Privacy Policy for goop.com and mobile applications

About Us

We are Goop Inc. Limited, a company registered in England with registered number 07733571 whose registered office is at Sargeant House, 15 Alcester Road, Studley, Warwickshire, England, B80 7AN (and we refer to ourselves as “we”, “us” or “our” in this document). We own and operate this “Website” (meaning the www.goop.com website) and any “App” (meaning applications that we provide for mobile devices, including, without limitation, Apple iOS and Android) on our own behalf.

About this Privacy Policy

In this Privacy Policy, references to “you” means any person submitting any data to us, to the Website or through an App about himself or herself or about any other living individual in respect of any use of the Website or any products available through the Website (each being a “Product”) or use of an App.

When you use different aspects of the Website or an App, we may ask you to supply us with various information about you or anyone whom you represent. This Privacy Policy sets out the way in which we may use such information.

We are committed to protecting and respecting your privacy. This Privacy Policy (together with our "Website Terms of Use", "Terms & Conditions", the relevant "App Terms of Use" and any other documents referred to in them) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Contacting us

Questions, comments, requests or suggestions regarding this Privacy Policy are welcomed and should be addressed to customerservices@goop.com.

Your Privacy

Your privacy is very important to us. We shall therefore only use your name and other information which relates to you in the manner set out in this Privacy Policy.

We will only use your personal data in a way that is fair to you. We will only collect information where it is necessary for us to do so and we will only collect information if it is relevant to our dealings with you. We will only keep your information for as long as we are either required to by law or as is relevant for the purposes for which it was collected.

Data that we collect

We may collect and process your personal data for reasons set out in the “Why we collect your personal data” section of this Privacy Policy below. We may obtain the following information about you:

1. your title, name, date of birth, address, email address, telephone numbers, username, password and such other contact details as we require. This includes:

a. information provided at the time that you subscribe to any newsletter or email or any other marketing or promotional communications that we make available from time to time;

b. information that you provide at the time of registering for an account to purchase Products via or through the Website. We may also store information relating to any Products that you purchase; and

c. any information (including your location, your handset type, your UDID (unique handset code), your e-mail address and your mobile phone number) you or your mobile device provides to us at the time that you download or install an App and each time you use an App to add value to your use of the App; and

2. payment information provided by you, for example, on placing an order for a Product available on the Website. This may include the last four digits of the credit or debit card with which you make your payment. However, the payment provider that we use will obtain all of your payment information in relation to an order that you place on the Website.

Why we collect your personal data

We use the information collected for the purpose of sending you emails to which you may subscribe and emails with or about other information about us as well as to properly make available to you the Website, Products and sales promotions, fulfilling any order for a Product that you make through or via the Website, to allow you to access any information or services that we may provide through an App, in case we have any queries and for our record keeping. We may also use that data to prove payment for a Product that you order through or via the Website and deliver that Product to you. We also use that data to inform you when a Product is about to be delivered.

We may pass your name and address on to a third party in order to make delivery of a Product that you order through or via the Website to you (for example, to our courier or supplier).

We may also use your data in order to manage the Website and an App, collect payment from you, detect fraud or Website or App abuses and send you information relevant to an App, the Website or the Products. We also need your email address and other contact details, in particular, for sending you information relating to the Website and an App and the services we offer. This includes (without limitation) the following:

1. To allow you to go ahead and register for an account on the Website, which allows you to purchase Products. This may include sending an email to you to confirm your details, to give you initial information about the service we offer, and to enable you to commence ordering Products.

2. To respond to you over any queries you raise with us.

3. To give you a link to enable you to have a password resent to you if you tell us or the Website that you have forgotten it.

4. To record and track details of transactions you carry out through or via the Website and of the fulfilment of your orders.

5. To collect details of your visits to the Website and use of an App including, but not limited to, traffic data, location data, web blogs and other communication data, whether this is required for our own purposes or otherwise and the resources that you access.

6. To provide you with information, products or services that you request from us or which we feel may interest you.

7. To allow us and our suppliers to use your data, to provide you with information about goods and services which may be of interest to you.

We also need to use your contact details and other information for any aspect of the Website and an App (including, but without limitation, providing customer support, preventing or investigating prohibited activity, enforcing the "Terms and Conditions", the "Website Terms of Use" and the relevant "App Terms of Use", and verifying information).

You acknowledge that we have no obligations to monitor your access to or use of the Website or an App, but that we have the right to do so for the purposes set out in this Privacy Policy.

Your obligations as to your data

You must only submit to us, the Website or an App, information which is accurate and not misleading and you must keep it up-to-date and inform us of changes. You may do that through the “My Account” part of the Website or by email to customerservices@goop.com. By submitting data in respect of you and anyone else, you must ensure that you have full authority and consent to supply us with that data on their behalf and you warrant to us that you have that authority.

Third Parties and Links

We will disclose your personal data (including details of your credit or debit card or bank account) to our suppliers should you wish to make an order for a product or service made available by that supplier.

We may pass your details to our agents, subcontractors, licensors and licensees to help us with any of our uses of your data set out in our Privacy Policy. For example, we may use third parties to assist us with delivering products to you, to enable us to collect payments from you, to analyse data and to provide us with marketing or customer service assistance.

We may exchange information with third parties for the purposes of fraud protection and credit risk reduction.

We may transfer your data to other companies in our group.

We may transfer our databases containing your personal information if we sell, or discuss the sale of, our business or part of it to an actual or potential purchaser.

We may also disclose your details as described elsewhere in this Privacy Policy.

Other than as set out in this Privacy Policy, we shall NOT sell or disclose your personal data to third parties without obtaining your prior consent unless this is necessary for the purposes set out in this Privacy Policy or unless we are required to do so by law.

IP addresses and cookies

The Website and Apps use cookies. When you login to your account on the Website, we place cookies which store details relating to your session on the Website, details relating to your Facebook account if you have accessed the Website through Facebook, and details of whether you logged in to your account by inserting your details or whether your details were saved for easy login.

Cookies are tiny text files which identify your computer to our server as a unique user when you visit certain pages on the Website and an App and they are stored by your Internet browser on your computer's or mobile device’s hard drive. Cookies can be used to recognise your Internet Protocol address, saving you time while you are on, or want to enter, the Website or an App. We only use cookies for your convenience in using the Website and an App and not for obtaining or using any other information about you (for example targeted advertising). Your browser can be set to not accept cookies, but this would restrict your use of the Website and an App. Please accept our assurance that our use of cookies does not contain any personal or private details and are free from viruses. If you want to find out more information about cookies, go to http://www.allaboutcookies.org or to find out about removing them from your browser, go to http://www.allaboutcookies.org/manage-cookies/.

The Website and an App may, from time to time, contain links to and from the websites or mobile applications of suppliers, partner networks, advertisers and affiliates. Please note that those websites and mobile applications may also use cookies and that we do not accept any responsibility or liability for their use of cookies. Please check those websites and mobile applications and their privacy policies before using them.

List of Cookies We Collect

The table below lists the cookies we collect and what information they store.

eCommerce cookies
  Name			COOKIE Description
  CART			The association with your shopping cart.
  CATEGORY_INFO		Stores the category info on the page, that allows to display pages more quickly.
  COMPARE		The items that you have in the Compare Products list.
  CURRENCY		Your preferred currency
  CUSTOMER		An encrypted version of your customer id with the store.
  CUSTOMER_AUTH		An indicator if you are currently logged into the store.
  CUSTOMER_INFO		An encrypted version of the customer group you belong to.
  CUSTOMER_SEGMENT_IDS	Stores the Customer Segment ID
  EXTERNAL_NO_CACHE	A flag, which indicates whether caching is disabled or not.
  FRONTEND		You sesssion ID on the server.
  GUEST-VIEW		Allows guests to edit their orders.
  LAST_CATEGORY		The last category you visited.
  LAST_PRODUCT		The most recent product you have viewed.
  NEWMESSAGE		Indicates whether a new message has been received.
  NO_CACHE		Indicates whether it is allowed to use cache.
  PERSISTENT_SHOPPING_CART	A link to information about your cart and viewing history if you have asked the site.
  POLL			The ID of any polls you have recently voted in.
  POLLN			Information on what polls you have voted on.
  RECENTLYCOMPARED	The items that you have recently compared.
  STF			Information on products you have emailed to friends.
  STORE			The store view or language you have selected.
  USER_ALLOWED_SAVE_COOKIE	Indicates whether a customer allowed to use cookies.
  VIEWED_PRODUCT_IDS	The products that you have recently viewed.
  WISHLIST		An encrypted list of products added to your Wishlist.
  WISHLIST_CNT		The number of items in your Wishlist.
  heartBeat		Checks if session is still active.
  noMoreModal		Disable the signup modal window if it has already been displayed
 

Cookies Set By Google Analytics Google Analytics sets the following cookies as described in the table below

  
   Name		Description	        
  __utma	This cookie is typically written to the browser upon the first visit to your site from that web browser. If the cookie has been deleted by the browser operator, and the browser subsequently visits your site, a new __utma cookie is written with a different unique ID. This cookie is used to determine unique visitors to your site and it is updated with each page view. Additionally, this cookie is provided with a unique ID that Google Analytics uses to ensure both the validity and accessibility of the cookie as an extra security measure.	       
  __utmb	This cookie is used to establish and continue a user session with your site. When a user views a page on your site, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on your site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals. This cookie expires when a user pauses on a page on your site for longer than 30 minutes. You can modify the default length of a user session with the _setSessionCookieTimeout() method.
  __utmc	Historically, this cookie operated in conjunction with the __utmb cookie to determine whether or not to establish a new session for the user. For backwards compatibility purposes with sites still using the urchin.js tracking code, this cookie will continue to be written and will expire when the user exits the browser. However, if you are debugging your site tracking and you use the ga.js tracking code, you should not interpret the existence of this cookie in relation to a new or expired session.	       
  __utmz	This cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation within your own site. The cookie is updated with each page view to your site.	   
  __utmv	This cookie is not normally present in a default configuration of the tracking code. The __utmv cookie passes the information provided via the _setVar() method, which you use to create a custom user segment. This string is then passed to the Analytics servers in the GIF request URL via the utmcc parameter. This cookie is only written if you have added the _setVar() method for the tracking code on your website page.	    
   

Where we store your personal data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers, partners, advertisers and affiliates. Such staff maybe engaged in, among other things, the fulfilment of any order for a Product that you make via or through the Website, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy but, in any event, the person or entity storing or processing your data will be part of the EEA or part of the United States “Safe Harbor” framework.

We have in place appropriate technical and security measures to prevent unauthorised or unlawful access to or accidental loss of or destruction or damage to your information.

We store your personal details on a secure server. We use industry standard security and firewalls on our servers. When we collect payment card details electronically, we use encryption by using a third party payment provider which will use encryption software. Whilst we are unable to guarantee 100% security, this makes it hard for a hacker to decrypt your details.

We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.

You are responsible for protecting against unauthorised access to your password and to your computer.

Security

Any payment transactions will be encrypted in the payment information you provide to us to pass on to a third party to make an order for a product or service; the encryption will be completed by the third party payment provider who we use from time to time which will use encryption software. Where we have given you (or where you have chosen) a password which enables you to access an App or certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will take reasonable steps to protect your personal data, we cannot guarantee the security of your data transmitted over the Internet; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your Rights

You have the right to ask us not to process your personal data, to provide information to you (whether by email or otherwise) or marketing information about the Products, the Website or Apps. You can email us on customerservices@goop.com to make these changes, or follow the “unsubscribe” link in any marketing communication that we send to you by email. You can also make changes to your privacy settings at the “My Account” part of the Website. We will change what you receive within a reasonable time. However, changing your privacy settings may inhibit your ability to use the Website or receive any information or email that we offer or use an App, so we do not recommend that you do this.

The Website and an App may, from time to time, contain links to and from the websites or mobile applications of suppliers, partner networks, advertisers and affiliates. If you follow a link to any of those websites or mobile applications, please note that those websites and mobile applications have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those privacy policies before you submit any personal data to those websites or mobile applications. Changes to this Privacy Policy We may amend this Privacy Policy from time to time. Any amended Privacy Policy will be posted on the Website. The amended Privacy Policy will apply immediately for new users and 30 days (or such other timeframe as we say when posting) after first posting for all existing users. Each time you enter the Website, order a Product or download, install, access or use an App, you agree that the Privacy Policy current at that time shall apply to all information which we hold about you.

Consent

By submitting data to us, using the Website or downloading, installing, accessing or using an App, you consent to our use of your data and of anyone you represent (including, but not limited to, data relating to your then current location) in the manner set out in this Privacy Policy (as amended from time to time, as described above) and you are responsible for ensuring that you have authority to consent on behalf of anyone about whom you submit data to us.

You also consent to us (or third party advertisers working through the Website or an App) placing cookies on your hard drive or mobile device. You can turn these off if you want, through the settings on your browser. See the “IP addresses and cookies” section above. Please note that we will not place cookies on your hard drive by which you can be personally identified; if we do, we will ask for more, further, specific consent from you.

Version This Privacy Policy was most recently updated on 25 March 2013.