Privacy Policy
Effective Date: October 20, 2022
ALL SAINTS RETAIL LIMITED (“AllSaints”) is committed to protecting and respecting your privacy. This policy (together with our Terms and Conditions of Website Use and Cookie Policy) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
This Privacy Policy applies to all stores and mobile applications ("App") owned or operated by AllSaints. It also applies to AllSaints websites located at www.allsaints.com/us/ (the "Sites"). The stores, Sites and the App shall be collectively referred to as the "Services." In this document, "we", "our" and "us" refer to AllSaints, and "you", "your" "user," mean users of the Services.
Please read the following carefully to understand how we collect, use and store your personal data. The Privacy Policy, as well as the Cookie Policy is incorporated into and made a part of our Terms and Conditions of Supply. By accessing or using our Services, you agree that you (or your parent or legal guardian) have read, understand, and are bound by the terms and conditions set forth herein.
For the purpose of the General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and any other applicable privacy laws, the data controller is All Saints Retail Limited of Units C15-C17 Jacks Place, 6 Corbet Place, London, E1 6NN, UK.
If you are a resident of California, Nevada, Virginia, Colorado, Connecticut, or Utah, please see our US State Privacy Notice below.
Information we collect and what we use it for
We process the following categories of your personal data when it is necessary for the performance of a contract between you and us:
- your salutation
- first and last name
- email address
- delivery and billing address
- telephone number
- payment card details, and
- Site login details.
We will also process the following categories of data for the purposes of our legitimate interests:
- fraud screening and prevention purposes; and/or
- for record keeping purposes.
We process the following categories of data for marketing purposes if we have a legitimate interest or when you give us your consent:
- email address, name and gender;
- how you have reached our digital platform and the internet protocol (IP) address you have used;
- your login information;
- browser type and version;
- plug-in, operating system and platform;
- the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time);
- products you viewed or searched for;
- page response times;
- download errors;
- length of visits to certain pages;
- page interaction information (such as scrolling, clicks, and mouse-overs);
- methods used to browse away from the page; and
- any phone number used to call Customer Experience.
We use your data for the following marketing purposes:
- to enable us to administer any competitions or other offers/promotions which you enter into;
- to communicate with you in the event that any products or services you have requested are back in stock or unavailable;
- to communicate with you in the event that you have abandoned your online basket;
- to carry out market research so that we can improve the products and services we offer;
- to track your activity on our digital platforms;
- to create an individual profile for you so that we can understand and respect your preferences;
- to personalise and improve your experience on our digital platforms;
- to personalise and/or tailor any communications that we may send you;
- for profiling purposes to enable us to personalise and/or tailor any marketing communications that you consented to receive from us;
- to segment, test, analyse and model your details; and/or
- social media targeting.
We may collect some of your information using automatic data collection technologies as you navigate through and interact with the Services. This may include certain information about your equipment, browsing actions and patterns, including:
- IP address;
- login information;
- browser type and version;
- time zone setting;
- location;
- operating system and platform;
- products viewed, searched for or purchased;
- page response times;
- download errors;
- length of visit to certain pages;
- page interaction (scrolling, clicks, mouse-overs); and
- methods used to browse away from the page.
We may also participate in Facebook's Custom Audience service from time to time. This service enables us to display to you personalised advertisements when you visit Facebook’s social media platforms. It works by converting your email address to a unique number that Facebook uses to match to unique numbers that Facebook generates from email addresses of its users. Where we use Facebook Custom Audiences, we will only include you if you have consented to receive marketing from us.
Your information and Third Parties
For the purposes of this Privacy Policy, “Affiliates” means entities directly or indirectly controlled by or under common control with us.
Third parties acting on our behalf including our business partners or our Affiliates may use cookies, web beacons or other automatic data collection technologies:
- to help us measure and determine how visitors use our Sites and the effectiveness of our Sites;
- to help us improve and optimise the products and services we or our business partners or Affiliates offer; and/or
- to collect your non-personally identifiable information regarding your online behaviour to provide you with targeted advertisements.
We may share information that we collect about you with Affiliates, business partners, suppliers, sub-contractors, marketers, advertisers and advertising networks for marketing and advertising purposes, which may include: (i) sending you direct mail or emails about their products, services, sales, promotions events, news and store openings that may interest you; or (ii) serving ads or adverts that may interest you; or (iii) for data analytics that assist in the improvement and optimisation of products, Services and the Site.
We may monitor or record telephone calls for security purposes and to improve the quality of services that we provide to you.
We may use the information we collect about you to influence our broader product decisions in the future, including product designs and inventory.
Please note that for your safety and security, CCTV is in operation on all of our premises which are open to the public.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Cookies
In common with many other website and app operators, we use standard technology called 'cookies' on our website. Cookies are small pieces of information that are stored by your browser; they are used to record how you navigate the Site on each visit.
For further, more detailed information on how we use cookies, please refer to our Cookie Policy which you can read here.
Disclosure of your information
We may need to disclose your personal data to our Business partners, suppliers, and sub-contractors as follows:
- A. your delivery address and telephone number to our partner courier companies;
- B. certain personal information to third party payment management companies to enable them to verify your credit or debit card details;
- C. your details to service providers who help us deliver the App;
- D. certain purchasing information and use of discounts to business partners who facilitate such discount schemes, provided you have previously registered with them;
- E. personal information to business partners who provide us with and assist us in operating customer service management software, designed to improve and manage our interaction with customers and your customer service experience;
- F. advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;
- G. analytics and search engine providers that assist us in the improvement and optimisation of our products, Sites and Services;
- H. personal information to business partners that assist us with our marketing efforts;
- I. service providers whom we may employ to assist us in carrying out and then analysing the results of customer surveys or questionnaires;
- J. goodwill providers;
- K. legal insurers; and
- L. selected third party vendors who help us to operate our website and our business are permitted to access and use your information for the purposes of performing services for us, or to comply with applicable legal requirements. They provide a variety of services to us including: (i) payment processing, (ii) delivery, (iii) sales and marketing, (iv) IT and web services, (v) data storage, (vi) security, (vii) fraud prevention, and (viii) legal services.
We may share information that we collect about you with Affiliates, which include other entities directly or indirectly controlled by, or under common control with, us, business partners, suppliers, sub-contractors, marketers, advertisers and advertising networks for marketing and advertising purposes, which may include: (i) sending you direct mail or emails about their products, services, sales, promotions events, news and store openings that may interest you; or (ii) serving ads or adverts that may interest you; or (iii) for data analytics that assist in the improvement and optimisation of products, Services and the Site.
We may also disclose your personal information to third parties:
- A. if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, subpoena or court order or in order to enforce or apply our Terms and Conditions of Website Use or our Terms and Conditions of Supply and other agreements.
- B. if we believe in good faith that the disclosure of information is necessary to: prevent imminent physical harm or financial loss to you or us; prevent or report suspected illegal activity; protect anyone's rights, property, or safety; and/or
- C. if you otherwise consent or direct us to share your information with third parties.
Information security
We use cyber security best practices to prevent unauthorised access to, and use or disclosure of, your personal information. All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL/TLS technology and card data are processed by PCI compliant payment providers.
You can help protect your online personal data by following these safety tips:
- always log out and close the browser when you complete an online session, if using a public computer;
- keep passwords private – remember, anybody who knows your password could access your account;
- use a combination of letter and numbers when creating a password – do not use dictionary words, your name, email address or other personal information that can be easily obtained;
- frequently change your password;
- avoid using the same password for multiple online accounts;
- use virus protection software and keep it up to date; and
- notify us immediately if there has been, or you suspect there has been, unauthorised use of your password or account.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. You must not share your password with anyone.
Children
Our Services are not directed to children under the age of 13 and we do not knowingly collect personal information from children. If you are under the age of 13, please stop using our Services. It is our policy not to knowingly solicit or permit children under the age of 13 to provide their personal information for any purpose.
Your rights
You are free to withdraw your consent and opt out of receiving marketing emails from AllSaints by following the instructions in any marketing email you receive, or by logging into your online account then clicking ‘My Account’ under ‘My Preferences’.
Please note that if you do opt out, it may take a few days to process your request and that you may continue to receive promotional or marketing materials during this time. Opting out will not preclude us from sending you other types of non-promotional messages, such as emails confirming transactions or abandoned basket emails.
You have an option to correct and update your account information when you are logged into your account.
You have a right to access, rectify or erase personal data we hold about you. You also have a right to restrict processing of your personal data, right to object to profiling for marketing purposes and right to data portability. If you are the customer and you would like to find out more about your rights or exercise your rights, please email us on ask@allsaints.com. If you are a current or previous employee – and you would like to find out more about your rights or exercise your rights – please contact us at hr@allsaints.com.
Alternatively, you can write to us:
ALL SAINTS RETAIL LIMITED
Units C15-C17 Jacks Place,
6 Corbet Place,
London
E1 6NN
UK
We will provide information to you free of charge and we aim to respond to you within 30 days.
If you wish to opt out of receiving marketing and advertising communications from our business partners or Affiliates (and their business partners), you must follow the opt-out instructions in each Affiliate’s communication or applicable privacy policy.
If you are not satisfied with our handling of your data, you also have a right to lodge a complaint with
supervisory authority by writing to the Information Commissioner’s Office at the following address:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
You can also contact the Information Commissioner’s Office using their online form: https://ico.org.uk/concerns/handling/
Changes to our privacy policy
This policy is effective from October 12, 2022. Changes made in the future will be posted on this page. Please check this page for any updates or changes.
US State Privacy Notice
If you are a resident of California, Nevada, Virginia, Colorado, Connecticut, or Utah, please see our US State Privacy Notice here.
Third Party sites
Our Services contain links to other sites, such as social networking platforms. We do not endorse and are not responsible for the privacy practices of such other sites and that the Privacy Policy presented here does not apply to such sites. If you have any questions about data practices of third parties, please consult the privacy policies of those companies.
Contact
Questions and feedback and this Privacy Policy are welcomed and should be addressed to:
ALL SAINTS RETAIL LIMITED
Units C15-C17 Jacks Place,
6 Corbet Place,
London
E1 6NN
UK
Or contact us at legal@allsaints.com.
You can also contact AllSaints' Data Protection Officer, HewardMills Ltd., at:
Telephone: +44 (0) 204 540 5853
Email: dpo@hewardmills.com
Address: 77 Farringdon Road, London, EC1M 3JU