SSENSE Privacy Policy

Last updated: May 18^th 2021

Privacy Policy applicable to the Website, phone calls and surveys

1. About this Policy

1.1 This Privacy Policy ("Policy") explains how we (as defined below) collect, share and use any information that, alone or in combination with other information, relates to you ("Personal Data") when you ("you" and "your") use our website ssense.com (the "Website"), or when you call us or answer our surveys.

1.2 This Policy also sets out the rights that you have in relation to the Personal Data that we process about you and how you can exercise them.

1.3 SSENSE treats compliance with its privacy obligations seriously. This is why we have developed this Policy, which describes the standards that SSENSE applies to protect Personal Data.

1.4 For the purposes of this Policy, SSENSE ("SSENSE", "us", "we", or "our") headquartered at 333 Chabanel Street W #900, Montreal QC H2N 2G1, Canada, acts as the data controller for the Personal Data that is collected via the Website. As a data controller, SSENSE is responsible for ensuring that the processing of Personal Data complies with applicable data protection law, which includes the General Data Protection Regulation.

1.5 Please take the time to read this Policy carefully. If you have any questions or comments, please contact us by phone +1 877 637 6002 or via email at dataprotection@ssense.com.

 

2. What Personal Data does SSENSE collect and why?

2.1 The types of Personal Data that we may collect about you, and the reasons why we process it, include:

Type of Personal Data	Why we collect it	Legal basis
Name, Surname Email address Password Customer ID Order History Shipping address Delivery preferences Financial information Account details	Enabling you to create your account Managing your account and personal preferences Processing and shipping your orders Enabling you to access your order history with us at all times Providing you with customer service as may be required	Contractual necessity
Name, Surname Customer ID Order History Shipping address Financial information Order number	Documenting transactions you made on our website	Our legitimate interests in order to protect SSENSE's business and legal rights
Name, Surname Email address Email preferences Shopping preferences Customer ID	Providing you with exclusive email updates, promotions, and notifications including information about our products or services	Your consent (unless a legal exception applies)
Name, Surname Email address Your inquiry and your inquiry history	Processing and responding to any inquiry that you may address to us	Contractual necessity
Name, Surname Email address Order History Financial information Account details	Prevention of fraud	Legal obligation
Name, Surname Email address Password Customer ID Account details	Administering and maintaining our web platform	Our legitimate interests in order to offer, maintain and improve our platform
IP address Account details Shopping preferences	Data analytics, statistics and audience measurement	Our legitimate interests in order to understand how our website is being used and to help us customise and measure the audience on our website

2.2 Please note that the information you provide on our Website may be necessary for contractual purposes and for us to comply with our legal obligations. Without such information, we may not be able to process your order or to answer your queries.

2.3 We may also collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked.

2.4 Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website to our visitors.

2.5 Some of this information may be collected using cookies and similar tracking technology, as explained further in our Cookie Notice which is available here.

 

3. Who does SSENSE share your Personal Data with?

3.1 We may disclose your Personal Data to the following categories of recipients:

(a) to our group companies for purposes consistent with this Policy, and in particular, so that they may contact you regarding products and services that may be of interest to you where you have given your consent. We take precautions to allow access to Personal Data only to those staff members who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. Our group companies include: Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc.

(b) to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Policy or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as IT platform management or support services, infrastructure and application services, marketing, data analytics. Our third party vendors, service providers and partners include, without being limited to: Riskified, Signifyd, Clearsale, HostedPCI, First Data (Payeezy/IPG), Paypal Express, PayPal Pro (Payflow Pro), Paysafe (Netbanx), Pazien, Google, Facebook, Bing, Commission Junction, Partnerize, Rakuten, MailChimp, Mandrill, SendGrid, SurveyMonkey.

(c) to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;

(d) to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose;

(e) to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Notice;

(f) to any other person if you have provided your prior consent to the disclosure.

 

4. How we protect your privacy

4.1 We will process Personal Data in accordance with the following principles:

(a) Fairness: We will process Personal Data fairly. This means that we are transparent about how we process Personal Data and that we will process it in accordance with applicable law.

(b) Lawfulness: We will process Personal Data only on lawful grounds.

(c) Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable data protection laws.

(d) Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the data are processed.

(e) Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current as possible by informing us promptly of any changes or errors. You should notify us of any changes to the Personal Data that we hold about you (e.g. a change of address).

(f) Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data.  In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision.

(g) Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your data and do not store your data for longer, unless we must comply with applicable laws.

 

5. Data storage, retention and deletion

5.1 The Personal Data we collect from you is stored in our servers located in the United States.

5.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

5.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

 

6. International transfers of data

6.1 Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

6.2 Specifically, our Website servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries.

6.3 However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Policy. When transferring your Personal Data to Canada, we rely on the EU Commission's adequacy decision 2002/2/EC available here. When transferring your Personal Data to the United States, we rely on the EU Commission's EU-US Privacy Shield decision (available here) if the recipient is appropriately certified. In all other cases, we only transfer or make your Personal Data available to other entities of the SSENSE group or to our third party services providers in third countries where such transfer is necessary for the performance of a contract between you and SSENSE or the implementation of pre-contractual measures.

 

7. Profiling

7.1 In some instances, we may use your Personal Data in order to better understand your preferences and to provide customized products or services to you. However, we do not make any decisions based solely on automated processing of such data, which either produce legal effects that concern you or similarly significantly affect you.

 

8. Minors

8.1 The services we provide on this Website are not intended for individuals below the age of 16. If you are under 16, please do not use or register on this Website.

 

9. Your data protection rights

9.1 You have the following data protection rights:

(a) If you wish to access, correct, update or request deletion of your Personal Data, you can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.

(b) In addition, in certain circumstances, as stipulated in the applicable data protection legislation, you can object to the processing of your Personal Data, ask us to restrict processing of your Personal Data or request portability of your Personal Data. Again, you can exercise these rights by contacting us using the contact details below.

(c) If we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.

(d) You have the right to opt-out of marketing communications we send you at any time. You may unsubscribe from our newsletters or marketing notifications at any time by selecting the unsubscribe option in the "Email Preferences" section of your account, or by clicking the unsubscribe link at the bottom of every newsletter email. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided below.

(e) If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here.

9.2 We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

 

10. Linking to other websites

10.1 The Website may contain hyperlinks to websites owned and operated by third parties. These websites have their own privacy policies and we urge you to review them. They will govern the use of Personal Data you submit whilst visiting these websites. 

10.2 We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.

 

11. Updates to this Policy

11.1 We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where this is required by applicable data protection laws.

11.2 You can see when this Policy was last updated by checking the “last updated” date displayed at the top of this Policy.

 

12. How to contact us

12.1 If you have any questions or concerns about our use of your Personal Data, please contact us by phone +1 877 637 6002 or via email at dataprotection@ssense.com.

 

 

 Cookie Notice

Last updated: December 8th 2020

1. About this Notice

1.1 This Cookie Notice ("Notice") explains how SSENSE (“SSENSE”, "we", "us", and "ours") use cookies and similar technologies to recognise you when you visit our website at www.ssense.com ("Website") or use our mobile application ("App"). It explains what these technologies are and why we use them, as well as your rights to control our use of them.

1.2 Please take the time to read this Notice carefully. If you have any questions or comments, please contact us by phone +1 877 637 6002 or via email at dataprotection@ssense.com. 

 

2. What are cookies?

2.1 Cookies are small data files that are placed on your computer or mobile device when you visit a website or use a mobile application.  Cookies are widely used by website or mobile application owners in order to make their websites or mobile applications work, or to work more efficiently, as well as to provide reporting information.  

2.2 Cookies have many different features, such as allowing you to navigate between pages efficiently, remembering your preferences, and generally improving the user experience. They can also help ensure that the advertisements you see online are more relevant to you and your interests.

2.3 Cookies set by the websites or app owners (in this case, SSENSE) are called "first party cookies".  Cookies set by parties other than the website or app owner are called "third party cookies".  Third party cookies enable third party features or functionality to be provided on or through the website or mobile application (e.g. like advertising, interactive content and analytics).  The parties that set these third party cookies can recognise your computer or mobile device both when it visits the website or uses the mobile application in question and also when it visits certain other websites.  

 

3. How long do cookies last?

3.1 Cookies can remain on your computer or mobile device for different periods of time. Some cookies are 'session cookies', which means they only exist when your browser is open and are automatically deleted when you close your browser or quit the app. Other cookies are 'persistent cookies', meaning they survive after your browser or app is closed and can be used by websites or apps to recognize your computer when you re-open your browser or app later. The length of the cookies used on our Website(s) and our App is explained in more detail in the table below.

 

4. Why do we use cookies?

4.1 When you visit our Website or use our App, we may place the following types of cookies:

Types of cookies	How to refuse
Essential website and app cookies: These cookies are strictly necessary to provide you with services available through our Website or our App and to use some of its features, such as access to secure areas.	Because these cookies are strictly necessary to deliver the Website or our App to you, you cannot refuse them. You can block or delete them by changing your browser settings however, as described below under the heading "How can I control cookies?".
Performance and functionality cookies: These cookies are used to enhance the performance and functionality of our Website or App, but are not essential to their use. However, without these cookies, some functionalities such as getting redirected to your preferred language and country may become unavailable.	We will only place these cookies if you expressly accept them when you first visit our Website or App via our cookie preference banner. Please note that you can withdraw your consent for this type of cookie at any time by re-opening our cookie preference banner, available here. To refuse these cookies, you can also follow the instructions below under the heading "How can I control cookies?" Finally, if you wish to disable cookies set up by a particular supplier, please use the specific unsubscribe link provided in the table below.
Analytics and customisation cookies: These cookies collect information that is used either in aggregate form to help us understand how our Website or App are being used or how effective our marketing campaigns are, or to help us customise our Website or App for you.	We will only place these cookies if you expressly accept them when you first visit our Website or App via our cookie preference banner. Please note that you can withdraw your consent for this type of cookie at any time by re-opening our cookie preference banner, available here. To refuse these cookies, you can also follow the instructions below under the heading "How can I control cookies?" Finally, if you wish to disable cookies set up by a particular supplier, please use the specific unsubscribe link provided in the table below.
User measurement cookies: These cookies allow us to measure the audience on our Website or App or to test different versions in order to optimize choices according to the respective performances of different versions of the Website or App. These cookies also allow us to detect navigation problems or to organize the content displayed on our Website or App.	We will only place these cookies if you expressly accept them when you first visit our Website or App via our cookie preference banner. Please note that you can withdraw your consent for this type of cookie at any time by re-opening our cookie preference banner, available here. To refuse these cookies, you can follow the instructions below under the heading "How can I control cookies?" or use the specific unsubscribe link provided in the table below.

 

4.2 More specifically, you will find below a complete list of the cookies we may place when you visit our Website or use our App:

 

Cookie provider	Type of cookie	Cookie Name	Purpose	Duration	How to unsubscribe
Bing	Analytics and customisation cookies	_uetvid	Used to improve advertising relevancy	13 months	Browser settings
Bing	Analytics and customisation cookies	_uetsid	Used to improve advertising relevancy	1 day	Browser settings
Bing	Analytics and customisation cookies	MUID	Used to improve advertising relevancy	13 months	Browser settings
Bing	Analytics and customisation cookies	MR	Used to improve advertising relevancy	1 day	Browser settings
Commission Junction	Analytics and customisation cookies	affiliate	Used to pay commissions to advertising partners	30 days	Browser settings
DoubleClick	Analytics and customisation cookies	RUL	Used to improve advertising relevancy	1 year	Browser settings
DoubleClick	Analytics and customisation cookies	IDE	Used to improve advertising relevancy	2 years	Browser settings
Facebook	Analytics and customisation cookies	_fbp	Used to improve advertising relevancy	3 months	Browser settings
Facebook	Analytics and customisation cookies	fr	Used to improve advertising relevancy	3 months	Browser settings
Google	Analytics and customisation cookies	_ga	Used to improve the shopping experience	2 years	Browser settings
Google	Analytics and customisation cookies	_gac_ua-*	Used to improve the shopping experience	3 months	Browser settings
Google	Analytics and customisation cookies	_gat	Used to improve the shopping experience	1 day	Browser settings
Google	Analytics and customisation cookies	_gid	Used to improve the shopping experience	2 days	Browser settings
Google	Analytics and customisation cookies	_gcl_aw	Used to improve the shopping experience	3 months	Browser settings
Google	Analytics and customisation cookies	__Secure-3PSIDCC	Used to enable visitor profile to show relevant and personalized ads	2 years	Browser settings
Google	Analytics and customisation cookies	__Secure-3PSID	Used to enable visitor profile to show relevant and personalized ads	2 years	Browser settings
Google	Analytics and customisation cookies	__Secure-3PAPISID	Used to enable visitor profile to show relevant and personalized ads	2 years	Browser settings
Google	Analytics and customisation cookies	SSID	Used to enable Google preferences	2 years	Browser settings
Google	Analytics and customisation cookies	SIDCC	Used to enable Google security	1 year	Browser settings
Google	Analytics and customisation cookies	SID	Used to enable Google preferences	2 years	Browser settings
Google	Analytics and customisation cookies	SAPISID	Used to enable Google preferences	2 years	Browser settings
Google	Analytics and customisation cookies	NID	Used to enable Google preferences	6 months	Browser settings
Google	Analytics and customisation cookies	HSID	Used to enable Google preferences	2 years	Browser settings
Google	Analytics and customisation cookies	DV	Used to enable Google preferences	Session	Browser settings
Google	Analytics and customisation cookies	APISID	Used to enable Google preferences	2 years	Browser settings
Google	Analytics and customisation cookies	1P_JAR	Used to enable Google analytics	30 days	Browser settings
Google	Performance and functionality cookies	_gcl_au	Used to enable Google Adsense	3 months	Browser settings
Google	Analytics and customisation cookies	__utmvc	Used to improve the shopping experience	1 year	Browser settings
Google	Analytics and customisation cookies	ga_dim5	Used to improve the shopping experience	1 year	Browser settings
Incapsula	Essential website and app cookies	incap_ses_529_1637567	Used to prevents malicious user	1 year	Browser settings
Incapsula	Essential website and app cookies	visid_incap_1637567	Used to prevents malicious user	1 year	Browser settings
Partnerize	Analytics and customisation cookies	clickref	Used to pay commissions to advertising partners	30 days	Browser settings
PerimeterX	Essential website and app cookies	_pxvid	Used to enable cybersecurity protection	13 months	Browser settings
PerimeterX	Essential website and app cookies	_pxhd	Used to enable cybersecurity protection	1 year	Browser settings
PerimeterX	Essential website and app cookies	_px2	Used to enable cybersecurity protection	Session	Browser settings
PerimeterX	Essential website and app cookies	_pxff_rf	Used to enable cybersecurity protection	Session	Browser settings
Pinterest	Analytics and customisation cookies	_pin_unauth	Used to enable Pinterest marketing	1 year	Browser settings
Rakuten	Analytics and customisation cookies	affiliate	Used to pay commissions to advertising partners	30 days	Browser settings
Riskified	Performance and functionality cookies	lastRskxRun	Used to prevent fraud	2 years	Browser settings
Riskified	Performance and functionality cookies	rCookie	Used to prevent fraud	2 years	Browser settings
Riskified	Performance and functionality cookies	rskxRunCookie	Used to prevent fraud	2 years	Browser settings
Riskified	Performance and functionality cookies	nlbi_1637567	Used to prevent fraud	1 year	Browser settings
Secret Sauce Partners	User measurement cookies	sp	Used to improve the shopping experience	2 years	Browser settings
Snapchat	Analytics and customisation cookies	_sctr	Used to enable Snap Ads	13 months	Browser settings
Snapchat	Analytics and customisation cookies	_scid	Used to enable Snapchat's visitor identification	13 months	Browser settings
Ssense	Essential website and app cookies	auth	Used to manage authentication	28 days	Browser settings
Ssense	Essential website and app cookies	gdprCountry	Used to show GDPR pop-up for users in EU	1 year	Browser settings
Ssense	Essential website and app cookies	shopping_bag	Used to store products in users’ carts	28 days	Browser settings
Ssense	Essential website and app cookies	sid	Used to improve the shopping experience	2 years and 9 months	Browser settings
Ssense	Essential website and app cookies	trackingId	Used to improve the shopping experience	2 years	Browser settings
Ssense	Essential website and app cookies	visitorId	Used to improve the shopping experience	2 years	Browser settings
Ssense	Performance and functionality cookies	country	Used to remember users’ country preferences	1 year	Browser settings
Ssense	Performance and functionality cookies	forcedCountry	Used to remember users’ country preferences	1 day	Browser settings
Ssense	Performance and functionality cookies	lang	Used to remember users’ language preferences	1 year	Browser settings
Ssense	Performance and functionality cookies	preferredLanguage	Used to remember users’ language preferences	2 years	Browser settings
Ssense	Performance and functionality cookies	recent_products	Used to store recently viewed products	6 months	Browser settings
Ssense	Analytics and customisation cookies	isp	Used to store the users' internet service provider	2 years	Browser settings
Ssense	Performance and functionality cookies	_sp_ses.c6c8	Used to improve the shopping experience	Session	Browser settings
Ssense	Performance and functionality cookies	_sp_id.c6c8	Used to improve the shopping experience	2 years	Browser settings
Ssense	Analytics and customisation cookies	_ga_7S92J18W0C	Used to improve the shopping experience	2 years	Browser settings
Ssense	Essential website and app cookies	_dd_s	Used to improve the shopping experience	Session	Browser settings
Ssense	Performance and functionality cookies	tempWishList	Used to store products in users’ wishlists	1 day	Browser settings
Ssense	Performance and functionality cookies	tags	Used to control loyalty programs	30 days	Browser settings
Ssense	Essential website and app cookies	_csrf	Used to enable cybersecurity	Session	Browser settings
Ssense	Essential website and app cookies	cookieDisclaimerAccepted	Used to store cookie acceptance banner	Session	Browser settings
Ssense	User measurement cookies	exp_*	Used to improve the shopping experience	1 year	Browser settings
Ssense	Performance and functionality cookies	login_redirect	Used to improve the shopping experience	Session	Browser settings
Ssense	Performance and functionality cookies	currency	Used to remember users’ currency preferences	1 year	Browser settings
Zendesk	Performance and functionality cookies	__zlcmid	Used to improve the live chat experience	1 year	Browser settings

 

 

5. What about other tracking technologies, like web beacons?

5.1 Cookies are not the only way to recognise or track visitors to a website.  We may use other, similar technologies from time to time, like web beacons (sometimes called "tracking pixels" or "clear gifs").  These are tiny graphics files that contain a unique identifier that enable us to recognise when someone has visited our Website(s) or opened an e-mail that we have sent them.  This allows us, for example, to monitor the traffic patterns of users from one page within our Website to another, to deliver or communicate with cookies, to understand whether you have come to our Website from an online advertisement displayed on a third-party website, to improve site performance, and to measure the success of e-mail marketing campaigns.  In many instances, these technologies are reliant on cookies to function properly, and so declining cookies will impair their functioning.

 

6. How can I control cookies?

6.1 You have the right to decide whether to accept or reject specific cookies.  You can exercise your cookie preferences in your browsers settings.

6.2 You can also set or amend your web browser controls or device preferences to accept or refuse some cookies. If you choose to reject cookies, you may still use our Website or App though your access to some functionality and areas of our Website or App may be restricted. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser's help menu for more information.

6.3 In addition, most advertising networks offer you a way to opt out of targeted advertising.  If you would like to find out more information, please visit http://www.aboutads.info/choices/ or http://www.youronlinechoices.com. 

 

7. The cookies that were sent in the past

7.1 If you have disabled one or more cookies, we can always use information collected by these cookies before the deactivation. However, we cease to collect information via the opted-out cookie.

 

8. More information about cookies

8.1 For more information about cookies, including explanation about how cookies are placed on your device, or how to manage and delete them, visit http://www.allaboutcookies.org.

 

9. Updates to this Notice

9.1 We may update this Notice from time to time in response to changing legal, technical or business developments. When we update our Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.  

9.2 You can see when this Notice was last updated by checking the “last updated” date displayed at the top of this Notice.  

 

Recruitment Privacy Notice

Last updated:  October 30th 2020

1. About this Notice

1.1 This Recruitment Privacy Notice ("Notice") explains how SSENSE ("SSENSE", "we" and "our") collects, shares and uses any information that, alone or in combination with other information, in relation to individuals ("Personal Data") who apply for a job on our website ("Applicants", "you" and "your").

1.2 This Notice also sets out the rights that you have in relation to the Personal Data that we process about you and how you can exercise them.

1.3 SSENSE treats compliance with its privacy obligations seriously. This is why we have developed this Notice, which describes the standards that SSENSE applies to protect Personal Data.

1.4 For the purposes of this Notice, SSENSE headquartered at 333 Chabanel Street W #900, Montreal QC, H2N 2G1, Canada, is the data controller for the Applicant's Personal Data. As a data controller, SSENSE is responsible for ensuring that the processing of Personal Data complies with applicable data protection law, including the General Data Protection Regulation. 

1.5 Please take the time to read this Notice carefully. If you have any questions or comments, please contact us by phone at +1 877 637 6002 or via email at dataprotection@ssense.com.

 

2. What Personal Data does SSENSE collect and why?

2.1 The types of Personal Data that we may collect about you, and the reasons why we process it, include: 

 

Types of Personal Data	Why we collect it	Legal basis	Retention period
Name Surname  E-mail address Home address Phone number  Curriculum Vitae Information about whether you are legally authorized to work in Canada/US/E-U City, State, Country Education details Work History	To enable you to contact us or enable us to respond and provide feedback in the context of recruitment;  To evaluate and select job applicants including for example setting up and conducting interviews;  To evaluate and assess the results thereto and as is otherwise needed in the recruitment process including the final recruitment;  To communicate with you  during the recruitment process.	Our legitimate interest to carry out recruitment and to manage the hiring process	Two (2) years following our last contact with you
Name, Surname Email address Phone Number CV Information about whether the Applicant is legally authorized to work in Canada/US/EU City, State and Country of location	To put in place necessary arrangements for future employment	Contractual necessity	Two (2) years following our last contact with you
Bank account details	To reimburse any expenses incurred by you during the recruitment process (e.g. traveling).	Our legitimate interest to facilitate the recruitment process for all Applicants and your legitimate interest to obtain reimbursement for any expenses incurred during recruitment process	For the time needed to process the reimbursement and then this data is deleted
Name, Surname Email address Phone Number CV Information about whether the Applicant is legally authorized to work in Canada/US/E-U City, State and Country of location	To generally manage and improve our recruitment and hiring process.	Our legitimate interest to improve our hiring process	Two (2) years following our last contact with you

2.2 We may collect information regarding your gender, racial or ethnic origin and sexual orientation in order to ensure that our candidates are representative of the population, to the extent permitted by applicable laws. We may also have knowledge of some sensitive data (e.g. religion) if you spontaneously provide it to us in your CV.  

2.3 If we ask you to provide any other Personal Data not described above, then the Personal Data we will ask you to provide, and the reasons why we ask you to provide it, will be made clear to you at the point we collect that Personal Data.

 

3. Who does SSENSE share your Personal Data with?

3.1 We may disclose your Personal Data to the following categories of recipients:

1. 1. 1. to our group companies for purposes consistent with this Notice. We take precautions to allow access to your Personal Data only to those of our employees who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. Our group companies include:  Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc., Atallah Group EU SRL.
      2. to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Notice or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as managing résumé/CV information, IT platform management or support services, infrastructure and application services, data analytics. Our third party vendors, services providers and partners include:  Sterling Backcheck, PwC, SmartRecruiters. 
      3. to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
      4. to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose; 
      5. to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Notice;
      6. to any other person if you have provided your prior consent to the disclosure.

 

4. How we protect your privacy 

4.1 We will process Personal Data in accordance with the following principles:

1. Fairness: We will process Personal Data fairly. This means that we are transparent about how we process Personal Data and that we will process it in accordance with applicable law.
2. Lawfulness: We will process Personal Data only on lawful grounds;
3. Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable data protection laws.
4. Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the data are processed. 
5. Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current as possible by informing us promptly of any changes or errors. You should notify us of any changes to the Personal Data that we hold about you (e.g. a change of address).
6. Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you.  The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data.  In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision.
7. Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your data and do not store your data for longer, unless we must comply with applicable laws.

 

5. Data storage, retention and deletion

5.1 The Personal Data we collect from you is stored in our servers located in the United States. 

5.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).  

5.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

5.4 If you are not retained following the recruitment process, SSENSE will keep your application form on file for future job openings no longer than two years. If you are successful and offered a job at SSENSE, your Personal Data will be used to complete your hiring process by our HR department. 

5.5 For more details about the periods of retention of your Personal Data, please refer to the table above.

 

6. International transfers of data

6.1 Your Personal Data may be transferred to, and processed in, countries other than the country in which you are a resident (including countries outside the European Economic Area such as Canada where we are established).  These countries may have data protection laws that are different to the laws of your country.

6.2 Specifically, our Website servers are located in the United States, and our group companies and third party service providers and partners operate around the world.  This means that when we collect your Personal Data we may process it in any of these countries.

6.3 However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Policy. When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside of the European Union/European Economic Area (EU/EEA), we rely on the EU Commission's standard contractual clauses. When transferring your Personal Data to third party services providers who are also located in third countries outside the EU/EEA, we have implemented the European Commission's Standard Contractual Clauses with those third parties. 

 

7. Your data protection rights

7.1 You have the following data protection rights:

1. 1. 1. If you wish to access, correct, update or request deletion of your Personal Data, you can do so at any time by contacting us by phone at +1 877 637 6002 or via email at dataprotection@ssense.com.
      2. In addition, in certain circumstances, as stipulated in the applicable data protection legislation, you can object to processing of your Personal Data, ask us to restrict processing of your Personal Data or request portability of your Personal Data. Again, you can exercise these rights by contacting us using the contact details mentioned above.
      3. If we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
      4. If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to a data protection authority about our collection and use of your Personal Data.  For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here.)

7.2 We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

 

8. Updates to this Notice

8.1 We may update this Notice from time to time in response to changing legal, technical or business developments. When we update our Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.  We will obtain your consent to any material Notice changes if and where this is required by applicable data protection laws. 

8.2 You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Notice.  

 

9. How to contact us

9.1 If you have any questions or concerns about our use of your Personal Data, please contact us by phone +1 877 637 6002 or via email at dataprotection@ssense.com.

 

 

Mobile App Privacy Policy

Last updated: October 2^nd 2019

1. About this Policy

1.1 At SSENSE ("SSENSE", "us", "we", or "our"), we respect your privacy and we want to be transparent about the types of Personal Data (as defined below) we collect about you and how we use it. This Mobile App Privacy Policy (hereafter the "Policy"), explains how we collect, use and share any information gathered about you ("Personal Data") through your use of the SSENSE App (the "App") and aims to inform you about the rights and freedoms that you can exercise with regard to our use of your Personal Data. This Policy also describes the measures we implement to protect your Personal Data.

1.2 This App is managed by SSENSE, headquartered at 333 Chabanel Street W #900, Montreal QC H2N 2G1, Canada, who is the data controller for all Personal Data that is collected via this App. For more information about this App, please see the “About Us” or "Terms and Conditions" section of our App.

1.3 If you do not want SSENSE to process any of your Personal Data through this App, as set out in this Policy, you should not install and use the App. Please note that some services can only be provided via the App and therefore, the subscription to those services implies the use of the App.

 

2. Quick links

2.1 We recommend that you read this Notice in full to ensure you are fully informed. However, if you only want to access a particular section of this Notice, then you can click on the relevant link below to jump to that section.

What personal data does SSENSE collect and why?

Who does SSENSE share your personal data with?

How we protect your privacy

Data storage, retention and deletion

Transfers of Personal Data outside the EU/EEA

Profiling

Minors

Your data protection rights

External links

Updates to this privacy policy

How to contact us

 

3. What personal data does SSENSE collect and why?

3.1 When you use the App, we may collect the following types of Personal Data about you, which we will process for the purposes described below:

Type of Personal Data	Why we collect it	Legal basis
Name, Surname Email address Password Customer ID Order History Shipping address Delivery preferences Financial information Account details Email preferences Shopping preferences Kind of request and request message  Order number Location based data Universally Unique Identifier Permission to send personal notification	Enabling you to create your account Managing your account and personal preferences Processing and shipping your orders  Enabling you to access your order history with us at all times Providing you with customer service as may be required	Contractual necessity
Name, Surname Email address Password Customer ID Order History Shipping address Delivery preferences Financial information	Documenting transactions you made on our App	Our legitimate interests in order to protect SSENSE's business and legal rights
Email address Email preferences Shopping preferences Customer ID	Providing you with exclusive email updates, promotions, and notifications including information about our products or services	Your consent (unless a legal exception applies)
Name, Surname Email address Customer ID Kind of request and request message Where appropriate, order number	Processing and responding to any inquiry that you may address to us	Contractual necessity
Name, Surname Customer ID Location-based data	Providing you with location based services	Your consent (unless a legal exception applies)
Name, Surname Email address Password Customer ID Order History Shipping address Delivery preferences Financial information	Prevention of fraud	Legal obligation
Name, Surname Email address Customer ID Password Account details	Administer and maintain our App Personalize customer experience	Our legitimate interest to offer, maintain and improve our App
Name, Surname Email address Customer ID Password Account details	Data analytics, statistics and audience measurement	Our legitimate interest to help us understand how our App is being used, to help us customise our App and to measure the audience on our App

3.2 Please note that the information you provide via our App may be necessary for contractual purposes and for us to comply with our legal obligations. Without such information, we may not be able to process your order or to answer your queries.

3.3 We may also collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers (e.g., IMEI number), operating system version, the dates on which you access and use the App, user behaviour (such as your interactions with the App), broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked.

Collecting this information enables us to better understand the visitors who use our App, where they come from, and what content on our App is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our App to our visitors.

Some of this information may be collected using cookies and similar tracking technology, as explained further in our Cookie Notice which is available here.

3.4 Location-based data

If you authorise us to access the location data on your device, we will use this information to send you location-based information and to deliver services at your request.

Also, if you no longer wish to receive push notifications for location-based services you can disable this service by changing your phone settings, or by altering the settings in the App by unchecking the relevant box in the “Settings” section of the App.

On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.

 

4. Who does SSENSE share your Personal Data with?

4.1 We may disclose your Personal Data to the following categories of recipients:

(a) to our group companies for purposes consistent with this Policy, and in particular, so that they may contact you regarding products and services that may be of interest to you where you have given your consent. We take precautions to allow access to Personal Data only to those staff members who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. A list of all our group companies is available here: Our group companies include: Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc.

(b) to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Policy or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as IT platform management or support services, infrastructure and application services, marketing, data analytics. Our third party vendors, service providers and partners include Riskified, Signifyd, Clearsale, HostedPCI, First Data (Payeezy/IPG), Paypal Express,  PayPal Pro (Payflow Pro), Paysafe (Netbanx), Pazien, Google, Facebook, Bing, Commission Junction, Partnerize, Rakuten, MailChimp, Mandrill, SendGrid, SurveyMonkey, Firebase, Apple;

(c) to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;

(d) to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose;

(e) to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Notice;

(f) to any other person if you have provided your prior consent to the disclosure.

 

5. How we protect your privacy

5.1 We will process Personal Data in accordance with the following principles:

(a) Fairness: We will process Personal Data fairly. This means that we are transparent about how we process Personal Data and that we will process it in accordance with applicable law.

(b) Lawfulness: We will process Personal Data only on lawful grounds;

(c) Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable data protection laws.

(d) Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the data are processed.

(e) Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current as possible by informing us promptly of any changes or errors. You should notify us of any changes to the Personal Data that we hold about you (e.g. a change of address).

(f) Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data.  In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision.

(g) Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your data and do not store your data for longer, unless we must comply with applicable laws.

 

6. Data storage, retention and deletion

6.1 The Personal Data we collect from you is stored in our servers located in the United States.

6.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).

6.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

 

7. Transfers of Personal Data outside the EU/EEA

7.1 Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.

7.2 Specifically, our servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries.

7.3 However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Policy. When transferring your Personal Data to Canada, we rely on the EU Commission's adequacy decision 2002/2/EC available here. When transferring your Personal Data to the United States, we rely on the EU Commission's EU-US Privacy Shield decision (available here if the recipient is appropriately certified. In all other cases, we only transfer or make your Personal Data available to other entities of the SSENSE group or to our third party services providers in third countries where such transfer is necessary for the performance of a contract between you and SSENSE or the implementation of pre-contractual measures.

 

8. Profiling

8.1 In some instances, we may use your Personal Data in order to better understand your preferences and to provide customized products or services to you. We do not make any decisions based solely on automated processing of such data, which either produce legal effects that concern you or similarly significantly affect you.

 

9. Minors

9.1 The services we provide on this App are not intended for individuals below the age of 16. If you are under 16, please do not download this App.

 

10. Your data protection rights

10.1 You have the following data protection rights:

(a) If you wish to access, correct, update or request deletion of your Personal Data, you can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below

(b) In addition, in certain circumstances, as stipulated in the applicable data protection legislation, you can object to processing of your Personal Data, ask us to restrict processing of your Personal Data or request portability of your Personal Data. Again, you can exercise these rights by contacting us using the contact details below.

(c) If we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.

(d) You have the right to opt-out of marketing communications we send you at any time. You may unsubscribe from our newsletters or marketing notifications at any time by selecting the unsubscribe option in the "Email Preferences" section of your account, or by clicking the unsubscribe link at the bottom of every newsletter email. When you use the App, if you accept push notifications, we may send you promotional offers about our products and services via push notifications. If you no longer wish to receive push notifications about promotional offers from SSENSE, you can disable this service by changing your app settings in the device settings.

On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.

(e) If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here.

10.2 You can also request to close your account at any time by contacting us as described below. You should be aware that once the App is uninstalled, you will not be able to use certain functionalities of the App.

10.3 You may exercise any of the rights above at any time by contacting us as described under the “How to contact us” section below. We will respond to your request in accordance with applicable data protection laws.

10.4 We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

 

11. External links

11.1 If any part of this App provides links to third party websites, such websites do not operate under this Policy. We recommend you examine the privacy notices posted on those websites to understand their procedures for collecting, using and disclosing personal data.

 

12. Updates to this Policy

12.1 We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws.

12.2 You can see when this Privacy Notice was last updated by checking the “last update” date displayed at the top of this Privacy Notice.

 

13. How to contact us

13.1 If you have any questions, concerns or complaints about this Notice or the way we process your personal information, or if you want to exercise your rights as described above, please contact us by phone +1 877 637 6002 or via email at dataprotection@ssense.com.