This Privacy Notice and Policy sets out how we approach handling our customer personal information. We want our customers to feel confident your personal data is secure and understand how it is used. The important things to be aware of from the outset are that,
- We ask for what we need - The information we collect from you is based on the necessary information to fulfil your orders, and present you with relevant products & news.
- Keeping it safe - We have processes in place to keep your data safe. We don’t store your payment card numbers.
- We never sell your data and share it carefully - We don’t sell your data to third parties. We do use carefully selected service providers to support fulfilment, payment processing and marketing.
- Unsubscribing from direct marketing is easy – click unsubscribe or contact our customer care team.
We would be happy to deal with any data protection queries you may have, please contact us at firstname.lastname@example.org in the first instance.
Kurt Geiger Limited ("we" and "us") collects, processes and is responsible for personal data relating to our customers, those interested in our products and others. Our use of personal data is regulated by data protection laws, particularly the General Data Protection Regulation (GDPR) which applies across the European Union. We are responsible as ‘controller’ of that personal data for the purposes of data protection legislation.
We are a limited company with our registered office address at 24 Britton Street, London, EC1M 5UA and company number 00968046. We are registered at the Information Commissioner’s Office (ICO) (www.ico.org.uk) and our registration number is Z6823882.
This Privacy Notice and Policy applies to all processing of customers’ and potential customers’ personal data by us and our affiliated companies.
California Consumer Privacy Act Disclosure
California consumers have a right to knowledge, access, and deletion of their personal information under the California Consumer Privacy Act. California consumers also have a right to opt out of the sale of their personal information by a business and a right not to be discriminated against for exercising one of their California privacy rights. Kurt Geiger does not sell the personal information of California consumers and does not discriminate in response to privacy rights requests.
To make requests, California consumers may contact us at email@example.com. Consumers will be required to submit their name, email address, and request-related information.
WHAT PERSONAL DATA DO WE COLLECT AND USE?
Identity Data, includes your name, username or similar identifier and gender.
Contact Data, includes billing and delivery address, email address and telephone numbers.
Transaction Data, includes what you bought, when, and the delivery method.
Payment Data – All payment processing is handled by Sage Pay or Paypal, so we do not collect, store or process your payment card number. We do however collect information about the payments, orders and purchases. In exceptional circumstances to process refunds we require bank account details for refund handling.
Marketing and Communications Data, includes your feedback, communications you have sent to us or we have sent to you, preferences in receiving marketing from us and your communication preferences.
We collect the following data automatically using cookies and other similar technologies:
Technical Data, Technical data includes details your visits to our sites including web pages viewed and search terms entered, internet connection, device and browser settings as well as the internet protocol (IP) address and location.
Usage Data, includes how you use our website and communication engagement (including email and social media).
WHAT DO WE DO WITH PERSONAL DATA AND OUR LAWFUL BASIS FOR DOING SO
We process your personal data for the following purposes:
|To process your order, take payment, fulfil and process returns to fulfil a contract we have entered into with you||Identity, Contact, Transaction, Payment|
|Our legitimate interest to identify potentially fraudulent orders||Identity, Contact, Payment, Technical|
|Our legitimate interest to market to you and provide website personalisation||Identity, Contact, Transaction, Marketing and Communications, Technical, Usage|
|Our legitimate interest to generate management information & provide customer service updates||Identity, Contact, Transaction, Payment|
|Our legitimate interest to monitor web traffic and usage analytics||Technical, Usage|
|With your consent when using the Store||Technical|
The lawful basis for processing data for these purposes is:
• To fulfil a contract we have entered or are about to enter into with you.
• Where it is in our legitimate interest and your interests do not override that interest.
• To comply with a legal or regulatory obligation.
• When you have given consent to process your information.
Where we rely on consent then you may withdraw that consent at any time.
Please contact us if you need details about the specific legal ground we are relying on to process your personal data.
We process your personal information with your consent when you use the Store Finder functionality of our website. This is provided by the Google Earth service, hosted in the US. To provide this service, Google need visibility of your IP address to determine your location. You have the option to provide the website, and Google, with your location information. You can opt out of Google by removing permissions to the map in your browser.
Google provide a separate Terms of Service which provides more information.
If you have asked us to, are a customer or you have approached us regarding similar goods and have not unsubscribed or opted out we may send you marketing communications.
Each time we send you a marketing communication we will give you the opportunity to opt out of this marketing. You may also opt out of marketing by contacting firstname.lastname@example.org.
If you do opt out we will stop sending you marketing communications but will continue to send you service communications directly linked to the processing and fulfilment of your transactions with us.
To keep you aware of what we are up to and to help you see and find our products we also engage in online advertising, including banners and ads, when you are on other websites and apps. We do this using a variety of digital marketing networks and ad exchanges.
WHO WE SHARE YOUR PERSONAL INFORMATION WITH
We share your data with carefully selected partners who fulfil core business processes for us (including order fulfilment and marketing) as set out below. All third parties are checked to ensure they can provide sufficient guarantees regarding the protection of your information, and we have written contracts with them which provide assurances around the security and handling of your information and compliance with our data security standards.
|Third Party||Connected Activity|
|Email Service Providers||Marketing communications|
|Web session analytics provider||Customer Analytics|
|Google Inc.||Store Finder|
|Fraud prevention service||Fraud prevention and detection|
|Courier service providers||Order Delivery|
|IT hosting and service providers||Hosting and supporting our IT infrastructure|
Some of the personal information you provide to us may be transferred outside the European Economic Area to the US. This is due to our use of cloud services provided by Google and Mailchimp at this time. Where this is the case, we only use third parties where there are appropriate assurances of data protection, for example both MailChimp and Google are compliant with the EU-US Privacy Shield Framework.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party.
DO YOU HAVE TO PROVIDE US WITH YOUR PERSONAL INFORMATION?
The provision of certain Identity, Contact, Transaction and Payment Data is required from you to enable us to process and deliver your order. We will highlight at the point of collecting information from you, the data which is required for this purpose.
DATA SECURITY AND RETENTION
The security of your personal information is very important to us, so we take the utmost care and all appropriate steps to protect it.
By default, all browsing on our website is encrypted. All payment-related traffic is encrypted directly between you and your chosen payment provider. Our websites do not see this interaction.
Access to your personal information is password protected and all systems are monitored to identify possible problems.
HOW LONG DO WE KEEP YOUR DATA FOR?
We assess the retention period of data on the basis of a number of factors. The specific retention period will vary according to the reason for processing your personal data and laws and regulations.
Under data protection laws, in certain circumstances you have rights relating to your personal data as follows:
• Request access (a "data subject access request"). This allows you to obtain a copy of the personal data we hold about you.
• Request correction of personal data that we hold about you.
• Object to processing, if we are relying on a legitimate interest if you feel the interest impacts on your fundamental rights and freedoms.
• Request erasure, enabling you to ask us to delete personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where: you have successfully exercised your right to object to processing; we have processed your information unlawfully; or we are required to erase your personal data to comply with the law.
• Request restriction of processing, in certain circumstances, to ask us to suspend the processing of your personal data.
• Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
If you wish to exercise any of the rights set out above, please contact us at email@example.com.
No fee is usually required, however, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity or for further information.
Time limit to respond - We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than 30 days if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
CHANGES TO THE PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
This notice was last updated on 24 May 2018. We may update it from time to time. If we make changes to this notice we will notify you by updating it on our website.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Each browser provides a different method to block cookies, the website https://allaboutcookies.org provides guides on how to block cookies across them all. Where individual cookie providers allow an opt-out, a link to that opt-out has been given in the table below.You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
We use the following cookies:
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You can find more information about the individual cookies we use and deploy from our website, and the purposes for which we use them below:
|nowelcomepopup, CATEGORY_INFO, VIEWED_PRODUCT_IDS, CART, persistent_shopping_cart, CUSTOMER, CUSTOMER_INFO, CUSTOMER_AUTH, VIEWED_PRODUCT_IDS _INFO, WISHLIST, WISHLIST_CNT, frontend, Stc112126, COUNTRY_BANNER_HIDE, CACHED_FRONT_FORM_KEY, LAST_CATEGORY, COUNTRY||These are a mixture of necessary cookies providing functionality required to operate the website, and analytical/performance cookies to provide you with the optimal shopping experience.||The cookies with the longest expiry will last for up to 10 years, however the majority expire within an hour.|
|vee24.testCookie, v24s_kurtgeiger, v24u_kurtgeiger, vee24.autoNudgeRules, vee24.nudgeReceived.timeout, vee24.nudgeReceived.timestamp, vee24.numberOfNudgesShown, vee24.testCookie, vee24.userIsActive||Vee24 functional cookies are used for the online chat feature of the website and allow us to analyse the use of online chat. No information is passed back to Vee24 using these cookies or any chat conversation||All cookies but one expire after the browser window is closed. One cookie expires after 10 years.|
Third Party Cookies
These cookies are also used to provide functionality to our website, however they are issued by a website other than our own. The cookies, providers and details are below.
|sc_test||Used to manage and control media from our sites.||Expires within 24 hours.|
|_ga, _gcl_au, _vwo_uuid_v2, _datadome-_zldp||Provides bot-protection to our websites.||All cookies expire within 2 years.|