NESTLE WEBSITE PRIVACY NOTICE TEMPLATE
NOTE: Please carefully review the below template, adapt the content, in particular the yellow highlighted wording in italics, to your local requirements and consult your local legal department or your market data protection officer before using and publishing a privacy notice based on this template on your websites. Please also check from time to time the Data Protection & Privacy section of the Nestlé Group Legal homepage for any modified or updated versions of this document.
Key Questions and Answers
Thank you for visiting this website. We hope you enjoy learning more about Nestlé and our products.
Nestlé respects your right to privacy in the on-line world when you use our websites and communicate electronically with us. We have therefore developed this Privacy Notice to inform you how [add the Nestlé entity operating the websites covered by this Privacy Notice] (“Nestlé”, “we,” or “our”) collects, stores, uses and processes the personal information you provide us through any of the websites operated by Nestlé (“website”, or collectively, “websites”), including the one you are currently visiting.
By using this website, you are accepting the practices described in this Privacy Notice. If you do not agree to this Privacy Notice, please do not use this website. We reserve the right to make changes to this Privacy Notice at any time. Any changes will be posted in this Privacy Notice and material changes will generally apply only to activities and information collected on a going forward basis. We encourage you to regularly review this Privacy Notice to make sure you are aware of any changes and how your information may be used.
Please be informed that [add the Nestlé entity operating the websites covered by this Privacy Notice] is the Data Controller of any personal information you submit to Nestlé.
If you have any requests concerning your personal information or any queries with regard to this Privacy Notice please Contact Us.
If you are a parent or legal guardian and are interested in learning about our policy regarding the collection and use of personal information from children under , please see Question 11 below. Please be aware, however, that we only collect personal information from children on a very small number of websites operated by Nestlé, specifically those with strong appeal to children under  or that knowingly collect personal information from children under .
[We have also voluntarily undertaken privacy certification with TRUSTe, which requires that we meet established online information collection and use practices. The TRUSTe program only covers information that is collected through Nestlé Websites, and does not cover information that may be collected through any software downloaded from Nestlé Websites. Please note, however, that Nestlé S.A. does not presently collect personal information when you download certain features such as screen savers and cookbooks from this website.]
For a detailed description of our online privacy practices, please click on any of the questions below.
1. What personal information do we collect from you and how do we collect it?
To simply browse Nestlé websites, we do not ask you to provide any information. However, if you wish to participate in many of the features and services our websites have to offer, we may ask you to provide certain personal and/or demographic information. Personal information (as used in this Privacy Notice) refers to any information that can be used to personally identify you or contact you online or offline. This may include, for example, your name, postal address, e-mail address, phone number, (“personally identifiable information”) as well as demographic information such as your date of birth, age, gender, habits or preferences when such information is tied to your personally identifiable information (collectively, “personal information”).
Personal information is only collected with your consent (i.e., if you knowingly provide it to us through one of the many online forms available on our websites) and will usually take the form of:
Note: depending on the Nestlé website that you are visiting, some or many of the activities listed above may not be available.
The types and amount of information collected for the features listed above will vary depending on the activity. The requested personal information may include: first and last name, email address, home address, telephone number (work or home), and (for those purchasing products online) credit card information. For some activities, you may be asked to create a username and/or password and/or to provide additional, demographic information, including: (i) your age or date of birth, (ii) gender, (iii) frequency of use, purchase, and consumption of certain Nestlé products and/or other similar products, (iv) facts about your household or lifestyle, and/or, (v) other information relevant to the Nestlé product you’ve purchased or the specific website which you are visiting.
2. How do we keep your personal information secure?
Nestlé takes all necessary technical and organisational measures to protect the confidentiality and security of your personal information collected from our websites, including sensitive personal information and personal information from children under . These efforts include, but are not necessarily limited to: (i) storing your personal information in secure operating environments that are not available to the public and that are only accessible to authorized Nestlé employees, and our agents and contractors; (ii) using industry-standard SSL encryption to protect the security of certain sensitive personal information (such as credit card information, health or patient information) during transmission to our websites, and, (iii) verifying the identities of registered Website users before they can access the personal information we maintain about them. Please also see Question 4 below.
3. For what purposes do we use your personal information?
Generally, all information collected is used for the purpose provided for which you submitted the information to us or as otherwise identified at the point of collection or in this Privacy Notice. For example, if you sign up or register on a Nestlé website (“general website registration”), the information you provide is used to offer you the benefits and privileges that typically come along with registration. This may include access to and use of exclusive or personalized content or activities on the Nestlé websites (e.g., message boards, upload features, personalized recipe boxes, etc.), participation in special events and promotions (contests, sweepstakes, coupons, etc.), and the ability to receive the communications or marketing material you select at the time of registration or that automatically come with your registration. Similarly, if you contact us via an online contact form or through one of our “Ask the Expert“ features, your information is used to respond to your inquiry or comment, and in some instances, post the answers to your question in anonymous form on the relevant website. And, of course, any credit card information you provide us is used to fulfil and process your online purchases.
When registering or providing information on Nestlé websites, you may also be given the option (through a check box or otherwise) to have your information used for an activity or service different from the primary activity or service that you are requesting. For example, if you are signing up for a contest or other promotion, you may also be able to sign up for newsletters or alerts from the Website hosting the promotion or from other websites or Nestlé products. If you choose to receive these additional services, we will use your information to provide them to you.
We may also use your personal and/or demographic information for our internal marketing and demographic studies, so we can constantly improve, personalize, and customize the products and services we provide you and to better meet your needs. This may include occasionally combining, updating, or otherwise enhancing the personal information collected through a Nestlé Website with data we receive from outside records or third parties.
Generally, we retain your personal information for as long as your account is active or as needed to provide you the services requested. Of course, if you request that we no longer use your personal information to provide you services (e.g., opt-out of receiving email) or would like to cancel your membership or account, please Contact Us. Please note that your personal information will be retained for a reasonable period of time and as necessary to comply with our legal and regulatory obligations, resolve disputes, enforce our agreements, and similar records management purposes.
The following provides additional information about certain features on Nestlé Websites:
Newsletters and Email
If you provide us your email address and/or mailing address (whether as part of our general website registration or for a specific newsletter or communication), the contact information you provide will be used to send you the requested newsletter, communication, or literature. In addition, you may receive communications introducing you to other Nestlé brands or websites. These materials may come in the form of regular mail or email, depending on the Website you register on and the information you provide during registration.
We may also use your email address to send you transactional or administrative communications (e.g., confirmation email when you purchase a product online or when you sign up for, or unsubscribe from, a specific registration or activity), as well as certain service-related announcements (e.g., notices about updates to our Privacy Notice, discontinued features or programs on our Websites, changes to our online services or technical support policies, or other related changes). Collectively, these types of communications are referred to in this Privacy Notice as “Administrative Communications.”
Sweepstakes, Contests, and Promotions
To enter an online sweepstakes, contest, or other promotion (collectively, “Promotions”) , you may be required to first register on a Nestlé website. The information collected as part of a Promotion is used to determine your eligibility, notify you whether you are a winner, and/or fulfill and deliver prizes. If you are a winner, certain information about you (such as your name and picture) may get posted to the relevant Nestlé Website. If children under  are allowed to participate in a Promotion, we first obtain parental consent, if required.
For more information about Promotions, please see the official rules or details posted with the specific Promotion.
Surveys and Polls
There are two types of surveys or polls that may be conducted on Nestlé websites. One is where purely demographic or survey information (e.g., age, gender, household information, and other interests, etc.) is requested and the information is not linked to any personal information about you. In other cases (such as during account registration), we may collect this same information and combine it with your personal information. If children under  are allowed to participate in surveys or polls that collect or are linked to personal information, a parent’s prior verifiable consent will be obtained.
Message boards and other interactive features
We may provide interactive features that allow you to post or publish messages, stories, pictures, or artwork on our Websites. Although we strive to protect those who use and participate in these activities, we encourage you to be wary of giving out personal information or images about yourself in public areas such as on a message board or other online community-type feature. Such information can be collected and used by people you don't know. As such, we cannot guarantee the security and privacy of, and are not responsible for, any information you post in these areas. Your use of these features is at your own risk. To request removal of your personal information from our blog or community forum, please Contact Us. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Please note that if we choose to post a picture or message that you provide us through one of these features, we may post, along with the picture or message, certain information about you, such as your username, first name, first initial of your last name, and/or city and state of residence.
Purchasing Nestlé products online
Some of our websites may allow you to purchase Nestlé products through an online store operated by us or by a vendor on our behalf (“Nestlé Online Store”), while some of our websites may provide links to, unaffiliated companies that are not under control of Nestlé through either direct or indirect ownership (“third party”, or collectively, “third parties”), websites that sell Nestlé products. If you are purchasing a product through a Nestlé Online Store, you will be asked to provide your credit card information, including credit card number and billing and shipping addresses, as well as other basic contact information (e.g., phone, email address). This information is used to fulfill your purchase and confirm your order.
E-cards, tell-a-friend, and other one-time use features
Personal information requested for an e-card, tell-a-friend or other referral feature, or other one-time use features (typically, names and email addresses) is used on a one-time basis (e.g., to send the communication) and is not further retained by us. If these kinds of features are made available to children under , they are designed in a way that prior parental consent is required.
Healthcare and Nutritional Sites
Some of our Websites provide nutritional and/or health-related information and tools that are intended for healthcare professionals, consumers, or both. In addition to basic contact information (e.g., name, email address, etc.), these Websites may also collect specific or sensitive personal information about: (i) a healthcare professional’s practice (e.g., practice name, medical/professional degrees, hospital affiliations, use of Nestlé nutritional products in treatment of patients, etc.); (ii) a consumer’s interest in certain nutritional products (e.g., use of Nestlé nutritional products, diet and exercise habits, etc.); or (iii) a consumer’s diagnosis with certain conditions.
As with other websites, this information is used for the purposes identified at the time of collection, i.e., to provide and send the registered user relevant nutritional and/or health information and to give them access to member-only benefits and tools. [Some tools on these Nutritional Sites may allow you to enter and display certain health or patient information on the website itself. This information is made available for online reference only and, unless otherwise noted, is not simultaneously collected or retained by us.]
4. What happens if you refuse to provide your personal information?
If you choose not to submit any personal information when requested, you may not be able to participate in certain activities and personalized features on our Websites and may limit the services and special offers we can provide you. For example, if you refuse to share your email address, you will not be able to receive any of our newsletters or otherwise register on our Websites. If you refuse to provide your credit card number, you will not be able to purchase products at a Nestlé Online Store. However, to simply browse our Websites and learn more about our products, you do not need to give us any personal information.
5. Who do we disclose your personal information to and why?
Nestlé will never share your personal information with any third party that intends to use it for direct marketing purposes unless we have specifically informed you and you have given us specific permission to do this.
Nestlé may share your personal information with its subsidiary companies, companies in which Nestlé has control through either direct or indirect ownership (collectively “Nestlé Group”). Nestlé may also share your personal information with third parties, but only in the following circumstances:
Service Providers, Agents and Contractors
We may use third parties, like service providers, agents or contractors to provide support for the internal operations of our Website and to assist us with administering the website or the various functions, programs and promotions available on it. Some of these third parties may be located outside the country where you accessed this website. For instance, our main service provider for website hosting is located in the United States and the United Kingdom (please also see Question 7 below). These third parties and its employees may come into contact with your personal information in the course of providing their services to us. Any such third party must at all times provide the same levels of security for your personal information as Nestlé and, where required, are bound by a legal agreement to keep your personal information private, secure and to process it only on the specific instructions of Nestlé.
Partners and Joint Promotions
From time to time, we may run a joint or co-sponsored program or promotion on our Website with another company, organization, or other reputable third party; and, as part of this event, collect and process personal information. If your personal information is being collected by (or is shared with) a company other than Nestlé as part of such promotion, we will let you know this at the time your personal information is collected. Periodically, we may run a promotion on our website that features the products or services of another company and will give you the opportunity to opt in to receive information directly from that third party company. If any of these promotions is made available to children under , we will first obtain verifiable consent from the parent before sharing the child’s personal information.
Legal and Business Transfers
We may also disclose your personal information if we are required to do so by law, or if in our good faith judgment, such action is reasonably necessary to comply with legal processes, to respond to any claims, or to protect the safety or rights of Nestlé, its customers, or the public.
In the event of a merger or acquisition of all or part of Nestlé by another company, or in the event that Nestlé were to sell or dispose of all or a part of the Nestlé business, the acquirer would have access to the information maintained by that Nestlé business, which could include personal information, subject to applicable law. Similarly, personal information may be transferred as part of a corporate reorganization, insolvency proceeding, or other similar event, if permitted by and done in accordance with applicable law.
6. How can you access, modify, or make other choices regarding the use of your personal information?
The following outlines the choices you have with respect to the collection and use of your personal information by us.
1. You always have the option not to share any of your personal information with us. However, if you choose this option, you will be limited in the activities and features we can provide you, as mentioned in Question 4 above.
2. If you do not want to receive newsletters, announcements, or other communications and/or services from a Nestlé website or brand, please do not opt-in for those communications or services at the time of registration. If you have opted-in and, at a later time, wish to opt-out, please visit the appropriate ["Update Profile"] section(s) on our website and amend your preferences.
3. Along with every e-mail marketing communication sent to you, we provide you the opportunity to discontinue receiving future marketing communications (i.e., unsubscribe). Simply follow the unsubscribe process or directions provided in the email.
4. You can always review or update any personal information that we may have collected about you for our general website registration. To do this, please visit the appropriate "Update Profile" section(s) on our website (if available).
If any of the mechanisms set forth above is not available or you wish to make a different request, please Contact Us.
7. Which countries will your personal information be sent to and why?
Nestlé is a global company and your personal information may be transferred across international borders. It may be transferred to countries that have different levels of data protection laws to the country from where you submitted your personal information. Your personal information may also be transferred between different companies of the Nestlé Group located in different countries. Nestlé takes the appropriate measures to maintain security of the personal information both during transit and at the receiving location.
The server that makes this website available may be located outside the country from which you have accessed this website. Our main hosting provider for most Nestlé websites is based in the United States and the United Kingdom. This provider is bound by a contract that ensures a high standard of privacy protection and requires (amongst other provisions) that it act only on Nestlé instructions and implements all technical measures necessary on an ongoing basis to keep your personal information secure.
8. Tracking Technology – How and why do we use them?
Nestlé does make use of tracking technologies (“Cookies”, “IP Addresses”, Log Files”, “Web Beacons”) to gather certain information such as browser type and operating system, referring page, path through site, domain of ISP etc. for the purpose of improving the use and functionality of our websites and to better understand how visitors use our websites and the tools and services offered on it. Tracking technologies help us tailor our websites to your personal needs.
If you like to learn more about Nestlé’s policy on Cookies and your rights, please visit the Nestlé Cookies Policy.
We may keep track of Internet Protocol (IP) addresses to (among other things): (i) troubleshoot technical concerns, (ii) maintain website safety and security, (iii) restrict access to our websites to certain users, and, (iv) better understand how our websites are utilized. An IP address is a number that is used by computers on the network to identify your computer every time you log on to the Internet.
We (or a third party on our behalf) may collect information in the form of logs files that record website activity and gather statistics about web users' browsing habits. These entries are generated anonymously, and help us gather (among other things) (i) a user’s browser type and operating system, (ii) information about a user’s session (such as the URL they came from, the date and time they visited our website, and which pages they've viewed on our website and for how long), and, (iii) other similar navigational or click-stream data. We also use information captured in log file for our internal marketing and demographic studies, so we can constantly improve and customize the online services we provide you. Log files are used internally only, and are not associated with any particular user.
We may use web beacons (or clear GIFs) on our websites or include them in the e-mail messages we send you. Web beacons (also known as “web bugs”) are small strings of code that provide a method of delivering a graphic image on a web page or in an email message for the purpose of transferring data back to us. The information collected via web beacons may include some of the information described in the IP Address section directly above, as well as information about how a user responds to an email campaign (e.g., the time the email is opened, where does the user link to from the email, etc.). We use web beacon information for a variety of purposes, including but not limited to, site traffic reporting, unique visitor counts, advertising and email auditing and reporting, and personalization.
9. E Marketing - What is spamming and what is our position on spam e-mails?
Spamming is where unsolicited e-mails are sent to you containing advertisements or marketing related materials without your consent.
We do NOT send spam e-mails. We use an anti-spam tool to protect our employees from spamming. Sending e-mails without consent is illegal in many countries. We will not use your personal information (including your e-mail address) for direct marketing or follow-up communications unless you give us your EXPRESS permission. This is called "OPT-IN" consent.
Also, we do not share your personal information with any third party who will use your personal information for spam mails.
Nestlé websites give you the opportunity to receive marketing information by e-mail. Every e-mail sent by Nestlé will give you the opportunity at any time to stop receiving marketing e-mails
If for some reason you believe you have received spam e-mail from a Nestlé Group company please Contact Us immediately.
10. How long do we keep your personal information?
We may store the personal information that you send to us via this website in our databases such as our Customer Relationship Marketing database. Your personal information will be kept by the Nestlé Group only for as long as it is reasonably necessary taking into consideration our need to answer queries or resolve problems, provide improved and new services and comply with legal requirements under applicable law(s). This means that we may retain your personal information for a reasonable period after you stop using Nestlé services or stop using this website. After this period, your personal information will be deleted from all systems in the Nestlé Group.
We remind you that we have a right to have your personal information deleted at any time. Please see Question 6 above.
11. What is our policy on collecting data from children using our websites?
We recognize the importance of safeguarding the privacy of children on the Internet and that information collected from children under  (“Children” or “Child”) requires special handling. As such, we have developed the following policy for the online collection, use, and disclosure of personal information from children. We recommend that parents explore our websites with their children and that they remind their children to check with a parent before providing any personal information about themselves.
The majority of the websites operated by Nestlé S.A. are not geared toward children and do not knowingly request or collect personal information from children under . On some of our websites that may appeal to people of all ages, we may take steps to ensure that those who wish to register or submit personal information meet certain age requirements before they can do so.
The following is a description of our practices for the few websites that may appeal to or collect information from children under .
Collection of Children’s Information
Anonymous or Non-Personal Information
Children can generally surf our websites, view content, and play games without providing any personal information such as name or email address. On some websites, children may be asked to provide anonymous or non-personal information (such as username, password, first name, and city and state of residence) in order to gain access to personalized features or features that allow children to keep track of high-score games, store favorites, personalize web pages, or perform other similar activities. When only anonymous information is required for registration, we may allow children to use their birthday (month and day only) for their password. This helps the child remember his/her password more easily.
If there is a website that collects personal information from children (such as in the case of certain newsletters, competitions, contests/sweepstakes, and other similar events), the information collected may include the child’s name and email address and the parent’s name and email address, in addition to other information that is mechanical or necessary to provide the feature or service being requested (e.g., month and day of birth for a birthday card). Typically, this information will only be stored and used on a continual basis if we have first received prior verifiable consent from a parent or legal guardian (“parent”). The mechanism used to obtain the parent’s consent may differ depending on the information required for the activity and the intended uses of such information. For example, if a child signs up for a newsletter or other registration feature on our website, we may send a notice to the parent via email, and depending on the feature, either tell the parent how to opt out their child from the activity or provide their approval. If a parent then provides the necessary approval, we may follow up with a confirmation email. If, instead, the parent opts out their child or chooses not to authorize the activity or registration, any information that might have already been provided by the child is deleted. In other instances such as when a child participates in (i) a contest and wins a prize, or (ii) an activity that involves the possible publication of a child’s personal information or story on a website, we may require more reliable forms of consent such as a parent’s written consent. In addition, where applicable, parents will be given the opportunity to consent to the collection and use of their child’s personal information by us, without also agreeing to the disclosure of that personal information to third parties.
Under all circumstances, we will only collect personal information about a child if we have received the parental consent. We will also limit the personal information collected to that which is reasonably necessary for a child to participate in a specific feature. This means that if we don’t need a specific piece of personal information about your child (such as phone number) to allow your child to sign up for and receive a newsletter, we simply won’t ask for it. To read more about the steps we take to protect the confidentiality and security of children's personal information, please see our section on security above.
Use of Children’s Personal Information
Once collected, a child’s personal information is only used for the purpose for which the information was originally collected and that the parent has consented to (where consent is required). For example, if a child signs up for (and the parent authorizes) an electronic newsletter or announcement, the child’s email address is used to deliver the requested announcement.
If you are a parent that has given us permission to collect and store your child's personal information, you can do the following at any time:
1. Review your child's personal information by visiting the appropriate parental approval/review page. A link to this page will be available in the notice(s) we sent you when we originally requested and obtained your consent.
2. Discontinue further use or collection of your child's personal information (i.e., unsubscribe). To do so, please visit the unsubscribe page available on the website where your child registered or follow the unsubscribe process or directions provided in the newsletter or email sent to your child’s email account.
3. Request that we delete your child’s personal information by following the procedures in #2 above. Unsubscribing your child will delete his/her personal information from our records.
If any of the options set forth above are not available or you wish to make a different request, please either: (i) refer to the documentation provided to you when you gave your consent; or, (ii) Contact Us. Please be sure to have the following information ready for verification purposes: your child’s name and email address, your name and email address, and the name of the website at which your child registered.
If you permit your child to register on a website or participate in other website activities available to children under , your child may also have the ability to review, modify, or delete his/her personal information associated with such registration or activity. This may include the ability to unsubscribe himself/herself from a feature that you’ve consented to.
12. Do we link to other third party websites?
We may link this website to other companies or organizations websites (collectively, “third party sites”. This Privacy Notice does not apply to such third party sites as those sites are outside our control. If you access third party sites using the links provided, the operators of these websites may collect your personal information. Please ensure that you are satisfied with the Privacy Policies of these third party sites before you submit any personal information. We try, as far as we can, to ensure that all third party linked sites have equivalent measures for protection of your personal information, but we cannot be held responsible legally or otherwise for the activities, privacy policies or levels of privacy compliance of these third party sites.
13. How can you contact us?