Privacy Policy

Version: V2

Effective Date: 25/05/2018


ALLSAINTS Retail Limited (“ALLSAINTS”) is committed to protecting and respecting your privacy. This policy (together with our Terms and Conditions of Website Use and Cookie Policy) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please note, this Privacy Policy only applies to our EU based customers. Customers from the rest of the world, please refer to your local website at: www.us.allsaints.com; www.es.us.allsaints.com; ca.allsaints.com; www.allsaints.jp or www.allsaints.co.kr .

This Privacy Policy applies to all stores and mobile applications ("App") owned or operated by ALLSAINTS. It also applies to ALLSAINTS websites located at www.allsaints.com, fr.allsaints.com, es.allsaints.com, it.allsaints.com, www.allsaints.eu, www.allsaints.ie and de.allsaints.com (the "Sites"). The stores, Sites and the App shall be collectively referred to as the "Services." In this document, "we", "our" and "us" refer to ALLSAINTS, and "you", "your" "user," mean users of the Services.

Please read the following carefully to understand how we collect, use and store your personal data. The Privacy Policy, as well as the Cookie Policy is incorporated into and made a part of our Terms and Conditions of Supply. By accessing or using our Services, you agree that you (or your parent or legal guardian) have read, understand, and are bound by the terms and conditions set forth herein.

For the purpose of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, the data controller is ALLSAINTS Retail Limited of Units C15-C17 Jacks Place, 6 Corbet Place, London, E1 6NN, UK.

We process following categories of your personal data when it is necessary for the performance of a contract between you and us: your salutation, first and last name, email address, delivery and billing address, telephone number and payment card details, web site’s login details.

We will also process the above categories of data for the purposes of our legitimate interests set out below:

  • for fraud screening and prevention purposes; and/or
  • for record keeping purposes.

  • We process the following categories of data for marketing purposes if we have a legitimate interests or when you give us your consent: email address, name, gender, how you have reached our digital platform and the internet protocol (IP) address you have used, your login information, browser type and version, plug-in, operating system and platform, the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our Customer Experience Team.

    We use your data for the following marketing purposes:

  • to enable us to administer any competitions or other offers/promotions which you enter into;
  • to communicate with you in the event that any products or services you have requested are back in stock or unavailable;
  • to communicate with you in the event that you have abandoned your online basket;
  • to carry out market research so that we can improve the products and services we offer;
  • to track your activity on our digital platforms;
  • to create an individual profile for you so that we can understand and respect your preferences;
  • to personalise and improve your experience on our digital platforms;
  • to personalise and/or tailor any communications that we may send you;
  • for profiling purposes to enable us to personalise and/or tailor any marketing communications that you consented to receive from us;
  • to segment, test, analyse and model your details; and/or
  • Social media targeting;

  • We may collect some of your information using automatic data collection technologies as you navigate through and interact with the Services. This may include certain information about your equipment, browsing actions and patterns, including, IP address, login information, browser type and version, time zone setting, location, operating system and platform, products viewed, searched for or purchased, page response times, download errors, length of visit to certain pages, page interaction (scrolling, clicks, mouse-overs) and methods used to browse away from the page.

    We may also participate in Facebook's ‘Custom Audience’ service from time to time. This service enables us to display to you personalized advertisements when you visit Facebook’s social media platforms. It works by converting your email address to a unique number that Facebook uses to match to unique numbers that Facebook generates from email addresses of its users. Where we use Facebook Custom Audiences, we will only include you if you have consented to receive marketing from us.

    For the purposes of this Privacy Policy, “Affiliates” means entities directly or indirectly controlled by, or under common control with us.

    Third parties acting on our behalf including our business partners or our Affiliates may use cookies, web beacons or other automatic data collection technologies:

  • to help us measure and determine how visitors use our Sites and the effectiveness of our Sites;
  • to help us improve and optimize the products and services we or our business partners or Affiliates offer; and/or
  • to collect your non-personally identifiable information regarding your online behavior to provide you with use-tailored and targeted advertisements.

  • We may share information that we collect about you with Affiliates, business partners, suppliers, sub-contractors, marketers, advertisers and advertising networks for marketing and advertising purposes, which may include: (i) sending you direct mail or emails about their products, services, sales, promotions events, news and store openings that may interest you; or (ii) serving ads or adverts that may interest you; or (iii) for data analytics that assist in the improvement and optimisation of products, Services and the Site.

    If you have given us your consent, you can change your mind at any time by unsubscribing or by adjusting your preferences in the preference centre.

    We may monitor or record telephone calls for security purposes and to improve the quality of services that we provide to you.

    Please note that for your safety and security, CCTV is in operation in all of our premises which are open to the public.

    We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

    To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

    In common with many other website and app operators, we use standard technology called 'cookies' on our website. Cookies are small pieces of information that are stored by your browser on your computer's hard drive and they are used to record how you navigate this website on each visit.

    For further, more detailed information on how we use cookies, please refer to our Cookie Policy which you can read here.

    We may need to disclose your personal data to our Business partners, suppliers, and sub-contractors as follows:

    A. your delivery address and telephone number to our partner courier companies;
    B. certain personal information to third party payment management companies to enable them to verify your credit or debit card details;
    C. your details to service providers who help us deliver the App;
    D. certain purchasing information and use of discounts to business partners who facilitate such discount schemes, provided you have previously registered with them;
    E. personal information to business partners who provide us with and assist us in operating customer service management software, designed to improve and manage our interaction with customers and your customer service experience;
    F. advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;
    G. analytics and search engine providers that assist us in the improvement and optimisation of our products, Sites and Services;
    H. personal information to business partners that assist us with our marketing efforts;
    I. Service providers whom we may employ to assist us in carrying out and then analysing the results of customer surveys or questionnaires;
    J. Goodwill providers;
    K. Legal insurers.


    We may share information that we collect about you with affiliates, which include other entities directly or indirectly controlled by, or under common control with, us (“Affiliates”), business partners, suppliers, sub-contractors, marketers, advertisers and advertising networks for marketing and advertising purposes, which may include: (i) sending you direct mail or emails about their products, services, sales, promotions events, news and store openings that may interest you; or (ii) serving ads or adverts that may interest you; or (iii) for data analytics that assist in the improvement and optimisation of products, Services and the Site.

    We may also disclose your personal information to third parties:

    A. if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, subpoena or court order or in order to enforce or apply our Terms and Conditions of Website Use or our Terms and Conditions of Supply and other agreements.
    B. if we believe in good faith that the disclosure of information is necessary to: prevent imminent physical harm or financial loss to you or us; prevent or report suspected illegal activity; protect anyone's rights, property, or safety; and/or
    C. if you otherwise consent or direct us to share your information with third parties.

    The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers, business partners or Affiliates. Such parties may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

    We use cyber security best practices to prevent the unauthorised use, access, or disclosure of your personal information. All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL/TLS technology and card data are processed by PCI compliant payment providers.

    You can help protect your online personal data by following these safety tips:

  • if using a public computer or terminal, always log out and close the browser when you complete an online session;
  • keep passwords private. Remember, anybody who knows your password may access your account;
  • when creating a password, a combination of letters and numbers is best. Do not use dictionary words, your name, email address or other personal information that can be easily obtained. It is also recommended that you frequently change your password;
  • avoid using the same password for multiple online accounts;
  • you should use your own virus protection software and keep it up to date; and
  • if there has been (or you suspect) an unauthorized use of your password or account, please notify us immediately.
  • Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping this password confidential. You must not share your password(s) with anyone.

    Our Services are not directed to the individuals under the age of 18. If you are under the age of 18, please stop using our Services. It is our policy not to knowingly solicit or permit anyone under the age of 18 to provide their personal information for any purpose.

    You can withdraw your consent and opt out of receiving marketing emails from ALLSAINTS, by following the instructions in the email, or by logging into your online account, going into "My Account" under the heading "My Preferences".

    Please note that if you decide to opt out it may take a few days to process your opt-out request and that you may continue to receive promotional or marketing materials during this time. Also, please note that opting out of receiving will not preclude us from sending you other types of non-promotional messages, such as emails confirming transactions.

    You have an option to correct and update your account information when you are logged into your account.

    You have a right to access, rectify or erase personal data we hold about you. You also have a right to restrict processing of your personal data, right to object to profiling for marketing purpose and right to data portability. If you are the customer and you would like to find out more about your rights or exercise your rights, please email us on ask@allsaints.com or call us on +44 344 980 2211 . If you are current or previous employee, and you would like to find out more about your rights or exercise your rights, please email us on hr@allsaints.com.

    Alternatively, you can write to us:

    ALLSAINTS Retail Ltd
    Units C15-C17 Jacks Place,
    6 Corbet Place,
    London
    E1 6NN
    UK

    We will provide information to you free of charge and we aim to respond to you within 30 days.

    If you wish to opt out of receiving marketing and advertising communications from our business partners or Affiliates (and their business partners), you must follow the opt-out instructions in each Affiliate’s communication or applicable privacy policy.

    If you are not satisfied with our handling of your data, you also have a right to lodge a complaint with supervisory authority by writing to the Information Commissioner’s Office at the following address:


    Information Commissioner's Office
    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF

    You can also contact the Information Commissioner’s Office using their online form: https://ico.org.uk/concerns/handling/

    This Privacy Policy was last updated in May 2018. Any changes we may make to our Privacy Policy in the future will be posted on this page. Please check this page for any updates or changes to our Privacy Policy.

    Our Services contain links to other sites, such as social networking platforms. Please be aware that we do not endorse and are not responsible for the privacy practices of such other sites. The Privacy Policy presented here does not apply to such sites. If you have any questions about these other companies' data practices, you should review their privacy policies.

    Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to ALLSAINTS, Units C15-C17 Jacks Place, 6 Corbet Place, London, E1 6NN, UK or by emailing us at legal@allsaints.com.