SSENSE Privacy Policy

SSENSE Privacy Policy - KISA QA (English)

SSENSE

KOREA Mobile App Privacy Policy

If you live in Korea, the following Privacy Policy applies to you: 

Last updated: June 01, 2023

1. About this Policy

1.1 At SSENSE (“SSENSE”, “us”, “we”, or “our”), we respect your privacy and we want to be transparent about the types of Personal Data (as defined below) we collect about you and how we use it. This Mobile App Privacy Policy (this “Policy”) explains how we collect, share and use any information that, alone or in combination with other information, relates to you (“Personal Data”) when you (“you” and “your”) use the SSENSE App (the “App”), or when you call us or answer our surveys.

1.2 This Policy sets out the rights that you have in relation to the Personal Data that we process about you and how you can exercise them. This Policy also describes the measures we implement to protect your Personal Data.

1.3 The App is managed by SSENSE, headquartered at 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada, who is the data controller for the Personal Data that is collected via the App. As a data controller, SSENSE is responsible for ensuring that the processing of Personal Data complies with applicable data protection laws, which includes the General Data Protection Regulation ((EU) 2016/679) (“GDPR”), if you live in the EU and the UK GDPR(“UK GDPR”), if you live in the UK. 

1.4 Please take the time to read this Policy carefully. If you have any questions or comments, please contact us as described in the “How to contact us” section below.

2. Quick links

2.1 We recommend that you read this Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Policy, then you can click on the relevant link below to jump to that section.

What Personal Data SSENSE collects, how and why

Cookies and other tracking technology

Who SSENSE shares your Personal Data with

How SSENSE protects your Personal Data

Data storage, retention and deletion

Transfers of Personal Data outside the EU/EEA and the United Kingdom

Profiling

Minors

Your data protection rights

External links

Updates to this Policy

How to contact us

Addendum For Korean Data Subjects

3. What Personal Data SSENSE collects, how and why

3.1 SSENSE collects your Personal Data:

- directly from you when you download and start using our App, or subscribe to our newsletter;

- directly from you when you make a purchase with SSENSE, answer customer feedback surveys, click on our ads, respond to marketing campaigns, or directly reach out to SSENSE for inquiries;

- automatically via our use of cookies and other tracking technology on our App.

3.2 When you use our App, we collect the following types of Personal Data about you, which we will process for the purposes described below:

3.3 Please note that the information you provide on our App may be necessary for contractual purposes and for us to comply with our legal obligations. Without such information, we may not be able to process your order or to answer your queries.

3.4 In particular, we may be required to disclose your Personal Data in response to legal and regulatory requests from public authorities, including to meet national security, anti-fraud or other legal requirements.

4. Cookies and other tracking technology

4.1 SSENSE may also collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification number (IMEI number), operating system version, the dates on which you access and use the App, user behaviour (such as your interactions with the App), broad geographic location (e.g. country or city-level location) and other technical information.

4.2 Collecting this information enables us to better understand the users of our App, where they come from, and what content on our App is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our App to our users.

4.3 Some of this information may be collected by using cookies and similar tracking technology, as explained further in our Cookie Policy which is available below. 

4.4 Location-based data

If you authorise us to access the location data on your device, we will use this information to send you location-based information and to deliver services at your request.

Also, if you no longer wish to receive push notifications for location-based services you can disable this service by changing your device settings, or by altering the settings in the App by unchecking the relevant box in the “Settings” section of the App. On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.

5. Who SSENSE shares your Personal Data with

5.1 We may disclose your Personal Data to the following categories of recipients:

• to our group companies for purposes consistent with this Policy, and in particular, so that they may contact you regarding products and services that may be of interest to you where you have given your consent. We take precautions to allow access to Personal Data only to those staff members who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. Our group companies include: Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc., Atallah Group EU SARL
• to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Policy or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as IT platform management or support services, infrastructure and application services, marketing, data analytics. Our third party vendors, service providers and partners include, without being limited to:

Controllers: Worldpay, Paypal, First Data (Payeezy/IPG), Klarna, Google Premium Analytics, Riskified, PerimeterX, Signifyd, Partnerize, Rakuten. For more information about the manner in which these controllers are processing your data, please check the privacy policies on their respective websites. 

Processors: HostedPCI, Stripe, Avalara, Zendesk, SAP, KIBO, StellaConnect, Loqate, Chatdesk, Google Cloud Platform, Google GSuite/Insight, Braze, AWS, Regalix, Chatdesk, Clearsale, Bing, SurveyMonkey, Talon.One, MailChimp, SendGrid, Meta (Facebook).

• to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
• to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose;
• to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Policy;
• to any other person if you have provided your prior consent to the disclosure.

6. How SSENSE protects your Personal Data

6.1 We will process your Personal Data in accordance with the following principles:

• Fairness: We are transparent about how we process Personal Data and we will process it in accordance with applicable law.
• Lawfulness: We will process Personal Data only on lawful grounds.
• Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable laws.
• Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the Personal Data are processed.
• Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current by informing us promptly of any changes or errors to the Personal Data that we hold about you (e.g. a change of address).
• Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you. These measures are designed to provide a level of security that is appropriate to the risk of processing your Personal Data. In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision.
• Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your Personal Data (as described above) and we do not store your Personal Data for longer, unless we must comply with applicable laws.

7. Data storage, retention and deletion

7.1 The Personal Data we collect from you is stored in our servers located in the United States.

7.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) only for as long as it is needed

7.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

8. Transfers of Personal Data outside the EU/EEA or the UK 

8.1 Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

8.2 Specifically, our Website servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries.

8.3 However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Policy. 

• For transfers of personal data outside of the EU/EEA: 
• When transferring your Personal Data to Canada, we rely on the EU Commission’s adequacy decision 2002/2/EC available here. 
• When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside of the European Union/European Economic Area (EU/EEA), we rely on the EU Commission’s standard contractual clauses. When transferring your Personal Data to our third party services providers who are also located in third countries outside the EU/EEA, which do not benefit from an EU Commission’s adequacy decision, we have implemented the European Commission’s standard contractual clauses with those third parties. 
• The EU Commission standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the GDPR by the European Commission, we will amend our data transfer documents accordingly.

• For transfers of personal data outside of the UK: 
• When transferring your Personal Data to Canada, we rely on the UK’s adequacy decision.
• When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission’s standard contractual clauses.
• When transferring your Personal Data to our third party services providers who are also located in third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission's standard contractual clauses.
• The U.K. Addendum to the EU Commission’s standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the UK GDPR by the UK Secretary of State, we will amend our data transfer documents accordingly.

9. Profiling

In some instances, we may use your Personal Data in order to better understand your preferences and to provide customized products or services to you. However, we do not make any decisions based solely on automated processing of such data, which either produce legal effects that concern you or similarly significantly affect you.

10. Minors

The services we provide on this App are not intended for individuals below the age of 16. If you are under 16, please do not use or register on this App.

11. Your data protection rights

11.1 Subject to applicable data protection legislation and certain limitations, you may - exercise the data protection rights listed below. You can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.

• You can access, rectify or request erasure of your Personal Data as detailed here below.

Please note that deletion requests are subject to certain limitations, for example, we may retain Personal Data as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. 

The right to access to Personal Data, which enables you to receive confirmation as to whether or not SSENSE is processing your Personal data and information about that processing, and to receive a copy of your Personal Data.

You may also request correction of any of your inaccurate Personal Data, as well as the deletion of your Personal Data. 

• You can object to the processing of your Personal Data at any time (including profiling) when the processing is based on our legitimate interest. You may also object at any time to the processing of your Personal Data for direct marketing purposes (which includes any profiling to the extent that it is related to such direct marketing).
• You may also ask us to restrict (block) the processing of your Personal Data under certain conditions. 
• When the processing is based on your consent or the performance of your contract with us, you may exercise your right to data portability, which enables you to receive your Personal Data in a structured, commonly used and matching-readable format and have it transmitted to another controller.
• If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
• You have the right to opt-out of marketing communications we send you at any time. You may unsubscribe from our newsletters or marketing notifications at any time by selecting the unsubscribe option in the “Email Preferences” section of your account, or by clicking the unsubscribe link at the bottom of every newsletter email. When you use the App, if you accept push notifications, we may send you promotional offers about our products and services via push notifications. If you no longer wish to receive push notifications about promotional offers from SSENSE, you can disable this service by changing your app settings in the device settings.

On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.

• Post mortem right: concerning France only, according to the French Data Protection Act, you have the right to define general or specific directives regarding the fate of your Personal Data after your death.
• You can also request to close your account at any time by contacting us as described below. You should be aware that once the App is uninstalled, you will not be able to use certain functionalities of the App.
• If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Union/European Economic Area, United Kingdom, Switzerland and certain non-European countries (including the US and Canada) are available here.

11.2 You may exercise any of the rights above at any time by contacting us as described under the “How to contact us” section below. We will respond to your request in accordance with applicable data protection laws.

12. External links

12.1 If any part of this App provides links to third party websites, such websites do not operate under this Policy. We recommend you examine the privacy notices posted on those websites to understand their procedures for collecting, using and disclosing personal data.

12.2 We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

13. Updates to this Policy

13.1 We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where this is required by applicable data protection laws.

13.2 You can see when this Policy was last updated by checking the “last updated” date displayed at the top of this Policy.

14. How to contact us

14.1 If you have any questions or concerns about this Policy or the way we process your Personal Data, please contact us via email at dataprotection@ssense.com. 

14.2 If you wish to exercise your data protection rights, you can do so at any time by using this SSENSE Data Request Form (please click here for the form in English, here for the form in French, here for the form in Japanese, here for the form in Korean and here for the form in Chinese).

14.3 The data controller of EU/EEA and UK residents’ personal data is Atallah Group Inc. 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada. 

14.4 With respect to Atallah Group Inc., you may contact its representatives in the EU/EEA and UK for data protection matters using the following details: dataprotection@ssense.com.

Addendum For Korean Data Subjects

This Addendum for Korean Data Subjects explains our practices with respect to Personal Data we process in connection with your relationship with us where you are a Korean data subject.

1. Transfer of Personal Data

We outsource the processing of your personal data to the following third-party service providers for the purposes represented below; the service providers are categorized into two sections: 1.1 and 1.2: Both categories of service providers process your personal data for the purposes represented in table below; Service providers in section 1.2 may also use your personal data for evaluating or enhancing their own products and service offerings;

1.1 Outsourcing of the Processing and cross-border storage of Personal Data with Third Parties.

We may outsource the processing of your Personal Data and/or transfer your Personal Data for storing purposes to third parties located outside of Korea.

1.2 Provision of Personal Data to Third Parties

1.3 Online Targeted Advertising

SSENSE allows online targeted advertising businesses to collect and process behavioral data as follows.

- Advertising businesses that want to collect and process behavioral data:  Google.

- Method of collecting behavioral data: Automatic collection and transmission when you visit our website or run our App.

- Items of behavioral data collected and processed: user’s web/app visit history, search history, purchase history, Member ID, Google ID.

2. Destruction of Personal Data

The process and method for destroying Personal Data are set forth below.

2.1. Process of destruction

We select the relevant Personal Data to be destroyed and destroy it with the approval of our Data Protection Officer, in accordance with applicable data protection laws and contractual obligations.

2.2. Method of destruction

We destroy Personal Data recorded and stored in the form of electronic files by using a technical method (e.g., low level format) to ensure that the records cannot be reproduced, while Personal Data recorded and stored in the form of paper documents shall be shredded or incinerated.

3. Contact Us

For questions or inquiries related to privacy and data protection, please contact our Data Protection Department using the contact details provided under the “How to contact us” heading above.

4. Amendment of this Policy

• Enforcement Date: June 01, 2023

Consent Information for app user

• I Agree to the collection and use of my personal information (required)

The table below shares details on types of personal data collected and purposes of processing by SSENSE

• I agree to the provision of personal information to Third Parties (Required)

The table below shares details on provision of personal data by SSENSE to third parties

SSENSE

KOREA Mobile App Privacy Policy

If you live in Korea, the following Privacy Policy applies to you: 

Last updated: June 01, 2023

1. About this Policy

1.1 At SSENSE (“SSENSE”, “us”, “we”, or “our”), we respect your privacy and we want to be transparent about the types of Personal Data (as defined below) we collect about you and how we use it. This Mobile App Privacy Policy (this “Policy”) explains how we collect, share and use any information that, alone or in combination with other information, relates to you (“Personal Data”) when you (“you” and “your”) use the SSENSE App (the “App”), or when you call us or answer our surveys.

1.2 This Policy sets out the rights that you have in relation to the Personal Data that we process about you and how you can exercise them. This Policy also describes the measures we implement to protect your Personal Data.

1.3 The App is managed by SSENSE, headquartered at 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada, who is the data controller for the Personal Data that is collected via the App. As a data controller, SSENSE is responsible for ensuring that the processing of Personal Data complies with applicable data protection laws, which includes the General Data Protection Regulation ((EU) 2016/679) (“GDPR”), if you live in the EU and the UK GDPR(“UK GDPR”), if you live in the UK. 

1.4 Please take the time to read this Policy carefully. If you have any questions or comments, please contact us as described in the “How to contact us” section below.

2. Quick links

2.1 We recommend that you read this Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Policy, then you can click on the relevant link below to jump to that section.

What Personal Data SSENSE collects, how and why

Cookies and other tracking technology

Who SSENSE shares your Personal Data with

How SSENSE protects your Personal Data

Data storage, retention and deletion

Transfers of Personal Data outside the EU/EEA and the United Kingdom

Profiling

Minors

Your data protection rights

External links

Updates to this Policy

How to contact us

Addendum For Korean Data Subjects

3. What Personal Data SSENSE collects, how and why

3.1 SSENSE collects your Personal Data:

- directly from you when you download and start using our App, or subscribe to our newsletter;

- directly from you when you make a purchase with SSENSE, answer customer feedback surveys, click on our ads, respond to marketing campaigns, or directly reach out to SSENSE for inquiries;

- automatically via our use of cookies and other tracking technology on our App.

3.2 When you use our App, we collect the following types of Personal Data about you, which we will process for the purposes described below:

3.3 Please note that the information you provide on our App may be necessary for contractual purposes and for us to comply with our legal obligations. Without such information, we may not be able to process your order or to answer your queries.

3.4 In particular, we may be required to disclose your Personal Data in response to legal and regulatory requests from public authorities, including to meet national security, anti-fraud or other legal requirements.

4. Cookies and other tracking technology

4.1 SSENSE may also collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification number (IMEI number), operating system version, the dates on which you access and use the App, user behaviour (such as your interactions with the App), broad geographic location (e.g. country or city-level location) and other technical information.

4.2 Collecting this information enables us to better understand the users of our App, where they come from, and what content on our App is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our App to our users.

4.3 Some of this information may be collected by using cookies and similar tracking technology, as explained further in our Cookie Policy which is available below. 

4.4 Location-based data

If you authorise us to access the location data on your device, we will use this information to send you location-based information and to deliver services at your request.

Also, if you no longer wish to receive push notifications for location-based services you can disable this service by changing your device settings, or by altering the settings in the App by unchecking the relevant box in the “Settings” section of the App. On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.

5. Who SSENSE shares your Personal Data with

5.1 We may disclose your Personal Data to the following categories of recipients:

1. to our group companies for purposes consistent with this Policy, and in particular, so that they may contact you regarding products and services that may be of interest to you where you have given your consent. We take precautions to allow access to Personal Data only to those staff members who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. Our group companies include: Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc., Atallah Group EU SARL
2. to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Policy or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as IT platform management or support services, infrastructure and application services, marketing, data analytics. Our third party vendors, service providers and partners include, without being limited to:

Controllers: Worldpay, Paypal, First Data (Payeezy/IPG), Klarna, Google Premium Analytics, Riskified, PerimeterX, Signifyd, Partnerize, Rakuten. For more information about the manner in which these controllers are processing your data, please check the privacy policies on their respective websites. 

Processors: HostedPCI, Stripe, Avalara, Zendesk, SAP, KIBO, StellaConnect, Loqate, Chatdesk, Google Cloud Platform, Google GSuite/Insight, Braze, AWS, Regalix, Chatdesk, Clearsale, Bing, SurveyMonkey, Talon.One, MailChimp, SendGrid, Meta (Facebook).

3. to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
4. to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose;
5. to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Policy;
6. to any other person if you have provided your prior consent to the disclosure.

6. How SSENSE protects your Personal Data

6.1 We will process your Personal Data in accordance with the following principles:

1. Fairness: We are transparent about how we process Personal Data and we will process it in accordance with applicable law.
2. Lawfulness: We will process Personal Data only on lawful grounds.
3. Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable laws.
4. Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the Personal Data are processed.
5. Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current by informing us promptly of any changes or errors to the Personal Data that we hold about you (e.g. a change of address).
6. Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you. These measures are designed to provide a level of security that is appropriate to the risk of processing your Personal Data. In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision.
7. Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your Personal Data (as described above) and we do not store your Personal Data for longer, unless we must comply with applicable laws.

7. Data storage, retention and deletion

7.1 The Personal Data we collect from you is stored in our servers located in the United States.

7.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) only for as long as it is needed

7.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

8. Transfers of Personal Data outside the EU/EEA or the UK 

8.1 Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

8.2 Specifically, our Website servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries.

8.3 However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Policy. 

• For transfers of personal data outside of the EU/EEA: 
  • When transferring your Personal Data to Canada, we rely on the EU Commission’s adequacy decision 2002/2/EC available here. 
  • When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside of the European Union/European Economic Area (EU/EEA), we rely on the EU Commission’s standard contractual clauses. When transferring your Personal Data to our third party services providers who are also located in third countries outside the EU/EEA, which do not benefit from an EU Commission’s adequacy decision, we have implemented the European Commission’s standard contractual clauses with those third parties. 
  • The EU Commission standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the GDPR by the European Commission, we will amend our data transfer documents accordingly.

• For transfers of personal data outside of the UK: 
  • When transferring your Personal Data to Canada, we rely on the UK’s adequacy decision.
  • When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission’s standard contractual clauses.
  • When transferring your Personal Data to our third party services providers who are also located in third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission's standard contractual clauses.
  • The U.K. Addendum to the EU Commission’s standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the UK GDPR by the UK Secretary of State, we will amend our data transfer documents accordingly.

9. Profiling

In some instances, we may use your Personal Data in order to better understand your preferences and to provide customized products or services to you. However, we do not make any decisions based solely on automated processing of such data, which either produce legal effects that concern you or similarly significantly affect you.

10. Minors

The services we provide on this App are not intended for individuals below the age of 16. If you are under 16, please do not use or register on this App.

11. Your data protection rights

11.1 Subject to applicable data protection legislation and certain limitations, you may - exercise the data protection rights listed below. You can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.

1. You can access, rectify or request erasure of your Personal Data as detailed here below.

Please note that deletion requests are subject to certain limitations, for example, we may retain Personal Data as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. 

The right to access to Personal Data, which enables you to receive confirmation as to whether or not SSENSE is processing your Personal data and information about that processing, and to receive a copy of your Personal Data.

You may also request correction of any of your inaccurate Personal Data, as well as the deletion of your Personal Data. 

2. You can object to the processing of your Personal Data at any time (including profiling) when the processing is based on our legitimate interest. You may also object at any time to the processing of your Personal Data for direct marketing purposes (which includes any profiling to the extent that it is related to such direct marketing).
3. You may also ask us to restrict (block) the processing of your Personal Data under certain conditions. 
4. When the processing is based on your consent or the performance of your contract with us, you may exercise your right to data portability, which enables you to receive your Personal Data in a structured, commonly used and matching-readable format and have it transmitted to another controller.
5. If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
6. You have the right to opt-out of marketing communications we send you at any time. You may unsubscribe from our newsletters or marketing notifications at any time by selecting the unsubscribe option in the “Email Preferences” section of your account, or by clicking the unsubscribe link at the bottom of every newsletter email. When you use the App, if you accept push notifications, we may send you promotional offers about our products and services via push notifications. If you no longer wish to receive push notifications about promotional offers from SSENSE, you can disable this service by changing your app settings in the device settings.

On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.

7. Post mortem right: concerning France only, according to the French Data Protection Act, you have the right to define general or specific directives regarding the fate of your Personal Data after your death.
8. You can also request to close your account at any time by contacting us as described below. You should be aware that once the App is uninstalled, you will not be able to use certain functionalities of the App.
9. If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Union/European Economic Area, United Kingdom, Switzerland and certain non-European countries (including the US and Canada) are available here.

11.2 You may exercise any of the rights above at any time by contacting us as described under the “How to contact us” section below. We will respond to your request in accordance with applicable data protection laws.

12. External links

12.1 If any part of this App provides links to third party websites, such websites do not operate under this Policy. We recommend you examine the privacy notices posted on those websites to understand their procedures for collecting, using and disclosing personal data.

12.2 We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

13. Updates to this Policy

13.1 We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where this is required by applicable data protection laws.

13.2 You can see when this Policy was last updated by checking the “last updated” date displayed at the top of this Policy.

14. How to contact us

14.1 If you have any questions or concerns about this Policy or the way we process your Personal Data, please contact us via email at dataprotection@ssense.com. 

14.2 If you wish to exercise your data protection rights, you can do so at any time by using this SSENSE Data Request Form (please click here for the form in English, here for the form in French, here for the form in Japanese, here for the form in Korean and here for the form in Chinese).

14.3 The data controller of EU/EEA and UK residents’ personal data is Atallah Group Inc. 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada. 

14.4 With respect to Atallah Group Inc., you may contact its representatives in the EU/EEA and UK for data protection matters using the following details: dataprotection@ssense.com.

Addendum For Korean Data Subjects

This Addendum for Korean Data Subjects explains our practices with respect to Personal Data we process in connection with your relationship with us where you are a Korean data subject.

1. Transfer of Personal Data

We outsource the processing of your personal data to the following third-party service providers for the purposes represented below; the service providers are categorized into two sections: 1.1 and 1.2: Both categories of service providers process your personal data for the purposes represented in table below; Service providers in section 1.2 may also use your personal data for evaluating or enhancing their own products and service offerings;

1.1 Outsourcing of the Processing and cross-border storage of Personal Data with Third Parties.

We may outsource the processing of your Personal Data and/or transfer your Personal Data for storing purposes to third parties located outside of Korea.

1.2 Provision of Personal Data to Third Parties

1.3 Online Targeted Advertising

SSENSE allows online targeted advertising businesses to collect and process behavioral data as follows.

- Advertising businesses that want to collect and process behavioral data:  Google.

- Method of collecting behavioral data: Automatic collection and transmission when you visit our website or run our App.

- Items of behavioral data collected and processed: user’s web/app visit history, search history, purchase history, Member ID, Google ID.

2. Destruction of Personal Data

The process and method for destroying Personal Data are set forth below.

2.1. Process of destruction

We select the relevant Personal Data to be destroyed and destroy it with the approval of our Data Protection Officer, in accordance with applicable data protection laws and contractual obligations.

2.2. Method of destruction

We destroy Personal Data recorded and stored in the form of electronic files by using a technical method (e.g., low level format) to ensure that the records cannot be reproduced, while Personal Data recorded and stored in the form of paper documents shall be shredded or incinerated.

3. Contact Us

For questions or inquiries related to privacy and data protection, please contact our Data Protection Department using the contact details provided under the “How to contact us” heading above.

4. Amendment of this Policy

• Enforcement Date: June 01, 2023

Consent Information for app user

1. I Agree to the collection and use of my personal information (required)

The table below shares details on types of personal data collected and purposes of processing by SSENSE

2. I agree to the provision of personal information to Third Parties (Required)

The table below shares details on provision of personal data by SSENSE to third parties