Geox S.p.A. hereby wishes to inform visitors to the “www.geox.com” website (hereinafter the “Website”) of its policy with respect to collecting, using and sharing of personal data of Website users, emphasising its commitment and attention to protecting the privacy of Website visitors. Please read our Privacy Policy carefully, as it applies when you access, view or use the Website, even when you simply navigate it without purchasing any products.

Please also read the Terms and Conditions of Use of the Website, into which this Privacy Policy is incorporated by this reference, and which, together (and also including any additional documents referenced in, or incorporated into the Terms and Conditions), form the agreement between you and Geox S.p.A. with respect to your use and access to our Website.

Navigation within the Website is free and does not require registration, with the exception of certain areas in which you may freely and expressly provide a set of personal data to access certain services (e.g. to register for My Geox, sign up for email updates or request information, etc.). Data provided by you to access these additional services shall be in accordance with EU Regulation 679/2016 General Data Protection Regulation (the “Regulation”) and in accordance with the provisions of this policy. “Personal data” as used herein means any information relating to an identified or identifiable natural person, such as, but not limited to, your name, email address, phone number, or mailing address.

 

Applicability

This policy applies to information we collect:
• • On the Website.
• • In email, text, and other electronic messages between you and the Website.
• • When you use our “contact us” or similar feature on the Website, when you call our telephone number listed on the Website, or when send emails to the e-mail address listed on our Website.
• • In our brick and mortar stores.
• • Through any other means associated with or relating to the Website.
This policy does not apply to information collected by:
• •us through any other means, including on any other website operated by Geox S.p.A. or any third party (including our affiliates and subsidiaries); or
• •any third party, including through any application or content (including advertising) that may link to or be accessible from or on the Website.

 

The Children’s Online Privacy Protection Act Disclosure (Pertaining to Children Under the Age of 13)

In accordance with the requirements of The Children’s Online Privacy Protection Act of 1998, we do not knowingly collect personal data from children under the age of thirteen (13). If you are under thirteen (13), do not use or provide any information on this Website or on or through any of its features or register on the Website, make any purchases through the Website or contact us, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under thirteen (13) years of age without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under the age of thirteen (13), please contact us at privacy@geox.com..

 

Information We Collect About You and How We Collect It

We may collect several types of information from and about users of our Website, including information:
• • that is personal data;
• • that is about you but individually does not identify or permit us to identify you, such as the type of browser you use; and
• • about your internet connection and service provider, the equipment you use to access our Website, your browsing history, and other usage and technical details.
We collect this information:
• • Directly from you when you provide it to us;
• • Automatically as you navigate through the Website. Information collected automatically may include usage details, IP addresses, and information collected through cookies and other tracking technologies; or
• • From third parties, for example, our business partners.

Information Provided According to the Regulation (as defined herein).

 

1. Data Controllers

Geox S.p.A., with registered office at Via Feltrina Centro 16, 31044 Biadene di Montebelluna, Treviso (Italy), VAT no. IT03348440268, is deemed pursuant to the Regulation to be a data controller, because it makes decisions as to what personal data about you it requires or needs to collect or process, and how to use and share that data (hereinafter “Data Controller”)
and
S & A Distribution, Inc. with registered office at 1410 Broadway, Suite 1400, New York NY 10018, Federal Tax ID no. 58-2485366, is also a controller with respect to your personal data related to sales of our products to you, invoicing, delivery and after-sales services.

When we refer to “Geox” or “us”, “our” and similar variants in this policy, we are referring to both Geox S.p.A. and S & A Distribution, Inc., collectively.

 

2. Types of Personal Data Processed

Registration is not required in order to simply view or access the Website. However, there are sections of the Website that do require registration or the use of a username and password to access certain information (e.g., to log in to the My Geox reserved area or to complete the online purchasing process as a guest). There are also services on our Website for which you need to provide your personal details (e.g. your personal data will be requested if you sign up to receive our email updates or when you contact us, etc.).

Personal data obtained by Geox through the use of the Website will be processed by Geox in accordance with this policy.

The personal data we request on the Website such as your first and last name, telephone number, and e-mail address, may be marked as “mandatory” [e.g., indicated with a (*)] as they are necessary to access the services of the Website you wish to use (e.g., if you place an order). Failure to provide this data marked as “mandatory” will result in our inability to provide you the requested service (e.g., if you fail to give us your email address, we cannot send you our email updates; if you fail to provide your mailing address, we cannot send you any products you may wish to order). Failure to provide data marked as “optional” will not have any consequences.

 

3. Purposes

We may collect non-personal data (data which does not by itself identify you specifically, and which cannot be used when combined with other data for the purpose of identifying you specifically) about your computing devices, network, internet service or other technical data pertaining to your equipment, internet service provider, and your use of the Website, without limitation, and process, use or share this data for any purpose without notice to you, or consent from you.

Personal data about you is collected, processed, used, and sometimes shared with third parties as described in this policy, for the following purposes which are related to your use of the Website and our services (e.g., when you purchase our products):

A) Guest Purchase:

Data provided by completing the purchase process on the Website are necessary to:

1. complete the sale of the products you purchased (which allows us to perform our obligations pursuant to our contract with you relating to such sale);
2. fulfil tax and accounting obligations relating to your purchase (e.g., to report taxes you paid on the purchase to the applicable taxing authority and disburse those tax funds to them);
3. handle any after-sales services (e.g. customer service functions, such as if you need to make a return or tell us about a concern with a product you purchased);
4. to comply with our legal obligations.

Our collection, processing and use of this type of personal data does not require your specific consent pursuant to the Regulation.

B) Sign Up Email Registration:

If you sign up to receive our email updates, you will be required to provide us with your email address.
This personal data will be processed on the basis of your consent (when you sign up to receive our email updates).

C) “My Geox” Registration:

Your personal data and any data relating to your purchases will be collected, processed and used to:

1. create and maintain your My Geox personal account so that you may access special members-only services and benefits on the Website (e.g., making purchasing faster with “fast checkout”, checking your purchase history, etc.). Your personal data in this case will be processed on the basis of your consent (when you provide it by opening your personal account), pursuant to Article 6(1)(a) of the Regulation. Without this personal data Geox will not be able to provide you access to your personal account, or associated services.


2. Marketing Purposes:
   
   If you have provided your consent for us to do so, we may send you e-mails updating you about our products, our services, including by sending you advertising and promotional materials, which may include personalised information obtained through profiling (if you have agreed in advance to receive such communications from us).


3. Purpose of Analysis of Your Preferences:
   
   If you have consented, we will collect your personal data for the purpose of profiling (a marketing tool we use to understand our customers, which includes analysing your online activities, so that we may understand your interests, and your purchasing preferences, among other things). This activity allows us to improve our offerings and our Website, and to personalize our offers to you.
   
   We will process this personal data based on your consent only. You can always freely withdraw your consent by updating your preferences on the Website. You may also refuse to provide your consent to these activities initially, but can still create your My Geox account.

D) Contact Us:

We will collect your personal data when you provide it to us through the “contact us” or similar available feature (e.g. live chat) on our Website, or if you contact us via e-mail or at the telephone number listed on our Website. Please note that, if you use our live chat feature, your data will be processed for providing you with the requested assistance and customer care purposes.

Collection, processing and use of this type of data is necessary for us to respond to your query or request for information, as well as for allowing us to better improve our products and services. Your consent is not required for this type of processing pursuant to the Regulation.

 

4. Security

We may process your personal data in both electronic and paper form.

Geox will use commercially reasonable efforts in an attempt to ensure that your personal data entrusted to us as described in this policy will be processed lawfully.

We will use commercially reasonable efforts to ensure that your personal data collected from the Website is transmitted from the Website to our servers through an https connection, in an attempt to prevent interception by unauthorized third parties.

We implement security measures designed to ensure the security of the Website.

 

5. Profiling

If you give us your consent to your personal data for marketing and profiling purposes, we may analyse your information (e.g. your purchases, Website usage data – including pages visited, products you put into your shopping cart on our Website, etc.) and put that information together with your personal data in order to understand your tastes and preferences, so that we can improve our services and also send you personalized offers.

Please note that all of our data analytics concerning your preferences may not be solely automated, but may be carried out and assessed by our representatives.

 

6. Data retention

We may retain, share, process and use non personal data in perpetuity for any purpose.

Any personal data provided to us on or through the Website or when contacting us at the email address or telephone number provided on the Website shall be processed for the length of time specified below:

Guest Purchase	Your personal data will be processed for as long as it is necessary to manage and complete your purchases, and thereafter as required for us to comply with our tax, accounting and legal obligations; subsequently the data will be deleted or rendered anonymous.
Sign Up Email Registration	Your personal data will be processed for the entire time that you subscribe to the email updates service or, in any event, until your consent is withdrawn (which you may do at any time); thereafter, the data will be deleted or rendered anonymous.
“My Geox” Registration	Your personal data will be processed for as long as your My Geox registration is valid and on the basis of your consents, without prejudice to your ability to withdraw your consent at any time. If you provide your consent for us to process your personal data for marketing and profiling purposes, we will process your sales-related data: (i) for 12 months in order to analyse your preferences; (ii) for 24 months to send you materials and communications based on results of profiling.
Contact Us	Your personal data will be processed for the time it takes to properly handle your request and to allow us to better understand our customers and improve our services; then your personal data will be anonymized (once anonymized, it will no longer be considered personal information).

With regard to the retention times for data collected through the use of tracking technologies (e.g. cookies), please see our Cookie Policy.

 

7. Links to other websites

If you access such other websites by using a link provided on our Website, please be aware that this policy does not apply to collection, processing, transfer or use of your information on such sites. Please review the privacy policy on those third party sites to understand the third party’s privacy policies. We do not control and are not responsible for any data collection, usage, sharing or processing activities of such third parties.

Also, some content or applications, including advertisements, on the Website may be served by third-parties, including advertisers, ad networks and servers, content providers, and application providers. These third parties may use cookies alone or in conjunction with other tracking technologies to collect information about you when you use our Website. The information they collect may be associated with your personal data or they may collect information, including personal data, about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

 

8. Profiling and/or targeting tools

The Website uses “cookies”, which may be technical (i.e. to facilitate navigation and use of the Website) and/or profiling (i.e. to analyse users and their behaviours and preferences, and provide them with targeted advertising).

For a detailed explanation of cookies used by this Website and how to deactivate them, please read our Cookie Policy.

 

9. Data processors

In addition to Geox, the data processing connected with the services provided by or through the Website may be carried out by: (i) authorised data processing personnel appointed by Geox; (ii) companies providing services related to the management, maintenance and development of the Website; (iii) companies entrusted to manage the sales, payment and delivery functions for the products; (iv) companies responsible for the preparation, handling and sending of email updates, advertising and promotional materials; (v) companies that analyse your purchases (e.g., the type of products and when you purchased them) and the use of our Website (e.g., your browsing on our Website, your interest in our advertising etc.); (vi) companies responsible for the handling of “Customer Service”; (vii) our affiliates and those who operate our and their respective retail stores.

A complete list of external data processors appointed by Geox can be obtained by contacting privacy@geox.com. Geox will endeavour to provide this list within a reasonable time from your verifiable request.

 

10. Data transfer outside European Union

To enable us to properly manage our Website, your personal data will be held in the European Union, or transferred to countries outside the European Union. When doing so, Geox will use reasonable efforts in an attempt to ensure that such transfer occurs in compliance with the guarantees, safeguards and rights provided in the Regulation.

The Regulation provides that your specific consent is not required for the transfer of your personal data to third countries when: (i) such transfer is performed in accordance with Article 45 of the Regulation) (i.e., if data are transferred to a country to which the EU Commission has granted the designation of “adequate”, meaning they are considered to provide an adequate level of protection with respect to personal data); or (ii) as permitted pursuant to Articles 46 and 47 of the Regulation (e.g., to companies part of the “Privacy Shield” framework between the US and the EU). You can find more information on the Privacy Shield here: https://www.privacyshield.gov/welcome. Geox endeavours to comply with these provisions of the Regulation.

Upon request and given a reasonable amount of time for us to respond, you may write to privacy@geox.com to request information on the existence of an adequacy decision or on the safeguards adopted to allow your data to be transferred.

 

11. Rights of data subjects

By e-mail to be sent to privacy@geox.com, you may at any time exercise the rights set out in Articles 15 to 22 of the Regulation, which permit you to request:

• - confirmation as to whether personal data concerning you is being processed;
• - access to your personal data and the information indicated in Article 15 of the Regulation;
• - rectification of inaccurate personal data concerning you or completion of incomplete personal data;
• - erasure of personal data concerning you;
• - restriction of processing of personal data concerning you;
• - notification regarding rectification, erasure or restriction of processing of personal data concerning you;
• - the right to receive the personal data concerning you in a structured, commonly used and machine-readable format; or
• - the right to object at any time, on grounds relating to your particular situation, to processing of personal data concerning you.
You can also:
• - object to the processing of your personal data, particularly for marketing purposes or the analysis of your purchasing habits or preferences;
• - withdraw your consent to any activity that requires us to have it.

All such requests will be processed in accordance with the Regulation.

Please be aware that the making of any of the requests set forth herein does not guarantee that we will comply with your request, if there is a reason for us not to do so in accordance with the Regulation.

 

12. Where to lodge a complaint

If you believe that the processing of your personal data violates the provisions of the Regulation, you may make a complaint to the Italian Data Protection Authority (www.garanteprivacy.it), or to the Data Protection Authority of the country in which you reside, if applicable, or, finally, of the place where you believe the violation occurred.

 

13. Applicable law

This Privacy Policy is governed by EU Regulation 679/2016 and Italian law.

 

14. Revision clause

Geox reserves the right to revise, amend or simply update this Privacy Policy, in whole or in part, at its sole discretion, in any manner and/or at any time. If it does so, it will endeavour to (i) e-mail users registered on the Website to notify them of the change, or (ii) publish on the homepage of the Website a notice of such a change. The revised Privacy Policy will be binding as soon as published and communicated as set forth herein. Please access this section regularly for publication of the most recent and updated Privacy Policy or check your e-mail.

 

15. Data Protection Officer

The Data Protection Officer appointed by Geox may be contacted at the e-mail address dpo@geox com.

 

16. Your California Privacy Rights

California Civil Code Section 1798.83, known as the “Shine The Light” law, permits our customers who are California residents to request and obtain from us a list of what personal data (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, we currently do not share any personal information with third parties for their direct marketing purposes.

Note that, as stated above and in our Cookie Policy, we may use cookies and other tracking technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking).

Do Not Track (“DNT”) is a concept promoted by certain regulatory authorities and industry groups for development and implementation of a mechanism that would allow internet users to control the tracking of their online activities across websites. Currently, various browsers (including Internet Explorer, Firefox, and Safari) offer a DNT option that allows a user to set a preference in the browser to not have his/her activities on the internet tracked. You can usually access your browser's DNT option in your browser's preferences. When a user’s browser is set to DNT, some cookies and other tracking technologies may become inactive, depending on how the website visited responds to DNT browser settings. At this time, our Website responds to most DNT signals, but depending on your browser, it is possible that we may not respond to all such signals at all times.

This Policy is effective as of June 5, 2019.

 

The website www.geox.com (the "Website") uses "Cookies": that is, text files which are sent from a web server (i.e. the computer which “hosts” the website visited) to the user’s browser (Internet Explorer, Mozilla Firefox, Google, etc.) and which are stored on the user’s computing device, whether fixed or mobile (e.g., your computer or smart phone).

The cookies enable the Website to identify the user’s device, through the information stored therein, whenever said user accesses to the Website through that device.

Through the use of cookies, we can make it easier for the user to navigate the Website. We can also analyse the user’s preferences and tastes through browsing verification, which consequently allows us to promote the products and services that are more consistent with the user's interests and expectations.

Cookies can be “session cookies” (when they are stored solely for the length of the browsing session on the website and deleted when the browser is closed), or “persistent cookies” (when they are stored for a longer period, until they expire or are cancelled/deactivated by the user).

Although information collected through cookies, when used in conjunction with additional information, may sometimes allow identification of a particular individual, Geox cannot, through the use of cookies alone, collect the type of personally identifiable information that directly identifies you (e.g. first name, last name).

 

1. What types of cookies are used by the Website

Technical Cookies

These are cookies used to facilitate navigation of the Website, and to provide the service offered or requested by the Website user. These cookies may be temporary, also known as “session cookies” (as described above), which will be deleted from your device after you log off of the Website, or not temporary (so called “persistent cookies”) which are not deleted from your device after you exit the Website.

Through the use of these cookies, we are able to facilitate the user’s browsing within the Website, for example by recalling the data the user has provided when completing forms on the Website (so-called “user-input cookies”, which are persistent cookies); to recognise the user after he/she has logged out and then comes back to the Website (so-called “authentication cookies” which are also persistent cookies); to customize the interface of the Website based on the preferences indicated by the user, and to collect aggregate data about Website usage generally, such as pertaining to the number of Website visitors and the most visited pages (so-called “analytics cookies”, which are used with mechanisms to partially obscure IP addresses, and which are also persistent cookies).

We will not seek your prior consent before using technical cookies.

Profiling Cookies

These cookies are designed to create user profiles, for example, in order to send advertising to the user, consistent with the user’s preferences. Except as provided in paragraph 3 below, such cookies are sent from the Website to the user’s computer while browsing and are stored after the end of the browsing session, until they expire or the user cancels/deactivates them (i.e., they are persistent cookies).

If you browse the Website after you see our cookies banner or if you close the cookies banner, or click on any portion of the Website, then you consent to our use of these types of cookies.

If you choose to delete the cookies or deactivate them through your browser settings, when you return, the Website will request your consent again.

No other user profiling tools are used on this Website (e.g. spyware), however, if the user registers with the Website and provides his/her specific consent to the monitoring of his/her browsing activities during such registration (or at any time thereafter), data relating to the user’s navigation on the Website may be associated with his/her personal data.

 

2. Information on cookies sent by www.geox.com

With regard to cookies used on the Website, please note the following information:

1) The domain name from which the Website’s server transmits cookies is: www.geox.com

2) Purpose of the data collection: Cookies are used for the purposes of: (i) allowing easier and faster navigation within the Website or carrying out analyses/statistical and anonymous checks on the use of the site (technical cookies); (ii) improving the browsing experience by analysing user preferences (e.g., pages visited, products selected, etc.) and suggesting the best products and promotions based on Website navigation (profiling cookies).

3) Duration of cookies: Cookies we use on our Website may be session or persistent cookies. The persistent cookies will remain on your device for varying amounts of time, depending on their use and purpose. In any event, you can delete and/or deactivate all cookies through your browser settings and in accordance with the instructions provided specifically by your browser.

4)Data communication: Except for third party cookies, as discussed below, we endeavour to treat information collected through cookies as confidential and such information is not intentionally disclosed to third parties.

 

3. Third-Party Cookies

The Website uses the so-called "third-party cookies" (e.g. Google Analytics and social network cookies), that is, cookies that are sent and managed by parties other than Geox.

We have indicated below: (i) the type and the identifier of these third party cookies; and (ii) the purposes of these third party cookies. For more information, about such cookies, please review directly the cookie and privacy policies of these third parties.

 

4. Deactivation/deletion of cookies via web browser

You may deactivate or delete cookies at any time by using your web browser settings. Please double check the requirements for use of your particular browser to confirm how this is done. Also, if you use some browsers, you may be able to set your browser settings in such a way that you are aware of a cookie each time it is sent, and you can decide whether or not to accept it; you can also automatically reject all cookies by selecting the appropriate option in your browser settings.

For more information about the processing of your data through the Website, please visit the Privacy section.

 

Art. 13 of Regulation (EU) 2016/679 - General Data Protection Regulation

The filling in of the questionnaire under the “Feedback” section does not imply the collection of any personal details. Your data will be collected only if you provide it voluntarily during the survey. If you decide to provide your data, it will be processed and stored pursuant to the Privacy Disclosure below, which we invite you to read.
Moreover, we inform you that, if you are registered with the Single Digital Profile (only for selected countries) or with My Geox, the answers you provide by filling in the questionnaire will be associated with your profile and processed on the basis of the consents you gave upon registration and pursuant to the Single Digital Profile or My Geox disclosure.

 

Who processes your personal details

Geox S.p.A., with registered office in Biadene di Montebelluna (TV), Italy, Via Feltrina Centro n. 16, Tax No., VAT Reg. No. and Treviso Business Registry Reg. No. IT03348440268, in its status of Data Controller, collects and processes your personal details pursuant to Regulation (EU) 2016/679 - General Data Protection Regulation (hereinafter “the Regulation”).

 

Why we process your data

The data you provide to us voluntarily through the questionnaire in the “Feedback” section will enable us to improve the services and products offered to our clientele.
The data will be processed on the basis of the agreement stipulated with you (if you have purchased our products or used our services) or our legitimate interest in improving our services and products.

 

Which data we request

There is no obligation to provide personal details when filling in the questionnaire, and the answers to our satisfaction survey are optional.

 

How your personal details are processed

Your personal details will be processed mainly using electronic equipment to improve our products and services.
The data will be processed in accordance with the applicable regulations and, nonetheless, in a way that guarantees its security and confidentiality and prevents its unauthorised use or disclosure, alteration or destruction.
If you are registered with the Single Digital Profile (only for selected countries) or with My Geox, your data will be processed pursuant to the privacy disclosure supplied to you upon registration and in conformity to the consents you gave. For further information on the Single Digital Profile or on My Geox, please read the relevant disclosure.

 

How long we keep your data

Your data will be processed for the time necessary to understand the degree of satisfaction of our customers and will subsequently be stored so that we can improve our services; your data will then be erased or stored in anonymous or aggregate form. You can request further information by writing to privacy@geox.com.

 

Who processes your personal details

Your data will not be diffused and may come to be known by the Geox staff authorised to process it and, in their role of data processors, by i) the company entrusted with managing our “customer service”; (ii) our providers of services used to manage the website; (iii) companies that organise and manage market surveys. The names of the data processors can be requested by writing to privacy@geox.com.

 

Transferral of your data to countries outside the European Union

Your personal details (if provided) may be transferred to countries outside of the European Union but subject to adequacy decisions approved by the European Commission (e.g. United Kingdom, Canada, Argentina, Israel, etc.) or to third countries (e.g. United States) on the basis of the adoption of contractual clauses approved by the European Commission. You can receive further information by writing to privacy@geox.com.

 

What rights you are entitled to

By writing to privacy@geox.com, you may exercise your rights as stated in Arts. 15 to 22 of the Regulation, including the right to:

• - obtain confirmation as to whether or not personal data concerning you is being processed;

• - access your personal data (e.g. by requesting which data is processed, for what purposes and with what means);

• - obtain the rectification of inaccurate personal data or the integration of incomplete personal data;

• - obtain the erasure of your personal data (where the relevant grounds apply);

• - obtain the restriction of the processing of your personal data (where the relevant grounds apply);

• - receive your personal data in a structured and common format that can be read on automatic devices (where the relevant grounds apply).

Moreover, depending on the cases, you can object to processing of your personal data, in particular, for aims relating to the analysis of your purchasing habits or preferences, or for marketing purposes, and also withdraw your consents given.

 

Who you can contact to submit a claim

Should you feel that the data processing concerning you breaches the provisions of the Regulation, you can submit a claim to the Italian Data Protection Authority (www.garanteprivacy.it) or, if different, to the data protection authority of the country where you live or work or where you believe the breach occurred.

 

How you can contact the Data Controller

The Data Controller can be contacted at the e-mail address dpo@geox.com.