- Personal Information we collect in our stores, our websites, through our call-centers or through our repair centers, and the purposes for which we use it.
- Personal Information we collect in order to handle your job application.
- Personal Information we transfer to third parties.
- Rights you have and how you can execute such rights.
“Personal Information” is information that can be used either directly or indirectly to identify you. Examples of Personal Information include your name, your email address and the items you purchased.
We and our service providers process personal data related to you in order to provide you with the full range of services and features we offer. This includes data necessary to set up a customer account and data required to receive products and services.
We may use your data for marketing purposes to provide you with personalized offers about our products and services, unless you opt-out.
We and our service providers access your data in order to provide services to you as described in this Privacy Notice.
If you are a resident of the EU or the European Economic Area (EEA) you have the right to access, correct, and delete your information, withdraw your consent, object to, or restrict the processing.
Data we use will be primarily stored in the United States with us and our cloud service providers, if necessary, either in accordance with the EU-, and the Swiss-U.S. Privacy Shield Framework or subject to other appropriate safeguards.
1. What personal data do we use, for which purposes and on which legal basis?
In order to provide you with our services and the full range of features, we and our service providers use your data (including your name, email address and IP address) for the following purposes:
- When you create an online customer account, to manage your account, to provide access to your shopping cart, to display purchased, reserved and registered products, or to present other products presumably of interest to you, to verify your identity if you forgot your password and to process your product reviews.
- When you choose to provide us further information, such as date of birth, address, personal settings, a wish list and your gender, to enable us to personalize both your profile and our recommendations for you.
- When you order goods online, in this case we additionally need your address, telephone number and payment information, to process your purchase, send you confirmation or back-in-stock notification and scan transactions for fraudulent activity.
- When you order goods to be picked-up in one of our stores, we need contact details such as name and email address of a pick up person other than you.
- When you purchase a product in a Fossil retail store and request an e-receipt, to process your request.
- When you participate in loyalty programs, recommend our products to others, redeem a gift card, or when we offer you discounts and bonuses etc. we use this information in addition to purchase-related information to determine whether you are eligible for additional discounts and special offers.
- When you share a product or wish list via our homepage to a friend or when you provide us with the contact details of a friend we will use it only to process your request.
- When you share any pictures/materials with us for publication on social media for such publication.
- When you enter a sweepstake, contest/competition, or promotion sponsored by us to administer the sweepstakes, contest/competition or promotion.
- When you return or exchange a product or when you send us your product for warranty or repair service, to process the request and any communication in connection with this.
- When you contact us to answer your requests, provide customer support and handle your inquiry.
In principle (unless we have a legal or other legitimate reason to maintain it), we delete information related to you
- upon your request,
- after expiry of the relevant legal retention period,
- once we do not have any business purpose for retaining the data anymore.
In addition to those just described, we want to explain certain of our processing activities to you in more detail:
1.1 Recruiting process
We process your data in order to handle your job application if you apply for a job with us. For the application process we collect the information included in your CV/resume and cover letter, such as contact details, academic background, job history, skills and competencies, salary details, the IP address from the device you are applying from etc. Your data will not be kept for longer than it is necessary for the application process, employment or as required by applicable law.
1.2 Video surveillance
We process your data gained from video surveillance in some of our stores and campuses for security, loss and fraud prevention. We share this data in the cases described in section 3. The duration of the data storage depends on the governing national law unless storage is otherwise permitted (see section 4).
1.3 Credit check in Germany and Austria
For our customers in Germany and Austria we offer the possibility to order on account. For this purpose CRIF Bürgel GmbH, Leopoldstraße 244, 80807 Munich, Germany ("credit agency") runs a credit check for us, based on your name, date and place of birth, (previous) address, information about previous payment problems, references about fraudulent behavior, information from public registers or bulletins. Using mathematical-statistical procedures, the credit agency determines how likely it is that our customer will pay our bill. On the sole basis of an automated decision (without manual checking), only a positive result will make available the option "order on account".
1.4 Interest based advertising
We may contact you for direct marketing purposes via email, mail, or other electronic communication methods (e.g. social media) unless you have opted-out from receiving direct marketing messages. For certain types of direct marketing methods (e.g. text messaging), we will obtain your explicit consent prior to sending you direct marketing messages. To select which marketing information may be of interest to you and to personalize ads and offers we
- use publicly available information (e.g. from your social media profiles),
- analyze your account information and how you use our services including our website, ads on third party websites and our newsletter,
- use information of your redemption of a gift card, participation in a sweepstake, contest, competition, or survey,
- use information collected by our service providers or partners (e.g. Google).
- use information collected when you request an e-receipt in our stores or fill out an onboarding form.
By subscribing to our email marketing, you will be the first to hear about our latest products, promotions and sales. As part of our newsletter program we will collect your email address and location data and evaluate your usage of the newsletter in order to be able to provide you with personalized information. If you no longer wish to receive our emails you can unsubscribe at any time using email@example.com or by clicking the unsubscribe link in the footer of any of the emails.
1.6 Cross-device targeting
In order to save your preferences, analyze your usage of our websites, provide interest-based advertising to you and deliver tailored ads across multiple devices, we try to link the different devices you are using to you. Technically, we are storing cookies on all the devices you are using and match those cookies within our internal database.
1.7 Log files, Cookies and similar technologies
Every time you visit our website, our system stores data related to your browser, its version, the operating system of your computer, your IP address, date, length and time of your visit, the website you accessed before and the one you visit following links on our website. We use this information for our legitimate security interest and we delete log files without undue delay.
1.8 Your reviews and shared content
When you post a product or seller review or upload an image or other material to our website, or when you share content with us on third party websites, such as social networks, we publish and use this information on our and third party websites. We do not control and do not assume responsibility for the use of information by such third party websites.
Please also note that you must own the intellectual property rights in the content you upload to our website and share with us and must not violate the rights of others (e.g. intellectual property or data protection rights). In uploading, you grant us, and our respective service providers, a royalty-free, unrestricted, non-exclusive, perpetual, irrevocable, sub-licensable, transferable and worldwide license to use, edit, copy, adapt, translate, publish, display, make available, communicate and distribute the content partially or in whole, and to incorporate it in other works for any purposes such as advertising, marketing and promotions and in any form, media or technology known today or later developed.
1.9 Legal Basis (EU)
Please find below the legal basis for every processing activity as required in the EU. As far as this processing is necessary for the performance of the contract with you it is based on Art. 6 (1) b of the EU General Data Protection Regulation (GDPR). This applies to the recruiting process and all general activities, described under 1., unless expressly set forth otherwise in the following:
On Art. 6 (1) f GDPR (legitimate interests) we base the processing of
- voluntarily provided information to offer a functionally appealing and user-friendly services website,
- data gained from video surveillance to improve our service and for security, loss and fraud prevention,
- data related to a credit check to offer different ways for payment,
- log files for security reasons,
- your data for promotional emails we sent you for products similar to your prior purchases to provide you with information presumably of interest for you.
For any other direct marketing purposes (e.g. further emails, newsletters, text messages) we will ask for your consent (Art. 6 (1) a GDPR). In addition, GDPR allows the processing required by law (e.g. to answer your inquiries via the means provided without undue delay).
2. Where do we get Personal Information from?
Most of the personal data we process we received from you or your actions, be it because you entered the data during the registration process, placed an order, applied for a job vacancy or because we track your usage of our website or newsletter etc. However, we also may receive information about you from other sources, such as, Fossil Group companies, and, if publicly available, from third party websites. In some cases we receive Personal Information about you from our service providers and partners, e.g. from Facebook, Google etc.
3. When do we share Personal Information?
We will share your Personal Information in the following cases:
3.1 Legal obligation and internal purposes
We disclose your Personal Information
- in order to comply with relevant laws, regulatory requirements and to respond to lawful requests, court orders, and legal processes, including requests to meet national security or law enforcement requirements,
- in order to protect and defend the rights or property of us or third parties,
- in an emergency, in order to protect the safety of our employees or any person.
3.2 Joint processing within Fossil Group
Your information will be combined with other Personal Information that Fossil Group companies have obtained about you (e.g. wearable data, goods you have purchased on a company website or from a store, repair transactions). We will also make your data available to Fossil Group companies if you apply for a job with us (for information about Fossil Group companies click here www.fossilgroup.com. We base this joint processing on an intra group agreement, allocating the responsibilities of the respective group entities. According to this agreement, each Fossil Group company will be responsible for the data processing related to its own business operations and will remain responsible for the personal data jointly processed with others. For you as our customer this means that the Fossil entity you are in touch with is responsible for processing your data and answering your requests. If you are not sure about the entity responsible in your case please contact firstname.lastname@example.org.
3.3 Links to Third-Party Websites and Services
On some pages we allow you to share Personal Information with third parties, such as social networks like Facebook. In these instances you are agreeing to the data being shared and the shared data being subject to the privacy policies of the third party. We do not control and do not assume any responsibility for the use of Personal Information by such third parties. For more information about the third party’s purpose and scope of their use of Personal Information in connection with sharing features, please visit the privacy policies of such third parties.
3.4 Third party advertising
We use third-party service providers to display advertisements across the internet. These advertising service providers may collect information about your visits to our website and your interaction with our products and services, as well as your visits to other websites. Such information does not include your name, address, email address but may contain browser-related information.
3.5 Public Disclosure
Any Personal Information that you include in the text of a product review may be made public in the product review section of our product pages. We may also share the information contained in your wish list with your friends and family as instructed by you or make it public on our Website in case you enable this function. Wish lists made public can be found by searching for your name or email address on our websites.
3.6 Sharing with third parties
We involve other companies for the provision of services, who are allowed to use Personal Information only on our behalf and must not use it for their own purposes, unless permitted by law.
As follows a list of categories of recipients together with the respective purposes:
- to enable the functionality of our online application portals (e.g. IBM);
- to provide customer care services (e.g. Zendesk);
- providing hosting and general IT services (e.g. Amazon Web Services and Google);
- using data cleansing techniques in order to ensure your data, such as your address, is correct (e.g. Acxiom Corporation);
- providing credit checks (see section 1.3);
- for social media services (e.g. Facebook or Google);
- providing payment services (e.g. PayPal, et Cie, S.C.A, First Data Merchant Services, Paymetric, CyberSource, Google, Apple);
- for transport and logistics services (e.g. DHL, FedEx);
- for direct marketing campaigns (e.g. Oracle, Google, Facebook);
- to administer sweepstakes, contests and competitions.
We may transfer your Personal Information to a third party in the event of a transfer of all or some of our assets to a third party. If your information is subject to the Privacy Shield (for more information on Privacy Shield please refer to Section 6 below) we will provide you with an opportunity to reject the transfer of your Personal Information in such cases.
4. For how long do we use Personal Information?
We will retain your Personal Information as long as necessary to provide you with functionality and services as described above under section 1, as long as reasonably necessary to further our legitimate interests or as long as we are required by law. Examples include the defense against, or the establishment of legal claims and legal obligations (e.g. tax law, or the principle of accountability, which requires us to demonstrate that our processing complies with applicable data protection laws). In order to verify whether you opted out or in to marketing activities, for example, we store your respective choice (e.g. via a cookie or a declaration).
5. What are your rights?
5.1 Your additional rights provided by EU law
By contacting us as set forth in section 12 below in the EU you may exercise your right to request (i) access to, (ii) correction of, (iii) deletion of, and (iv) restriction of Personal Information we hold about you. You also have the right to (v) data portability (to receive data you provided in a machine readable format) and, where applicable, (vi) withdrawal of your consent, (vii) opt-out from receiving marketing notifications, and (viii) object to the processing we base on our legitimate interests. Additionally, you have the right to right to (ix) lodge a complaint with the responsible data protection authority.
6. Data Storage in the U.S., Privacy Shield
Personal Information we collect will be primarily stored in the United States with Fossil Group member companies and our cloud service providers in accordance with the EU-, and Swiss-U.S. Privacy Shield Framework. To the extent permitted by applicable law (including EU law) we also use and transfer Personal Information in and to other countries and territories. Your information may thus be subject to U.S. and foreign laws and accessible to U.S. and foreign governments, courts, law enforcement and regulatory agencies.
In order to provide an adequate level of protection, we comply with the EU-U.S.- and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce. We have certified that we adhere to the Privacy Shield Principles. As a consequence, we are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. If there is a conflict between this Privacy Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program please visit https://www.privacyshield.gov/welcome. To view Fossil Group’s certification on the Privacy Shield list, please visit www.privacyshield.gov/list. Fossil Group subsidiaries, including Fossil Partners, LP, and Misfit, Inc. also adhere to the Privacy Shield Principles.
If your information is subject to the Privacy Shield, and you do not believe we have adequately addressed your privacy concerns, you can address your concerns free of charge to an independent recourse mechanism listed below:
In cases where the issue cannot be resolved by us or by the EU Data Protection Authorities you may invoke binding arbitration as further described in the Privacy Shield.
7. International Transfer (EU)
We cooperate with service providers located outside the EU or the EEA (see examples in the list in section 3.6), most of which are Privacy Shield certified. Where this is not the case we make sure we process your Personal Information based on contracts with standard contractual clauses, approved by the European Commission, unless we transfer your Personal Information to a country that was officially recognized by the EU as having adequate protection for processing of Personal Information or pursuant to another exception allowing the transfer as permitted by applicable law.
8. Age Requirements and Children’s Online Privacy Protection Act (“COPPA”)
We do not knowingly collect, maintain or use Personal Information about children under 16. Persons under the age of 16 may not use our Website without supervision from a responsible adult. We will never request Personal Information from a child under 16 without verifiable parental consent. If we become aware that a child under 16 has sent Personal Information without prior parental consent, we will remove his or her Personal Information from our records.
9. Access to and your rights regarding your Personal Information
This website gives you the ability to view and change the Personal Information you provided to us within the My Account section of the website. You may access information we hold about you, request a correction where data is incorrect or a deletion of your data, unless we have to keep your data for legal reasons. We encourage you to address any concerns you may have regarding our use of your Personal Information by using the contact details provided below.
10. What happens if we Change this Privacy Notice?
This Privacy Notice is effective as of August 13, 2019 and may be updated from time to time. We will notify you of material changes by posting a prominent notice on our website or by sending you an email. If your Personal Information is subject to the Privacy Shield, and if we decide to use your information for a purpose that is materially different from the purposes for which it was originally collected or subsequently authorized by you, we will notify you and provide you with the opportunity to opt-out of our use of your information for that purpose.
11. Links to and from other websites
Whenever we provide links to other websites on our website, this is in the interest of our users and should be understood as a courtesy. Pages to which we link and pages that link to our websites are not under our control. In such cases we are neither responsible for the content of these pages nor for compliance with the applicable data protection regulations of those providers. We recommend that you carefully read the privacy statements of these third parties to learn how your Personal Information is stored, used or shared.
12. Who are we and how can you contact us?
Please address any questions, concerns, inquiries, complaints, or requests regarding our practices concerning Personal Information to Fossil at:
Telephone number: +1 (800) 449-3056
Attention: Chief Compliance & Risk Officer
901 S. Central Expressway
Richardson, TX 75080, USA
You can also get in touch with our data protection team and the responsible data protection officer we designated in every case required by law per email using email@example.com.
Our EU representative is FESCO GmbH, Natzing 2, 83125 Eggstätt, Germany. You can either contact our EU representative sending an email to firstname.lastname@example.org or calling +49-89-7484 6815.
This website is provided by Fossil UK Ltd, Featherstone House, Featherstone Road, Wolverton Mill, Milton Keynes, MK12 5TH , United Kingdom, T.: +44 (0) 2038685986, email: email@example.com.