Who are we?

We are an affiliate member of Philip Morris International, a collective group of businesses. All affiliate members of the group are listed here along with data protection officer contact points where relevant. Please use these details if you wish to contact us.  

Our details (name, address, etc.) will have been given to you separately at the time of (or to confirm) the collection of information about you, for example, in a notice on an app or a website, or in an e-mail, containing a link to this notice.

How do we collect information about you?

We may collect information about you in various ways.

  • You may provide us with information directly (e.g. filling in a form, making a call to us, or uploading information to us via a mobile app).
  • We may collect information from a PMI electronic device, if you choose to send information to us.
  • We may collect information automatically when you interact with our systems or we communicate with you (e.g. when you use a PMI app or website or, where we use technologies to observe when you receive or open e-mails or receive SMS messages).
  • We may also acquire information from third parties (e.g. publicly-available information on social media platforms such as Facebook and Twitter, or statistical information about the population in certain geographical areas).
  • For example, where permitted by law, we may infer information about you from aggregated information we acquire from third parties. This may include, for example, statistical information about people in certain geographical areas.

In this notice, we refer to all the methods by which you are in contact with us as “PMI touchpoints”. PMI touchpoints include both physical (for example, retail outlets and events, consumer contact centres), and digital (for example, apps and websites).

What information about you do we collect?

We may collect various types of information about you:

  • information about your orders, including information necessary to fulfil them
  • information necessary to provide warranty services
  • information about the referrals you make
  • information you give us in forms or surveys, and similar information that you give to third parties to be transferred to us
  • information about your location, where you choose to share it with us (for example, on your mobile phone)
  • information about your visits to our outlets or events (or outlets or events of others with whom we work)
  • information you give us in communications (e.g. calls, chats, e-mails, SMS messages) you have with contact centres
  • information about your preferences and interests (including information that we infer from other information, for example from statistical information)
  • information necessary to verify your age
  • information generated by your electronic device (for example, IQOS), if you choose to share it with us
  • information about your experiences using our products and services
  • statistical information about you (for example, statistical information about people in certain geographical areas)

Who do we share your information with, and for what purposes?

We may share information about you with:

  • PMI affiliates;
  • third parties who provide PMI affiliates or you with products or services;
  • PMI affiliates’ carefully selected business partners and advertisers (in areas connected with our products, or consistent with their style and image) so that they can contact you with offers that they think may interest you, in accordance with your preferences; and
  • other third parties, where required or permitted by law.

We share information about you with others only in accordance with applicable laws. Thus, where law requires your consent, we will first ask for it.

Where might information about you be sent?

As with any multinational organisation, we transfer information globally to our affiliates and service providers.  Your data may therefore be transferred to other countries as part of our standard operations.  Whenever we transfer your data abroad, we will limit access to your data only to those who need to see it, process your data in accordance with our internal data protection standards, protect it appropriately and only transfer information in compliance with applicable data privacy laws.  When data is transferred, we will require the receiving party to keep your data confidential, delete it when it is no longer required and act in accordance with this privacy notice.  Accordingly, information about you may be transferred outside of your jurisdiction.  For example, if you live in the EU, EEA, UK, Australia or Japan, your data may be processed in another country.

How do we protect information about you?

We implement appropriate technical and organisational measures to protect personal information that we hold from unauthorised disclosure, use, alteration or destruction. Where appropriate, we use encryption and other technologies that can assist in securing the information you provide. We also require our service providers to comply with strict data privacy and security requirements.

How long will information about you be kept?

We will retain information about you for the period necessary to fulfil the purposes for which the information was collected in accordance with our internal data retention standards. After that, we will delete it. The period will vary depending on the purposes for which the information was collected. Note that in some circumstances, you have the right to request us to delete the information. Also, we are sometimes subject to legal obligations, legally obliged to retain the information, for example, for tax and accounting purposes, to either retain the information for a set minimum period of time, or to delete it after a set maximum period of time.

What rights and options do you have?

You may have some or all of the following rights in respect of information about you that we hold:

  • request us to give you access to it;
  • request us to rectify it, update it, or erase it;
  • request us to restrict our using it, in certain circumstances;
  • object to our using it, in certain circumstances;
  • withdraw your consent to our using it;
  • data portability, in certain circumstances;
  • opt out from our using it for direct marketing; and
  • lodge a complaint with the supervisory authority in your country (if there is one).

We offer you easy ways to exercise these rights, such as “unsubscribe” links, or giving you a contact address, in messages you receive.

Some mobile applications we offer might also send you push messages, for instance about new products or services. You can disable these messages through the settings in your phone or the application.

Country-specific additional points

According to which country you are in, you may have some additional rights.

Who should you contact with questions?

If you have any questions, or wish to exercise any of your rights, you can find contact details for the relevant PMI affiliate, and if applicable data protection officer, linked to at the top of this notice.  Contact details will also be given in any communications that a PMI affiliate sends you.

If your country has a data protection authority, you have a right to contact it with any questions or concerns. If the relevant PMI affiliate cannot resolve your questions or concerns, you may also have the right to seek judicial remedy before a national court.

Changes to this notice

We may update this notice (and any supplemental privacy notice), from time to time. Where the law requires it, we will notify you of the changes; further, where the law requires it, we will also obtain your consent to the changes.

Last modified 28 August 2023. You can find previous versions of this notice.