Skip to content

Cart

Your cart is empty

Privacy Policy

EJayDesign Privacy Policy - What you need to know 

A few months ago I unexpectedly created a business, and with that comes a lot of  small print I never knew existed until now, but I'll give it a shot!

It’s important, so please read it and make sure you control your privacy.

For this, the term 'we' refers to EJayDesign, although it is owned and run by one person - Eilidh Jamieson.

 

My privacy principles:

We take your privacy seriously.

We are committed to protecting the security of your personal information.

We comply with data privacy laws when using your personal information.

We will only use it for lawful reasons you expect or that we explain to you in this document.

We will limit the collection and use of details to what we really need or which you have provided.

 

Quick read: Privacy Policy Summary

We want you to understand:

  1. What personal information we collect about you and where we get it
  2. What we do with your personal information
  3. Who we share your personal information with and why
  4. Where we send your personal information outside Europe
  5. How we keep your personal information secure
  6. How long we keep your information and why
  7. Your rights and how to use them
  8. Other details you should know
  9. What personal information we collect about you and where we get it from

We collect most information directly from you when you order or buy from us. We get technical details from the devices you use to access our apps and websites and from cookies which tell us what you look at online, where and when. Like most other websites, our technology also lets us know when and how you use our websites, such as when you have added to or abandoned your basket or filled in a form.

The personal information we collect and use will depend on why we need it. We will only collect the personal information we believe we need to use.

 

Sometimes we are given information about you unexpectedly, such as from the police, organisations and agencies trying to prevent threats and fraud, and from the public.

 

  1. What we do with your personal information

 

We need to collect and use  information about you so that you can buy things from us and learn about our offers and new arrivals. We also need to use some details to prevent and detect fraud.

 

We look at and learn from your browsing, shopping and how you respond to our marketing to understand what sort of customer you are and predict what products we have that you may also be interested in. We try to show you adverts and offers we think you will like tailored to you based on stuff like your location, including what we know about you including through our apps, websites and other websites you visit, relying on the extra understanding about you which ad providers and social media platforms have collected with your consent.

 

Our use of your details will depend on you and what you are doing: browsing or buying, if you are new to us or a registered customer. Use will be different on-line and in-store but we will try to join up details of our relationship with you in store and online in our records, even if you use different devices online. We explain our lawful reasons for use of your personal information in our detail section. 

 

Who we share your personal information with and why

We use suppliers and service providers, such as for delivering orders, or dealing with card checks and payments. These include other group companies and external contractors. We only share the personal details they need to know for their services and we make sure your privacy is respected and protected.

We share personal information with third parties when you have told us that we can share, or them that they can share, or you agree we can share your information, such as when you register to use a ‘Style adviser’ function we offer which is provided by a third party, or with third party ad providers, such as social media platforms or Google, so our adverts are shown to you.  We will share agreed details with third parties like Newday if you choose to use their store card, or Klarna if you choose to use their payment service, for the purpose of enabling the service which you have sought to use.

We will provide personal information about you to the police, fraud prevention and credit reference agencies when we have to by law, or when we deem necessary to prevent fraud.  If we decide to reorganise or sell all or most of our business, your personal information may be transferred to the buyer of the business but we will never sell your personal information to third parties for them to market their products to you.

 

  1. How do we keep your personal information secure

Our people understand how important it is to keep your personal information safe and secure. We take steps  online and in store  to keep our stores and offices, systems and records secure.

Click here to read more.

  1. How long we keep your information and why

We will only keep your personal information for a limited period of time. This period will depend on a number of reasons, such whether we still need to deliver to you, or you have an account with us, or we are providing ongoing customer care to you. Sometimes we must also keep your information by law, to deal with a regulator or where required by our insurers. We delete your personal information at your request where possible and we won’t keep it for longer than we should or need to for the provision of a service and for communicating with you.

Click here to read more.

  1. Your rights and how to use them

You have rights to find out about how and why we use your personal information and to control its use. These include rights to access and correct your details, in some cases to ask us to limit or stop our use of them and even to delete them.  Where we use your personal information based on your consent, you have the right to change your mind and you can always unsubscribe from our direct marketing to you, by simply clicking unsubscribe in a marketing email, or in this policy.  

 

Your privacy matters, so we have appointed a Data Protection Officer and have a Data Protection Team to help. You can get in touch with our Customer Care team for help with data protection matters at Customer.service@topshop.com

. You also have a right to complain to the UK’s privacy regulator should you feel your rights or the law has been compromised.

Click here to read more.

  1. Other details you should know.

Our privacy policy explains how we at Topshop/Topman Limited are responsible for using your personal information. If you would like to get in touch, you can write to us at: Customer Care, Burton Business Park, Torre Road, Leeds, LS9 7DN, United Kingdom. You can also email us at Customer.service@topshop.com

From time to time we will update this policy. We’ll always send you a copy in the event of material change but if minor changes are made, we won’t bombard your mailbox. You can, of course, check back here for updates in the mean time!

Click here to read more.

 

Additional details

 

Where we collect and use information about you and which allows us to identify you, it is your personal information. Our quick read summary privacy policy has already given you some key facts but this part of our policy adds further detail if you want to understand more about how and why we use your information.

  1. What personal information we collect about you and where we get it from

The personal information we collect and use will depend on why we need it and whether you are buying or browsing, in-store, or online. The technical term for information about you which identifies you is your personal data. We need lots of different types of information and have explained what categories we collect, why it is needed and where we get it from below. Collection and use of this information is not new and is commonly used by lots of retailers, but explaining this level of detail to you is new!

 

Category of 

personal 

information

Examples of your personal information and why we need it 
Contact
information

What: Name, Address, Email Address, Telephone Number, account information (user name, log-in details)

 

Why: so we can know who you are to get in touch and for contract, legal and payment reasons as well as administering your account with us

 

Where: from you

Order information

What: Contact information, together with purchase details online and in store through e-receipts, delivery details, payment details, any communications we have received about your order or purchase 

 

Why: so we can take your order, take payment for it and make sure it is delivered properly. We will also use aggregate data to provide us with useful customer insights so that we can improve our business (for example, customer service). Where you have consented to receive marketing from us, we may also use this information to improve our understanding of your interests in order to tailor our communications to you.

 

Where: from you

Other delivery
information

What: Name and address of recipient for delivery, if different from customers

 

Why:so we can deliver to the person at the address which you have requested

 

Where: from you

Payment / card information

What: Name, card issuer and card type, number, issue number, start and expiry dates and cvv code; gift/store card details if used; Klarna account details if used

 

Why: so we can check the right person is using the right card/account and meet the payment requirements of the card/account issuers; and make sure we are paid for what you buy

 

Where: from you, your payment /card issuer, your store card provider if used, or Klarna if chosen by you

Legal information

What: Fraud checks or flags raised about your transactions, the payment card you want to use, payment card refusals, suspected crimes, complaints, claims and accidents

 

Why: so we can protect you, other customers and our business against criminal activities and risks, make sure we understand and can meet our legal obligations to you and others and can defend ourselves

 

Where: from you, the police, crime and fraud prevention agencies, payment card providers, the public, regulators, your and our professional advisors and representatives

Preference information

What: Your marketing preferences, your account settings including any default preferences, any preferences you have indicated, such as country, language and currency, the types of products/offers that interest you, or the areas of our website that you visit

 

Why: so we can make your visits easier and more convenient and make sure you get the information you want from us in the way we think you  will like

 

Where: from you, from our website/app technology interaction with your browser/devices and cookies and other similar technologies tracking the pages you visit, the marketing messages you open and the links you follow

Communications

What: Communications we may have with you, whether relating to an order or not. Please note that we record calls to our customer care centre team. Details of any customer reviews you provide us and how you rate us

 

Why: so we can deal with your requests, help you, meet your needs and make sure we have accurate records. It also helps us to obtain customer feedback and improve as a result.

 

Where: from you and occasionally from any third parties involved, such as another visitor to our store

Voluntary information

What: Any voluntary information you provide us with, such as your date of birth, favourite & worst colour/style, responses to surveys or competition entries; student discount details and social media account details

 

Why: so we can get to know you better; make our communications with you more personal; get in touch on your birthday; make sure we are not marketing/selling to children; learn and improve from your survey feedback, organise in store events and pick competition winners

 

Where: from you, your social media account provider and student body, such as Unidays

In store privacy

What: CCTV images of you in and around entrances and exits to our stores and offices. Your customer journey around our store from Wi-Fi connectivity or comparable technology use

 

Why: so we can keep you, other customers, our staff, buildings, systems and data safe and secure; provide you with Wi-Fi in our stores and so we can better understand how customers want to shop in our stores, popular routes and areas and where we should place different products and what to market to you

 

Where: from you; from our CCTV and from our W-Fi and similar technology interaction with your devices

 

Personalisation

What: Your customer journey on line and how you use our websites and apps and use your devices when doing so. Whether and when you open our marketing emails and respond to our adverts. When you are on our website, our website technology is able to collect the technical details of your mouse clicks and movements, page scrolling and text content you key in to our online forms but will not collect payment card numbers or name and address type details

 

Why: so we can understand how many customers use our websites and apps, what works best online and in our marketing and advertising and what we need to change and improve to attract and keep your attention

 

Where: from you; from our website/app technology interaction with your browser/devices and cookies tracking the pages you visit

Device information

What: IP address, internet provider, operating system and browser used, type of device, such as laptop or smart phone, device cookie settings and other device details, such as MAC address and the geographic region which your device reports to us that you are located in

 

Why: so our website and app technology can work properly with your device and make sure you can see and use our intended website and apps on the device you are using. If you have also signed up to receive our marketing, we will personalise your emails based upon your interaction with our website/apps across your devices. This will allow us to remember information about you even when you use different devices to build a holistic picture of your interests and preferences.

 

Where: from you; from our website/app technology interaction with your browser/devices

Marketing information

What: Your customer journey before, during and after visiting our store from your device. Details of your online browsing activities, based upon our website/app, cookies and other similar technologies, such as the pages, products or areas of our website that you visit, or which link has brought you to our website from our email communication. Without getting or knowing the details they collect, benefitting from similar information about your use of other websites which is available to ad providers, social media platforms and Google, who help us to show you on other websites our ads tailored to the category of customer they think you are and which we are targeting. Similar details from use of our apps. Your contact information, historic order information both online and in store through e-receipts, preference information, voluntary information and online observed information

 

Why: so we can learn more about you; try to understand the type of customer you are, to predict what you are most interested in, what offers you will like most, tailor our adverts and offers

 

Where: from you, your interaction with our website/app using your browser/devices, cookies and other similar technologies which track the pages you visit; without seeing the details collected, from cookies set by ad providers, social media platforms and Google. We will also collect this data through your e-receipts, online transactions, at the point in which you sign up to receive our marketing and where you state your preferences through our preference centre (accessible via the unsubscribe link in all our marketing emails, or via your Account page).

 

There are also “special categories” of more sensitive personal information which require a higher level of protection, such as information about a person’s health, criminal offences, sexuality, race, ethnicity, health or disability.

Accident information

What: details about any accident or injury on our premises, or health incident

 

Why: so we can get you the help you need, deal with the emergency services, insurance and claims

 

Where: from you, witnesses or observed about you

Suspected crime information

What: details of your identity, image, name and address, suspected or alleged thefts, fraud, assault or other criminal behaviour

 

Why: so we can protect customers, the public and our business against risks and crime

 

Where: from crime and fraud prevention agencies , from you, witnesses, and from the police

Concessions

 

Where you shop in one of our concessions in another retailer’s store, their systems will check and take and record payment, operate CCTV and security and Wi-Fi. They will provide us with details of your purchases for our records. Unusually, if you are involved in any suspected incident, they may share additional details with us to help us together to prevent and detect crime.

 

Cookies

 

So we are clear, cookies are the nickname for tiny text files which some websites pages place on the device you use to access them, to give us encrypted information such as to remember what you have put in your basket when shopping, your preferences, whether you have an account and what cookies you have accepted. They will not collect your name, address and payment card details but send back technical facts.  They also help us to understand and sort out technical errors which sometimes happen online. We need cookies to make our websites and your device able to work well together. Some cookies are our own but we also work with carefully selected third parties to help us and who set their cookies from our website pages and to help us run our websites (these are called third party cookies).  You will not be able to buy from us online and your browsing experience may not be as enjoyable if you block your device from receiving cookies.

 

We use cookies online to do the job a good sales assistant does in store, noting what you are interested in, seeing if we can help show you where those items are, find more like them and tell you about products which work well with them. We can also tell you about special offers and promotions, just like they would.

 

Personal information does not include information where your identity has been removed or is unknown (anonymous data).  Some of this information may only be identifiable to you and personal because you are logged in to your account, or because we have collected details of your IP address or the device that you have used to access the website. Where we can, we prefer to show you adverts online which you are more likely to be interested in.

 

Normally until you buy from us, you are an unnamed user of our website but we want to make you a customer. We work with online advertising partners to do this. They set a cookie from our webpages and this allows them to spot when you use the same device on other websites they publish ads on. They can then make sure you see an ad from us (retargeting). In some cases, the ads you see from us online will be more tailored to you (tailored or behavioural ads). This uses known and observed information about you to try and categorise you and predict what you will want to buy and which offers you will most like (profiling). This will be from our knowledge of you as a customer with us and from your use of our websites but we do not share that detailed information with those advertising partners. In other cases, it will be based on what advertising partners /social media providers know about you from their cookies and use of their websites but we do not receive the detailed information from these websites. 

 

You can get more information about cookies and can change your mind about cookies at any time. if you want more details or to change your mind, see our cookies policy.

 

  1. What we do with your personal information

We need to collect and use lots of information about you and any devices you use to access our apps or websites for many different reasons but we will only use your personal information when the law allows us to. This will always be for one of these reasons (our lawful basis):

Legal basis 
When we use this basis 
Contract
This is where we need to use your personal information for a contract reason (to comply with a contract with you, or take steps you have requested to start a contract with you).
Legal obligation

This is where we must use your personal information to comply with the law, or a binding request like a court order. 
Consent
This is where we use your personal information with your clear consent, you have a complete free choice to say yes or no, and you can change your mind at any time.
Public interest
This is where we need to use your personal information for an official purpose, or for a reason in the public interest for the greater public good, like cooperating voluntarily with an official police investigation.
Vital interests
This is where we need to use your personal information in an emergency to protect you (or someone else) from death or serious harm.
Legitimate interests
This is where, on balance and being fair to you, we have (or a third party has) another good and lawful business reason for using your personal information and we do not need your consent.

 

By law we must treat special category or sensitive personal data, such as on health or alleged crimes, with even more care and must have an additional reason for collecting and using this type of personal information. Where special categories of sensitive personal information are involved in addition our use will always be for one of these reasons.

 

Legal basis

 

When we use this basis

Legal obligation

This is where we must use your personal information to comply with your or our legal rights or obligations related to employment or social protection.

Preventative medicine

This is where we need to use your personal information for medical diagnosis or preventative health reasons

Substantial public interest

This is where we need to use your personal information in the substantial public interest for the greater public good.

Explicit consent

 

This is where we use your personal information with your very clear and express consent, you have a complete free choice to say yes or no, and you can change your mind at any time.

 

Legal claims

This is where we need to use your personal information to investigate, take advice on bring or defend legal claims.

Vital interests

This is where we need to use your personal information in an emergency to protect you (or someone else) from death or serious harm and you are not capable of giving your consent.

We want you to understand why we use the personal information we do and our legal basis for doing so. We explain this here.

Where we can, we will also move from using your information in ‘individual picture’ form about you, to ‘big picture’ form as a member of a group but not as an individual. To do this, we can bunch lots of information on individuals together (aggregation), remove or change details that identify you to make that more difficult or impossible (de-identification, pseudonymisation and anonymization) and change information about people into information about numbers (statistics). This helps us to protect your privacy whilst having the information we need to run our business and comply with our obligations. We can use the details for research, statistical analysis, and reports.

Why we use your personal information
Lawful basis for use
 
All personal information
Sensitive personal information
To check stock for you, put it on hold, arrange to send it to your local store and keep you updated on this

Contract
 

To accept your orders, check and take payment, deliver your order and communicate with you about it. This may include a gift delivered to another person or delivery to another address if you want

 

Dealing with returns, replacements and refunds we are obliged to deal with

 

You may want to use any optional delivery tracking or confirmation facility or update options we offer. This mean sharing additional contact information for you with our delivery partners and you using their delivery systems

 

Dealing with returns, replacements and refunds we are not obliged to deal with

Contract

 

 

 

 

Contract; Legal obligation

 

 

Legitimate interests

 

 

 

 

Legitimate interests

 

To accept card payments, we need to comply with anti-money laundering legal obligations and comply with the rules of the card issuers eg Visa to make sure we get paid

 

This means checking your identity and that your use of the card appears lawful by checking with credit reference agencies and fraud prevention agencies who may keep records of this and of any concerns.  We use specialist payment providers to help with this.

 

Preventing and detecting crime is important to everyone and any concerns may be shared with law enforcement agencies

 
Legitimate interests; Legal obligation
Substantial public interest; Legal claims

To ask you about student discount registration, fill in surveys, provide feedback and deal with your queries and requests

 

To learn from your feedback and improve

Legitimate interests
 

To deal with your queries, requests and respond to any customer care concerns.

 

To provide you with information about your order or request we think you need.

 

Sometimes this will be where this involves a legal right or obligation we must comply with and unusually this may relate to legal claims

Legitimate interests; Legal obligation
Legal claims
To provide you with Wi-Fi in our stores to make you more likely to visit and stay shopping with us
Legitimate interests 
 
To respond to your personal shopping requests, book appointments and provide personal shopping services
Contract
 

To set up your account with us and run it to make your online shopping experience quicker and easier for you, including dealing with related requests and changes and communications

 

Storing any payment card details with your consent

Legitimate interests; Explicit consent
 

Managing any accidents, injuries or health incidents which occur in store.

 

Meeting our health and safety legal obligations.

 

Dealing with any related insurance or legal claims

Legitiamte interests; Legal obligation; Vital interests

Vital interests; Preventative medicine; Legal obligation; Legal claims; Substantial public interest

 

Managing any suspected fraud, shoplifting or other suspected criminal activity involving or affecting you

 

Responding to warnings and providing details to law enforcement and fraud prevention agencies to investigate, prevent and detect crime.

 

Dealing with any related insurance or legal claims

Legal obligation; Legitimate interests 

Legal claims; Substantial public interest

 

 

 

Legal obligation

To keep evidence of our dealings with you to comply with our legal obligations, including on accounting, taxation and data privacy

 

To keep records for risk management and insurance purposes

Legal obligation

 

 

 

Legitimate interests

Grouping individual records together in large numbers to analyse them to understand customer group interests, trends and changes across the customer base.

 

This needed to run our business  efficiently, including ordering stock and organising supplies and adjusting resourcing such as for in store staff / delivery coverage to meet demand

Legitimate interests 

To keep our systems, websites and their use under continual review to check and maintain their integrity and security and proper operation and continually improve their efficiency

 

Meeting our obligations to secure personal information

Legitimate interests; Legal obligation 
To authenticate users, account holders and ensure use of our website complies with our terms and policies
Legitimate interests; Legal obligation 
To deal with our legal obligations, such as on product recalls, and binding requests for information, such as from courts 
Legal obligation
Legal claims 

To cooperate with and disclose information to law enforcement and official agencies and government, regulators  courts and other parties even where not legally binding.

 

This is where we believe it is needed to prevent or detect crime, or help with legal compliance or good governance

 

This includes where we take professional advice to understand and deal with our legal rights and obligations and dealing with our insurers

Legitimate interests; Public interest

Substantial public interest

 

 

 

Legal claims

To deal with the reorganisation or sale if our business or part of it and sharing details needed with buyers and their professional advisers
Legitimate interests 

 

 

Marketing based on our legitimate interests is to try to ... 
Legitimate interests

learn more about you from your browsing and purchase history, how you like to shop and how you respond to our ads and offers, we do this to try and anticipate what demographic, age range, region and preferences you would like

o    try and categorise your interests using a semi-automated process to predict more accurately what you will want to buy, what offers and ads you will prefer and provide you with those tailored offers and ads we think you will like most

so we can -

o    generate new customers and convert possible customers into actual customers

o    convert browsers to shoppers

o    encourage current customers to buy more goods from us or buy more frequently

o    encourage customers also to buy in store if they only buy online, or to also buy online if they only buy in store

o    generate income and profit to run our business

o    fund our development of new exciting products for you

 

 

Marketing based on consent… 
Consent

To provide you with the app you have requested and send you push notifications with ads, special offers, promotions and news

To email you with ads, special offers, news and promotions

To ask you to provide product reviews and to rate us

To use your location to send you location related advertising

To host and run events, including invitation only events, student nights and fashion shows, with your consent if you sign up rather than simply turn up

To host and run events, including invitation only events, student nights and fashion shows, with your consent if you sign up rather than simply turn up

By signing you up to our email marketing to promote products

If you are logged in to your account  with us with your mobile device / have one of our apps and your device connects to our Wi-Fi in store, tracking your journey through our store by linking your journey and your account

To link your social media account(s) with your activities on our websites and then showing you targeted product recommendations

Sharing details of your purchases from us with third party style adviser providers where you have registered an account for this and agreed to such sharing

Where we carry out marketing this will be based on our legitimate interests unless by law we need your consent or have chosen to ask for consent anyway. In the event you have placed an order, query, request or flagged an issue, we will still need to keep in touch. We won’t market to you but contact you regarding the relevant issue. 

 

Where we have explained that our use of your personal information is needed for us to comply with a legal obligation, or to start or comply with a contract with you, if you refuse to provide those details, on most occasions, we won’t be able to accept your order or continue to deal with your purchase or delivery.

 

  1. Who we share your personal information with and why

We do not sell your personal information to third parties for them to market their products to you but, on occasion, we do need to share some of your details with third parties.

We need to work with other group companies, suppliers and professional service providers as they help us to run our business and look after you. In these cases, we only share the personal details they need to know for their services and work closely with them to make sure your privacy is respected and protected. They must keep your details confidential and secure and only use them to provide the help we have agreed with them or as allowed by law.

We are a dynamic business in a fast moving industry and as you can imagine, the help we need can change quickly and over time. We work with lots of suppliers and service providers and these also frequently change. So that you understand where this can affect your personal information, we have provided more details.

Who we share your personal information with and why
Who we share with
Why we share it
Group companies

We are part of the Arcadia group of companies and different companies within the group help with different functions. For instance:

  • the operation of our websites and apps;
  • digital and marketing;
  • customer care;
  • data protection support, legal, risk, compliance and insurance.
  • As normal for companies, we also need to report up to our parent company and it will be involved with key decision making related to our business. 

Where we have two or more of our brands sharing a single store, and you buy products from one brand but pay at another brand’s checkout, the brand who you buy from will share details about your in store purchase with the brand whose products you buy


External suppliers

We use external suppliers to help us with:

                 warehouses, packing and delivering orders;

                 payment service providers to securely vaslidate and take your payments by card;

                 specialist providers to host and operate our websites, online presence, databases and IT systems and support their operation and help with data analytics;

                  specialist providers to help with cyber and other security; and

                  agencies to help with marketing, analytics, advertising and communications.

Store cards and credit providers

We will need to share agreed personal information about your purchases with third parties providers, such as:

                  Newday if you choose to use their store card; or

                   Klarna if you choose to use their payment service.

Their privacy policies apply to their use of your details.


Event, discount registration and account providers

We can share personal information with third parties for discount verification, registered account management, event management  or where you have told us, or them, we can share it. This includes:

                  Unidays for student registration; and

Other retailers

Where we operate a concession in another retailer’s store, their systems record your personal information. Unusually, there may be an incident involving you where we need to provide them with details about you to prevent and detect crime or help them to deal with legal claims or obligations 

Cookies*

We explained above how we use cookies with third parties.

                   Where you accept third party cookies, we do not send them data but they normally collect data directly from your device

Social media*

                   Where you want to link your social media account to us, we will share the details needed to do that with your provider.  

Third party content and links on our websites*

                    Our websites and apps sometimes feature links to third parties which we think you will like

                    We do not send them your details but if you follow those links, you will do so direct and leave our website. You can choose to share your personal data with them separately sand subject to their Privacy Policy

Law enforcement, credit reference and fraud prevention agencies

We will provide personal information about you to:

                    the police;

                    fraud prevention and credit reference agencies

if we must by law, or when we think it is necessary to prevent fraud, or protect you, our staff, business or other customers, from threats, theft or, fraud

Business buyers

If we decide to reorganise or sell all or most of our business:

                    to the buyer of the business, their professional advisers and related partners who need to know

Other recipients

We may also disclose your personal information where needed to comply with a legal obligation, to enforce a contract or to protect the rights, property or safety of you, our employees, customers or others, or where permitted by law and needed to help others to do so.

                  Consultants and professional advisors including legal advisors, accountants and auditors;

                  courts, court-appointed persons/entities, receivers and liquidators;

                  business partners and joint ventures;

                  insurers; and

                  governmental departments, statutory and regulatory bodies including the Information Commissioner’s Office, the police and Her Majesty’s Revenue and Customs.

*The way the internet works means that to show you our banners and adverts especially on other websites and apps, we must work with third party ad exchanges, networks and online platforms. They must comply with their data privacy obligations, make their policies available to you and allow you to change your mind about their cookies and use of your information. We are not responsible for their use of your personal information or websites.

  1. Where we send your personal information outside Europe

Data privacy laws in the UK and across the countries in the European Union, Norway, Iceland and Liechtenstein, (the European Economic Area) are very similar.  We have called this area ‘Europe’ for ease. If it is necessary for us to transfer your personal information outside Europe we will only make that transfer if we use a method approved as privacy-safe by the data privacy regulators in Europe:, including:

 

               - the country to which the personal information is to be transferred has been approved by them; 

               - the recipient of the personal information is in the USA and has certified they will comply with the Privacy Shield rules to protect personal information, approved by them;

               - the recipient of the personal information is legally bound to protect your personal information under binding corporate rules approved by them;

               - we have made sure that there is a contract to protect your personal data with the recipient, using a template approved by them;

               - the transfer is needed for another reason approved by them, such as to make an international delivery at your request; or

               - where you explicitly consent to the transfer

 

You can ask for a copy of the method approved as privacy safe by the data privacy regulators in Europe from our Customer Care team or Data Protection Team using the contact details in section 8 below.

  1. How do we keep your personal information secure

We take specific steps required by data privacy law to take appropriate care of your personal information, whether online or not. This is to protect it against theft or other loss, being corrupted so we cannot use it properly or at all and to stop people who should not be able to see or use it from doing so.  

  1. How long we keep your information and why

We will only keep your personal information for a limited period of time. This will depend on a number of factors, including:

 

               - whether you have placed an order with us, or have a registered account with us;

               - any laws or regulations that we are required to follow;

               - whether we are dealing with a current request, customer care issue or complaint;

               - where there is a legal or other type of dispute involving or affecting you;

               - the type of information that we hold about you; and

               - whether we are asked by you or a regulatory authority to keep your personal data for a valid reason.

 

We will keep your personal information during the period that you are a customer with us and then for as long as is necessary in connection with both our and your legal rights and obligations. This may mean that we keep some types of personal information for longer than others. Generally, if you are an inactive customer we will remove your account after 18 months.

 

  1. Your rights and how to use them

 

You have rights to understand and control use of your personal information. These rights only apply to your own personal information. For all these rights:

               we must be able to verify your identity;

               your request must not impact the privacy rights of other people;

               Your request must not be excessive, very unreasonable or repeated [too often].

               They cannot clash with the provision of a service (for example submitting a right to erasure when we are processing an order from you)

Many rights have limitations and exceptions, for instance, we do not have to provide you with legally privileged advice involving your personal information.

Your right 
What does it mean? 
Limitations and conditions of your right 
Right of access 
You are entitled to have access to your personal information and specific information about its use by us (this is more commonly known as submitting a “data subject access request”).
You should specify the type of information you would like to see to ensure that our disclosure is meeting your expectations.
Rights in relation to inaccurate personal or incomplete data 

You may challenge the accuracy or completeness of your personal information and have it corrected or add details to make it complete.

You must inform us of changes to your personal information. Please notify us of any changes as soon as they occur, including changes to your contact details.

 

Where available, please use any self-help tools to correct the personal information we use about you.

When exercising this right, please be as specific as possible.

Right to object to our use of your personal information 
You have the right to object to our use of your personal information.

This general right applies where our use of your personal information is needed based on legitimate interests for example, aggregate data processing for marketing purposes and there is something about your particular situation which makes you want to object to processing on this ground.

We will then consider your request.

Right to object to direct marketing 
You can change your mind about direct marketing at any time. This may mean changing your mind about our app, or receiving our personalised marketing emails, or all direct marketing.
Click unsubscribe at the bottom of any email. you can edit your marketing preferences within our Preference Centre, which can be found via the unsubscribe link in all our marketing emails, or via your Account page.
 
Right to object to important computer only decision making affecting you 
If we have explained that we use any computer only decision making to make important decisions affecting you, you have the right to challenge those decisions and have a real person take another look at them to make sure they were right.
The second look at the decision by a real person may result in the same decision the computer made.
Right to restrict our use of your personal information 

You are entitled to limit our use of your personal information for so long as we are considering any request you have made for us to  correct or complete your personal information, or to consider an objection you have made to our use of it based on legitimate interests.

You can also request us to limit our use permanently in some cases.

The temporary restriction on our use will end when we have dealt with your request for correction or completion of your personal information or we have made a decision on further use following your objection.

If we agree that we should stop that use of your personal information, or in limited other cases, the limitation will become permanent.

The impact of the restriction is limited to personal information affected by the request/use.

Right to erasure 
You are entitled to have your personal information deleted or destroyed, such as where your personal information is no longer needed for its intended use.
We may not always be able to erase your personal information completely, such as were we still need it to comply with a legal obligation, or to deal with legal claims.
Right to withdrawal of consent 
Where our processing of your personal information is based on your consent, you have the right to withdraw your consent at any time.
If you withdraw your consent, this will only affect future use of that personal information.
Right to data portability 
You are entitled to receive the personal information which you have provided to us and which is used by us in a commonly used format to help make it readily re-usable.
This right only applies where we are using the personal information you have provided based on your consent or on our contract with you.

 

 

To unsubscribe, or change your mind about receiving our marketing, you can:

  • - use the unsubscribe link in our emails
  • - email our Customer Care team Customer.service@topshop.com
  • - call our Customer Care team
  • - write to us at the above listed address

We are committed to protecting your privacy, so we have appointed a Data Protection Officer and have a Data Protection Team to help. If you wish to exercise any of these rights please contact our Customer Care team by emailing Customer.service@topshop.com

You also have the right to lodge a complaint with the UK data privacy regulator.

  1. Other details you should know.

Our privacy policy explains how we at Topshop/Topman Limited use your personal information. If you would like to get in touch, you can write to us.

 

[Topshop/Topman Limited Privacy Policy Version 2, updated 03 April 2019]

Need help?

Frequently Asked Questions

Merchandise Shipping Timescale

Non Uk Shipping

other