SHEIN X PRIVACY POLICY
Effective Date: September 27, 2022
Introduction and Overview
This Privacy Policy ( “Policy” ) explains how Roadget Business Pte. Ltd. which does business as “SHEIN X”, collects, uses, shares, and process your personal data when you access this website ,( the “Site,”) or use any of our services, including our communication platforms, and any other related services we own (collectively the “Services”). The Policy also describes your rights regarding your personal data and explains how you can contact us to learn more about our data practices or to exercise your rights.
The company operating the Site and providing the Services is Roadget Business Pte. Ltd., 12 Marina Boulevard, #15-01, Marina Bay Financial Centre, Singapore 018982. Therefore, Roadget Business Pte. Ltd. is the controller of your personal data, and is responsible for processing and protecting your personal data. In this Policy, the terms “SHEIN X”, “Company”, “we”, “us”, or “our” refer to Roadget Business Pte. Ltd.
Please read our Terms and Conditions and this Policy before accessing or using our Services. If you cannot agree with this Policy or the Terms and Conditions, please do not access our Site or use our Services.
Policy Modification: SHEIN X may change this Policy from time to time, to reflect how we process your data, and if we make changes, we will revise the effective date or last modified date at the top of this Policy. If we make changes that materially affect your privacy rights, we will attempt to provide advanced notice (including via real- or near real-time disclosures) or otherwise via the Site, or by some other means of contact so that you have a reasonable opportunity to review the changes before you continue to use the Site or the Services.
If you do not agree with the modified Policy, please stop using the Site, or the Services.
CONTENTS
Click on the links below to go to a specific section of this Policy.
1. How We Collect and Use Your Personal Data
Your trust in our data practices is a key part of our business, and we’re providing this Policy to transparently explain our data practices to you. We collect personal data when you use our Services or visit our Site.
In this Policy, we use the term “personal data” as defined in the EU General Data Protection Regulation or "GDPR." As such, we define personal data as any information that alone or in combination with other information can identify you as a person. For purposes of this Policy, personal data is used interchangeably used with the term “personal information” as defined in the California Consumer Privacy Act or “CCPA.”
Purpose | The Personal Data We Collect | Legal Basis for Processing |
---|
To create an account with us and to manage your account, to provide you our Services; | · Contact information, including email address and password, to register with our Site, or other Services. | Necessary for the performance of a contract or to take steps at your request prior to entering into a contract |
To fulfill or process orders; | · Identity and contact information such as name, phone number, as well as financial information or payment account information, for sales tax determinations, and payment operations; · Transaction details, such as order history for basic functions. | Necessary for the performance of a contract or to take steps at your request prior to entering into a contract |
· Location data at an IP address-based level, to tailor your experience in terms of displaying the appropriate local website, language, or user experience. | Our legitimate interest is to better understand you, to maintain and improve the accuracy of the information we store about you, and to better promote or optimize our Services |
To provide customer service and support, or to provide you with service-related communications; | · Your communication history with us via various channels, such as email, phone, social media, mail, and instant chat to respond to your requests, as well as to keep you updated about your account and the Services. | Our legitimate interest is to better understand you, to maintain and improve the accuracy of the information we store about you, and to better promote or optimize our Services |
To undertake marketing, advertising, or other promotional activities; | · Contact information, such as phone number and email address, for telemarketing and email marketing purposes; · Non-directly identifiable device identifiers, operating system information, and cookie information, to direct and measure the effectiveness of the advertising we offer; · Data about how you engage with our Site and other Services ,( such as browsing behavior, use of the DX platform, submission of production requests, placing an order, and returns), for market research, statistical analysis, and the display of personalized advertising based on your activity on our site and inferred interests; · Contact and identity information, such as name, email address, and phone number, when you voluntarily elect to participate in a competition, market survey, event, or other marketing campaigns organized by us via the Site, or the Services; · To share your personal data with third-party advertisers. | Consent |
To improve our product or service, or for personalization; | · Collect your device information, and usage data on our Site for system performance analysis, troubleshooting, debugging, security monitoring, and system maintenance, as well as setting default options for you, such as language and currency; · To share your personal data within and across our corporate organization for our business needs and personalization; · The display of information you choose to post on public areas of the Services, for example displaying your profile in the public area. | Our legitimate interest is to better understand you, to maintain and improve the accuracy of the information we store about you, and to better promote or optimize our Services |
To prevent and investigate fraud, security incidents, and other illegal activities; | · Information automatically collected through the Site or Services, such as browser type, device information, operating system, and account setting information for fraud prevention, securing monitoring, and detection and credit risk reduction; · Log-in data for information security risk control and fraud reporting | Our legitimate interest is to better understand you, to maintain and improve the accuracy of the information we store about you, and to better promote or optimize our Services |
To comply with legal or compliance requirements; | · Transaction history and certain personal data about your identity may be collected if needed to verify identity and eligibility, handle and resolve questions, legal disputes, for regulatory investigations purposes, information security, and to comply with lawful requests from competent law enforcement agencies or courts in compliance with applicable law. | Compliance with legal obligations or your vital interests |
Other Purposes. | · We may use your information for any other purpose disclosed to you prior to you first providing us your personal data or which is reasonably necessary to provide the Services or other related products and/or services requested, with your permission or upon your direction. | Consent |
2. Sharing Your Personal Data
We may disclose and share your personal data with the parties as described below.
● A. Within Our Corporate Organization. The Company is a member of a group of companies collectively referred to as the “SHEIN Group.” We may share your personal data with other members of the SHEIN Group, in order to fulfill our legitimate interests for business maintenance, delivery of the Services, the sale of goods, personalization, and business continuity purposes.
● B. Service Providers. We may share your personal data with the following types of third-party service providers as set out:
Supplier/Service Provider/Processor | Services Offered |
---|
IT system and software service provider | Website hosting services (including cloud storage), mobile app or software optimization services, customer relationship management software, email service providers, or system maintenance services. |
Payment service provider | Third-party payment processing services. |
Third-party payment processing services. | Assistance in reaching potential new customers across multiple communications channels, or sharing with affiliated companies that promote our products on their websites. |
Fraud prevention and information security service provider | Identity verification, fraud prevention, or credit risk reduction services to protect our website and our business. |
We strive to select and work with third-party service providers that share our commitment to privacy, data protection, and user trust. The third parties we work with are only allowed to use your personal data for contractually defined purposes that are consistent with this Policy, and then only to the extent necessary to achieve those purposes. We also insist that any third-party processing Personal Data on our behalf has provided sufficient and reasonable security commitments.
● C. To Maintain Legal and Regulatory Compliance. SHEIN X has the right to disclose your personal data for compliance with legal obligations, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, regulatory investigation, or any other legal process served on us. We also may disclose your information where we reasonably believe that the disclosure is necessary to enforce our agreements or policies, or if we believe that disclosure will help us protect the rights, property, or safety of SHEIN X or our customers.
● D. Consent. SHEIN X may disclose your personal data for any purpose with your valid documented consent.
● E. Corporate Transactions. SHEIN X may disclose personal data—including account information, Wallet balance or points information—to a buyer, prospective buyer, corporate affiliate, or other successor based on our legitimate interests in the event of a merger, divestiture, restructuring, reorganization, dissolution, or sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding in which personal data held by us about our Services users is among the assets transferred. You acknowledge and agree to our assignment or transfer of rights to your personal data.
Please note that we may disclose, without restriction, aggregated or anonymized information about the users of our Services if such information cannot identify any specific individual.
3. Cookies and Other Tracking Technologies
We may use cookies, tags, web pixels, and similar technologies to automatically collect information on our Site or Services. Cookies are small text files that are placed on your computer by our Site or, in some cases, by third parties. Tags are certain keywords used to describe your interaction with a particular feature on our Sites or Services. Tags can be placed by us or by third parties. These, and related technologies, help us understand how you use our Sites and our Services. If required by law, we will request your consent before using cookies or other tracking technologies. Information within this section describes our use of cookies and your ability to control the use of cookies for advertising-related purposes. As described below, we will not use cookies or similar tracking technologies that process your personal data, unless they are Strictly Necessary Cookies, or you opt-in, i.e. consent, by using the cookie banner or consent manager found on our Site. You may withdraw your consent or update your preferences at any time by clicking the “Manage Cookies” link within the website footer.
● A. Cookies. We use the following types of cookies, tags, and related technologies on our Site and Services:
Strictly Necessary Cookies. These cookies are essential because they enable you to use our Services. For example, strictly necessary cookies allow you to access secure areas on our Services. Without these cookies, some services cannot be provided. These cookies do not gather information about you for marketing purposes. This category of cookies is essential for our Services to work and they cannot be disabled.
Functional Cookies. We use functional cookies to remember your choices so we can tailor our Site’s content to provide you with enhanced features and personalized content. For example, these cookies can be used to remember your name or preferences on our Services. We do not use functional cookies to target you with online marketing. While these cookies can be disabled, this may result in less functionality during your use of our Services.
Performance or Analytic Cookies. These cookies collect passive information about how you use our Services, including the pages you visit and the links you click. We use the information collected by such cookies to improve and optimize our Services. We do not use these cookies to target you with online marketing. You can disable these cookies as set forth below.
Advertising or Targeting Cookies. These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests. Our third-party advertising partners may use these cookies to build a profile of your interests and deliver relevant advertising on other sites. You may disable the use of these cookies as set forth below.
● B. Your Choices. We do not control third parties’ collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. In addition, most web browsers provide help pages relating to setting cookie preferences. More information may be found for the following browsers here: Google Chrome, Internet Explorer, Mozilla Firefox, Safari (Desktop), Safari (Mobile), Android Browser, and Opera Mobile.
● C. Pixel Tags. To measure how well our Services are performing we may use pixel tags to measure certain metrics, like conversion, page view, or Site usage patterns derived from information about your computer or mobile device’s technical specifications.
● D. Ad Targeting. We also use retargeting services to advertise on third-party websites to you following your visit to our Site. For this purpose, visitors are grouped by certain actions on our Services, e.g., by the duration of a visit. This enables us to understand your preferences and to show you relevant advertising even if you are currently visiting another website.
● We use the following tools and services for these purposes:
Google Ads remarketing service is provided by Google. You can opt out of this by visiting the Google Ads Settings page: http://www.google.com/settings/ads.
If Google Ads is structured to collect personal data, the data controller will be Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland.
Bing Ads is a service operated by Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Please read Microsoft’s privacy statement for more information on how Microsoft processes your information https://privacy.microsoft.com/en-US/. When you access our Site via advertisements on Bing Ads, a cookie is set on your computer. In addition, a Universal Event Tracking tag is integrated on our Site. This is a code that, in combination with the cookie, stores data about the use of the Site, e.g. length of time spent on the Site, areas accessed, and ads used to reach the Site. In addition, Microsoft may track your usage patterns across multiple of your electronic devices through so-called cross-device tracking. The information collected is transferred to a Microsoft server in the United States. If Bing Ads is structured to collect personal data, the cookie banner on our Services will provide you the opportunity to consent to Bing Ads.
Facebook Ads. Using Facebook Business Tools, we may display interest-based ads to you when using Facebook. To modify your preferences or turn off personalization for ads served by Facebook, you can visit Facebook's Ad Preferences in addition to the Your Choices section below. We do not share any of your personal data with Facebook. We may also show ads to audiences that share similar characteristics as you. To do so, a list of email addresses is irreversibly encrypted through hashing and uploaded or transmitted from our site, and Facebook matches the hashed data against its own users, generating a lookalike audience and deleting the uploaded list. We do not have access to the identity of anybody in the “lookalike” audience unless they choose to click on one of our advertisements.
● E. Software-based tracking. Parts of our Site may also use small pieces of embedded computer code JavaScript (called “software development kits” or “SDKs”). These SDKs accelerate the refresh speed of certain aspects of our Site, they help us monitor the usage of various online components; they allow portions of websites to be stored or “cached” within your browser to accelerate website performance, and they enable local storage of certain interactive web content files (called “HTML5”) HTML5 on your computer’s or mobile device’s local storage so it remains there whenever you visit the Site.
● F. Do Not Track. Some Internet browsers, such as Internet Explorer, Firefox, and Safari, include the ability to transmit “Do Not Track” or “DNT” signals. Since uniform standards for “DNT” signals have not been adopted, our Site does not currently process or respond to “DNT” signals.
4. Security Precautions
We maintain reasonable physical, electronic, and procedural safeguards designed to guard your personal data from unauthorized processing, use, or disclosure. Our security measures include industry-standard physical, technical, and administrative measures to prevent unauthorized access to or disclosure of your information.
The Internet is not an absolutely secure environment and we cannot guarantee that your personal data will be secure. We therefore strongly recommend that you use a secure method and use a complex password to help us ensure the security of your account. We also strongly advise that you neither share your password with others nor re-use passwords on our Services that you use on other sites, as doing so increases the likelihood of your being the victim of a credential stuffing attack or other malicious cyber behavior. If you feel that the security of your account or personal data has been compromised, please immediately contact us at
[email protected] or as otherwise described in the Contact Us section below.
5. Your Rights
5.1 Access, Rectification, Portability, and Deletion of your Personal Data. You have the right to correct or update your personal data, object to the processing of your personal data, ask us to restrict processing of your personal data, or request portability of your personal data. To protect the privacy and the security of your personal data, we may request data from you to enable us to confirm your identity and your right to access such data, as well as to search for and provide you with the personal data we maintain upon your request. There are instances where applicable laws or regulatory requirements allow or require us to refuse to provide or delete some or all of the personal data that we maintain.
To exercise your rights, you may make updates within your customer account on the Site, or you may contact us at
[email protected]. If you no longer wish to be our customer or cease using or accessing our Services, you can request us to close your account and delete all personal data we hold about you via
[email protected], subject to certain legal requirements.
5.2 Withdrawal of consent. You have the right to withdraw your consent to the processing of your personal data, as well as to access, correct, or delete the personal data that we collect, subject to certain exceptions.
Please be aware that there are instances where applicable laws or regulatory requirements allow or require us to refuse to provide or delete some or all of the personal data that we maintain.
5.3 Unsubscribe from Our Marketing Communications. If you no longer wish for us to use your email account to send you marketing emails or non-transactional promotional materials, please directly click on the unsubscribe link at the bottom of any of our email messages to you or contact us at
[email protected].
5.4 Lodging Complaints If you believe we have infringed or violated your privacy rights, please contact us at
[email protected] so that we may attempt to resolve any issues to your satisfaction. Notwithstanding the approaches to exercising your rights stated above, this is without prejudice to your right to lodge a claim or complaint with your data protection authority (more details on data protection authorities and their contact info can be found at https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-are-data-protection-authorities-dpas_en).
6. Retention
We will retain your personal data, including any correspondence you have with us only for as long as is necessary for the purposes set out in this Policy, including retaining Personal Data in order to comply with our legal obligations, to resolve disputes, for information security purposes, and to enforce our legal rights, terms, and policies.
7. Third-Party Websites
Our Site may contain links to third-party sites. This Policy does not apply to those third-party sites. We recommend that you read the privacy statements of any other sites that you visit as we are not responsible for the privacy practices of those sites.
8. Children
Our Services are not directed to, and we do not knowingly collect personal data from, children under the age of 16 or minors (as defined by applicable national laws). If you are a minor, please do not attempt to fill out our forms or send any personal data about yourself to us. If a minor has provided us with personal data without parental or guardian consent, the parent or guardian should contact us immediately to remove the relevant personal data and unsubscribe the minor.
If we become aware that a minor has provided us with personal data, we will take steps to promptly delete such information from our files. As described further in our
Terms and Conditions, please do not upload photographs showing other people, in particular, if they are minors.
9. California Privacy Rights
This section applies only to California residents. Pursuant to the California Consumer Privacy Act of 2018, as amended and pursuant to its regulations and successors (together, “CCPA”), below is a summary of the last twelve (12) months of the personal information categories, as identified and defined by the CCPA (see California Civil Code section 1798.140 (o)), that we collect, the reason we collect the personal information, where we obtain the personal information, and the third parties with whom we may share the personal information.
We generally collect the following categories of personal information when you use our Services:
● identifiers such as a name, address, unique personal identifier, email, phone number, your device’s IP address, and non-directly identifiable alphanumerical numbers associated with your devices;
● Internet or other electronic information regarding your browsing activity, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information;
● audio recordings of your voice to the extent you call us, as permitted under applicable law;
● employment-related information; and inferences about your preferences, characteristics, behavior, and attitudes.
We generally do not collect protected classifications about our users, biometric information, or education-related information. For more information about the personal information we collect and the purposes for which we use it, please refer to section 1 above. The categories of third parties with whom we may share your personal information are listed above in section 2.
If you are a California resident, you have rights in relation to your personal information; however, your rights are subject to certain exceptions. For instance, we cannot disclose specific pieces of personal information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of the personal information, your account with us or the security of our network systems. To assert your right to know or your right to delete your personal information, please see the "Contact Us" section below. To confirm your identity, we may ask you to verify personal information we already have on file for you or other documentation that verifies that you are who you claim to be. If we cannot verify your identity based on the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud prevention purposes.
● Right Against Discrimination. You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising your right to know, delete, or opt out of sales.
● Right to Know. You have the right to request in writing a list of the information we have collected or disclosed about you, the business purposes involved, and the sources of such information. You have the right to request a copy of the specific personal information we collected about you during the 12 months before your request.
● Right to Delete. You have the right to request that we delete any personal information we have collected from you or maintain about you, subject to certain exceptions.
● Right to Opt-Out of Selling. You have the right to opt out of having your personal information sold. We do not sell your personal information as that term is generally understood but we recognize that the CCPA defines "personal information" in such a way that making available identifiers linked to you for a benefit may be considered a "sale." The CCPA broadly defines “personal information” and "selling" such that making available or sharing identifiers linked to you for a benefit may be considered a sale. In the previous 12 months, we were sharing identifiers and inferences about you with our partners, third parties, and affiliates in such a way that, under the CCPA, may be defined as selling. Please see the "Cookies and Other Tracking Technologies" section above for a description of opting out of cookies and controlling browser settings, in addition to clicking the "Manage Cookies" link in our website footer to load a consent tool that will allow you to opt-out of the cookies on our Site.
● Use of an Authorized Agent to Submit a Request. Only you or a person you formally authorized to act on your behalf may make a verifiable consumer request related to your personal information as a California consumer. If you use an authorized agent to submit such a request, we will require written proof that the authorized agent has been authorized to act on your behalf or a copy of the power-of-attorney document granting that right.
In addition, CA Shine The Light law permits customers who are California residents to request information regarding our disclosure of certain personal information to third parties for their own direct marketing purposes (see California Civil Code section 1798.83 (e)(7) for a list of personal data categories). You can submit a disclosure request using the contact information provided bellow once a year and free of charge. However, we do not share any personal information protected under the Shine The Light law with third parties, other corporate family entities or affiliate businesses for their direct marketing purposes.
10. Nevada Privacy Rights
This section applies only to Nevada residents. Although we do not "sell" "covered information" of Nevada "consumers" as those terms are defined by Chapter 603A of the Nevada Revised Statutes, if you are a Nevada consumer, please contact and inform us that you would like us to provide you notice in the event we should do so in the future, at which point you will have an opportunity to be verified and exercise your opt-out rights under that law. You may contact us as described below. It is your responsibility to keep your notice contact information current.
11. Transfer of Your Personal Data
When you access or use our Services, your personal data may be processed or transferred outside the European Union, including to the United States, China, and/or Singapore. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside.
For these transfers, we rely on appropriate safeguards as permitted under the GDPR such as Standard Contractual Clauses, modified from those adopted by the European Commission pursuant to Article 49 (1) (b) of the GDPR to provide our Services pursuant to the Terms & Conditions. If you do not want your information transferred to, processed, or maintained outside of the country or jurisdiction where you reside, you should immediately stop accessing or using the Services. For further details about these transfers and the safeguards that we use to facilitate such transfers, please contact us at
[email protected].
12. Contact Us
If you have questions or concerns regarding any information in this Privacy Policy, please contact us at
[email protected].
Our Data Protection Officer can be contacted via the email address below or via our postal address below in writing:
SHEIN Data Protection Officer
757 S. Alameda St., Suite 340
Los Angeles, CA 90021