Effective Date: 23 May 2018
Your Privacy Matters
Dressipi’s mission is to help people easily find the clothes they will love and enable retailers to be more customer-centric and efficient.
We are 100% committed to protecting the privacy and security of our Members and Visitors.
We ask that you read this privacy notice carefully as it contains important information about who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
We are transparent about the data we collect about you, how we use it and who we share it with.
We will only use your data to improve and personalise your experience.
We protect and secure your data.
We give you the control to decide what you share and what you receive from us .
Data Controllers and Contracting Parties
For all our Services, the data controller – that’s the company that’s responsible for your privacy is Dressipi, a trading name of StyleMania Ltd.
Sometimes, our retail partners may also be data controllers in respect of your personal information when they are also able to make decisions about how it is processed. You should check with our retail partners directly if you require information about how they handle your privacy rights. On other occasions, we are acting as a data processor of your personal data, when we are only processing information about you on the basis of strict instructions from our retailers.
Similarly, when we require our retailers to process your personal data in accordance with our instructions, our retailers act as data processors in this instance. In all cases of data processing, whether carried out by us or by third parties on our behalf, we always ensure that your rights are protected via appropriate safeguards, such as by using contractual processing agreements and complying with the applicable laws.
If we make significant changes, we will provide you notice through our Services, or by other means, to give you the opportunity to review the changes before they become effective. If you object to any changes, you may close your account or modify your settings in your Account Settings.
Data We Collect
Data You Provide to Us
To properly provide the Dressipi Services and ensure that you have the best possible user experience, we need to process some information about you. Of course, you have the right to object to your data being collected and more information about your rights is set out at section below called “How Can You Exercise your Rights Provided Under the GDPR”, but please be aware that if you do not wish us to process your personal data, the quality of our Services to you may be reduced.
For the purpose of the Services, the types of information we collect about you are:
To create an account, you need to provide data including your name, email address (and/or mobile number) and a password.
You have choices about the information on your profile, such as your colouring, sizes, item preferences & attitude towards shopping and dressing (Your Fashion Fingerprint).
Your profile information helps you to get more from our Services, including helping us find and show you items that best match your shape, style and existing wardrobe. It’s your choice whether to include sensitive information on your profile, and even if you choose not to, you will still be able to use our Services and benefit from an enjoyable user experience.
Wish Listing, Liking & Disliking
We collect information about which items and features you wish list, like or dislike.
Browsing & Scanning
We collect information about which items you look at online and which items you scan instore.
We collect information about which items you choose to save.
Missions & Requests
We collect information when you choose to set a mission or request recommendations for a specific event or occasion (for example, ‘you are looking for a dress for a wedding’).
We receive data about your activities when you use the services of our retail partners, such as items you have purchased, viewed, scanned or wish listed.
This only includes information on the items. It NEVER includes payment information (such as your credit or debit card number) OR home address/shipping details.
Our retail partners may provide this information whether you have a Dressipi account, are logged into your Dressipi account or are a Visitor. For example, a retailer could tell us about a purchase you made in one of its stores.
We require each of these partners to have lawful rights to collect, use and share your data before providing any data to us. When you are visiting websites operated by any of our retail partners, we strongly suggest that you review their privacy and cookies policies. Learn more our retail partners here.
We log usage data when you visit or otherwise use our Services, including our app and retail partner solutions (e.g. our plugins that appear on our retail partner sites), such as the items that you view or engage with; the features that you use; the time, frequency and duration of your visits; when you install or update our mobile app. We use log-ins, cookies, device information and internet protocol (“IP”) addresses to identify you and log your use. This helps you to benefit from an overall streamlined user experience.
Cookies, Web Beacons and Other Similar Technologies
Your Device and Location
When you visit or leave our Services (including our plugins or cookies or similar technology on the sites of others), we receive the URL of both the site you came from and the one you go to next. We also get information about your IP address, proxy server, operating system, web browser and add-ons, device identifier and features, and/or ISP or your mobile carrier. We will ask you to opt-in before we use GPS or other tools to identify your precise location.
How We Use Your Information
How we use your personal data will depend on which Services you use, how you use those Services and the choices you make in your Account Settings.
To Provide Personalised Recommendations
We use all the data that we have about you to provide useful, personalised clothing and dressing recommendations that are both unique and relevant to you.
To create these recommendations (and content) we use your profile, preferences, activities, usage and transactions data, including the help of automated systems and inferences we make. If any decisions are made about you by automated decision-making mechanisms (also called profiling), you may be entitled to review the decision or seek further information in some instances. We will never conduct profiling in respect of sensitive or special category data (such as health data, race, ethnic origins) unless you give us your express consent to do so.
To Provide Location Specific Recommendations
We use location-related information - such as your current location - to give you precise recommendations based on where you are (for example, to recommend your top items in a specific store or inform you of the availability of an item close to you).
To Connect to Many Retailers
Our Services allow you to use your profile to easily view recommendations and receive content whenever you are within the online or instore environments of any of our retail partners. To do so, you choose to “connect” your profile with each individual retailer. It is your choice whether to connect to any or all retail partners within the Dressipi retail partner network, and you can modify your choices at any time, either through the account page or directly via the retailer website (for example, by modifying your cookies preferences).
To Communicate with You
We will contact you through email, mobile phone, notices posted on our websites or apps, and other ways through our Services, including text messages and push notifications.
We will send you messages about the availability of our Services, security, or other service-related issues. We also send messages about how to use the Services and updates.
If your settings allow and you have opted-in to this via your account, we may also occasionally send you tailored recommendations and promotional messages from us and our partners.
You may change your communication preferences at any time.
Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices.
To Provide Measurement & Analytics
We use the information we have, to help our retailer partners measure the effectiveness of our Services and help them better understand the types of people who shop with them and the types of items they want to buy. This helps our retail partners become more efficient by helping them better forecast the type of products that appeal to their customer base and the volume and sizing of their product ranges.
We do not share your personal data with any third-party advertisers or ad networks and specifically preclude our retail partners from doing the same.
To Improve Our Services to You
We use the information we have, to conduct research and development for the further development of our Services to provide you and others with a better, more useful personalised experience and drive growth and engagement with our Services.
We seek to create a more efficient and optimised value chain for global fashion retailers by giving them access to solutions and data that will help them make more precise merchandising and marketing decisions.
To Provide Customer Support
We use the data to investigate, respond to and resolve complaints and Service issues (e.g., bugs).
We use your data to produce and share aggregated insights that do not identify you. For example, we may use your data to generate statistics about the item preferences of our users.
Security and Investigations
How is this Information Shared?
Your data is not visible to or shared with any other parties other than those retail partners who you have chosen to connect to.
You can adjust what data is shared with each individual retail partner in your Account Settings.
The information that is shared with a retailer when you connect your profile is as follows:
- Your name and email address
- Your profile information such as your colouring, sizes, garment preferences & attitude towards shopping and dressing (but only if you have provided this information to us – please remember that there is no requirement for you to do so, but the more information we have about your preferences, the more we are able to tailor our Services to you)
- Items that you have wish listed or disliked when in that specific retailer’s store, website or mobile app
- Items that you have scanned when in that specific retailer’s store
We may also send our retail partners a list of products and the order in which to display those products to you. For example, if you clicked on the jeans category on a retailer website, we would send the retailer a list of jeans to show you ordered by what we understand you will like most. This can also be used to select the products used in emails sent to you.
We provide information and content to vendors and other service providers who support our business, such as by providing technical infrastructure services, analysing how our Services are used, providing customer service or conducting surveys. They will have access to your information as reasonably necessary to perform these tasks on our behalf and are obligated not to disclose or use it for other purposes.
Researchers and Academics
We also provide information and content to research partners and academics to conduct research that advances scholarship and innovation. We only provide anonymised information necessary to their research and they are obligated to only use it in ways approved by us.
It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to
Investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies;
Enforce our agreements with you,
Investigate and defend ourselves against any third-party claims or allegations,
Protect the security or integrity of our Service (such as by sharing with companies facing similar threats); or
Exercise or protect the rights and safety of Dressipi, our Users, personnel, or others. We attempt to notify Users about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
What is Our Legal Basis for Processing Data?
We collect, use and share the data that we have in the ways described above: In respect of the Services:
- as necessary to fulfil our Dressipi Terms of Service
- as necessary to comply with our legal obligations;
- as necessary for your legitimate interests, those of our retailers, as well as in our interests in providing an innovative, personalised and useful service to our members, visitors and partners. As you benefit from our Services as a shopper which improves your overall customer experience, we do not consider our legitimate interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data, because our mutual legitimate interests are likely to closely align – the use and provision of an excellent and personalised retail experience.
In respect of sensitive data and other data you provide via “Your Fashion Fingerprint” or in your account:
- consistent with your consent and information which you voluntarily share with us, which you may revoke at any time through your Account Settings.
We also comply with all applicable laws in respect of cookies, including by seeking your consent and opt-in where appropriate. Where we have no control over cookie preferences because our Services are integrated into a retailer environment which is controlled directly by an individual retailer, we ensure that such retailers are contractually bound to respect your privacy rights. You should also check the privacy and cookies policies on the retailer websites that you visit.
Learn more about these legal bases and how they relate to the ways in which we process data.
From time to time, we may transfer your personal data outside the European Economic Area (EEA) from time to time, such as to our retailers who may be based outside of the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to your personal data by ensuring that at least one of the following safeguards is implemented:
- We may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we make transfers to the US or Switzerland, we may transfer data to third parties if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US or Europe and Switzerland.
- Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
How Can You Exercise your Rights Provided Under the GDPR?
Data Retention, Account Deactivation and Deletion
We retain your personal data while your account is in existence or as needed to provide you Services. This includes data you or others provided to us and data generated or inferred from your use of our Services.
Even if you only use our Services when looking for a new item every few months we will retain your information and keep your profile open until you decide to close your account. This decision is based on research that we have conducted in respect of online shopping habits.
In some cases, we choose to retain certain information in an anonymous, depersonalised or aggregated form to use it for research, data analysis and improving our Services.
Rights to Access and Control Your Personal Data
We provide many choices about the collection, use and sharing of your data. We offer you Account Settings to control and manage the personal data we have about you and the ability to delete or correct data added to your profile.
You can ask us for a copy of your personal data, which we will provide in machine readable form.
When you delete your account, we delete your name, email address, mobile number and identifying information such as IP addresses. It is not possible to recover a deleted account. If you have chosen to connect with any of our retail partners, we will request that they also delete your information.
To delete your account at any time, please visit your Account Settings. We generally delete closed account information within 30 days of account closure, except as noted below.
We retain your personal data even after you have closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our User Agreement, or fulfil your request to “unsubscribe” from further messages from us. We will retain de-personalised information after your account has been closed.
Other Important Information
We implement security safeguards designed to protect your data, such as HTTPS and encrypting data at rest. We regularly monitor our systems for possible vulnerabilities and attacks. However, we cannot warrant the security of any information that you send us because the nature of the Internet is an inherently unsecure environment. When using online services generally, including our Services, there is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
If you have questions or complaints regarding this Policy, please first contact Dressipi via firstname.lastname@example.org. You can also reach us by physical mail. If contacting us does not resolve your complaint, you have more options which include the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at www.ico.org.uk/concerns/ or by telephone: 0303 123 1113.