Geox S.p.A. hereby wishes to inform visitors to the “www.geox.com” website (hereinafter the
“Website”) of its policy with respect to collecting, using and sharing of personal
Website users, emphasising its commitment and attention to protecting the privacy of Website
use the Website, even when you simply navigate it without purchasing any products.
Please also read the Terms and Conditions of
Use of the Website, into which this Privacy
Policy is incorporated by this reference, and which, together (and also including any
additional documents referenced in, or incorporated into the Terms and Conditions), form the
agreement between you and Geox S.p.A. with respect to your use and access to our Website.
Navigation within the Website is free and does not require registration, with the exception
of certain areas in which you may freely and expressly provide a set of personal data to
access certain services (e.g. to register for My Geox, sign up for email updates or request
information, etc.). Data provided by you to access these additional services shall be in
accordance with EU Regulation 679/2016 General Data Protection Regulation (the
and in accordance with the provisions of this policy. “Personal data” as used herein
any information relating to an identified or identifiable natural person, such as, but not
limited to, your name, email address, phone number, or mailing address.
This policy applies to information we collect:
- • On the Website.
- • In email, text, and other electronic messages between you and the
- • When you use our “contact us” or similar feature on the Website, when you
call our telephone number listed on the Website, or when send emails to the
e-mail address listed on our Website.
- • In our brick and mortar stores.
- • Through any other means associated with or relating to the Website.
This policy does not apply to information collected by:
- •us through any other means, including on any other website operated by
Geox S.p.A. or any third party (including our affiliates and subsidiaries); or
- •any third party, including through any application or content (including
advertising) that may link to or be accessible from or on the Website.
The Children’s Online Privacy Protection Act Disclosure (Pertaining to Children Under
the Age of 13)
In accordance with the requirements of The Children’s Online Privacy Protection Act of
1998, we do not knowingly collect personal data from children under the age of thirteen
(13). If you are under thirteen (13), do not use or provide any information on this
Website or on or through any of its features or register on the Website, make any
purchases through the Website or contact us, or provide any information about yourself
to us, including your name, address, telephone number, email address, or any screen name
or user name you may use. If we learn we have collected or received personal information
from a child under thirteen (13) years of age without verification of parental consent,
we will delete that information. If you believe we might have any information from or
about a child under the age of thirteen (13), please contact us at email@example.com..
Information We Collect About You and How We Collect It
We may collect several types of information from and about users of our Website,
- • that is personal data;
- • that is about you but individually does not identify or permit us to
identify you, such as the type of browser you use; and
- • about your internet connection and service provider, the equipment you
use to access our Website, your browsing history, and other usage and technical
We collect this information:
- • Directly from you when you provide it to us;
- • Automatically as you navigate through the Website. Information collected
automatically may include usage details, IP addresses, and information collected
through cookies and other tracking technologies; or
- • From third parties, for example, our business partners.
Information Provided According to the Regulation (as defined herein).
1. Data Controllers
Geox S.p.A., with registered office at Via Feltrina Centro 16, 31044 Biadene di
Montebelluna, Treviso (Italy), VAT no. IT03348440268, is deemed pursuant to the
Regulation to be a data controller, because it makes decisions as to what personal data
about you it requires or needs to collect or process, and how to use and share that data
(hereinafter “Data Controller”)
S & A Retail, Inc. with registered office at 530 7th Avenue, Suite 1005, New York NY 10018, Federal Tax ID no. 58-2485366, is also a controller with respect to
personal data related to sales of our products to you, invoicing, delivery and
When we refer to “Geox” or “us”, “our” and similar variants in this
policy, we are
referring to both Geox S.p.A. and S & A Retail, Inc., collectively.
2. Types of Personal Data Processed
Registration is not required in order to simply view or access the Website. However, there
are sections of the Website that do require registration or the use of a username and
password to access certain information (e.g., to log in to the My Geox reserved area or to
complete the online purchasing process as a guest). There are also services on our Website
for which you need to provide your personal details (e.g. your personal data will be
requested if you sign up to receive our email updates or when you contact us, etc.).
Personal data obtained by Geox through the use of the Website will be processed by Geox in
accordance with this policy.
The personal data we request on the Website such as your first and last name, telephone
number, and e-mail address, may be marked as “mandatory” [e.g., indicated with a (*)] as
they are necessary to access the services of the Website you wish to use (e.g., if you place
an order). Failure to provide this data marked as “mandatory” will result in our inability
to provide you the requested service (e.g., if you fail to give us your email address, we
cannot send you our email updates; if you fail to provide your mailing address, we cannot
send you any products you may wish to order). Failure to provide data marked as “optional”
will not have any consequences.
We may collect non-personal data (data which does not by itself identify you specifically,
and which cannot be used when combined with other data for the purpose of identifying you
specifically) about your computing devices, network, internet service or other technical
data pertaining to your equipment, internet service provider, and your use of the Website,
without limitation, and process, use or share this data for any purpose without notice to
you, or consent from you.
Personal data about you is collected, processed, used, and sometimes shared with third
parties as described in this policy, for the following purposes which are related to your
use of the Website and our services (e.g., when you purchase our products):
A) Guest Purchase:
Data provided by completing the purchase process on the Website are necessary to:
- complete the sale of the products you purchased (which allows us to perform our
obligations pursuant to our contract with you relating to such sale);
- fulfil tax and accounting obligations relating to your purchase (e.g., to report
taxes you paid on the purchase to the applicable taxing authority and disburse those
tax funds to them);
- handle any after-sales services (e.g. customer service functions, such as if you
need to make a return or tell us about a concern with a product you purchased);
- to comply with our legal obligations.
Our collection, processing and use of this type of personal data does not require your
specific consent pursuant to the Regulation.
B) Sign Up Email Registration:
If you sign up to receive our email updates, you will be required to provide us with your
This personal data will be processed on the basis of your consent (when you sign up to
receive our email updates).
C) “My Geox” Registration:
Your personal data and any data relating to your purchases will be collected, processed and
- create and maintain your My Geox personal account so that you may access special
members-only services and benefits on the Website (e.g., making purchasing faster
checkout”, checking your purchase history, etc.).
Your personal data in this case will be processed on the basis of your consent (when
provide it by opening your personal account), pursuant to Article 6(1)(a) of the
Without this personal data Geox will not be able to provide you access to your
account, or associated services.
- Marketing Purposes:
If you have provided your consent for us to do so, we may send you e-mails updating
about our products, our services, including by sending you advertising and
materials, which may include personalised information obtained through profiling (if
have agreed in advance to receive such communications from us).
- Purpose of Analysis of Your Preferences:
If you have consented, we will collect your personal data for the purpose of
marketing tool we use to understand our customers, which includes analysing your
activities, so that we may understand your interests, and your purchasing
other things). This activity allows us to improve our offerings and our Website, and
personalize our offers to you.
We will process this personal data based on your consent only. You can always freely
withdraw your consent by updating your preferences on the Website. You may also
provide your consent to these activities initially, but can still create your My
D) Contact Us:
We will collect your personal data when you provide it to us through the “contact us” or similar available feature (e.g. live chat) on our Website, or if you contact us via e-mail or at the telephone number listed on our Website. Please note that, if you use our live chat feature, your data will be processed for providing you with the requested assistance and customer care purposes.
Collection, processing and use of this type of data is necessary for us to respond to your query or request for information, as well as for allowing us to better improve our products and services. Your consent is not required for this type of processing pursuant to the Regulation.
We may process your personal data in both electronic and paper form.
Geox will use commercially reasonable efforts in an attempt to ensure that your personal
data entrusted to us as described in this policy will be processed lawfully.
We will use commercially reasonable efforts to ensure that your personal data collected from
the Website is transmitted from the Website to our servers through an https connection, in
an attempt to prevent interception by unauthorized third parties.
We implement security measures designed to ensure the security of the Website.
If you give us your consent to your personal data for marketing and profiling purposes, we
may analyse your information (e.g. your purchases, Website usage data – including pages
visited, products you put into your shopping cart on our Website, etc.) and put that
information together with your personal data in order to understand your tastes and
preferences, so that we can improve our services and also send you personalized offers.
Please note that all of our data analytics concerning your preferences may not be solely
automated, but may be carried out and assessed by our representatives.
6. Data retention
We may retain, share, process and use non personal data in perpetuity for any purpose.
Any personal data provided to us on or through the Website or when contacting us at the
email address or telephone number provided on the Website shall be processed for the length
of time specified below:
||Your personal data will be processed for as long as it is necessary to manage
and complete your purchases, and thereafter as required for us to comply with
our tax, accounting and legal obligations; subsequently the data will be deleted
or rendered anonymous.
|Sign Up Email Registration
||Your personal data will be processed for the entire time that you subscribe to
the email updates service or, in any event, until your consent is withdrawn
(which you may do at any time); thereafter, the data will be deleted or rendered
|“My Geox” Registration
||Your personal data will be processed for as long as your My Geox registration is
valid and on the basis of your consents, without prejudice to your ability to
withdraw your consent at any time.
If you provide your consent for us to process your personal data for marketing
and profiling purposes, we will process your sales-related data:
(i) for 12 months in order to analyse your preferences;
(ii) for 24 months to send you materials and communications based on results of
||Your personal data will be processed for the time it takes to properly handle your request and to allow us to better understand our customers and improve our services; then your personal data will be anonymized (once anonymized, it will no longer be considered personal information).
With regard to the retention times for data collected through the use of tracking
7. Links to other websites
If you access such other websites by using a link provided on our Website, please be aware
that this policy does not apply to collection, processing, transfer or use of your
understand the third party’s privacy policies. We do not control and are not responsible for
any data collection, usage, sharing or processing activities of such third parties.
Also, some content or applications, including advertisements, on the Website may be served
by third-parties, including advertisers, ad networks and servers, content providers, and
other tracking technologies to collect information about you when you use our Website. The
information they collect may be associated with your personal data or they may collect
information, including personal data, about your online activities over time and across
different websites and other online services. They may use this information to provide you
with interest-based (behavioral) advertising or other targeted content.
We do not control these third parties' tracking technologies or how they may be used. If you
have any questions about an advertisement or other targeted content, you should contact the
responsible provider directly.
8. Profiling and/or targeting tools
The Website uses “cookies”, which may be technical (i.e. to facilitate navigation and use of
the Website) and/or profiling (i.e. to analyse users and their behaviours and preferences,
and provide them with targeted advertising).
For a detailed explanation of cookies used by this Website and how to deactivate them,
9. Data processors
In addition to Geox, the data processing connected with the services provided by or through
the Website may be carried out by: (i) authorised data processing personnel appointed
Geox; (ii) companies providing services related to the management, maintenance and
development of the Website; (iii) companies entrusted to manage the sales, payment
delivery functions for the products; (iv) companies responsible for the preparation,
handling and sending of email updates, advertising and promotional materials; (v)
that analyse your purchases (e.g., the type of products and when you purchased them) and the
use of our Website (e.g., your browsing on our Website, your interest in our advertising
etc.); (vi) companies responsible for the handling of “Customer Service”;
affiliates and those who operate our and their respective retail stores.
A complete list of external data processors appointed by Geox can be obtained by contacting
firstname.lastname@example.org. Geox will endeavour to provide this
list within a reasonable time from your verifiable request.
10. Data transfer outside European Union
To enable us to properly manage our Website, your personal data will be held in the
European Union, or transferred to countries outside the European Union. When doing so,
Geox will use reasonable efforts in an attempt to ensure that such transfer occurs in
compliance with the guarantees, safeguards and rights provided in the Regulation.
The Regulation provides that your specific consent is not required for the transfer of
your personal data to third countries when: (i) such transfer is performed in accordance
with Article 45 of the Regulation) (i.e., if data are transferred to a country to which
the EU Commission has granted the designation of “adequate”, meaning they are considered
to provide an adequate level of protection with respect to personal data); or (ii) as
permitted pursuant to Articles 46 and 47 of the Regulation (e.g., to companies part of
the “Privacy Shield” framework between the US and the EU). You can find more information
on the Privacy Shield here: https://www.privacyshield.gov/welcome.
Geox endeavours to
comply with these provisions of the Regulation.
Upon request and given a reasonable amount of time for us to respond, you may write to
email@example.com to request information on the
existence of an adequacy decision or on the safeguards adopted to allow your data to be
11. Rights of data subjects
By e-mail to be sent to firstname.lastname@example.org, you may
at any time exercise the rights set out in Articles 15 to 22 of the Regulation, which
permit you to request:
- - confirmation as to whether personal data concerning you is being processed;
- - access to your personal data and the information indicated in Article 15 of
- - rectification of inaccurate personal data concerning you or completion of
incomplete personal data;
- - erasure of personal data concerning you;
- - restriction of processing of personal data concerning you;
- - notification regarding rectification, erasure or restriction of processing of
personal data concerning you;
- - the right to receive the personal data concerning you in a structured,
commonly used and machine-readable format; or
- - the right to object at any time, on grounds relating to your particular
situation, to processing of personal data concerning you.
You can also:
- - object to the processing of your personal data, particularly for marketing
purposes or the analysis of your purchasing habits or preferences;
- - withdraw your consent to any activity that requires us to have it.
All such requests will be processed in accordance with the Regulation.
Please be aware that the making of any of the requests set forth herein does not
guarantee that we will comply with your request, if there is a reason for us not to do
so in accordance with the Regulation.
12. Where to lodge a complaint
If you believe that the processing of your personal data violates the provisions of the
Regulation, you may make a complaint to the Italian Data Protection Authority
(www.garanteprivacy.it), or to the Data Protection
Authority of the country in which you
reside, if applicable, or, finally, of the place where you believe the violation occurred.
13. Applicable law
14. Revision clause
in part, at its sole discretion, in any manner and/or at any time. If it does so, it will
endeavour to (i) e-mail users registered on the Website to notify them of the change,
(ii) publish on the homepage of the Website a notice of such a change. The revised
Policy will be binding as soon as published and communicated as set forth herein. Please
or check your e-mail.
15. Data Protection Officer
The Data Protection Officer appointed by Geox may be contacted at the e-mail address
16. Your California Privacy Rights
California Civil Code Section 1798.83, known as the “Shine The Light” law, permits our
customers who are California residents to request and obtain from us a list of what personal
data (if any) we disclosed to third parties for direct marketing purposes in the preceding
calendar year and the names and addresses of those third parties. Requests may be made only
once a year and are free of charge. Under Section 1798.83, we currently do not share any
personal information with third parties for their direct marketing purposes.
third-party websites or other online services (behavioral tracking).
Do Not Track (“DNT”) is a concept promoted by certain regulatory authorities and industry
groups for development and implementation of a mechanism that would allow internet users to
control the tracking of their online activities across websites. Currently, various browsers
(including Internet Explorer, Firefox, and Safari) offer a DNT option that allows a user to
set a preference in the browser to not have his/her activities on the internet tracked. You
can usually access your browser's DNT option in your browser's preferences. When a
browser is set to DNT, some cookies and other tracking technologies may become inactive,
depending on how the website visited responds to DNT browser settings. At this time, our
Website responds to most DNT signals, but depending on your browser, it is possible that we
may not respond to all such signals at all times.
This Policy is effective as of June 5, 2019.