ZOETOP Business Co., Limited, having its registered address at ROOM 19-112, 21/F, 14 TAIKOO WAN ROAD, TAIKOO SHING, HONG KONG is the responsible controller for the processing of your information unless the processing relates to sales transactions with customers from the European Economic Area, the UK or Switzerland; in such case, ZENITH BUSINESS CO., LIMITED, Registered at Unit 3, Lake Farm House Allington Lane, Fair Oak, Eastleigh, Hampshire, United Kingdom, SO50 7DD will be the responsible controller for the processing of your information.
Please read our Terms and Conditions and this Policy before accessing or using our Services. If you cannot agree with this Policy or the Terms and Conditions, please do not access or use our Services. If you are located in a jurisdiction outside the European Economic Area, by using our Services, you accept the Terms and Conditions and accept our privacy practices described in this Policy.
We may modify this Policy at any time, without prior notice, and changes may apply to any Personal Information we already hold about you, as well as any new Personal Information collected after the Policy is modified. If we make changes, we will notify you by revising the date at the top of this Policy. We will provide you with advanced notice if we make any material changes to how we collect, use or disclose your Personal Information that impact your rights under this Policy. If you are located in a jurisdiction other than the European Economic Area, the United Kingdom or Switzerland (collectively “European Countries”), your continued access or use of our Services after receiving the notice of changes, constitutes your acknowledgement that you accept the updated Policy.
In addition, we may provide you with real time disclosures or additional information about the Personal Information handling practices of specific parts of our Services. Such notices may supplement this Policy or provide you with additional choices about how we process your Personal Information.
1. Personal Information We Collect
The types of personal information that we may collect about you include:
- A.Information You Directly and Voluntarily Provide to Us to execute the purchase or services contract. We collect your personal information you give us when you use our Services. For example, if you visit our Site and place an order, we collect information that you provide to us during the ordering process. This information will include your first and last name, mailing address, email address, phone number, payment account or credit card information. In some regions, , passport information and tax number are also needed for customer clearance . We may also collect personal information when you communicate with any of our departments such as customer service, or when you complete online forms or surveys provided on the Site. You may also choose to provide your email address to us if you would like to receive information about the products and services that the SHEIN offers, such as SHEIN Style News.
- B.Information You Provide to us to improve our products and services. You may voluntarily provide us with your height, age, and weight and measurements and your preference. This information is used by us to recommend clothing sizes, and to provide fit prediction services for you.
- C.Information You Post on the Site. If you post information on public areas of the Site, for example a customer review, that information may be collected and used by SHEIN, users of the Site, and the public generally. We strongly recommend that you do not post any information through the Site that allows strangers to identify or locate you or that you otherwise do not want to share with the public.
- D.Information You Provide through our Live Chat on the Site. You may provide personal information through our Live Chat which is available on the Site 24 hours a day. We strongly recommend that you do not post any information through the Live Chat that you are not comfortable sharing with a chat employee.
We may also store your voice information when you communicate with customer service via voice for related issues, and we keep your voice information secure.
- Information we collect in connection with a Promotion will be used to administer the Promotion, such as by notifying winners and distributing prizes. As permitted by applicable law, your information may also be used by SHEIN or the Promotion sponsor for marketing purposes. Your entry into the Promotion may result in the addition of your information to our mailing list as well as to the mailing list of our promotional partners. Acceptance of a prize may require you (unless prohibited by law) to allow us to post publicly some of your information via the Site, such as on a winner's page.
- F.Information Automatically Collected Through the Site. We may automatically collect personal information about you when you use the Site. For example, if you access the Site through a computer, we will automatically collect information such as your browser type and version, computer and connection information, Internet Protocol (“IP”) address and standard web log information. If you access the Site through a mobile device, we may also be able to identify the location of your mobile device. You may choose not to share your location details with us by adjusting your mobile device’s location services settings. For instructions on changing the relevant settings, please contact your service provider or device manufacturer. Please see section 2 below to learn more about our automatic Personal information processing activities.
- G.Combination and automated information. We may also combine the information we collect among our services and across your devices and use different technologies to process your information for the purposes described above. For example, we use automated systems that analyze your account status and payment information to detect the unsafe and unsecured payment. We also use automated systems to assess security of your account and provide you suggestion to improve the security of your account.
2. Cookies and Other Tracking Technologies
- A.Cookies. The cookies are small web files that a site or its provider transfers to your device’s hard drive through your web browser that enables the site’s or provider’s system to recognize your browser and remember certain information.
- Generally, we use first-party and third-party cookies for the following purposes: to make our Services function properly; to provide a secure browsing experience during your use of our Services; to collect passive information about your use of our Services; to measure how you interact with our marketing campaigns; to help us improve our Services; and to remember your preferences for your convenience.
- We use the following types of cookies on our Services:
- Strictly Necessary Cookies. These cookies are essential because they enable you to use our Services. For example, strictly necessary cookies allow you to access secure areas on our Services. Without these cookies, some services cannot be provided. These cookies do not gather information about you for marketing purposes. This category of cookies is essential for our Services to work and they cannot be disabled.
- Functional Cookies. We use functional cookies to remember your choices so we can tailor our Services to provide you with enhanced features and personalized content. For example, these cookies can be used to remember your name or preferences on our Services. We do not use functional cookies to target you with online marketing. While these cookies can be disabled, this may result in less functionality during your use of our Services.
- Performance or Analytic Cookies. These cookies collect passive information about how you use our Services, including webpages you visit and links you click. We use the information collected by such cookies to improve and optimize our Services. We do not use these cookies to target you with online marketing. You can disable these cookies.
- Advertising or Targeting Cookies. These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests. Our third-party advertising partners may use these cookies to build a profile of your interests and deliver relevant advertising on other sites. You may disable the use of these cookies as set forth below.
- B.Other Tracking Technologies. To see how successfully our marketing campaigns or other Site goals are performing we sometimes use conversion pixels, which fire a short line of code to tell us when you have clicked on a particular button or reached a particular page (e.g. a thank you page once you have completed the procedure for subscribing to one of our services or have completed one of our forms). We also use web pixels to analyze usage patterns on our Site. The use of a pixel allows SHEIN to record that a particular device, browser, or application has visited a particular webpage.
- C.Your Choices. Your browser may provide you with the option to refuse some or all browser cookies. You may also be able to remove cookies from your browser. You can exercise your preferences in relation to cookies served on our Sites by taking the steps outlined below.
We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. In addition, most web browsers provide help pages relating to setting cookie preferences. More information may be found for the following browsers here:
- First-Party Cookies. You can use the browser with which you are viewing this Site to enable, disable or delete cookies. To do this, follow the instructions provided by your browser (usually located within the “Help”, “Tools” or “Edit” settings). Please note, if you set your browser to disable cookies, you may not be able to access secure areas of the Site. Also, if you disable cookies other parts of the Services may not work properly. You can find more information about how to change your browser cookie settings at http://www.allaboutcookies.org.
- Mobile Advertising: If you are not located in the European Countries, you can opt out of having your mobile advertising identifiers used for certain types of advertising by accessing the settings in mobile device and following the instructions. If you opt-out, we will remove all data about you and will not collect any further data. The random ID previously assigned to you will be removed. Thus, if at a later stage, you decide to opt-in, we will be unable to continue to track you using the prior ID and you will for all practical purposes be a new user. If you are located in the European Countries, the cookie banner on our website will provide you the opportunity to consent to having your mobile advertising identifiers used for certain types of advertising by accessing the settings in mobile device.
- Third-Party Cookies. If you are not located in the European Countries, to opt-out of third-party advertising networks and similar entities that use advertising cookies go to http://www.aboutads.info/choices. Once you click the link you may choose to opt-out of such advertising from all participating advertising companies or only advertising provided by specific advertising entities. For more information about third-party advertising networks and similar entities that use these technologies, please see http://www.aboutads.info/consumers . If you are not located in the European Countries, the cookie banner on our website will provide you the opportunity to consent to having third-party advertising cookies.
- D.Analytics. If you are not located in the European Countries, we may use third-party service providers to monitor and analyze the use of our Site. Presently, we use Google Analytics. Google Analytics is a web analytics service offered by Google LLC (“Google”) that tracks and reports Site traffic. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en . Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics, available at: https://tools.google.com/dlpage/gaoptout . If you are located in the European Countries, and the Google Analytics is structured to collect Personal Information, the cookie banner on our website will provide you the opportunity to consent to Google Analytics.
- F.Other Tracking Technologies. We may also use Tracking Technologies to collect "clickstream" data, such as the domain name of the service providing you with Internet access, your device type, IP address used to connect your computer to the Internet, your browser type and version, operating system and platform, the average time spent on our Site, webpages viewed, content searched for, access times and other relevant statistics, and assign unique identifiers to the device or other credentials you use to access the Site for the same purposes.
- Pages of our Site and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
- Pages of our Site may also use Java scripts, which are code snippets embedded in various parts of websites and applications that facilitate a variety of operations including accelerating the refresh speed of certain functionality or monitoring usage of various online components; entity tags, which are HTTP code mechanisms that allow portions of websites to be stored or “cached” within your browser to accelerate website performance; and HTML5 local storage, which allows data from websites to be stored or “cached” within your browser to store and retrieve data in HTML5 pages when the website is revisited.
- G.Do Not Track. Some Internet browsers, such as Internet Explorer, Firefox, and Safari, include the ability to transmit “Do Not Track” or “DNT” signals. Since uniform standards for “DNT" signals have not been adopted, our Site does not currently process or respond to “DNT” signals.
- H.Location Information. You may be able to adjust the settings of your device so that information about your physical location is not sent to us or third-parties by (a) disabling location services within the device settings; or (b) denying certain websites or mobile applications permission to access location information by changing the relevant preferences and permissions in your mobile device or browser settings. Please note that your location may be derived from your WiFi, Bluetooth, and other device settings. See your device settings for more information.
3. How We Use Your Personal Information
- B.For Internal Use. We use your personal information for the purposes of furthering our business, including improving our Site's content and functionality by analyzing where, on which types of devices and how our Site is used, how many visitors we receive, and where they click through to the Site from. We also use it to remember you in case you re-visit our Site, so we will know if you have already been served with surveys, or (where Site content is undergoing testing) which version of the content you were served.
- D.To Provide Customer Support or Respond to You. We collect any information that you provide to us when you contact us. Without your personal information, we cannot respond to you or ensure your continued use and enjoyment of the Services.
- E.To Ensure the Security of the Services. We care about keeping you secure and safe while using our Services. Keeping you safe requires us to process your personal information, such as your device information, activity information and other relevant information. We use such information to combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor and verify your identity so that unauthorized users do not gain access to your information. We cannot ensure the security of our Services if we do not process your personal information for security purposes.
- F.To Enforce Compliance with Our Terms and Agreements or Policies. When you access or use our Services, you are bound to our Terms and Conditions. To ensure you comply with them, we process your personal information by actively monitoring, investigating, preventing and mitigating any alleged or actual prohibited, illicit or illegal activities on our Services. Subject to the applicable law, we may also process your personal information to: investigate, prevent or mitigate violations of our internal terms, agreements or policies and enforce our agreements with third parties and business partners.
- G.To Maintain Legal and Regulatory Compliance. Our Services are subject to certain laws and regulations which may require us to process your personal information. For example, we process your personal information to pay our taxes, to fulfill our business obligations, ensure compliance with employment and recruitment laws or as necessary to manage risk as required under applicable law. Without processing your personal information for such purposes, we cannot perform the Services in accordance with our legal and regulatory requirements.
4. Sharing Your Personal Information
Other than sharing your personal information so that you can use our Services, or as required or permitted by law, we do not share personal information about you with non-affiliated third parties. We may disclose your personal information as described below.
- A.Within Our Corporate Organization. SHEIN is a part of a corporate organization that has several legal entities, business processes, management structures and technical systems. SHEIN may share your personal information within this organization to provide you with the Services and take actions based on your request.
- B.Third Parties. We may share your personal information with third-party service providers acting on our behalf to help us operate our Services. These third parties can only use your data in accordance with our written instructions and must comply with the information security protections we have put in place.
- C.To Maintain Legal and Regulatory Compliance. We have the right to disclose your personal information as required by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on SHEIN. If there is a takeover, sale or purchase of our business, we may disclose your personal information to the new (or prospective) owner of the business.
- D.Third Party Advertisers. In certain circumstances, and subject to the applicable law, we may share your personal information with third parties to market their products or services to you.
- F.Consent. We may disclose your personal information for any purpose with your consent.
5. Security Precautions
We maintain physical, electronic, and procedural safeguards designed to guard and prevent misuse of your personal information. Our security measures include industry-standard physical, technical and administrative measures to prevent unauthorized access to or disclosure of your information, to maintain data accuracy, to ensure the appropriate use of information, and otherwise safeguard your personal information. We restrict access to your non-public personal information to those employees and third parties who need such information to provide products or Services.
Please recognize that protecting your personal information is also your responsibility. We ask you to be responsible for safeguarding your password, secret questions and answers and other authentication information you use to access our Services.
If you feel that the security of your account or personal data has been compromised, please immediately contact us at following email address email@example.com . Please be aware that, despite our best efforts, no security system is impenetrable. In the event of a security breach, we will promptly notify you and the proper authorities if required by law.
6. Your Rights
We take reasonable steps to ensure that your personal information is accurate, complete, and up to date. You have the right to access, correct, or delete the personal information that we collect, subject to certain exceptions. To protect the privacy and the security of your personal information, we may request data from you to enable us to confirm your identity and right to access such data, as well as to search for and provide you with the personal data we maintain. There are instances where applicable laws or regulatory requirements allow or require us to refuse to provide or delete some or all of the personal information that we maintain. You may Contact Us to exercise your rights.
If you send us correspondence, including emails, we retain such information electronically in the records of your account. We will also electronically retain customer service correspondence and other correspondence from SHEIN to you. We retain these records to measure and improve our customer service and to investigate potential fraud and violations. We may, over time, delete these records as permitted by law.
SHEIN will also retain Site and services usage data for internal analysis purposes. Usage data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Site, or we are legally obligated to retain this data for longer periods.
8. Third-Party Websites
Our Services are not directed to, and we do not knowingly collect personal information from, children under the age of 16. If you are under 16, please do not attempt to fill out our forms or send any personal information about yourself to us. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information from our files.
10. Notice for California Residents
This section applies only to California residents. Pursuant to the CCPA, below is a summary for the last twelve (12) months of the personal information categories, as identified and defined by the CCPA (see California Civil Code section 1798.140 (o)), that we collect, the reason we collect the personal information, where we obtain the personal information, and the third parties that we may share the personal information.
We generally collect the following categories of personal information when you use our Services:
- identifiers such as a name, address, unique personal identifier, email, phone number, your device’s IP address, software, and identification numbers associated with your devices;
- commercial information such as records of products or services purchased, obtained, or considered by you;
- Internet or other electronic information regarding you browsing history, search history, the webpage visited before you came to our Site, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information;
- your geolocation, to the extent you have configured your device to permit us to collect such information;
- audio recordings of your voice to the extent you call us, as permitted under applicable law; and
- inferences about your preferences, characteristics, behavior and attitudes.
We generally do not collect protected classifications about our users, biometric information, professional or employment-related information, or education-related information. For more information about the personal information we collect and how we collect it, please refer to sections 1 and 2 above.
We collect your personal information for the business purposes described in section 3. The CCPA defines a “business purpose” as the use of personal information for the business’s operational purposes, or other notified purposes, provided the use of personal information is reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected or another operational purpose that is compatible with the context in which the personal information was collected.
The categories of third parties with whom we may share your personal information are listed above in section 4, above.
If you are a California resident, you have rights in relation to your personal information; however, your rights are subject to certain exceptions. For instance, SHEIN cannot disclose specific pieces of personal information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the personal information, your account with us or the security of our network systems. To assert your right to know or your right to delete your personal information, please contact us by email at firstname.lastname@example.org . To confirm your identity, we may ask you to verify personal information we already have on file for you. If we cannot verify your identity based on the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.
- Right Against Discrimination. You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising your right to know, delete or opt-out of sales.
- Right to Know. You have the right to request in writing: (i) a list of the categories of personal information, such as name, address, email address, that a business has disclosed to third parties during the immediately preceding calendar year for the third parties' direct marketing purposes, and (ii) the names and addresses of all such third parties. In addition, you have the right to request: (i) the categories of personal information we have collected about you, (ii) the categories of sources from which personal information is collected, (iii) the business or commercial purpose for the information collection, (iv) the categories of third parties with whom we have shared personal information, and (v) the specific pieces of personal information we hold about an individual. You have the right to request a copy of the specific personal information we collected about you during the 12 months before your request.
- Right to Delete. You have the right to request us delete any personal information we have collected from you or maintain about you, subject to certain exceptions.
- Right to Opt-Out of Selling. You have the right to opt-out of having your personal information sold. We do not sell your personal information. The CCPA broadly defines “personal information” and “selling” such that sharing identifiers linked to you for a benefit may be considered a sale. In 2019, we were sharing identifiers and inferences about you with our partners, third parties and affiliates in such a way that, under the CCPA, may be defined as selling. As noted above, you have the right to know the categories of personal information that we sold about you and the categories of third parties with whom we shared such information.
In addition, California Civil Code Section 1798.83 permits customers of SHEIN who are California residents to request certain information regarding our disclosure of personal information to third-parties for their direct marketing purposes. In your request, please specify that you want a “California Shine the Light Notice.” Please allow 30 days for a response. To make such a request, pleasewrite us at: email@example.com .
11. Notice to Individuals in the European Economic Area, the United Kingdom and Switzerland
This section only applies to individuals using or accessing our Service while located in the European Economic Area, the United Kingdom, or Switzerland (collectively, the “European Countries”) at the time of data collection. Pursuant to the EU’s General Data Protection Regulation (GDPR), personal information is referred to as personal data. For the sake of clarity references to personal information in this Policy concerns personal data in the sense of the GDPR.
We may ask you to identify which country you are located in when you use or access some of the Services, or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in European Countries. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to individuals in a European Country.
Our Relationship to You. Your personal information is collected and processed by ZOETOP Business Co., Limited, Incorporated in HongKong, which is operating the website and the sale of SHEIN brand products. In other words, ZOETOP Business Co., Limited is the Controller of the data. This means that we are responsible for processing and protecting your personal data.
Legal Bases for Processing Your Personal Information. We rely on the following legal bases under the GDPR in processing your personal information.
- Section 2 In relation to mobile Advertising and third-party advertising and analytics cookies, that collect your personal information, as described in that Section.
- Section 4(D) Third Party Advertisers
- Section 4(F) Consent
- Section 3(A) To Provide You Our Services
- Section 3(C) To Provide You with Service-Related Communications
- Section 3(D) To Provide Customer Support or Respond to You
- Section 4(A) Within Our Corporate Organization
- Section 4(B) Third Parties
- Section 4(E) Co-Branded Services or Features
- Section 3(B) For Internal Use
- Section 3(E) To Ensure the Security of the Services
- Section 3(F) To Enforce Compliance with Our Terms and Agreements or Policies
- Section 3(G) To Maintain Legal and Regulatory Compliance
- Section 4(C) To Maintain Legal and Regulatory Compliance
Marketing. We will only contact you if you are located in a European Country by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law or your consent. If you do not want us to use your Personal Information in this way, please click the unsubscribe link at the bottom of any of our email messages to you or contact us at firstname.lastname@example.org You can object to direct marketing at any time and free of charge.
Individual Rights. We provide you with the rights described below when you use our Services. We may limit your individual rights requests: (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; or (d) where the request is frivolous or unrealistic. If you would like to exercise your rights under applicable law, please contact us at email@example.com .
- You can request access or deletion of your personal information, subject to certain exceptions.
- You can correct or update your personal information, object to processing of your personal information, ask us to restrict processing your personal information or request portability of your personal information.
- If we collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of the processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information.
Transfer of Your Personal Information. When you access or use our Services, your personal information may be processed or transferred outside the EEA. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. For these transfers we rely on appropriate safeguards as permitted under the GDPR such as Standard Contractual Clauses, contract with Privacy Shield certified companies, and/or transfer the personal information pursuant to Article 49 (1) (b) GDPR to provide our Services pursuant to the Terms of Service. If you do not want your information transferred to, processed, or maintained outside of the country or jurisdiction where you are located, you should immediately stop accessing or using the Services. For further details about these transfers and the safeguards that we use to facilitate such transfers .