Superdry Privacy Policy

Your Privacy Matters

Here at Superdry, your privacy and data security matters to us. When you provide any personal information to us, we make sure we follow 4 Key Principles:



IT'S ABOUT YOU

We use and process your data to help you get the most out of your relationship with us – and always in compliance with the law.

Safety

We keep your data under lock and key – in secure and highly restricted environments.

Openness

We aim to be 100% transparent with you about what data we collect and why we collect it.

Control

You are in charge. You can ask to see the data we hold for you or ask for it to be deleted.

This policy tells you a little bit more about these principles and how we work hard every day to live by them and respect them.

We want to be open with you about:


Who we are

What information we collect

How we use your information

Why we use your information in the way we do

We also want to tell you all about your rights and how we can help you stay in control.

You’ve probably heard of “Superdry” the brand, but like many organisations the brand is underpinned by a corporate business structure.


Superdry is the trading name of the Superdry Plc group of companies. Superdry Plc of Unit 60, The Runnings, Cheltenham, Gloucestershire GL51 9NW, United Kingdom is a public company listed on the London Stock Exchange. Superdry Plc has many different subsidiary operating companies (collectively referred to as “Superdry”, “we”, “us” and “our” in this policy) that do different things for us and operate different parts of our business around the world. 


The part of the Superdry group with which you are interacting is normally the entity which is processing your personal information and is therefore the controller of your data. For example, we have wholly owned trading subsidiaries which operate stores for us around the world - the name of the entity you bought your product from will normally be on your receipt. We also have a company called Supergroup Internet Limited which operates our ecommerce and online business, except in the USA where it’s operated by Superdry Retail LLC.


Regardless of where you are based and regardless of which part of our group may be a controller of your personal information, any queries you have regarding your personal information will be dealt with by Superdry Plc. This means that we are responsible for deciding how and why your personal information is used. We’re also responsible for making sure it is kept safe, secure and handled legally. 


Note that Superdry is a multi-channel business. This means that we also sell Superdry branded products to other retailers. We also operate a franchise business, meaning that many of our stores are operated by our licensed and trusted franchisees rather than by us directly. In the event you buy Superdry products from another one of these retailers or our franchisees, they are responsible for handling your personal data. Please refer to their individual privacy terms for more information.

We will only ever process your information if we have a lawful basis to do so. The lawful bases we rely on are:


Contract

This is where we process your information to fulfil a contractual arrangement we have made with you.


Consent

This is where we have asked you to provide explicit permission to process your data for a particular purpose, and you have provided such consent.


Legitimate Interests

This is where we rely on our interests as a reason for processing your information, generally this is to provide you with the best products and service in the most secure and appropriate way.


Legal Obligation

This is where we have a statutory or other legal obligation to process the information, such as for the investigation of crime or to notify you of certain things.



We want our relationship with you to be open, strong and mutually beneficial. Throughout the different stages of our relationship, you may give us certain information. We use your information in a number of different ways, and what we do depends on the information. Failing to provide some of the personal information we require may have an adverse impact on our ability to interact with you, for example we may not be able to provide you with products or services you would like to receive.


It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during the period of your interactions with us. This can be done by emailing care@superdry.com or in your account if you have one.


The tables below set this out in detail, showing what we use, how we use it and why we use it.


While our website is designed for a general audience, we will not knowingly collect any data from children under the age of 13 or sell products to children. If you are under the age of 13, you are not permitted to use or submit your data to the website.

What we do and how we do it :

  • When you order products from us online, at iKiosks (in stores and at some franchise locations) or set up an online account, we may collect personal details from you like your name, date of birth, gender, address, email address, social media handle, screen name and phone number. Some of this information is mandatory and other information is only provided with your consent.
  • We do not hold your payment card details. Financial transactions take place directly and securely with our payment provider.

Why we do it :

  • We have to deliver your purchases to you and be able to communicate with you about your order. This means that we use and process your details to enable us to do this. We therefore pass some of your details to trusted third parties like couriers and logistics companies. It would be difficult to physically send your orders to you if we weren’t able to use your information for this purpose.
  • It also helps us direct you to products and style choices most relevant to you and your shopping experience.

The Legal Bit :

  • Being able to send product to you is an important part of our contractual commitment to you.
  • It is in our legitimate interests to collect information from you which helps us direct you to products and style choices most relevant to you and your shopping experience.



What we do and how we do it :

  • Proof of your identity.

Why we do it :

  • We sometimes need to check your identity – for example: to confirm it is you that placed an order, or if you say you are a student or someone else able to benefit from discounts or special offers.

The Legal Bit :

  • It’s an important part of our contractual commitment to you and ensures that we know who we are dealing with and that things like discounts and offers are applied in a legitimate way.



What we do and how we do it :

  • We may use your browsing behaviour to personalise your experience.

Why we do it :

  • To get you to the products that you want faster.

The Legal Bit :

  • It’s important to us and in our legitimate interests that you get the best out of your shopping experience.



What we do and how we do it :

  • We may use information about you to improve our products, services and customer experiences for both you and others. This may include working with our agents and business partners to improve the products and services we offer, and develop new content, products and services.

Why we do it :

  • To help us define groups of audiences to send adverts to, based on factors like interests, age, location and more, so we can show adverts to the people most likely to be interested in the products and services being promoted.

The Legal Bit :

  • It’s important to us and in our legitimate interests that you and all of our customers get the best out of your shopping experience.



What we do and how we do it :

  • Send you account and service updates, such as updates to our Terms and Conditions and order confirmations.

Why we do it :

  • To keep you informed of any changes to our services or our contractual terms with you.

The Legal Bit :

  • Legally, we have to do this, it’s an important part of our contractual commitment to you.


What we do and how we do it :


  • We will keep details of your orders and order history in accordance with the terms of this policy.

Why we do it :


  • We need to ensure that we deal with issues like returns or faulty products in the right way, and to protect ourselves from fraud.

The Legal Bit :


  • This is part of our contractual obligation to you.



What we do and how we do it :


  • Analyse what you have bought, searched for, or returned, which helps us find out what you like.

Why we do it :


  • To ensure we are giving you what you want, providing you with the best service we can.

The Legal Bit :


  • It is important for us to know your preferences and to give you the best experience. It is in our legitimate interest to provide you with the best service.


What we do and how we do it :


  • We use a third party to help make recommendations about products, to suggest sizes, and about how garments fit. This is an optional preference as part of your online purchase process.

Why we do it :


  • We want you to love the products you buy from us and to give you the best chance of finding the product you love in the right size first time.

The Legal Bit :


  • It’s important to us that you find the right products for you in the right size.
  • For more information, please see the privacy policy of our third party provider which can be found when you use the fit tool.

What we do and how we do it :


  • When you contact us through any channel, including online or in-store, we may ask you whether you want to opt in to receiving marketing communications from us. If you decide to opt in, we will record this opt in on your customer profile. Marketing emails may contain tracking pixels which allow us to monitor how you have interacted with a particular marketing email.

Why we do it :


  • If you have opted in to receive marketing communications from us, we will use your personal data to notify you of Superdry products, promotions, competitions and special offers that may be of interest to you. These notifications will be sent to you online (either by email as a newsletter, by social media or search engine as banners, push notifications or adverts).

The Legal Bit :


  • It’s important to us, that you find the right products for you and that we tell you about our new products. We will only do this if you provide your consent.



What we do and how we do it :


  • When you visit our website, we may ask whether you want to opt in to receive text messages from us. We use a trusted third party to send the text messages on our behalf. If you decide to opt in, the third party will store the information you provide, including your telephone number and also when you read a text message.

Why we do it :


  • If you opt in you will receive text messages about our products, promotional offers, competitions and much more. We may use information which we have automatically collected based on your actions whilst on our website to tailor the text messages you receive.

The Legal Bit :


  • It’s important to us that you know about our products. We will only send you text messages where you have consented to this. You have the right to opt out at any time.



What we do and how we do it :


  • When you purchase products from our stores, we will send you marketing communications about similar Superdry products that may be of interest to you.

Why we do it :


  • We will use your personal data to notify you of similar Superdry products that may be of interest to you. These notifications will be sent to you online (either by email as a newsletter, by social media or search engine as banners or adverts).

The Legal Bit :


  • It is in our legitimate interest and useful to you to send you information about our latest products that may be of interest to you.



What we do and how we do it :


  • If you have made a purchase online or instore communications by email we may share your personal data with third parties who will serve banner adverts on your social media feeds. Why we do it :


  • We share your personal data with third parties so they can notify you of Superdry products that may be of interest to you via your social media feeds.

The Legal Bit :


  • It is in our legitimate interest and useful to you to send you information about our latest products that may be of interest to you via social media banners.


What we do and how we do it :


  • Identify you when you visit our website, log in to your account or contact us. We do this by matching your email address, IP address or other contact details against the details we have for you.

Why we do it :


  • Checking your identity helps us to keep your information safe from fraudsters and makes sure that you are who you say you are. It also makes it easier to personalise your experience. If we can remember you, we can give you the best possible shopping experience.

The Legal Bit :


  • Legally, we have to do this and it is also important for us to provide you with the best products and service in the most secure and appropriate way. It is also important for us and in our legitimate interest that you get the best shopping experience.



What we do and how we do it :


  • Improve our website and set default options for you (such as language and currency).

Why we do it :


  • It’s important for us, and it’s much easier for you, if we know the language and currency you prefer, and it also helps us to protect your information.

The Legal Bit :


  • It is important for us and is in our legitimate interest to know what you like to give you the best shopping experience.



What we do and how we do it :


  • Show you Superdry adverts as you browse the web.

Why we do it :


  • So you can see our latest products and deals that we think you will love.

The Legal Bit :


  • It is important for us and is in our legitimate interest to show you things we think you will like.



What we do and how we do it :


  • We use a third-party service provider to collect data on our behalf across the internet and sometimes on our website. Some of these service providers may collect information about your visits to our website, and your interaction with our products (including where we see that you have aborted a basket or forgotten to complete a transaction) and services to tailor marketing messages on this website and other sites or to trigger real time interaction, customise this website or enhance your profile.


  • We also anonymise and aggregate personal information (so that it does not identify you) and use it for purposes including testing our IT systems, research, data analysis, improving our site and app, and developing new products and services.

Why we do it :


  • To protect our website and to help make our service better.

The Legal Bit :


  • It is important for us and in our legitimate interest to make our communications with you relevant and ensure that you have access to our most relevant product and content.


What we do and how we do it :


  • When you contact us via phone, chat, email or our customer services portal, we will collect information from you about your order and purchase history, as well as your personal details. We may sometimes record our conversations with you.

Why we do it :


  • We want to be able to respond to your query in the right way and provide the most relevant service to you. We also want to improve the services and support we provide to you.

The Legal Bit :


  • It’s an important part of our service and also part of our contractual commitment to you. It is important for us to train our staff to give you the best service.



What we do and how we do it :


  • We use public sources of information to help us investigate fraudulent activity.

Why we do it :


  • To prevent and detect fraud against either you or us – unfortunate, but absolutely essential

The Legal Bit :


  • This is important for us to protect our service, to protect you and to stop this from happening.


What we do and how we do it :


  • We may allow you to link your social media account to your Superdry account so you can log on simply and easily without having to create a specific account.

Why we do it :


  • To make it easier for you to use our website and purchase those items you want.

The Legal Bit :


  • It is important for us, and in our legitimate interest, that you get the best shopping experience.



What we do and how we do it :


  • We may use any details you give us about your social media accounts to understand what you like, how you might share your likes with your friends and how you might influence others with your style.

Why we do it :


  • It helps improve any recommendations we make to you and we may invite you to take part in surveys, reward schemes and other fashion related activities.To prevent and detect fraud against either you or us – unfortunate, but absolutely essential

The Legal Bit :


  • This is important for us to protect our service, to protect you and to stop this from happening.



What we do and how we do it :


  • When you tag us in a social post, we may monitor that, including your views or opinions about us.

Why we do it :


  • We may want to respond to you or react, particularly if you are unhappy with something.

The Legal Bit :


  • It is important for us and in our legitimate interest to know what you think about us so we can continually improve what we do.This is important for us to protect our service, to protect you and to stop this from happening.


What we do and how we do it :


  • We occasionally ask for feedback on our products or how you feel we are doing. Sometimes, we will use trusted third party providers to do this. Generally, responses are anonymized but we may want to respond to you directly, for example if you mention you are unhappy with something.

Why we do it :


  • It makes good sense to check how you feel about us and your purchases from time to time and we can use this information to improve our service.

The Legal Bit :


  • It’s up to you whether you take part, so you would always provide feedback with your consent. If you receive feedback requests from trusted third parties you can always elect to opt out.



What we do and how we do it :


  • We use a third party which will enable you to participate in our Refer a Friend programme, should you elect to do so.

Why we do it :


  • We want to give you the opportunity to benefit from special offers as a result of you helping us to grow our family of fans.

The Legal Bit :


  • Your data and your friend’s data will be processed in line with the third party’s privacy policy which can be found when you elect to participate.



What we do and how we do it :


  • We regularly run competitions and giveaways which may mean that you provide us with some information as part of your entry to the competitions. The information helps us to manage the competitions that you choose to enter and get prizes to the winners.
  • We will let you know how we use your data at the point of entry, and all of our competitions have specific Terms and Conditions which gives you more information.

Why we do it :


  • We need to let you know if you win.

The Legal Bit :


  • If you take part we will treat this as an important contractual commitment to youIf you take part we will treat this as an important contractual commitment to you.


What we do and how we do it :


  • In our stores we use CCTV footage which may include footage of you if you visit one of our stores.

Why we do it :


  • We use CCTV for security monitoring to protect you and our staff. We may also use it for market research purposes so that we can best arrange our stores and stock the ranges our customers will be most interested in.

The Legal Bit :


  • We have a legal obligation to ensure that our staff are protected. We also want to make sure you get the best in-store experience.



What we do and how we do it :


  • You may be asked for some personal details at the till in store. This is to enable us to provide you with paperless receipts. If you are an existing online customer and have an account with us, we will link this information through to your online account.

Why we do it :


  • To be able to send you a receipt for your purchase electronically (to help save the environment!) and to enable you to keep a record of all of your purchases in one place.

The Legal Bit :


  • There is no obligation for you to receive receipts electronically. It would be done with your consent. But we do like to help you maintain a proper record of your purchases to help our customer services team in case there are any issues with your purchase.



What we do and how we do it :


  • When we process your order at tills at the store or at in-store iKiosks (in our own stores and at some franchise store locations), we will take payment card information. We do not hold your payment card details. Financial transactions take place directly and securely with our payment provider.

Why we do it :


  • To process your transaction.

The Legal Bit :


  • Receiving payment is an important part of our contractual relationship with you.

We do not, and will not, sell any of your personal data to any third party for pure financial gain. We want to earn and maintain your trust, and we believe this is absolutely essential in order to do that.


However, we share your data with the following categories of companies as an essential part of being able to provide our services to you:


Companies in the Superdry group, as sometimes different bits of our group are responsible for different activities.


Companies that do things to get your purchases to you, such as, warehouses, order packers, and delivery companies.


Professional service providers, such as marketing agencies, advertising partners and website hosts, who help us run our business or help us obtain feedback from you.


Affiliates who help us reach out to potential new customers or promote our products on their websites.


Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud.


If we do share your personal data with third parties, it will only be done in order to achieve a legitimate and lawful purpose or with your consent. We will always assess the relevant third party and their security measures to ensure that when a transfer such as this takes place, you can expect a similar degree of protection in respect of your personal information.


If you would like to know more about the third parties we may share personal data with, or how to find out more on how they will use your data, please contact us using the form here.

We take information security very seriously and do all we can to ensure that we keep your information safe and secure.


We have numerous security measures in place to protect against the loss, misuse, and alteration of information under our control. We will always aim to implement the best security systems across our networks and hardware to ensure access and information are protected. Our technical and organisational security measures include:


- Encryption of personal information where appropriate.


- Regular cyber security assessments of all service providers who may handle your personal information.


- Regular planning and assessments to ensure we are ready to respond to cyber security attacks and data security incidents.


- Regular penetration testing of systems.


- Security controls which protect our information technology systems infrastructure and our premises from external attack and unauthorised access.


- Regular backups of information technology systems data with functionality to correct errors or accidental deletion/modification to data.


- Internal policies setting out our information security rules for our staff.


- Regular training for our staff to ensure staff understand the appropriate use and processing of personal information.


If you have opted in to receive marketing communications from us and want to opt out, you can control the marketing communications you receive from us:


To opt out of receiving Emails:


-In your account: By changing your contact preferences in the Account Information section.


-By clicking “unsubscribe”:You can also click on the ‘unsubscribe’ link in any marketing email you receive, and this will take you to an area where you can unsubscribe from that method of communication.You can also customise your marketing preferences here.


-By email:You can contact our Customer Care team – care@superdry.com.Once you do this, we will update our records to ensure that you don’t receive further marketing messages.


To opt out of receiving Text Messages:


- By texting “STOP” in response to our text messages.


If you tell us that you don’t want to receive marketing messages it might take a few days for all our systems to be updated, so we would ask for your patience as you might get messages from us while we process your request.

  We use online advertising to keep you aware of what we’re up to and to help you see and find our products.


You may see Superdry banners and ads when you are on other websites and apps, such as Social Media. We manage this through a variety of digital marketing networks and ad exchanges. We also use a range of advertising technologies and some of these are designed to personalise you experience.


The banners and ads you see are based on information we hold about you, or your previous use of the Superdry website (for example, your Superdry search history, and the content you read on Superdry) or on Superdry banners or ads you have previously clicked on.


For more information on our use of advertising technologies and cookies, please see our Cookie Notice

  Superdry is a global business with operations inside and outside of the United Kingdom and we use suppliers and fulfilment centres located across the world.


It is sometimes necessary to share your personal information outside of the UK and / or the European Economic Area (the EEA) or it will be collected outside of the UK and / or the EEA. This will typically occur when service providers to our business are located outside the EEA or if you are based outside the EEA. These transfers are subject to special rules under data protection laws.


The same applies to any transfer of personal information to another part of our group of companies based outside of the UK and / or the EEA. We also apply the same standards to any transfer of personal information between members of our group, regardless of where the group company is based.


If we transfer your personal information outside of the UK and / or the EEA, we will ensure that the transfer will be compliant with data protection laws and all personal information will be secure. Our standard practice is to assess the laws and practices of the destination country and relevant service provider and the security measures that are to be taken as regards the personal Information in the overseas location. This means that when a transfer such as this takes place, you can expect a similar degree of protection in respect of your personal information.


Our directors and other key staff working for us may in limited circumstances access personal information from outside of the UK and EEA if they are working abroad outside of the UK or EEA. If they do so they will be using our security measures and the same legal protections will apply that would apply to accessing personal information from our premises. In limited circumstances the people to whom we may disclose personal information may be located outside of the UK and EEA and we will not have an existing relationship with them, for example a foreign police force. In these cases we will impose any legally required protections to the personal information as required by law before it is disclosed.


Also if you are based outside of the UK and / or the EEA, then your personal data may be held and used outside of the UK and / or EEA anyway, but in most cases as described at the start the controller of your personal information will be Superdry in the UK. If you would like any more details about how we protect your personal information in relation to international transfers then please use the form here to contact our DPO.

  We’ll hold on to your information for as long as you continue to be a Superdry customer and for as long as we are required to keep it to ensure we meet our legal requirements across the globe.


Unless you have opted in to receive marketing communications from us or retain an active customer profile with us by ordering product in at least three year intervals, we will keep your information for the following periods of time:


Web: If you set up an account through one of our Superdry websites, we will retain your personal data within the website for three years after your last order. If you use a guest check out without setting up an account, we will retain your personal data within the website database for 90 days. Data relating to each of your orders will be kept for seven years.


E-receipts: If you sign up to receive e-receipts in a Superdry store, we will retain your personal data for seven years.

  Competitions, promotions: If you enter a competition or promotion, we will delete your personal data as soon as we have completed the competition or promotion.


Customer services: If you contact our customer services representatives, we retain your personal data for seven years.

  If you would like us to delete the information we hold about you, then please use the form here and request that we close your account or delete your personal information. However, we have a legal requirement to keep some of your personal data even after you have asked us to delete it. We will only keep what we absolutely need to, and only to make sure we can meet our legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms Conditions.

You have a number of ‘Data Subject Rights’. Set out below is some information on what they are and how you can exercise them.


Right of access

You have the right to request a free copy of the personal information that we hold about you.

Right to rectification

If you think any of your personal information that we hold is inaccurate, you have the right to request it is updated. We may ask you for evidence to show it is inaccurate.


Right to erasure (also known as the Right to be Forgotten) and the Right to restriction of processing

You have the right to request that we stop processing, or delete, all of your personal information that we hold. If you exercise this right we will keep a note of your name linked to your request and it won’t prevent us from processing any new information you provide to us subsequently.


Right to data portability

You have the right to ask us to electronically move, copy or transfer your personal information in a machine readable format.


Rights with regards to automated decision making, including profiling

We sometimes use your personal information to make decisions by automated means. This involves us analysing your account activity including applications, orders, payments etc. We do this to confirm your identity and to prevent and detect crime. This automated decision making is necessary if you would like to continue to shop with us online. You have a right to reject automated decisions but it may mean that you can only shop with us in our stores.


Right to withdraw consent

Where we are relying on your consent for processing you can withdraw or change your consent at any time.

  

The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information.


If you have any general questions or want to exercise any of your rights please use the form here. Our security procedures mean that we may need to request proof of identity before we disclose personal information to you in response to any request.


We encourage you to get in touch if you have any concerns with how we collect or use your personal information. You do however also have the right to lodge a complaint directly with the Information Commissioners Office, the data protection regulator in the UK, their contact details can be found on their websitewww.ico.org.uk.If you are located elsewhere in the EEA, then you are free to contact your local Supervisory Authority.A list of those Supervisory Authorities can be found here - https://edpb.europa.eu/about-edpb/board/members_en .

If you are a resident of California you may have some additional rights in regards to your personal information under the California Consumer Privacy Act 2018 or (“CCPA”).


We have detailed the information we may collect in our main Privacy Policy.We have also provided information on how we may collect this information and the commercial purpose for collecting or sharing your personal information.We have also made it clear that we do not sell personal data purely for financial gain.


Sale of personal information under the CCPA is broad and includes disclosing personal information to third parties for valuable consideration, not solely for money. We share pseudonymised identifiers such as masked email addresses and cookies with our advertising partners for advertisement purposes.


Your rights are similar to those applicable under the GDPR.Specifically in California, you have the following rights:


Right of access

You can request to access the categories and specific pieces of personal information we have collected about you, the categories of sources of such collection, the commercial purpose for collecting or selling personal information, the categories of third parties with whom we share personal information, the categories of personal information we have disclosed and sold about you in the preceding 12 months and the categories of third parties to whom the personal information was sold to.


Right to deletion

You can request for us to delete any of your personal information which we have collected (subject to some exceptions).


Right to opt-out of the sale of your personal information

You can request to opt-out of the sale of your personal information to third parties.


Right to non-discrimination

You will receive equal service and price if you exercise your rights under the CCPA.


  


How to exercise your rights


·Rights request (except opt-out) please use the form here.

  ·Opt-out of the sale of your information: Click Do Not Sell My Personal Information


When you make a request, we will require certain information from you to be able to verify your identity and request that may include your name, email address and home address.

We may change this page from time to time, to reflect how we are processing your data.


  If we make significant changes, we will make that clear on the Superdry website or other Superdry services, or by some other means of contact such as email, so that you are able to review the changes before you continue to use our services.

  If you have any questions, comments, requests or concerns relating to this policy, please contact our Data protection officer by clicking here. If we are unable to resolve your complaint, you may refer your complaint to the Information Commissioner’s Office by clicking here: https://ico.org.uk/make-a-complaint/. If you are located elsewhere in the EEA, then you are free to contact your local Supervisory Authority.


A list of those Supervisory Authorities can be found here - https://edpb.europa.eu/about-edpb/board/members_en

  For any customer service related enquiries or enquires about a recent order, please contact our customer services team by emailing care@superdry.com


  This policy was last updated on 15 March 2021.We made changes to this policy to establish our privacy principles and to more clearly explain how we handle your data, including in relation to the different purposes for which we use it.