SSENSE Privacy Policy
If you live in the European Union (“EU”) or in the United Kingdom (“UK”), the following Privacy Policy applies to you:
EU and UK Website Privacy Policy
Last updated: June 1, 2023
1. About this Policy
1.1 At SSENSE ("SSENSE", "us", "we", or "our"), we respect your privacy and we want to be transparent about the types of Personal Data (as defined below) we collect about you and how we use it. This Website Privacy Policy (hereafter the "Policy") explains how we collect, share and use any information that, alone or in combination with other information, relates to you ("Personal Data") when you ("you" and "your") use our website ssense.com (the "Website"), or when you call us or answer our surveys.
1.2 This Policy sets out the rights that you have in relation to the Personal Data that we process about you and how you can exercise them. This Policy also describes the measures we implement to protect your Personal Data.
1.3 The Website is managed by SSENSE headquartered at 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada, who is the data controller for the Personal Data that is collected via the Website. As a data controller, SSENSE is responsible for ensuring that the processing of Personal Data complies with applicable data protection laws, which includes the General Data Protection Regulation ((EU) 2016/679) ("GDPR"), if you live in the EU and the UK GDPR (“UK GDPR”), if you live in the UK.
1.4 Please take the time to read this Policy carefully. If you have any questions or comments, please contact us as described in the "How to contact us" section below.
2. Quick links
2.1 We recommend that you read this Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Policy, then you can click on the relevant link below to jump to that section.
What Personal Data SSENSE collects, how and why
Cookies and other tracking technology
Who SSENSE shares your Personal Data with
How SSENSE protects your Personal Data
Data storage, retention and deletion
Transfers of Personal Data outside the EU/EEA and the United Kingdom
Profiling
Minors
Your data protection rights
External links
Updates to this Policy
How to contact us
3. What Personal Data SSENSE collects, how and why
3.1 SSENSE collects your Personal Data:
- directly from you when you create a user account on our website, or subscribe to our newsletter;
- directly from you when you make a purchase with SSENSE, answer customer feedback surveys, click on our ads, respond to marketing campaigns, or directly reach out to SSENSE for inquiries; and
- automatically via our use of cookies and other tracking technology on our Website.
3.2 When you use our Website, we collect the following types of Personal Data about you, which we will process for the purposes described below:
| Types of Personal Data we collect | Purposes for which we process your Personal Data | Legal basis on which we rely to process your Personal Data |
|
Contact details (Name, Surname, Phone number, Email address) Email Preferences (Language Preferences, Region/Country) Customer ID Order History Shipping address Billing address User account details (login, password) |
Contract management
|
Contractual necessity |
|
Contact details (Name, Surname, Phone number, Email address) Customer ID Order History, Order Number Shipping address IP Address Financial information (Cardholder Name, Card Expiration Date, Card number, CVV or CID) |
Documenting transactions you made on our website | Our legitimate interest in order to protect SSENSE's business and legal rights |
|
Contact details (Name, Surname, Phone number, Email address) Email preferences (Language Preferences, Region/Country) Shopping preferences Customer ID |
Marketing Providing you with exclusive email updates, promotions, and notifications including information about our products or services, sales/products, loyalty programs, shopping cart reminders |
Your consent (unless a legal exception applies, in which case we will rely on our legitimate interest to keep you updated on our products or services) |
|
Contact details (Name, Surname, Phone number, Email address) Email preferences (Language Preferences, Region/Country) Shopping preferences Customer ID Order Number |
Conducting customer feedback and satisfaction surveys | Our legitimate interest to measure the satisfaction of our customers. |
|
Contact details (Name, Surname, Phone number, Email address) Your inquiry and your inquiry history Customer ID Type of request Messages Order number Billing/Shipping Address |
Customer relationship follow-up
|
Contractual necessity |
|
Contact details (Name, Surname, Email address) Order History Financial information (last 4 digits of your credit card number, AVS code) User account details (login, password) Customer ID Shipping address/Billing address |
Prevention of fraud | Legitimate Interest |
|
Contact details (Name, Surname, Email address) User Account details (login, password) |
Improvement of customer experience and management or resolving technical issues on the Website | Our legitimate interest to offer, maintain and improve our Website |
|
IP address User account details (Name, Surname, Shipping Address, email, login, password) Shopping preferences Session browsing data and conversion behaviour Customer ID Order History Email preferences |
Data analytics, statistics and audience measurement Provide brand, category or product level personalised recommendation to logged in members |
Our legitimate interests in order to understand how our website is being used and to help us customise and measure the audience on our website |
|
Session browsing data Search history Order history Customer ID Google ID |
Display advertisements about our services to users of Google | Our legitimate interest to reach out to our (i) consumers and (ii) prospects who are users of Google and who share similar characteristics as our customers registered on Google |
|
User account details (Name, Surname) Shopping preferences Billing/Shipping Address Phone number (this data is used for matching audiences only) |
Display advertisements about our services to users of Meta | Our legitimate interest to reach out to our (i) consumers and (ii) prospects who are users of Meta and who share similar characteristics as our customers registered on Meta |
|
User account details (Name, Surname, Shipping and Billing addresses, Email address) Order History Financial information (last 4 digits of your credit card number and name of the cardholder) |
Management of the data subjects requests rights Enabling you to exercise your rights regarding your personal data. |
Compliance with our legal obligations |
3.3 Please note that the information you provide on our Website may be necessary for contractual purposes and for us to comply with our legal obligations. Without such information, we may not be able to process your order or to answer your queries.
3.4 In particular, we may be required to disclose your Personal Data in response to legal or regulatory requests from public authorities, including to meet national security, anti-fraud or other legal requirements.
4. Cookies and other tracking technology
4.1 SSENSE may also collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification number (IMEI number), browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked.
4.2 Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website to our visitors.
4.3 Some of this information may be collected by using cookies and similar tracking technology, as explained further in our Cookie Policy which is available below.
5. Who SSENSE shares your Personal Data with
5.1 We may disclose your Personal Data to the following categories of recipients:
- to our group companies for purposes consistent with this Policy, and in particular, so that they may contact you regarding products and services that may be of interest to you where you have given your consent. We take precautions to allow access to Personal Data only to those staff members who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. Our group companies include: Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc.
- to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Policy or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as IT platform management or support services, infrastructure and application services, marketing, data analytics. Our third party vendors, service providers and partners include, without being limited to:
Controllers: Worldpay, Paypal, First Data (Payeezy/IPG), Klarna, Google Premium Analytics, Riskified, PerimeterX, Signifyd, Partnerize, Rakuten. For more information about the manner in which these controllers are processing your data, please check the privacy policies on their respective websites.
Processors: HostedPCI, Stripe, Avalara, Zendesk, SAP, KIBO, StellaConnect, Loqate, Chatdesk, Google Cloud Platform,Google GSuite/Insight, Braze, AWS, Regalix, Chatdesk, Clearsale, Bing, SurveyMonkey, Talon.One, MailChimp, MailChimp, SendGrid, Meta (Facebook).
- to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
- to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose;
- to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Policy;
- to any other person if you have provided your prior consent to the disclosure.
6. How SSENSE protects your Personal Data
6.1 We will process your Personal Data in accordance with the following principles:
- Fairness: We are transparent about how we process Personal Data and we will process it in accordance with applicable laws.
- Lawfulness: We will process Personal Data only on lawful grounds.
- Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable laws.
- Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the Personal Data are processed.
- Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current by informing us promptly of any changes or errors to the Personal Data that we hold about you (e.g. a change of address).
- Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you. These measures are designed to provide a level of security that is appropriate to the risk of processing your Personal Data. In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision.
- Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your Personal Data (as described above) and we do not store your Personal Data for longer, unless we must comply with applicable laws.
7. Data storage, retention and deletion
7.1 The Personal Data we collect from you is stored in our servers located in the United States.
7.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) only as long as it is needed.
7.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
8. Transfers of Personal Data outside the EU/EEA or the UK
8.1 Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.
8.2 Specifically, our Website servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries.
- For transfers of personal data outside of the EU/EEA:
- When transferring your Personal Data to Canada, we rely on the EU Commission's adequacy decision 2002/2/EC available here.
- When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside of the European Union/European Economic Area (EU/EEA), we rely on the EU Commission's standard contractual clauses. When transferring your Personal Data to our third party services providers who are also located in third countries outside the EU/EEA, which do not benefit from an EU Commission’s adequacy decision, we have implemented the European Commission's standard contractual clauses with those third parties.
- The EU Commission standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the GDPR by the European Commission, we will amend our data transfer documents accordingly.
- For transfers of personal data outside of the UK:
- When transferring your Personal Data to Canada, we rely on the UK's adequacy decision.
- When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission's standard contractual clauses.
- When transferring your Personal Data to our third party services providers who are also located in third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission's standard contractual clauses.
- The U.K. Addendum to the EU Commission's standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the UK GDPR by the UK Secretary of State, we will amend our data transfer documents accordingly.
9. Profiling
In some instances, we may use your Personal Data in order to better understand your preferences and to provide customized products or services to you. However, we do not make any decisions based solely on automated processing of such data, which either produce legal effects that concern you or similarly significantly affect you.
10. Minors
The services we provide on this Website are not intended for individuals below the age of 16. If you are under 16, please do not use or register on this Website.
11. Your data protection rights
11.1 Subject to applicable data protection legislation and certain limitations, you may exercise the data protection rights listed below. You can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.
You can access, rectify or request erasure of your Personal Data as detailed here below. Please note that deletion requests are subject to certain limitations, for example, we may retain Personal Data as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. The right to access to Personal Data enables you to receive confirmation as to whether or not SSENSE is processing your Personal data and information about that processing, and to receive a copy of your Personal Data. You may also request correction of any of your inaccurate Personal Data, as well as the deletion of your Personal Data.
You can object to the processing of your Personal Data at any time (including profiling) when the processing is based on our legitimate interest. You may also object at any time to the processing of your Personal Data for direct marketing purposes (which includes any profiling to the extent that it is related to such direct marketing).
You may also ask us to restrict (block) the processing of your Personal Data under certain conditions.
When the processing is based on your consent or the performance of your contract with us, you may exercise your right to data portability, which enables you to receive your Personal Data in a structured, commonly used and maching-readable format and have it transmitted to another controller.
If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- You have the right to opt-out of marketing communications we send you at any time. You may unsubscribe from our newsletters or marketing notifications at any time by selecting the unsubscribe option in the "Email Preferences" section of your account, or by clicking the unsubscribe link at the bottom of every newsletter email. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided below.
- Post mortem right: concerning France only, according to the French Data Protection Act, you have the right to define general or specific directives regarding the fate of your Personal Data after your death.
- If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Union/European Economic Area, United Kingdom, Switzerland and certain non-European countries (including the US and Canada) are available here.
11.2 You may exercise any of the rights above at any time by contacting us as described under the “How to contact us” section below. We will respond to your request in accordance with applicable data protection laws.
12. External links
12.1 The Website may contain hyperlinks to websites owned and operated by third parties. These websites have their own privacy policies and we urge you to review them. They will govern the use of Personal Data you submit whilst visiting these websites.
12.2 We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.
13. Updates to this Policy
13.1 We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where this is required by applicable data protection laws.
13.2 You can see when this Policy was last updated by checking the “last updated” date displayed at the top of this Policy.
14. How to contact us
14.1 If you have any questions or concerns about this Policy or the way we process your Personal Data, or if you want to exercise your rights as described above, please contact us via email at dataprotection@ssense.com.
14.2 If you wish to contact our Data Protection Officer, you may do so via email at dpo@ssense.com.
14.3 The data controller of EU/EEA and UK residents’ personal data is Atallah Group Inc. 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada.
14.4 With respect to Atallah Group Inc., you may contact its representatives in the EU/EEA and UK for data protection matters using the following details: dataprotection@ssense.com.
EU and UK Mobile App Privacy Policy
Last updated: June 1, 2023
1. About this Policy
1.1 At SSENSE ("SSENSE", "us", "we", or "our"), we respect your privacy and we want to be transparent about the types of Personal Data (as defined below) we collect about you and how we use it. This Mobile App Privacy Policy (hereafter the "Policy") explains how we collect, share and use any information that, alone or in combination with other information, relates to you ("Personal Data") when you ("you" and "your") use the SSENSE App (the "App"), or when you call us or answer our surveys.
1.2 This Policy sets out the rights that you have in relation to the Personal Data that we process about you and how you can exercise them. This Policy also describes the measures we implement to protect your Personal Data.
1.3 The App is managed by SSENSE headquartered at 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada, who is the data controller for the Personal Data that is collected via the App. As a data controller, SSENSE is responsible for ensuring that the processing of Personal Data complies with applicable data protection laws, which includes the General Data Protection Regulation ((EU) 2016/679) ("GDPR"), if you live in the EU and the UK GDPR, if you live in the UK (“UK GDPR”).
1.4 Please take the time to read this Policy carefully. If you have any questions or comments, please contact us as described in the "How to contact us" section below.
2. Quick links
2.1 We recommend that you read this Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Policy, then you can click on the relevant link below to jump to that section.
What Personal Data SSENSE collects, how and why
Cookies and other tracking technology
Who SSENSE shares your Personal Data with
How SSENSE protects your Personal Data
Data storage, retention and deletion
Transfers of Personal Data outside the EU/EEA and the United Kingdom
Profiling
Minors
Your data protection rights
External links
Updates to this Policy
How to contact us
3. What Personal Data SSENSE collects, how and why
3.1 SSENSE collects your Personal Data:
- directly from you when you download and start using our App, or subscribe to our newsletter;
- directly from you when you make a purchase with SSENSE, answer customer feedback surveys, click on our ads, respond to marketing campaigns, or directly reach out to SSENSE for inquiries; and
- automatically via our use of cookies and other tracking technology on our App..
3.2 When you use our App, we collect the following types of Personal Data about you, which we will process for the purposes described below:
| Types of Personal Data we collect | Purposes for which we process your Personal Data | Legal basis on which we rely to process your Personal Data |
|
Contact details (Name, Surname, Phone number, Email address) Email Preferences (Language Preferences, Region/Country) Customer ID Order History Shipping address Billing address User account details (login, password) |
Contract management
|
Contractual necessity |
|
Contact details (Name, Surname, Phone number, Email address) Customer ID Order History, Order Number Shipping address IP Address Financial information (Cardholder Name, Card Expiration Date, Card number, CVV or CID) |
Documenting transactions you made on our website | Our legitimate interest in order to protect SSENSE's business and legal rights |
|
Contact details (Name, Surname, Phone number, Email address) Email preferences (Language Preferences, Region/Country) Shopping preferences Customer ID |
Marketing Providing you with exclusive email updates, promotions, and notifications including information about our products or services, sales/products, loyalty programs, shopping cart reminders |
Your consent (unless a legal exception applies, in which case we will rely on our legitimate interest to keep you updated on our products or services) |
|
Contact details (Name, Surname, Phone number, Email address) Email preferences (Language Preferences, Region/Country) Shopping preferences Customer ID Order Number |
Conducting customer feedback and satisfaction surveys | Our legitimate interest to measure the satisfaction of our customers. |
|
Contact details (Name, Surname, Phone number, Email address) Your inquiry and your inquiry history Customer ID Type of request Messages Order number Billing/Shipping Address |
Customer relationship follow-up
|
Contractual necessity |
|
Contact details (Name, Surname, Email address) Order History Financial information (last 4 digits of your credit card number, AVS code) User account details (login, password) Customer ID Shipping address/Billing address |
Prevention of fraud | Legitimate Interest |
|
Contact details (Name, Surname, Email address) User Account details (login, password) |
Improvement of customer experience and management or resolving technical issues on the Website | Our legitimate interest to offer, maintain and improve our Website |
|
IP address User account details (Name, Surname, Shipping Address, email, login, password) Shopping preferences Session browsing data and conversion behaviour Customer ID Order History Email preferences |
Data analytics, statistics and audience measurement Provide brand, category or product level personalised recommendation to logged in members |
Our legitimate interests in order to understand how our website is being used and to help us customise and measure the audience on our website |
|
Session browsing data Search history Order history Customer ID Google ID |
Display advertisements about our services to users of Google | Our legitimate interest to reach out to our (i) consumers and (ii) prospects who are users of Google and who share similar characteristics as our customers registered on Google |
|
User account details (Name, Surname) Shopping preferences Shipping/Billing address Phone number (this data is used for matching audiences only) |
Display advertisements about our services to users of Meta | Our legitimate interest to reach out to our (i) consumers and (ii) prospects who are users of Meta and who share similar characteristics as our customers registered on Meta |
|
User account details (Name, Surname, Shipping and Billing addresses, Email address) Order History Financial information (last 4 digits of your credit card number and name of the cardholder) |
Management of the data subjects requests rights Enabling you to exercise your rights regarding your personal data. |
Compliance with our legal obligations |
3.3 Please note that the information you provide on our App may be necessary for contractual purposes and for us to comply with our legal obligations. Without such information, we may not be able to process your order or to answer your queries.
3.4 In particular, we may be required to disclose your Personal Data in response to legal and regulatory requests from public authorities, including to meet national security, anti-fraud or other legal requirements.
4. Cookies and other tracking technology
4.1 SSENSE may also collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification number (IMEI number), operating system version, the dates on which you access and use the App, user behaviour (such as your interactions with the App), broad geographic location (e.g. country or city-level location) and other technical information.
4.2 Collecting this information enables us to better understand the users of our App, where they come from, and what content on our App is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our App to our users.
4.3 Some of this information may be collected by using cookies and similar tracking technology, as explained further in our Cookie Policy which is available below.
4.4 Location-based data
If you authorise us to access the location data on your device, we will use this information to send you location-based information and to deliver services at your request.
Also, if you no longer wish to receive push notifications for location-based services you can disable this service by changing your device settings, or by altering the settings in the App by unchecking the relevant box in the “Settings” section of the App. On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.
5. Who SSENSE shares your Personal Data with
5.1 We may disclose your Personal Data to the following categories of recipients:
- to our group companies for purposes consistent with this Policy, and in particular, so that they may contact you regarding products and services that may be of interest to you where you have given your consent. We take precautions to allow access to Personal Data only to those staff members who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. Our group companies include: Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc., Atallah Group EU SARL
- to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Policy or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as IT platform management or support services, infrastructure and application services, marketing, data analytics. Our third party vendors, service providers and partners include, without being limited to:
Controllers: Worldpay (which privacy policy is available here), Paypal, First Data (Payeezy/IPG), Klarna, Google Premium Analytics, Riskified, PerimeterX, Signifyd, Partnerize, Rakuten. For more information about the manner in which these controllers are processing your data, please check the privacy policies on their respective websites.
Processors: HostedPCI, Stripe, Avalara, Zendesk, SAP, KIBO, StellaConnect, Loqate, Chatdesk, Google Cloud Platform,Google GSuite/Insight, Braze, AWS, Regalix, Chatdesk, Clearsale, Bing, SurveyMonkey, Talon.One, MailChimp, MailChimp, SendGrid, Meta (Facebook).
- to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
- to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose;
- to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Policy;
- to any other person if you have provided your prior consent to the disclosure.
6. How SSENSE protects your Personal Data
6.1 We will process your Personal Data in accordance with the following principles:
- Fairness: We are transparent about how we process Personal Data and we will process it in accordance with applicable law.
- Lawfulness: We will process Personal Data only on lawful grounds.
- Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable laws.
- Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the Personal Data are processed.
- Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current by informing us promptly of any changes or errors to the Personal Data that we hold about you (e.g. a change of address).
- Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you. These measures are designed to provide a level of security that is appropriate to the risk of processing your Personal Data. In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision.
- Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your Personal Data (as described above) and we do not store your Personal Data for longer, unless we must comply with applicable laws.
7. Data storage, retention and deletion
7.1 The Personal Data we collect from you is stored in our servers located in the United States.
7.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) only for as long as it is needed
7.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
8. Transfers of Personal Data outside the EU/EEA or the UK
8.1 Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.
8.2 Specifically, our Website servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries.
8.3 However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Policy.
- For transfers of personal data outside of the EU/EEA:
- When transferring your Personal Data to Canada, we rely on the EU Commission's adequacy decision 2002/2/EC available here.
- When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside of the European Union/European Economic Area (EU/EEA), we rely on the EU Commission's standard contractual clauses. When transferring your Personal Data to our third party services providers who are also located in third countries outside the EU/EEA , which do not benefit from an EU Commission’s adequacy decision, we have implemented the European Commission's standard contractual clauses with those third parties.
- The EU Commission standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the GDPR by the European Commission, we will amend our data transfer documents accordingly.
- For transfers of personal data outside of the UK:
- When transferring your Personal Data to Canada, we rely on the UK's adequacy decision.
- When transferring your Personal Data to other entities of the SSENSE group located in the United States or other third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission's standard contractual clauses.
- When transferring your Personal Data to our third party services providers who are also located in third countries outside the U.K. without a U.K. adequacy regulation, we rely on the U.K. Addendum to the EU Commission's standard contractual clauses.
- The U.K. Addendum to the EU Commission's standard contractual clauses may be amended or replaced from time to time and at such time as they are amended or replaced in relation to data protected under the UK GDPR by the UK Secretary of State, we will amend our data transfer documents accordingly.
9. Profiling
In some instances, we may use your Personal Data in order to better understand your preferences and to provide customized products or services to you. However, we do not make any decisions based solely on automated processing of such data, which either produce legal effects that concern you or similarly significantly affect you.
10. Minors
The services we provide on this Website are not intended for individuals below the age of 16. If you are under 16, please do not use or register on this App.
11. Your data protection rights
11.1 Subject to applicable data protection legislation and certain limitations, you may - exercise the data protection rights listed below. You can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.
- You can access, rectify or request erasure of your Personal Data as detailed here below.
Please note that deletion requests are subject to certain limitations, for example, we may retain Personal Data as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests.
The right to access to Personal Data, which enables you to receive confirmation as to whether or not SSENSE is processing your Personal data and information about that processing, and to receive a copy of your Personal Data.
You may also request correction of any of your inaccurate Personal Data, as well as the deletion of your Personal Data.
- You can object to the processing of your Personal Data at any time (including profiling) when the processing is based on our legitimate interest. You may also object at any time to the processing of your Personal Data for direct marketing purposes (which includes any profiling to the extent that it is related to such direct marketing).
- You may also ask us to restrict (block) the processing of your Personal Data under certain conditions.
- When the processing is based on your consent or the performance of your contract with us, you may exercise your right to data portability, which enables you to receive your Personal Data in a structured, commonly used and maching-readable format and have it transmitted to another controller.
- If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- You have the right to opt-out of marketing communications we send you at any time. You may unsubscribe from our newsletters or marketing notifications at any time by selecting the unsubscribe option in the "Email Preferences" section of your account, or by clicking the unsubscribe link at the bottom of every newsletter email. When you use the App, if you accept push notifications, we may send you promotional offers about our products and services via push notifications. If you no longer wish to receive push notifications about promotional offers from SSENSE, you can disable this service by changing your app settings in the device settings.
On Apple devices, simply go to: Settings → Notifications → SSENSE → uncheck “Allow Notifications”.
- Post mortem right: concerning France only, according to the French Data Protection Act, you have the right to define general or specific directives regarding the fate of your Personal Data after your death.
- You can also request to close your account at any time by contacting us as described below. You should be aware that once the App is uninstalled, you will not be able to use certain functionalities of the App.
- If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Union/European Economic Area, United Kingdom, Switzerland and certain non-European countries (including the US and Canada) are available here.
11.2 You may exercise any of the rights above at any time by contacting us as described under the “How to contact us” section below. We will respond to your request in accordance with applicable data protection laws.
12. External links
12.1 If any part of this App provides links to third party websites, such websites do not operate under this Policy. We recommend you examine the privacy notices posted on those websites to understand their procedures for collecting, using and disclosing personal data.
12.2 We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.
13. Updates to this Policy
13.1 We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where this is required by applicable data protection laws.
13.2 You can see when this Policy was last updated by checking the “last updated” date displayed at the top of this Policy.
14. How to contact us
14.1 If you have any questions or concerns about this Policy or the way we process your Personal Data, or if you want to exercise your rights as described above, please contact us via email at dataprotection@ssense.com.
14.2 If you wish to contact our Data Protection Officer, you may do so via email at dpo@ssense.com.
14.3 The data controller of EU/EEA and UK residents’ personal data is Atallah Group Inc. 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada.
14.4 With respect to Atallah Group Inc., you may contact its representatives in the EU/EEA and UK for data protection matters using the following details: dataprotection@ssense.com.
Cookie Notice
Last updated: June 1, 2023
1. About this Policy
1.1 This Cookie Policy ("Policy") explains how SSENSE (“SSENSE”, "we", "us", and "ours") use cookies and similar technologies to recognise you when you visit our website at www.ssense.com ("Website") or use our mobile application ("App"). It explains what these technologies are and why we use them, as well as your rights to control our use of them.
1.2 Please take the time to read this Policy carefully. If you have any questions or comments, please contact us as described in the "How to contact us" section below.
2. What are cookies?
Cookies are small data files that are placed on your computer or mobile device when you visit a website or use a mobile application. Cookies are widely used by website or mobile application owners in order to make their websites or mobile applications work, or to work more efficiently, as well as to provide reporting information.
3. What are the different types of cookies?
Cookies have many different features, such as allowing you to navigate between pages efficiently, remembering your preferences, and generally improving the user experience. They can also help ensure that the advertisements you see online are more relevant to you and your interests.
3.1 “First party cookie” and “Third party cookie” depend on the entity setting the cookies and processing the data collected:
- "First party cookie” (or internal cookie): cookies directly set by the websites or app owners (in this case, SSENSE). These cookies allow SSENSE to collect analytics data, remember language settings, and perform other useful functions that provide a good user experience.
- “Third party cookie”: cookies set by parties other than the website or app owner (partners of SSENSE). Third party cookies enable third party features or functionality to be provided on or through the website or mobile application (e.g. like advertising, interactive content and analytics). The parties that set these “third party cookies” can recognize your computer or mobile device when it visits the website or uses the mobile application in question and also when it visits certain other websites.
3.2 Cookies can be either temporary (session cookies) or persistent (permanent cookies)
- “Session cookies”: stored in your device's temporary memory – not on your hard drive – while you're browsing a website. They are automatically discarded when you close the browser.
- “Permanent cookies”: stored for a fixed period on your browser as part of the response from a Website's server.
3.3 "Essential cookies” (Strictly necessary Cookies) and “Non-essential cookies”
- "Essential cookies": Strictly necessary Cookies are exempt from your consent. They are required for the website or mobile application to provide the basic functions of the website or mobile application (if cookies are disabled, the service will not work). They are typically essential first-party cookies, but not all first-party cookies are strictly necessary cookies.
- “Non-essential cookies”: any cookies that do not fall within the definition of essential cookies, such as cookies used to analyse your behaviour on our website ('analytical' cookies) or cookies used to display advertisements to you ('advertising' cookies).
3.4 “Opt-out cookies” and “Opt-in cookies”
- “Opt-in cookies”: We require your consent when you visit SSENSE website to store non-essential cookies on your device.
- “Opt-out cookies”: you can reject the request or withdraw your consent later at any time you wish.
3. How long do cookies last?
Cookies can remain on your computer or mobile device for different periods of time. Some cookies are 'session cookies', which means they only exist when your browser is open and are automatically deleted when you close your browser or quit the app. Other cookies are 'persistent cookies', meaning they survive after your browser or app is closed and can be used by websites or apps to recognize your computer when you re-open your browser or app later. The length of the cookies used on our Website(s) and our App is explained in more detail in the table below.
4. Why do we use cookies?
4.1 When you visit our Website or use our App, we may place the following types of cookies:
| Types of cookies | How to refuse |
|
ESSENTIAL COOKIES Essential website and app cookies: These cookies are strictly necessary to provide you with services available through our Website or our App and to use some of its features, such as access to secure areas. |
Because these cookies are strictly necessary to deliver the Website or our App to you, you cannot refuse them. You can block or delete them by changing your browser settings however, as described below under the heading "How can I control cookies?". |
|
NON-ESSENTIAL COOKIES Performance and functionality cookies: These cookies are used to enhance the performance and functionality of our Website or App, but are not essential to their use. However, without these cookies, some functionalities such as getting redirected to your preferred language and country may become unavailable. |
We will only place these cookies if you expressly accept them when you first visit our Website or App via our cookie preference banner. Please note that you can withdraw your consent for this type of cookie at any time by re-opening our cookie preference banner, available here. To refuse these cookies, you can also follow the instructions below under the heading "How can I control cookies?" Finally, if you wish to disable cookies set up by a particular supplier, please use the specific unsubscribe link provided in the table below. |
|
NON-ESSENTIAL COOKIES Analytics and customisation cookies: These cookies collect information that is used either in aggregate form to help us understand how our Website or App are being used or how effective our marketing campaigns are, or to help us customise our Website or App for you. |
We will only place these cookies if you expressly accept them when you first visit our Website or App via our cookie preference banner. Please note that you can withdraw your consent for this type of cookie at any time by re-opening our cookie preference banner, available here. To refuse these cookies, you can also follow the instructions below under the heading "How can I control cookies?" Finally, if you wish to disable cookies set up by a particular supplier, please use the specific unsubscribe link provided in the table below. |
|
NON-ESSENTIAL COOKIES User measurement cookies: These cookies allow us to measure the audience on our Website or App or to test different versions in order to optimize choices according to the respective performances of different versions of the Website or App. These cookies also allow us to detect navigation problems or to organize the content displayed on our Website or App. |
We will only place these cookies if you expressly accept them when you first visit our Website or App via our cookie preference banner. Please note that you can withdraw your consent for this type of cookie at any time by re-opening our cookie preference banner, available here. To refuse these cookies, you can follow the instructions below under the heading "How can I control cookies?" or use the specific unsubscribe link provided in the table below. |
4.2 More specifically, you will find below a complete list of the cookies we may place when you visit our Website or use our App:
List of Cookies
| Cookie provider | Type of cookie | Cookie Name | Purpose | Duration | How to unsubscribe |
| Third Party Cookies | |||||
| Bing | Analytics and customisation cookies | _uetvid | Used to improve advertising relevancy | 13 months | Browser settings |
| Bing | Analytics and customisation cookies | _uetsid | Used to improve advertising relevancy | 1 day | Browser settings |
| Bing | Analytics and customisation cookies | MUID | Used to improve advertising relevancy | 13 months | Browser settings |
| Bing | Analytics and customisation cookies | MR | Used to improve advertising relevancy | 1 day | Browser settings |
| Commission Junction | Analytics and customisation cookies | affiliate | Used to pay commissions to advertising partners | 30 days | Browser settings |
| DoubleClick | Analytics and customisation cookies | RUL | Used to improve advertising relevancy | 1 year | Browser settings |
| DoubleClick | Analytics and customisation cookies | IDE | Used to improve advertising relevancy | 2 years | Browser settings |
| Analytics and customisation cookies | _fbp | Used to improve advertising relevancy | 3 months | Browser settings | |
| Analytics and customisation cookies | fr | Used to improve advertising relevancy | 3 months | Browser settings | |
| Analytics and customisation cookies | _ga | Used to improve the shopping experience | 2 years | Browser settings | |
| Analytics and customisation cookies | _gac_ua-* | Used to improve the shopping experience | 3 months | Browser settings | |
| Analytics and customisation cookies | _gat | Used to improve the shopping experience | 1 day | Browser settings | |
| Analytics and customisation cookies | _gid | Used to improve the shopping experience | 2 days | Browser settings | |
| Analytics and customisation cookies | _gcl_aw | Used to improve the shopping experience | 3 months | Browser settings | |
| Analytics and customisation cookies | __Secure-3PSIDCC | Used to enable visitor profile to show relevant and personalized ads | 2 years | Browser settings | |
| Analytics and customisation cookies | __Secure-3PSID | Used to enable visitor profile to show relevant and personalized ads | 2 years | Browser settings | |
| Analytics and customisation cookies | __Secure-3PAPISID | Used to enable visitor profile to show relevant and personalized ads | 2 years | Browser settings | |
| Analytics and customisation cookies | SSID | Used to enable Google preferences | 2 years | Browser settings | |
| Analytics and customisation cookies | SIDCC | Used to enable Google security | 1 year | Browser settings | |
| Analytics and customisation cookies | SID | Used to enable Google preferences | 2 years | Browser settings | |
| Analytics and customisation cookies | SAPISID | Used to enable Google preferences | 2 years | Browser settings | |
| Analytics and customisation cookies | NID | Used to enable Google preferences | 6 months | Browser settings | |
| Analytics and customisation cookies | HSID | Used to enable Google preferences | 2 years | Browser settings | |
| Analytics and customisation cookies | DV | Used to enable Google preferences | Session | Browser settings | |
| Analytics and customisation cookies | APISID | Used to enable Google preferences | 2 years | Browser settings | |
| Analytics and customisation cookies | 1P_JAR | Used to enable Google analytics | 30 days | Browser settings | |
| Performance and functionality cookies | _gcl_au | Used to enable Google Adsense | 3 months | Browser settings | |
| Analytics and customisation cookies | __utmvc | Used to improve the shopping experience | 1 year | Browser settings | |
| Analytics and customisation cookies | ga_dim5 | Used to improve the shopping experience | 1 year | Browser settings | |
| Incapsula | Essential website and app cookies | incap_ses_529_1637567 | Used to prevents malicious user | 1 year | Browser settings |
| Incapsula | Essential website and app cookies | visid_incap_1637567 | Used to prevents malicious user | 1 year | Browser settings |
| Partnerize | Analytics and customisation cookies | clickref | Used to pay commissions to advertising partners | 30 days | Browser settings |
| PerimeterX | Essential website and app cookies | _pxvid | Used to enable cybersecurity protection | 13 months | Browser settings |
| PerimeterX | Essential website and app cookies | _pxhd | Used to enable cybersecurity protection | 1 year | Browser settings |
| PerimeterX | Essential website and app cookies | _px2 | Used to enable cybersecurity protection | Session | Browser settings |
| PerimeterX | Essential website and app cookies | _pxff_rf | Used to enable cybersecurity protection | Session | Browser settings |
| Analytics and customisation cookies | _pin_unauth | Used to enable Pinterest marketing | 1 year | Browser settings | |
| Rakuten | Analytics and customisation cookies | affiliate | Used to pay commissions to advertising partners | 30 days | Browser settings |
| Secret Sauce Partners | User measurement cookies | sp | Used to improve the shopping experience | 2 years | Browser settings |
| Snapchat | Analytics and customisation cookies | _sctr | Used to enable Snap Ads | 13 months | Browser settings |
| Snapchat | Analytics and customisation cookies | _scid | Used to enable Snapchat's visitor identification | 13 months | Browser settings |
|
First Party cookie |
|||||
| Ssense | Essential website and app cookies | auth | Used to manage authentication | 28 days | Browser settings |
| Ssense | Essential website and app cookies | gdprCountry | Used to show GDPR pop-up for users in EU | 1 year | Browser settings |
| Ssense | Essential website and app cookies | shopping_bag | Used to store products in users’ carts | 28 days | Browser settings |
| Ssense | Essential website and app cookies | sid | Used to improve the shopping experience | 2 years and 9 months | Browser settings |
| Ssense | Essential website and app cookies | trackingId | Used to improve the shopping experience | 2 years | Browser settings |
| Ssense | Essential website and app cookies | visitorId | Used to improve the shopping experience | 2 years | Browser settings |
| Ssense | Performance and functionality cookies | country | Used to remember users’ country preferences | 1 year | Browser settings |
| Ssense | Performance and functionality cookies | forcedCountry | Used to remember users’ country preferences | 1 day | Browser settings |
| Ssense | Performance and functionality cookies | lang | Used to remember users’ language preferences | 1 year | Browser settings |
| Ssense | Performance and functionality cookies | preferredLanguage | Used to remember users’ language preferences | 2 years | Browser settings |
| Ssense | Performance and functionality cookies | recent_products | Used to store recently viewed products | 6 months | Browser settings |
| Ssense | Analytics and customisation cookies | isp | Used to store the users' internet service provider | 2 years | Browser settings |
| Ssense | Performance and functionality cookies | _sp_ses.c6c8 | Used to improve the shopping experience | Session | Browser settings |
| Ssense | Performance and functionality cookies | _sp_id.c6c8 | Used to improve the shopping experience | 2 years | Browser settings |
| Ssense | Analytics and customisation cookies | _ga_7S92J18W0C | Used to improve the shopping experience | 2 years | Browser settings |
| Ssense | Essential website and app cookies | _dd_s | Used to improve the shopping experience | Session | Browser settings |
| Ssense | Performance and functionality cookies | tempWishList | Used to store products in users’ wishlists | 1 day | Browser settings |
| Ssense | Performance and functionality cookies | tags | Used to control loyalty programs | 30 days | Browser settings |
| Ssense | Essential website and app cookies | _csrf | Used to enable cybersecurity | Session | Browser settings |
| Ssense | Essential website and app cookies | cookieDisclaimerAccepted | Used to store cookie acceptance banner | Session | Browser settings |
| Ssense | User measurement cookies | exp_* | Used to improve the shopping experience | 1 year | Browser settings |
| Ssense | Performance and functionality cookies | login_redirect | Used to improve the shopping experience | Session | Browser settings |
| Ssense | Performance and functionality cookies | currency | Used to remember users’ currency preferences | 1 year | Browser settings |
| Zendesk | Performance and functionality cookies | __zlcmid | Used to improve the live chat experience | 1 year | Browser settings |
5. What about other tracking technologies, like web beacons?
Cookies are not the only way to recognise or track visitors to a website. We may use other, similar technologies from time to time, like web beacons (sometimes called "tracking pixels" or "clear gifs"). These are tiny graphics files that contain a unique identifier that enable us to recognise when someone has visited our Website(s) or opened an e-mail that we have sent them. This allows us, for example, to monitor the traffic patterns of users from one page within our Website to another, to deliver or communicate with cookies, to understand whether you have come to our Website from an online advertisement displayed on a third-party website, to improve site performance, and to measure the success of e-mail marketing campaigns. In many instances, these technologies are reliant on cookies to function properly, and so declining cookies will impair their functioning.
6. What about targeted advertising?
6.1 Third parties may serve cookies on your computer or mobile device to serve advertising through our Website or App. These companies may use information about your visits to this Website or App and other websites in order to provide relevant advertisements about goods and services that you may be interested in. They may also employ technology that is used to measure the effectiveness of advertisements.
6.2 This can be accomplished by them using cookies or web beacons to collect information about your visits to this Website or App or other websites in order to provide relevant advertisements about goods and services of potential interest to you.
6.3 The information collected through this process does not enable us or them to identify your name, contact details or other personally identifying details unless you choose to provide these.
6.4 All cookies for targeted advertising purposes that may be placed on your computer or mobile device when you visit our Website or App are listed in the table in section 4.2 above.
7. How can I control cookies?
7.1 You have the right to decide whether to accept or reject specific cookies. You can exercise your cookie preferences in the cookie banner or in your browsers settings.
7.2 You can also set or amend your web browser controls or device preferences to accept or refuse some cookies. If you choose to reject cookies, you may still use our Website or App though your access to some functionality and areas of our Website or App may be restricted. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser's help menu for more information.
7.3 In addition, most advertising networks offer you a way to opt out of targeted advertising. If you would like to find out more information, please visit http://www.aboutads.info/choices/ or http://www.youronlinechoices.com.
8. The cookies that were sent in the past
If you have disabled one or more cookies, we can always use information collected by these cookies before the deactivation. However, we will cease to collect information via the opted-out cookie.
9. More information about cookies
For more information about cookies, including explanation about how cookies are placed on your device, or how to manage and delete them, visit http://www.allaboutcookies.org.
10. Updates to this Policy
10.1 We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.
10.2 You can see when this Policy was last updated by checking the “last updated” date displayed at the top of this Policy.
11. How to contact us
11.1 If you have any questions or concerns about this Policy or the way we process your Personal Data, please contact us via email at dataprotection@ssense.com.
11.2 If you wish to contact our Data Protection Officer, you may do so via email at dpo@ssense.com.
11.3 The data controller of EEA and UK residents’ personal data is Atallah Group Inc. 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada.
With respect to Atallah Group Inc., you may contact its representatives in the EEA and UK for data protection matters using the following details: dataprotection@ssense.com.
Recruitment Privacy Policy
Last updated: June 1, 2023
1. About this Policy
1.1 At SSENSE ("SSENSE", "us", "we", or "our"), we respect your privacy and we want to be transparent about the types of Personal Data (as defined below) we collect about you and how we use it. This Recruitment Privacy Policy ("Policy") explains how we collect, share and use any information that, alone or in combination with other information, in relation to individuals ("Personal Data") who apply for a job on our website ("Applicants", "you" and "your").
1.2 This Policy sets out the rights that you have in relation to the Personal Data that we process about you and how you can exercise them. This Policy also describes the measures we implement to protect your Personal Data.
1.3 The recruitment process on this website is managed by SSENSE headquartered at 333 Chabanel Street W #900, Montreal QC, H2N 2E7, Canada, who is the data controller for the Applicant's Personal Data. As a data controller, SSENSE is responsible for ensuring that the processing of Personal Data complies with applicable data protection law, including the UK GDPR as it forms part of UK law by virtue of section 3 of the European Union (Withdrawal) Act 2018 (the "UK GDPR").
1.4 Please take the time to read this Policy carefully. If you have any questions or comments, please contact us as described in the "How to contact us" section below
2. What Personal Data does SSENSE collect and why?
2.1 When you apply for a position at SSENSE, we may collect the following types of Personal Data about you, which we will process for the purposes described below:
| Types of Personal Data | Why we collect it | Legal basis | Retention period |
|
Name Surname E-mail address Home address Phone number Curriculum Vitae ("CV") Information about whether you are legally authorized to work in the UK City, State, Country Education details Work History |
To enable you to contact us or enable us to respond and provide feedback in the context of recruitment; To evaluate and select job applicants including for example setting up and conducting interviews; To evaluate and assess the results thereto and as is otherwise needed in the recruitment process including the final recruitment; To communicate with you during the recruitment process. |
Our legitimate interest to carry out recruitment and to manage the hiring process and our legal obligations to collect work information. |
One (1) year following our last contact with you and if you are successful, this information will be transferred to your personnel file. |
|
Name Surname Email address Phone Number CV Information about whether the Applicant is legally authorized to work in the UK City, State and Country of location |
To put in place necessary arrangements for future employment | Contractual necessity and our legal obligations to collect work information. |
One (1) year following our last contact with you and if you are successful, this information will be transferred to your personnel file. |
| Bank account details | To reimburse any expenses incurred by you during the recruitment process (e.g. traveling). | Our legitimate interest to facilitate the recruitment process for all Applicants and your legitimate interest to obtain reimbursement for any expenses incurred during recruitment process | For the time needed to process the reimbursement and then this data is deleted |
|
Name, Surname Email address Phone Number CV Information about whether the Applicant is legally authorized to work in the UK City, State and Country of location |
To generally manage and improve our recruitment and hiring process. | Our legitimate interest to manage and improve our hiring process. | One (1) year following our last contact with you |
| Where applicable, disability information | To provide reasonable adjustments throughout the hiring process. | To comply with our legal obligations under equalities legislation. | For six (6) months following our last contact with you. |
2.2 We may collect information regarding your gender, racial or ethnic origin and sexual orientation in order to ensure that our candidates are representative of the population, to the extent permitted by applicable laws. In the UK, we will collect this data on the basis of your explicit consent. We may also have knowledge of some sensitive data (e.g. religion) if you voluntarily provide it to us in your CV.
2.3 If we ask you to provide any other Personal Data not described above, then the Personal Data we will ask you to provide, and the reasons why we ask you to provide it, will be made clear to you at the point we collect that Personal Data.
3. Cookies and other tracking technology
3.1 We may also collect certain information automatically from your device. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers (IMEI number), browser-type, broad geographic location (e.g. country or city-level location) and other technical information. We may also collect information about how your device has interacted with our Website, including the pages accessed and links clicked.
3.2 Collecting this information enables us to better understand the visitors who come to our Website, where they come from, and what content on our Website is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our Website to our visitors.
3.3 Some of this information may be collected using cookies and similar tracking technology, as explained further in our Cookie Policy which is available here.
4. Who does SSENSE share your Personal Data with?
4.1 We may disclose your Personal Data to the following categories of recipients:
(a) to our group companies for purposes consistent with this Policy. We take precautions to allow access to your Personal Data only to those of our employees who have a legitimate business need for access and with a contractual prohibition of using the Personal Data for any other purpose. Our group companies include: Atallah Group Inc., Atallah Group Limited, Atallah Hong Kong Limited, Atallah Group US Inc., GAI Services PTY Limited, Atallah International Inc., Atallah Group EU SRL;
(b) to our third party vendors, services providers and partners who provide data processing services to us, or who otherwise process Personal Data for purposes that are described in this Policy or notified to you when we collect your Personal Data. This may include disclosures to third party vendors and other service providers we use in connection with the services they provide to us, including to support us in areas such as managing résumé/CV information, IT platform management or support services, infrastructure and application services, data analytics. Our third party vendors, services providers and partners include: Sterling Backcheck, PwC, SmartRecruiters;
(c) to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
(d) to our auditors, advisors, legal representatives and similar agents in connection with the advisory services they provide to us for legitimate business purposes and under contractual prohibition of using the Personal Data for any other purpose;
(e) to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Data only for the purposes disclosed in this Policy;
(f) to any other person if you have provided your prior consent to the disclosure.
5. How we protect your privacy
5.1 We will process Personal Data in accordance with the following principles:
(a) Fairness: We will process Personal Data fairly. This means that we are transparent about how we process Personal Data and that we will process it in accordance with applicable law;
(b) Lawfulness: We will process Personal Data only on lawful grounds;
(c) Purpose limitation: We will process Personal Data for specified explicit and legitimate purposes, and will not process it in a manner that is incompatible with those purposes, unless permitted by applicable data protection laws;
(d) Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the data are processed;
(e) Data accuracy: We take appropriate measures to ensure that the Personal Data that we hold about you is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is kept as accurate, complete and current as possible by informing us promptly of any changes or errors. You should notify us of any changes to the Personal Data that we hold about you (e.g. a change of address);
(f) Data security: We use appropriate technical and organisational measures to protect the Personal Data that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data. In particular, all data is protected according to the varying levels of risks through physical measures, such as secure areas, technical measures, such as encryption, and organisational measures such as employee security through vetting and supervision;
(g) Limited Retention: We keep your Personal Data in a form that allows us to identify you for as long as necessary to achieve the purposes for which we are processing your data and do not store your data for longer, unless we must comply with applicable laws.
6. Data storage, retention and deletion
6.1 The Personal Data we collect from you is stored in our servers located in the United States.
6.2 We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
6.3 When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
6.4 If you are not retained following the recruitment process, SSENSE will keep your application form on file for future job openings no longer than one year. If you are successful and offered a job at SSENSE, your Personal Data will be used to complete your hiring process by our HR department.
6.5 For more details about the periods of retention of your Personal Data, please refer to the table above.
7. Transfers of Personal Data outside the United Kingdom
7.1 Your Personal Data may be transferred to, and processed in, countries other outside the United Kingdom, which includes Canada (where we are established). These countries may have data protection laws that are different to the laws of the U.K.
7.2 Specifically, our Website servers are located in the United States, and our group companies and third party service providers and partners operate around the world. This means that when we collect your Personal Data we may process it in any of these countries.
7.3 However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Policy.
7.4 When transferring your personal data to Canada, we rely on the UK's adequacy regulation with Canada (where applicable) and otherwise we rely on the International Data Transfer Agreement (IDTA) that was issued by the Information Commissioner's Office. .
7.5 When transferring your Personal Data to other entities of the SSENSE group or to third party service providers who are located in the United States or other third countries, we rely on the ICO’s International Data Transfer Agreement (IDTA).
7.5 The IDTA may be amended or replaced from time to time and at such time as it is amended or replaced in relation to data protected under the UK GDPR, we will amend our data transfer agreement accordingly.
8 Your data protection rights
8.1 You have the following data protection rights:
(a) You can access, rectify or request erasure of your Personal Data as detailed here below. Please note that deletion requests are subject to certain limitations, for example, we may retain Personal Data as permitted by law, such as for tax or other record keeping purposes, to maintain an active account, and to process transactions and facilitate customer requests. The right to access to Personal Data enables you to receive confirmation as to whether or not SSENSE is processing your Personal data and information about that processing, and to receive a copy of your Personal Data. You may also request correction of any of your inaccurate Personal Data, as well as the deletion of your Personal Data.
(b) You can object to the processing of your Personal Data at any time (including profiling) when the processing is based on our legitimate interest. You may also object at any time to the processing of your Personal Data for direct marketing purposes (which includes any profiling to the extent that it is related to such direct marketing).
(c) You may also ask us to restrict (block) the processing of your Personal Data under certain conditions.
When the processing is based on your consent or the performance of your contract with us, you may exercise your right to data portability, which enables you to receive your Personal Data in a structured, commonly used and maching-readable format and have it transmitted to another controller.
(d) If we have collected and processed your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
(e) If you have a complaint or concern about how we are processing your Personal Data then we will endeavour to address such concern(s). If you feel we have not sufficiently addressed your complaint or concern, you have the right to complain to the Information Commissioner's Office (click here to access to the ICO's website).
8.2 You may exercise any of the rights above at any time by contacting us as described under the “How to contact us” section below. We respond to all requests in accordance with applicable data protection laws.
9. Updates to this Policy
9.1 We may update this Policy from time to time in response to changing legal, technical or business developments. When we update our Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Policy changes if and where this is required by applicable data protection laws.
9.2 You can see when this Privacy Policy was last updated by checking the “last updated” date displayed at the top of this Policy.
10. How to contact us
10.1 If you wish to access, correct, update or request deletion of your Personal Data, you can do so at any time by using the SSENSE Data Request Form (please click here for the form in English).
10.2 If you have any questions or concerns about this Policy of the way we process your Personal Data, please contact us by phone at +1 877 637 6002 or via email at dataprotection@ssense.com.
10.3 If you wish to contact our Data Protection Officer, you may do so via email at dpo@ssense.com.
10.4 The data controller of UK residents’ personal data is Groupe Atallah, Inc. 333 Chabanel Street W #900, Montreal QC H2N 2E7, Canada.
10.5 To contact our UK representative, please write us by email at: dataprotection@ssense.com or alternatively by postal address at: Atallah Group Ltd, UK Representative (Data Protection), 125 Old Broad Street, 15th floor, London, EC2N 1AR, UK.
