PRIVACY POLICY

This Privacy Policy is effective from May 5, 2022. You can view the prior Privacy Policy here.

Last updated: April 5, 2022

1661, Inc. d/b/a GOAT (“GOAT”, “we,” “us,” “our”) provides this Privacy Policy to inform you about our collection, use and disclosure of information when individuals (“you”) visit www.goat.com (the “Site”) and our mobile applications (“Apps”) and any other properties that link to this Privacy Policy (collectively, the “Service”).

As used in this Privacy Policy, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, combining, disclosing and transferring information within our organization or among our affiliates.

Region-Specific Disclosures. We may choose or be required by law to provide different or additional disclosures, relating to the processing of Personal Information (as defined below) about residents of certain countries, regions or states. Please refer below for disclosures that may be applicable to you:

  • For residents of the State of California, please click here for additional California-specific privacy disclosures.

  • For residents of the European Economic Area (“EEA”), Switzerland, and the United Kingdom (“UK”), please click here for additional Europe-specific privacy disclosures.

  • For residents of the State of Nevada, Chapter 603A of the Nevada Revised Statutes permits a Nevada resident to opt out of future sales of certain covered information that a website operator has collected or will collect about the resident. Note we do not currently sell covered information.

INFORMATION COLLECTION

Information We Collect From You or Other Sources. In the course of using the Service, we may ask you for certain information that can be used to contact or identify you, including, but not limited to, your name, email address, phone number and payment card and billing information and any other information you provide when you communicate with us (“Personal Information”). “Personal Information” does not include aggregated or deidentified information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual.

We collect Personal Information in connection with your registration with the Service and use of the Service. If you decide to register, you must provide a username and you can choose what other information you provide as part of your profile. Other users may see your username on the Service.

We collect any information you submit to us through a “Submit A Request” customer support form, such as contact information and any other information you provide in the inquiry submission.

Our Apps may collect information about the precise location of your mobile device if you enable location services and grant permission. We may also use your IP address to derive your device’s general location.

Information We Collect Automatically. When you use the Service, whether as a registered user of GOAT or as a non-registered user (each, a “GOAT User”), our servers automatically record certain technical information from your browser and device, which may include information such as your computer’s IP address, your mobile device identifier, your browser type and version, the webpage you were visiting before you came to the Site, parts of the Service that you use, the time spent on those areas, information you search for on the Site or Apps, access times and dates, and other statistics. We may collect this technical information using “cookies” or similar technologies, such as software development kits, web beacons, pixels or tags. We (or our third-party partners) may use cookies or similar technologies to collect such information for advertising, for monitoring and analysis, to personalize your experience on the Service, and for other purposes. See the “Digital Advertising and Analytics” section of this Privacy Policy to learn more about the use of this information and the choices available to you.

To manage cookies, an individual may change their browser settings to: (i) notify them when they receive a cookie, so the individual can choose whether or not to accept it; (ii) disable existing cookies; or (iii) set their browser to automatically reject cookies. Please note that doing so may negatively impact an individual’s experience accessing the Service, as some features and services on our Site and Apps may not work properly. Depending on an individual’s device and operating system, they may not be able to delete or block all cookies. In addition, if an individual wants to reject cookies across all their browsers and devices, they will need to do so on each browser on each device they actively use. An individual may also set their email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether they have accessed our emails and performed certain functions with it.

We may combine the information we receive from you with information (including Personal Information) we obtain from other sources. We may aggregate your information with information collected from other GOAT Users to provide you with a better experience, to improve the quality and value of the Service, and to analyze and understand how the Service is used.

INFORMATION USE

We may use the information we collect for the following purposes:

  • To provide the Service, complete your transactions, and respond to your inquiries, including to send you emails to confirm your order status and shipment;

  • To communicate with you and contact you with GOAT newsletters, email updates, marketing or promotional materials and other information that may be of interest to you;

  • To maintain, operate, monitor, customize, improve, and analyze use of the Service;

  • To tailor the Site, Apps and the Service to your interests;

  • For internal business purposes, including analytics and marketing purposes;

  • To comply with law and maintain the security of the Service and our business; or

  • As otherwise disclosed at the time of collection or use.

If you decide at any time that you no longer wish to receive marketing communications from us, please click “Unsubscribe” at the bottom of any marketing email you receive from us (no login required).

INFORMATION SHARING

We may share your information with third parties as described in this section.

Profile Information. As noted above, when you create a profile on the Service, other registered users may be able to see the information that you include in your profile. You should exercise care in deciding what information to provide.

Affiliates. We may share information with our affiliates, including Flight Club New York LLC, which will handle the information under their own respective privacy policies. Where required by law, we will give you a choice about this sharing.

Service Providers. We may employ third-party companies and individuals to facilitate the Service, to provide the Service on our behalf, to perform Service-related functions (for example, payment processing services, maintenance services, shipping carriers, database management, marketing, security and fraud purposes, web or advertising analytics, and improvement of the Service’s features) or to assist us in analyzing how the Service is used.

Third-Party Referral Partners. To help provide you with better offers, we may work with third-party referral partners. If you visit the Site by linking directly from a third-party website, we may provide the third party with select information about your individual transaction that you made after being referred. In order to track and credit your transaction the third-party website may give you a unique code, cookie or graphic which will uniquely identify you. The presence of a third-party navigation bar at the top of any page on any website is an indication that the third-party website may have access to information about your activity on such website.

Compliance with Laws and Law Enforcement. We cooperate with government and law enforcement officials and private parties to enforce and comply with applicable laws and regulations. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of GOAT or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, any illegal, harmful, unethical or legally actionable activity.

Business Transfers. We may sell, transfer or otherwise share some or all of our assets, including your information, in connection with a potential or actual merger, acquisition, reorganization or sale of some or all of our assets or in the event of bankruptcy.

With Consent or Notice. We may share your information with your consent or as otherwise disclosed at the time of data collection or sharing.

Aggregated and Deidentified Information. We may share aggregated or deidentified information without limitation. This includes sharing the types of technical information that we collect as described above (including information that identifies a device), to the extent permitted by law.

DIGITAL ADVERTISING AND ANALYTICS

We may partner with ad networks and other ad serving providers (“Advertising Providers”) that serve ads on behalf of us and others on non-affiliated platforms. Some of those ads may be personalized, meaning that they are intended to be relevant to you based on information Advertising Providers collect about your use of the Service and other sites or apps over time, including information about relationships among different browsers and devices. This type of advertising is known as interest-based advertising.

You can visit www.aboutads.info or www.networkadvertising.org/managing/opt_out.asp to learn more about interest-based advertising and how to opt-out of this type of advertising on your browser by companies participating in industry self-regulatory programs.

To learn more about interest-based advertising in mobile apps and to opt out of this type of advertising by companies that participate in the Digital Advertising Alliance’s AppChoices tool, please download the version of AppChoices for your device, available at the links below:

DAA AppChoices iOS

DAA AppChoices Android

DAA AppChoices Amazon

Note that choosing to opt out will not stop advertising from appearing in your browser. It may make the ads you see less relevant to your interests. Advertising Providers may continue to collect data for other purposes, including analytics and other operational purposes.

If you delete your cookies, reset your device advertising identifier, or use a different browser or mobile device, you will need to renew your opt-out choice. You may also be able to limit data collection for advertising purposes using tools available on your device. Additionally, your browser may offer tools to limit the use of cookies or to delete cookies; however, if you use these tools, the Service may not function as intended. We may also work with third parties that collect data about your use of the Service and other sites or apps over time for non-advertising purposes. We use Google Analytics and other third-party services to improve the performance of the Service and for analytics and marketing purposes. For more information about how Google Analytics collects and uses data when you use the Service, visit https://www.google.com/policies/privacy/partners/, and to opt out of Google Analytics, visit https://tools.google.com/dlpage/gaoptout/.

We may display targeted advertising to individuals through social media platforms, such as Facebook and other social media platforms. These companies have interest-based advertising programs that allow us to direct advertisements to users who have shown interest in our Service while those users are on the social media platform, or to groups of other users who share similar traits, such as likely commercial interests and demographics. We may share a unique identifier, such as a user ID or hashed email address, with these platform providers or they may collect information from our Site visitors through a first-party pixel, in order to direct targeted advertising to an individual or to a custom audience on the social media platform. These advertisements are governed by the privacy policies of those social media companies that provide them. If an individual does not want to receive targeted ads on their social media platforms, they may be able to adjust their advertising preferences through their settings on those platforms. An individual may learn more about advertising preferences by clicking on the link provided below. Please note that this link is provided for convenience only and we do not control the content or features that may be available on third-party services.

To learn more about advertising preferences on Facebook, please visit this page.

CHANGING OR DELETING YOUR INFORMATION

If you have registered with the Service, you may review, update, correct or delete the information in your profile through your profile page. If you would like us to delete your record in our system, please contact us at [email protected] with a request that we delete your Personal Information from our database or initiate an account deletion request within the iOS App. We will use commercially reasonable efforts to honor your request. We may retain an archived copy of your records as required by law or for legitimate business purposes.

SECURITY

We use appropriate security measures to protect against the loss, misuse or alteration of your Personal Information. However, it is important to note that no data transmission over the Internet or information storage technology can be guaranteed to be 100% secure. To make sure your Internet browser is using the latest security features, you may want to download the most recent version of it, which should have full SSL (Secure Socket Layer) support.

The Service may contain links to other websites and apps. If you click on a third-party link, you will be directed to that third party’s website or app. The fact that we link to a website or app is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third-party websites or apps. These other websites and apps may place their own cookies or other files on your computer, collect data, or solicit information from you. Other sites follow different rules regarding the use or disclosure of the information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

The Service may also include integrated social media tools or “plug-ins,” such as social networking tools offered by third parties. If you use these tools to share Personal Information or you otherwise interact with these features on the Service, those companies may collect information about you and may use and share such information in accordance with your account settings, including by sharing such information with us and the general public. Your interactions with third-party companies and your use of their features are governed by the privacy policies of the companies that provide those features. We encourage you to carefully read the privacy policies of any accounts you create and use on third-party websites or apps.

OUR POLICY TOWARDS CHILDREN

The Service is not directed to children under the age of 16. We do not knowingly collect Personal Information from children under 16. If a parent or guardian becomes aware that their child has provided us with Personal Information, they should contact us. If we become aware that a child under 16 has provided us with Personal Information, we will delete such information from our files.

UPDATES TO THIS PRIVACY POLICY

We will periodically update this Privacy Policy. When we make changes to this Privacy Policy, we will change the “Last Updated” date at the beginning of this Privacy Policy. If we make material changes to this Privacy Policy, we will notify you by email to your registered email address, by prominently posting on this website or our online Service, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.

CONTACT US

If you have any questions, comments, or concerns about this Privacy Policy, please contact us at [email protected].

Alternatively, inquiries may be addressed to:

GOAT Attn: Privacy Department P.O. Box 91258 Los Angeles, CA 90009-1258

ADDITIONAL CALIFORNIA-SPECIFIC PRIVACY DISCLOSURES

Effective Date: May 5, 2022

This section contains disclosures required by the California Consumer Privacy Act of 2018 (“CCPA”) and applies only to “personal information” that is subject to the CCPA. These California disclosures supplement the information contained in our Privacy Policy and apply solely to individual residents of the State of California (“consumers” or “you”). Unless otherwise expressly stated, all terms in this section have the same meaning as defined in our Privacy Policy or as otherwise defined in the CCPA. Consumers with disabilities may access this notice by contacting [email protected] for an alternative format of this notice.

For purposes of this section, personal information does not include:

  • Publicly available information from government records;

  • Deidentified, aggregated or anonymized information that is maintained in a form that is not capable of being associated with or linked to you;

  • Information excluded from the CCPA's scope, such as:

    • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;

    • Information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or the California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994;

  • Information relating to our job applicants, employees, contractors and other personnel; and

  • Information about employees and other representatives of third-party customers or entities we may interact with.

Personal Information We Collect and Disclose for a Business Purpose. We collect the categories of personal information about California consumers identified below.

  • A. Personal and online identifiers (such as first and last name, email address, or unique online identifiers);

  • B. Categories of information described in Section 1798.80(e) of the California Civil Code (such as phone number);

  • C. Commercial or transactions information (such as records of personal property or products or services purchased, obtained or considered);

  • D. Internet or other electronic network activity information (such as browsing history, search history, interactions with a website, email, application, or advertisement);

  • E. Geolocation information;

  • F. Inferences drawn from the above information about your predicted characteristics and preferences; and

  • G. Sensory information (such as call recordings).

In the past 12 months, we have disclosed all of the categories of California consumers’ personal information described above to third parties for business or commercial purposes, as described in more detail below under “Recipients of California Personal Information.”

Categories of Sources. We collect the personal information described above under “Personal Information We Collect and Disclose for a Business Purpose” in categories A, B, D, E, and F from the following sources:

  • Consumers, including through activity on our Site and Apps;

  • Service providers; and

  • Affiliates not under the GOAT brand.

We collect the personal information described above under “Personal Information We Collect and Disclose for a Business Purpose” in categories C, D, and H from the following source:

  • Consumers, including through activity on our Site and Apps;

Why We Collect, Use, and Share California Information. We use and disclose the personal information we collect for one or more of our commercial and business purposes, as further described below. These commercial and business purposes include, without limitation:

  • Our commercial purposes, which include:

    • Facilitating transactions on GOAT;

    • Fulfilling transactions made on GOAT; and

    • Marketing and advertising for GOAT.

  • Our business purposes as identified in the CCPA, which include:

  • Auditing related to our interactions with you;

  • Legal compliance;

  • Detecting and protecting against security incidents, fraud, and illegal activity;

  • Debugging to identify and repair errors that impair existing intended functionality;

  • For the performance of services on our behalf, such as the provision of customer service, the processing or fulfillment of orders and transactions, the verification of customer information, the processing of payments, the provision of advertising, marketing or analytic services, and the provision of other similar services on our behalf;

  • Internal research for technological improvement;

  • Activities to maintain and improve our services;

  • Short-term, transient uses; and

  • Other operational purposes.

We may also use and disclose the personal information we collect to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.

Recipients of California Personal Information. As described in our Privacy Policy, we share personal information with third parties for business purposes or we may sell your personal information to third parties, subject to your right to opt out of those sales (see the “right to opt out of personal information sales” below).

We disclose the categories of personal information described above to the categories of third parties listed below for business purposes:

  • Service providers;

  • Affiliates not under the GOAT brand; and

  • Government entities.

Your Rights Regarding Personal Information. California residents have certain rights with respect to the personal information collected by businesses. If you are a California resident, you may exercise the following rights regarding your personal information, subject to certain exceptions and limitations:

  • The right to know the categories and/or specific pieces of personal information we collect, use, disclose, and sell about you, the categories of sources from which we collected your personal information, our purposes for collecting or selling your personal information, the categories of your personal information that we have either sold or disclosed for a business purpose, and the categories of third parties with which we have shared personal information.

  • The right to request that we delete the personal information we have collected from you or maintain about you.

  • The right to opt out of the sale of your personal information.

  • The right not to receive discriminatory treatment for the exercise of the privacy rights conferred by the CCPA.

How to Exercise Your California Consumer Rights:

  • To exercise your right to know and/or right to deletion:

    • By Email: Please contact us by email at [email protected] with an explanation of the rights you wish to exercise and submit the required verifying information, as further described below.

    • By Mail: You may also exercise your right to request that we delete the personal information we have collected from you or maintain about you by sending a letter to us by mail that explains you would like to exercise this right and that includes your name and email address associated with your GOAT account. You can send this letter to us at the following address: GOAT, Attn: GOAT Legal - CCPA, P.O. Box 91258, Los Angeles, CA 90009-1258.

  • To exercise your right to opt out of cookies and other tracking technologies: As is common practice among companies that operate online, we permit third party advertising networks, social media companies and other third party businesses to collect and disclose your personal information (including preferences, geolocation, commercial information and Internet, network and device information) directly from your browser or device through cookies or tracking technologies when you visit or interact with our Site, use our Apps or otherwise engage with us. These third parties may use this information for the purposes of serving ads that are more relevant, for ad campaign measurement and analytics, and for fraud detection and reporting and may sell that information to other businesses for advertising, among other purposes. To exercise your right to opt out as it relates to the use of cookies and other tracking technologies for analytics and targeted ads, please click on “Do Not Sell My Personal Information” at the footer of this page. For mobile app users, please go to your Profile > Settings > Do Not Sell My Personal Information.

Verification Process and Required Information. At a minimum, we may ask you for your name, email address, and telephone number. Note that we may need to request additional information from you to verify your identity or process your request, although you will not be required to create an account with us to submit a request or have it fulfilled. We will use the personal information you provide us in connection with your exercise of the above rights only to review and comply with your request. We may retain an archived copy of your records as required by law or for legitimate business purposes.

Authorized Agent. You may designate an authorized agent to make a CCPA request on your behalf by designating such agent in writing or through a power of attorney. Before we accept a CCPA request from an agent, we may require the agent to provide us with proof that you have authorized the agent to make the CCPA request on your behalf, and we may need you to verify your identity directly with us.

Financial Incentives. We may provide financial incentives to consumers who allow us to collect and retain personal information, such as identifiers (e.g., name and email address) and commercial information (e.g., purchase history). These incentives may result in differences in our prices or services offered to consumers and may include a lower price for goods and services (e.g., discounts and other promotions). For example, the financial incentives we may provide include discounts or promo codes for certain existing customers.

The material aspects of any financial incentive will be explained and described in its program terms or in the details of the incentive offer.

Please note that participating in any financial incentive program is entirely optional and participants may withdraw from the program at any time. To opt out of the program and forgo any ongoing incentives, please follow the instructions in the program’s terms and conditions or contact us using the contact information referenced in the Privacy Policy.

Each financial incentive or price or service difference related to the collection and use of personal information is based upon our reasonable, good faith determination of the estimated value of such information to our business, taking into consideration the value of the offer itself and the anticipated revenue generation that may be realized by rewarding brand loyalty and/or repeat purchases.

ADDITIONAL PRIVACY DISCLOSURES FOR EU USERS

Effective Date: May 5, 2022

This section contains disclosures on how we collect, store, process, transfer, share, or use data that identifies or is associated with residents of the European Economic Area (“EEA”), Switzerland, and the United Kingdom (“UK”) ("personal data") and information regarding our use of cookies and similar technologies (collectively, “EU Disclosures”). These EU Disclosures supplement the information contained in our Privacy Policy and apply solely to residents of the EEA, Switzerland, and the UK (“you”). Please ensure that you have read and understood these EU Disclosures before accessing or using the Service. Unless otherwise expressly stated, all terms in this section have the same meaning as defined in our Privacy Policy or as otherwise defined in the General Data Protection Regulation (“GDPR”).

GOAT is the controller of the personal data we hold about you in connection with your use of the Service. This means that we determine and are responsible for how your personal data is used.

Personal Data We Collect From You When You Use the Service and How We Use It. We collect personal data as set out in the “Information Collection” and “Information Use” sections of our Privacy Policy. We will indicate to you where the provision of certain personal data is mandatory. If you choose not to provide such personal data, we may not be able to provide those parts of the Service to you or respond to your other requests.

The table at Annex 1 sets out in detail the categories of personal data we collect about you and how we use that information when you use the Service, as well as the legal bases which we rely on to process the personal data, and recipients of that personal data.

Information We Collect Automatically. We also automatically collect personal data indirectly about how you access and use the Service, and information about the device you use to access the Service, or otherwise engage with us. Please see the “Information We Collect Automatically” section of our Privacy Policy for more information about what data we collect and how we use it.

  • The table at Annex 2 sets out in detail the categories of personal data we collect about you automatically and how we use that information. The table also lists the legal bases which we rely on to process the personal data and recipients of that personal data. For more information on cookies and other tracking technologies we use, please see the “Cookies and Similar Technologies Used on Our Site” section below.
  • We may link or combine the personal data you provide and the information we collect automatically. This allows us to provide you with a personalised experience regardless of how you interact with us.
  • We may anonymise and aggregate any of the personal data we collect (so that it does not directly identify you) and may use the anonymised and aggregated information or disclose it as set out in our Privacy Policy.

How Long We Store Your Personal Data. We will usually store the personal data we collect about you for no longer than necessary for the purposes set out in Annexes 1 and 2, including for the purposes of our legitimate business interests and satisfying any legal or reporting requirements, and in accordance with our legal obligations and legitimate business interests.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and the applicable legal requirements.

Recipients of Personal Data. We may share your personal data with the recipients as set out in the “Information Sharing” section of our Privacy Policy (as required in accordance with the purposes set out in Annexes 1 and 2 below).

Marketing and Advertising. From time to time, we may contact you with information about our products and services, including sending you marketing messages and asking for your feedback on our products and services.

  • For some marketing messages, we may use personal data we collect about you to help us determine the most relevant marketing information to share with you.

  • We will only send you marketing messages if you have given us your consent to do so. You can withdraw your consent at a later date by clicking on the unsubscribe link at the bottom of our marketing emails.

Storing and Transferring Your Personal Data.

  • Security. We implement appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, change or damage. We will never send you unsolicited emails or contact you by phone requesting your account ID, password, credit or debit card information or national identification numbers.

  • International Transfers of Your Personal Data. The personal data we collect may be transferred to and stored in countries outside of the jurisdiction you are in where we and our third-party service providers have operations, including in the United States. If you are accessing our Site from the EEA, your personal data will be processed outside of the EEA.

    • In the event of such a transfer, we ensure that: (i) the personal data is transferred to countries recognised as offering an equivalent level of protection; or (ii) the transfer is made pursuant to appropriate safeguards, such as standard data protection clauses adopted by the European Commission.

    • We are aware of the July 16, 2020 decision from the European Union Court of Justice which invalidated the EU-U.S. Privacy Shield. Nonetheless, we will continue to abide by the Privacy Shield Principles with respect to the protection of personal data. GOAT is closely monitoring developments and guidance from both European and U.S. regulatory authorities and will update these EU Disclosures as needed.

    • If you wish to enquire further about these safeguards used, please contact us using the details set forth in the Privacy Policy.

Your Rights in Respect of Your Personal Data. In accordance with applicable privacy law, you have the following rights in respect of your personal data that we hold:

  • Right of access. You have the right to obtain:

    • confirmation of whether, and where, we are processing your personal data;

    • information about the categories of personal data we are processing, the purposes for which we process your personal data and information as to how we determine applicable retention periods;

    • information about the categories of recipients with whom we may share your personal data; and

    • a copy of the personal data we hold about you.

  • Right of portability. You have the right, in certain circumstances, to receive a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.

  • Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal data we hold about you without undue delay.

  • Right to erasure. You have the right, in some circumstances, to require us to erase your personal data without undue delay if the continued processing of that personal data is not justified.

  • Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal data if the continued processing of the personal data in this way is not justified, such as where the accuracy of the personal data is contested by you.

  • Right to withdraw consent. If you have provided consent for the processing of your personal data, you have the right to withdraw your consent. If you withdraw your consent, this will not affect the lawfulness of our use of your personal data before your withdrawal.

You also have the right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. There may be compelling reasons for continuing to process your personal data, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.

You also have the right to lodge a complaint to your local data protection authority. Information about how to contact your local data protection authority is available here.

If you wish to exercise one of these rights, please contact us using the contact details set forth in the Privacy Policy.

Due to the confidential nature of data processing, we may ask you to provide proof of identity when exercising the above rights. This can be done by providing a scanned copy of a valid identity document or a signed photocopy of a valid identity document.

Cookies and Similar Technologies Used on Our Site. Our Site uses cookies and similar technologies such as pixels and Local Storage Objects (LSOs) like HTML5 (together “cookies”) to distinguish you from other users of our Service. This helps us to provide you with a good experience when you browse our Site and allows us to monitor and analyse how you use and interact with our Site so that we can continue to improve our Service. It also helps us and our advertising partners to determine products and services that may be of interest to you, in order to serve you personalised advertisements.

We use the following types of cookies:

  • (a) Strictly necessary cookies. These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas of our Site or make use of electronic payment services.

  • (b) Analytical/performance cookies. These cookies allow us to recognise and count the number of visitors and to see how visitors move around our Site when they are using it. This helps us to improve the way our Site works, for example, by ensuring that users are finding what they are looking for easily.

  • (c) Functional cookies. These cookies are used to recognise you when you return to our Site or to provide certain functionalities within the Site. This enables us to personalise our content for you and remember your preferences (for example, your choice of currency or region).

  • (d) Advertising cookies. These cookies may record your visit to our Site, the pages you have visited and the links you have followed. We may use this information to make our Site and the marketing messages we send to you more relevant to your interests. We may also share this information with third parties who provide a service to us for this purpose.

  • (e) Third party cookies. Please be aware that advertisers and other third parties may use their own cookies tags when you visit the Site. These third parties are responsible for setting out their own cookie and privacy policies.

Please see the Cookie Library by clicking on “Cookie Settings” at the footer of this page for more information about the cookies we use on the Site. For mobile app users, please see the SDK (Software Development Kit) Library by going to your Profile > Settings > Privacy Settings in the Apps for more information about the technologies we use on the Apps. Please see our Privacy Policy for more information about cookies and other similar technologies.

ANNEX 1 – PERSONAL DATA YOU PROVIDE TO US

Contact information, such as your first name, last name, email address and phone number.

  • How we may use your contact information and the legal bases for processing:

    • We may use this information to set up and authenticate your account on the Service. The processing is necessary for the performance of a contract with you and to take steps prior to entering into a contract with you, namely our Terms of Use.

    • We may use this information to communicate with you, including sending Service-related communications. The processing is necessary for the performance of a contract with you, namely our Terms of Use.

    • We may use this information to deal with enquiries and complaints made by or about you relating to the Service. The processing is necessary for our legitimate interests, namely administering the Service, and for communicating with you effectively to respond to your queries or complaints.

    • We may use this information to send you unsolicited marketing communications in accordance with your preferences. We will only use your personal data in this way to the extent you have given us consent to do so.

  • Recipients of this information: We may share this information with payment processors in order to identify you so that you can make and receive payments through the Service. We may also share your personal data with our email marketing providers and customer support platforms.

Profile and log-in information. This is information you choose to put in your profile such as username, phone number, Onfeet photos, mailing address and shoe size.

  • How we may use your profile and log-in information and the legal bases for processing:

    • We use this information to allow you to populate your profile with relevant information. The processing is necessary for the performance of a contract and to take steps prior to entering into a contract, namely our Terms of Use.

    • We use this information to provide to you the features and functionality of the Service. The processing is necessary for the performance of a contract and to take steps prior to entering into a contract, namely our Terms of Use.

  • Recipients of this information: We may share this information with third parties that help us prevent fraud on our platform and shipping carriers or logistics providers that facilitate the delivery of an item purchased on our platform.

Payment and transaction information, such as your credit/debit card, payment authentication code, billing address, and other information such as date and time of your transaction.

  • How we may use your payment and transaction information and the legal bases for processing:

    • We may use this information to process the payments you make or receive through the Service. The processing is necessary for the performance of a contract, namely our Terms of Use.

    • We may use this information to verify your identity in connection with the detection and prevention of fraud or financial crime. The processing is necessary for our and third parties’ legitimate interests, namely the detection and prevention of fraud and financial crime.

  • Recipients of this information: You will be sharing this information with payment processors through the Service so that you can make and receive payments through the Service.

Information about your activity on the Service, such as any offers for products you have made, any products on your 'want list', and information about any products you have purchased, listed for sale or sold.

  • How we may use information about your activity on the Service and the legal basis for processing:

    • We use this information to provide to you certain features and functionalities of the Service. The processing is necessary for the performance of a contract and to take steps prior to entering into a contract, namely our Terms of Use.
  • Recipients of this information: We may share this information with our cloud storage provider and other third-party service providers.

Chat, comments and opinions. When you contact us directly, e.g., by email or phone we may record your comments and opinions.

  • How we may use information about any direct contact from you and the legal bases for processing:

    • We may use this information to address your questions, issues and concerns. The processing is necessary for our legitimate interests, namely communicating with you and responding to queries, complaints and concerns.

    • We may use this information to improve the Service. The processing is necessary for our legitimate interests (i.e., to develop and improve our service).

  • Recipients of this information: We may share any information you provide to us when you contact us with our customer support platforms, in order to process any customer support queries you might submit to us.

Your preferences, such as preferences set for notifications, marketing communications, how the Service is displayed and the active functionalities on the Service.

  • How we may use information about your preferences and the legal bases for processing:

    • We use this information to provide notifications, send news, alerts and marketing communications and provide the Service in accordance with your choices. The processing is necessary for our legitimate interest, namely ensuring the user receives appropriate and relevant marketing and other communications in accordance with the user's preferences.

    • We use this information to ensure that we comply with our legal obligation to send only those marketing communications to which you have consented. The processing is necessary for compliance with a legal obligation to which we are subject.

  • Recipients of this information: We may share this information with our email marketing providers in order to send out relevant communications as well as vendors that support our compliance efforts.

All personal data set out above.

  • How we may use all personal data set out above and the legal basis for processing:

    • We may use all the personal data we collect to operate, maintain and provide to you the features and functionality of the Service, to communicate with you, to monitor and improve the Service and business, and to help us develop new products and services. The processing is necessary for our legitimate interests, namely, to administer and improve the Service.

ANNEX 2 – PERSONAL DATA COLLECTED AUTOMATICALLY

Approximate location information. Other than information you choose to provide to us, we do not collect information about your precise location unless you enable location services and grant permission. Your device’s IP address may however help us determine an approximate location.

  • How we may use your approximate location information and the legal bases for processing:

    • We may use information you provide to us about your location to monitor and detect fraud or suspicious activity in relation to your account. The processing is necessary for our legitimate interests, namely to protect our business and your account from fraud and other illegal activities.

    • We may use this information to tailor how the Service is displayed to you (such as the language in which it is provided to you). The processing is necessary for our legitimate interest, namely tailoring our Service so that it is more relevant to our users.

Information about how you access and use the Service. We may collect information about how you access and use the Service. For example, how frequently you access the Service, the time you access the Service and how long you use it for, the approximate location that you access the Service from, the site from which you came and the site to which you are going when you leave our Site, the pages you visit, the links you click, whether you open emails or click the links contained in emails, whether you access the Service from multiple devices, and other actions you take on the Service.

  • How we may use information about how you access and use the Service and the legal bases for processing:

    • We may use information about how you use and connect to the Service to present the Service to you on your device. The processing is necessary for our legitimate interests, namely to tailor the Service to the user.

    • We may use this information to determine products and services that may be of interest to you for marketing purposes. The processing is necessary for our legitimate interests, namely to inform our direct marketing efforts.

    • We may use this information to monitor and improve the Service, resolve issues and to inform the development of new products and services. The processing is necessary for our legitimate interests, namely to monitor and resolve issues with the Service and to improve the Service generally.

Log files and information about your device. We may collect information about the tablet, smartphone or other electronic device you use to connect to the Service. This information can include details about the type of device, unique device identifying numbers, operating systems, browsers and applications connected to the Service through the device, your mobile network, your IP address and your device’s telephone number (if applicable).

  • How we may use log files and information about your device and the legal bases for processing:

    • We may use information about how you use and connect to the Service to present the Service to you on your device. The processing is necessary for our legitimate interests, namely, to tailor the Service to the user.

    • We may use this information to monitor and improve the Service, resolve issues and to inform the development of new products and services. The processing is necessary for our legitimate interests, namely, to monitor and resolve issues with the Service and to improve the Service generally.

Recipients of personal data set forth above. We may share this information with the following parties: affiliates and service providers, including payment processors, customer support platforms, email marketing providers, cloud storage providers and analytics providers, and third party social networks.