storage

Insider

ins-storage-version

clarins.com

1 year

prevents or permits re-migrating localStorage values from worker to partner site

Insider

first-permission-impression

clarins.com

1 years

Stores the status between the user and opt-in permission screen. It helps us to show opt-in screen again for the users who didn't see it.

Insider

native-permission-impression

clarins.com

1 year

Stores the status between the user and native opt-in permission screen. It helps us to show opt-in screen again for the users who didn't see it.

Insider

ins-gaSSId

clarins.com

30 mins (Session)

Tracks Google Analytics users for 30 minute sessions. Similar like GA we set cookies with 30 minute expiration dates and every user gets a new id in every 30 minutes.

Insider

ins-test-cookie

clarins.com

Session

Tests if cookies are enabled on the browser that user is currently using.

Insider

insdrSubsId

clarins.com

60 days. Can be changed on the panel.

Web Push Token of the user.

Insider

insdrSubsIdCreateDate

clarins.com

60 days. Can be changed on the panel.

Creation date of Web Push Token.

Insider

push-request-sent

clarins.com

60 days. Can be changed on the panel.

Collects opt-in log according to its existence

Insider

campaignId-countdownId-until

clarins.com

1 hour

Stores countdown information of a single info campaign

Insider

insdrPushCookieStatus

clarins.com

1 day

Shows opt-in according to its existence

Insider

isVAPID

clarins.com

1 year

Confirms that token has been given by vapid key

Insider

migratedSDK

clarins.com

60 days. Can be changed on the panel.

Stores already registered sw sdk path

Insider

insdrDH

clarins.com

60 days. Can be changed on the panel.

N/A

Insider

insdrAuth

clarins.com

60 days. Can be changed on the panel.

N/A

Insider

insdrPayloadComplete

clarins.com

60 days. Can be changed on the panel.

Used for checking if user has token and sw migration required

- Sharing on social networks: These trackers are used so that you can share content on social networks or third-party platforms (Facebook, Instagram, YouTube, etc.). This is particularly the case for the “Share” or “Like” buttons of social networks such as Facebook or Instagram. Please note that the social networks that provide these button applications may use the button to identify you even if you have not used this button during your visit our site. We have no control over the processes used by third parties to compile information about your visits to our site nor any related personal data they may have. We recommend that you to review the protection of privacy policies of these social networks in order to understand the purposes behind the collection of browsing data they can compile through such buttons, especially as regards advertising. The policies of social networks must allow you to exercise your personal choice through your account settings.

- Additional functionalities: These trackers are used to activate additional functionalities on our website (community chat, ratings & reviews, etc.).

Company

Name

Source

Lifespan

Description

tokywoky

__cfduid

clarins.com

12 months

As long as the user does not delete their profile via the application or browser settings

tokywoky

toky_state

clarins.com

13 months

User visit duration on the profile settings interface (session duration)

tokywoky

TokyUserID

clarins.com

100 days

The toky user ID

tokywoky

islogged

clarins.com

13 months

Whether a user is connected on the widget.

tokywoky

.ASPXAUTH

clarins.com

13 months

Session cookie which stores the user authentication information.

tokywoky

JSESSIONID

clarins.com

As long as the user session

New Relic cookie which stores a session ID so New Relic knows how many sessions we have on widget. The cookie value is generated with Jetty.

Olapic

olapicU

clarins.com

30 minutes

The purpose is specifically to track interactions with the content and the widgets.
We store an anonymous and unique id to track the user for interactions with our widgets

Zendesk

__zlcmid

clarins.com

1 year

Store visitor's machine-id for the Chat widget's authentication

Chat Widget offers out-of-the-box cookie consent management, see here: Enabling cookie consent for the Chat widget & Web SDK

Alternatively, these Chat Cookies respect external cookie bot functionality as well.

Vee24

vee24.testCookie

clarins.com

Session Cookie

To test if the 1st party cookies are enabled in the browser

Vee24

vee24.nudges

clarins.com

Session Cookie

To manage nudges for a specific session

Vee24

vee24.userIsActive

clarins.com

Session Cookie

To test if the user is active (has moved the mouse in the last few seconds)

Vee24

v24u_<clarinsuk>

clarins.com

10 years

User Cookie: To identify users who return to a website

Vee24

v24s_<clarinsuk>

clarins.com

Session Cookie

Session Cookie: Temporary ID when visiting a website. If user engages with an Operator, a new session cookie is provided after the engagement ends

Vee24

v24e_<clarinsuk>

clarins.com

Session Cookie

Engagement Cookie: Temporary ID when having an engagement to keep track of engagement specific activities

Vee24

v24TestCookie<clarinsuk>

clarins.com

Session Cookie

Another test cookie to test if the cookies are enabled

Vee24

vee24.noThanks

clarins.com

Session Cookie

Stores whether the customer has rejected all subsequent nudges.

Vee24

vee24.engagedThisSession

clarins.com

Session Cookie

Stores whether the customer has already been engaged with an agent for this browser session. Used to determine whether the customer should continue to be nudged.

Vee24

vee24.currentNudge

clarins.com

Session Cookie

Stores whether the customer is currently being nudged, the SiteSection, and the timestamp of the nudge.

Vee24

vee24.seenMobileNavIntroModal

clarins.com

10 years

Sets the flag to determine if the customer has already seen a small pop up to give them instructions on how to use our product while in an engagement

Bambuser

_bamls_cuid

clarins.com

1 year

Unique identifier for the merchant. Used as a common denominator for all tracking performed by Bambuser to easily enable reporting and dashboards per merchant.

Bambuser

_bamls_usid

clarins.com

1 year

Unique identifier for a user. Used to attribute Bambuser statistics to a single site user.

Bambuser

_bamls_seid

clarins.com

30 min

Unique identifier for a session in which a Bambuser show was watched. Used in tracking to attribute statistics to a single session.

Bambuser

_bamls_shid

clarins.com

30 days

Unique identifier for a Bambuser show. Used to attribute statistics to a single show. This also - similar to source/medium in Google Analytics - enables attribution of purchases (that do not occur within the embedded stream) towards the show.

Bambuser

_bamls_lits

clarins.com

30 days

The timestamp for the last known interaction in a Bambuser show. This is used in conjunction with _bamls_shid to measure at what point in time after a user viewed a show, the actual purchase was made.

Trackers exempt from consent

We do not ask for your consent when storing and/or reading trackers used for the exclusive purpose of enabling or facilitating the use of our website, or which are strictly necessary for providing a service that you have expressly requested .

As an example, the trackers described below do not require any intervention from you:

- Trackers used to store your choice concerning the storage of trackers;

- Trackers used for authentication purposes, including those aimed at ensuring the security of the authentication mechanism;

- Trackers used to keep in memory the content of your shopping cart on our website, or to bill you for the products and/or services purchased;

- Trackers used to customize the interface (language, etc.);

- Trackers used for load balancing;

- Web analytics trackers when strictly necessary for the day-to-day administrative operations and functioning of our website, such as measuring performance, detecting browsing problems, optimizing technical and/or ergonomic performance, estimating the required server power, or analysing the content viewed.

Company

Name

Source

Storage period

Description

FACIL’iti

FACIL_ITI_LS

clarins.com

As long as the user does not delete their profile via the application or their browser settings

FACIL’iti

FACIL_ITI_REFRESH

clarins.com

As long as the user does not delete their profile via the application or their browser settings

FACIL’iti

PHPSESSID

clarins.com

Session

Duration of the user's visit to the configuration interface of his profile (session duration)

FACIL’iti

FACIL-ITI_CSS

clarins.com

Session

Duration of the user's visit to the configuration interface of his profile (session duration)

3 - How to choose your preferences for the trackers issued by our website

You can change your preferences at any time using the means described below.

Please remember that all the configurations you make will likely alter your Internet browsing experience and your ability to access certain services requiring the use of trackers.

We assume no responsibility for the consequences related to the degraded operation of our services resulting from us not being able to store or read the trackers necessary for the full functioning of our site and services.

Note that the deactivation of advertising cookies does not prevent the display of advertisements on your data terminal. It will only block the technologies that can adapt advertisements to your browsing data or your interests.

Choosing your preferences online

You can use our Privacy Center [Insert a link to Commanders Act pop-in] to give or withdraw your consent independently and specifically for each specific purpose.

Choosing your preferences via your browser

Each browser has a different way of managing cookies and cookie settings. This process is described in your browser's help menu, which will help familiarize you on how to change your tracking preferences.

- Chrome™: Chrome Support
- Internet Explorer™: Internet Explorer Support
- Edge™: Edge Support
- Firefox™: Firefox Support
- Safari™: Safari Support

Choosing your preferences online using cross-industry platforms

The digital advertising professionals of the European Association EDAA (European Digital Advertising Alliance), managed in France by the Interactive Advertising Bureau France, offers a website at Youronlinechoices.

Here you will find a list of the companies that belong to this initiative and which offer you the opportunity to accept or reject the cookies used by these companies to customize their advertisements to your browsing data: www.youronlinechoices.com/uk/

This is a centralized European interface that is shared by hundreds of internet advertising professionals allowing you to express your acceptance or rejection of cookies, which may be used to customize the advertisements displayed on your data terminal to your browsing data. Note that this does not preclude the display of advertisements on the websites you visit. It will not block the technologies that can customize advertisements to your interests.

4 – How long your preferences are stored

By default, we store your preferences (acceptance and refusal) for a period of 6 months.

Please note that your preferences are stored using a cookie. If you disable all the cookies stored on your device (via your browser), we will no longer be able to store your preferences.


5 – How to contact the data protection authority

For more information, you can visit the following data protection authority websites:

The Information Commissioner’s Office (ICO)
Water Lane, Wycliffe House

Wilmslow - Cheshire SK9 5AF
ico.org.uk