inWallet PRIVACY POLICY

The present Privacy Policy (together with the inWallet Terms of Use, the Electronic Receipt Terms and Conditions for Purchases made in the Inditex Group and other documents referenced therein) sets forth the terms upon which FASHION RETAIL, S.A., with registered offices in Avda. de la Diputación, Edificio Inditex, 15143 Arteixo (A Coruña), Spain, (hereinafter, "Fashion Retail"), as well as those companies belonging to the Inditex Group, where applicable, (hereinafter jointly referred to as "We" or "the Data Controllers") handle personal information provided through the mobile application or inWallet app, understood as the information technology application designed to be executed on smart phones, tablets and other mobile devices enabled by Fashion Retail (hereinafter, the "App") for the purpose of using the inWallet service (hereinafter, the "Service").

Whenever, when using the Service, you provide us with, or it is necessary for us to access your personal data, (information which, due to its nature, will allow us to identify you), whether it be to use the services or functionalities of the App, or to subscribe to our Newsletter, it shall be in accordance with the then current Privacy Policy and you should review such text to ensure you agree with it. For information on the processing of personal data that may be required for a particular functionality of the Service, review the text in the corresponding section of the inWallet Terms of Use, the Electronic Receipt Terms and Conditions for Purchases in the Inditex Group, as well as the present Privacy Policy or other referenced texts (hereinafter referred to jointly as the "inWallet Terms and Conditions"), which can be accessed at all times in the Terms and Conditions section of the App.

The present Privacy Policy affects both information containing personal data initially provided by you, as well as that which you may subsequently provide at any time when accessing and using the Services.

Also, if indicated in the respective functionality, that which is stated in the present Privacy Policy shall be applicable with regard to the interaction with or link to other websites, apps or platforms under the ownership of Fashion Retail or any other company within the Inditex Group that may correspond at any given time

1. REGISTRATION:

To register as an inWallet user, you are to provide us with your identification and contact data, as well as the number of at least one of your credit or debit cards, and any other information required on these, which shall be established as your favourite payment card to begin shopping.

So that we can process your user registration, you must provide all the information marked as required. The card validity must be verified by either providing us with additional information or authorising us to process your data in order to charge your card through the micropayment security system.

2. DATA COLLECTION AND MAIN PURPOSE FOR PROCESSING PERSONAL DATA

The personal data you provide us with shall be subject to processing in a file under the responsibility of Fashion Retail, who collects and processes your data to identify you as a user of the Service and provide you with access to the functionalities and applications available.

Failure to provide all information marked as required may result in it not being possible to manage your registration as a user of the App.

You may provide us with different types of personal data (such as your name, image (photo), billing or delivery addresses, telephone number, email address or debit or credit card number, Affinity card or gift or credit voucher cards from online stores and physical stores for Zara, Bershka, Pull&Bear, Massimo Dutti, Stradivarius, Zara Homeor any brands belonging at present or in the future to the Inditex Group) through the Service, both when registering as well as subsequently, which shall be processed by Fashion Retail for the following purposes:

i. The development, fulfilment and execution of the Service, through which you may:

- initiate payments, solely in Stores in the territory of the United Kingdom, under the trade names of Zara, Bershka, Pull&Bear, Massimo Dutti, Stradivarius, Zara Home, or any other brand belonging currently or in the future to the Inditex Group, and which offer and accept the Service (hereinafter the "Store" or jointly referred to as the "Stores"). The present Privacy Policy shall apply to users registered in United Kingdom;

- receive and access your receipts -and other associated documents- in electronic format, related to purchases made in Stores, whose payment is initiated with the Service, or have been included through the functionalities of scanning or receiving Store receipts, as well as the linking of online accounts, or any other that are available and are part of the Service (hereinafter the "Electronic Receipt").

ii. provide information regarding the use of transactions performed through the Service. The inWallet Service allows you to access information on transactions initiated through it.

iii. address any requests that you may present;

iv. Manage the different functionalities accessible through the Service, subject to availability, and whose details regarding the processing of personal data are described in the corresponding section of the inWallet Terms and Conditions.

v. Provide information on the functionalities, updates or new features of the Service, including the sending of communications by electronic means (e-mail, SMS, notifications through the app, etc.).

By agreeing to the present Privacy Policy, the user (you), guarantees that the personal information provided is true and accurate and agree to report any changes or modifications thereof. Any loss or damage caused to the App or the Service, to Stores, or to the companies responsible for these (Fashion Retail, companies to which the Stores belong, or any other entity belonging to the Inditex Group that may correspond at any given time), or to any third party, through the entering of false, inaccurate or incomplete information in the registration forms or through other means of providing information concerning personal data, shall be the sole responsibility of the user.

3. OTHER REQUIRED USES OF THE DATA:

To use the inWallet Services in Stores it is necessary for us to pass on the required information to the entity to which the Store belongs, in accordance with the required security protocols, for the provision of the corresponding service from your user account.

To fulfil the purposes described in the preceding paragraph, it may therefore be necessary to communicate or transfer the information provided by you to the Holding company of the Inditex Group [Industria de Diseño Textil, S.A. (INDITEX, S.A.)], as well as to those member companies of the Inditex Group, owners of the Stores in United Kingdom, namely Fashion Retail, S.A., Zara UK, LTD., Massimo Dutti UK, LTD., Zara Home UK, LTD., Bershka UK, LTD., Pull&Bear UK, LTD., Stradivarius UK Ltd. , or any other company within the Inditex Group that may correspond at any given time, in so far that these are directly involved. Hence, by registering and providing information through this Service, you expressly authorise us to communicate and/or transfer such data to the abovementioned companies.

Also, if necessary for the fulfilment of the above purposes, as well as for Service development or support, third-party providers of technology services, economic transaction management, customer services, or analysis of transactions made through the Services can access your personal data in order to provide our user customers with adequate guarantees for those transactions initiated with inWallet. Your authorisation includes those cases in which, for the efficiency of the service concerned, the providers may be located in the United States or in other countries or territories outside of the European Economic Area, with whom data processing agreements required in accordance with the applicable regulations, will have been be signed.

4. FUNCTIONALITIES:

Remember that, before you start using each functionality of the Service, you must read the specific section referring to it in the present Privacy Policy, as well as in the corresponding section of the inWallet Terms and Conditions. In the section you can check for any specific conditions of use, or if it requires any specific processing of personal data.

I. SAVING CARD DATA.

By activating and using the Service, as an inWallet user, you expressly authorise us to process the data marked as required for its activation and development

By saving your card details you allow us to use these to initiate payments for purchases made through the Service, making it unnecessary to re-enter the details for each purchase process. Such data shall be deemed to be valid and current in order to initiate payments for your purchases using these.

You can change the card established as your favourite or revoke your consent to process it at any time through the App.

You can also manage your preferences with regard to its data at any time, or revoke your consent to process these through the App.

The Service stores and transfers your card data in accordance with the main international confidentiality and security standards for credit and debit cards.

For more information on this functionality view the relevant section of our inWallet Terms of use.

II. ELECTRONIC RECEIPT FOR YOUR IN-STORE PURCHASES

By using the Service in Stores, you expressly authorise Fashion Retail to process, on behalf of each of the aforementioned companies that trade in stores belonging to the Inditex Group in UK, all personal data contained in your Electronic Receipt, required for the activation, reception and development of functionalities. Through this functionality of the Service you may access your Electronic Receipts, stored in a secure platform.

5. DATA SECUTITY:

Fashion Retail handles your personal data in compliance with the confidentiality requirements and security measures stipulated by the applicable legislation.

With regard to data concerning your cards, both the storage and transfer thereof is performed in accordance with the strict international security standards for this type of data.

Your email address and password(s), as well as your chosen security PIN, are used to identify you on the inWallet Service. Remember that your collaboration is essential for compliance with the security measures in force to protect your personal data. We therefore recommend that you use a personal email account to which only you have access and keep the passwords to access the Service confidential at all times. For more information see the FAQs section.

6. MANAGING MY PROFILE AND LINKING MY ONLINE ACCOUNTS

Through the "My Profile" section you can:

I. access and update all your personal data, as well as change your preferences.

II. Should this functionality be available, link your inWallet user profile to any active accounts that you may have as a registered user on platforms that trade online in the United Kingdom for Zara, Bershka, Pull & Bear, Massimo Dutti, Stradivarius, Zara Home or any other brand belonging at present or in the future to the Inditex Group in the United Kingdom and that uses this Service.

By requesting to link the account of each abovestated brand, you authorise Fashion Retail to process your personal information for the purpose of:

- checking that the email address provided corresponds to a registered user on the online sales platform with which you have requested the link;

- sending you a confirmation email and/or any other security procedures that may apply in each case, through which you can complete the linking of your account;

- providing you with access to the personal data contained in your linked account, specifically information regarding online shopping orders and returns.

7. USER RIGHTS:

FASHION RETAIL, S.A. with registered offices in Avenida de la Diputación, Edificio Inditex, 15143 Arteixo (A Coruña), Spain, as the Data Controller, undertakes to respect the confidentiality of your personal information and guarantee the exercise of your rights of access, rectification, cancellation and opposition in writing, addressed to "Data Protection Department (Función LOPD) - InWallet" at the above address, or by sending an email to dataprotection@inditex.com.

Should you decide to exercise these rights, please specify the email address used to sign in or to use the Service, and which rights of access, rectification, cancellation and opposition are being exercised. If necessary, we may request a photocopy of your national identity card, passport or other valid identification document

8. AMENDMENTS:

We recommend that you periodically read the Privacy Policy as it may be amended at any time. The current version can be accessed at any time through the Service. Should the inWallet Privacy Policy be amended, the Data Controllers shall give reasonable prior notice to users of the Service by posting such amendment on the inWallet App. By continuing to use the Service, you shall be assumed to have accepted the new text in effect.

Remember that it is your responsibility to periodically read the inWallet Privacy Policy as well as the other Terms and Conditions since the texts in effect at the time of use of the Service shall be those which apply.

Cookies Policy

 

BEFORE YOU START...

 

In this Cookies Policy you will find information on how we use cookies and similar devices installed on the terminals of our customers and users. The use of cookies may sometimes be related to personal data processing, therefore we recommend you consult our Privacy Policy, available on our Platform, if you would like information on how we use the personal data of our customers and users, how to exercise your rights, or the terminology we use to refer to our Platform (Website, App or Physical Stores).

 

 

INFORMATION ABOUT COOKIES

 

1.     What is a Cookie?

A cookie is a small text file that a website, app or other platform stores on your computer, tablet, smartphone or any other similar device, with information on your browsing and use, like a tag that identifies your device. Cookies are necessary, for example, to facilitate browsing and understand how users interact with platforms so they can be improved. They are also useful to provide advertising according to user preferences, as well as for other purposes detailed below. Cookies do not damage your computer or device.

By “Cookies” we are also referring to other, similar technologies used to install and/or collect information on or from your device such as flash cookies, web beacons or bugs, pixels, HTML5 (local storage), and SDK technologies for apps. The term Cookies also applies to the use of fingerprinting, in other words, techniques used to combine information that help us identify your device. These technologies sometimes run alongside cookies to collect and store information, either to provide you with certain features or services on our Platform, or to display third-party advertising according to your browsing.

This explanation is a general overview of what Cookies means and is for informational purposes only. The specific Cookies we use are detailed in the cookies settings panel on our Platform.

 

2.     What type of Cookies are there?

Please check this section which provides an overview of the type of Cookies that can be used in an online environment.

Cookies can be classified as follows, depending on the owner:

a.     First-party cookies: Are sent to the user’s computer or device from a computer or domain managed by the editor, and which provides the platform or service requested by the user.

 

b.     Third-party cookies: Are sent to the user’s computer or device from a computer or domain not managed by the editor, but rather by another entity that processes data obtained from the cookies.

Cookies can be classified as follows, depending on the purpose:

a.     Strictly necessary cookies (technical): The cookies that allow the user to browse a website, platform or app, and use the various options or services on it. For example, control traffic, identify data or session, access restricted access sections or content, remember the elements of an order, complete an order purchase process, manage payment, control fraud related to service security, use security elements during browsing, complete an application to register or participate in an event, store content for publishing videos and audio, enable dynamic content (for example, loading animation of a text or image) and share content on social media. As they are strictly necessary, technical cookies are downloaded by default when they are needed to display the platform or provide the service requested by the user.

 

b.     Functionality or customisation cookies: These cookies are needed to remember information so that the user can access the service or platform with specific characteristics that can differentiate their experience from that of other users. For example, language, number of results displayed when the user runs a search, appearance or content of the service based on the type of browser used, or the region from where the service is accessed, etc. Not accepting cookies may cause slow website performance or poorly adapted recommendations.

 

c.     Analysis cookies: These cookies can quantify the number of users, sections visited on the platform and how users interact with it to carry out statistical measurement and analysis on use, in order to implement improvements based on the analysis of data on how users use the platform or service.

 

 

d.     Behavioural advertising cookies: Are those which store information on user behaviour obtained from continuous observation of their browsing habits, which allows us to develop a specific profile for displaying advertising adapted to these habits. These cookies allow for the most effective management possible of any advertising space the editor has included directly or in collaboration with third parties.

 

 

3.     What are Cookies used for on our Platform?

Cookies are an essential part of our how Platform works. The main goal of our Cookies is to make your browsing experience as easy and efficient as possible. For example, they are used to remember your preferences (language, country, etc.) when browsing and during future visits. We also use our Cookies to continuously improve our services and Platform, and to offer customised advertising according to your browsing habits.

Information collected on Cookies also allows us to improve our Platform by making estimates on statistical data and patterns of use (number of visits, most visited sections, visit time, etc.), gain a statistical understanding of how users interact with the Platform so as to improve our services, and to adapt the Platform to your individual interests, accelerate searches, etc.

We may sometimes use Cookies to obtain information that enables us to display advertising, from our Platform, third-party platforms or any other means, based on an analysis of your browsing habits (products visited, sections consulted, etc.).

In any case, the Cookies we use never store sensitive information such as passwords, credit or debit card details, etc.

 

4.     How can I manage the use of Cookies on this Platform?

In the Cookies settings panel, available at all times on our Platform, you can find all the information on the Cookies used by this Platform, along with information on the purpose, duration and management (first or third-party) of each Cookie, so you can enable or disable the use of Cookies that are not strictly necessary for Platform functioning.

Alternatively, if you are browsing the Internet, you can disable the use of Cookies on your browser. Here is how to do this on the most popular browsers:

               Google Chrome

               Internet Explorer

               Mozilla Firefox

               Safari

You can prevent the use of Cookies at any time.

Please remember that both managing the Cookies settings panel and opting to reject Cookies is specific to each browser you are using. Therefore, if you configure Cookies one way on one device and want your option to apply equally to another device, you must enable the same option on the other device.

Additionally, regarding third-party Cookies used to provide advertising based on your interests, please note that certain third parties may be members of some of the following self-regulatory programmes for online behavioural advertising, with the relevant voluntary exclusion options:

               Network Advertising Initiative (NAI) - http://www.networkadvertising.org/choices/

               Google Analytics - https://tools.google.com/dlpage/gaoptout

 

5.     Who uses the information stored on Cookies?

The information stored on our Platform Cookies is only used by us, except those identified in section 2 as “Third-party cookies”, which are used and managed by external entities to provide us services aimed at improving our services and the user experience when browsing on our Platform. More information in the Cookies settings panel available at all times on our Platform.

For more detailed information on how we process your personal data in collaboration with third parties and on data subject to international data transfers, please read our Privacy Policy available on our Platform, and the privacy policies/privacy settings of these third-party collaborators, available on their platforms.