Privacy Policy


Who We Are

Theory is committed to respecting the privacy rights of users to its website. This privacy policy ("Policy") explains how we collect, store and use your personal data when you browse uk.theory.com website (the "Site"), shop with us or otherwise provide your personal data to us. These terms will apply regardless of how the Site is accessed and will cover any technologies or devices by which we make the Site available to you.

This Policy provides you with details about the types of personal data that we collect from you, how we use your personal data and the rights you have to control our use of your personal data.

You must read this privacy policy carefully and we recommend that you print and retain a copy for your future reference. By browsing or otherwise using this Site, you must have read this Policy.

When we say “Theory”, “us”, “our” or “we” in this Policy, we are referring to Link Theory (UK) LTD., a company incorporated under the Laws of England and Wales under number 05739533, whose registered office is located 4F 103-113 Regent Street, London, W1B 4HL, United Kingdom.

For the purposes of the General Data Protection Regulation (Regulation (EU) 2016/679, the “GDPR”), Link Theory (UK) LTD. is the “data controller” (as defined in the GDPR) of the personal data, when it determines the purposes and means of the processing of personal data.

In addition, under GDPR legislation:

- ‘personal data’ means any information relating to you and that identifies you, directly or indirectly;
- ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data.


Data We Collect & Why

We collect personal data, either directly from you, mostly obtained through forms on our Site, or indirectly when you interact with us.

When we collect personal data through forms, fields marked with an asterisk are mandatory. Some of the personal data we request from you is necessary for us to perform a contract between you and Theory, or to provide you with a service you have asked for, or to comply with legal requirements. If you do not provide the personal data marked with an asterisk, this may affect the goods and services that we can provide.

We collect and process personal data for the following purposes:

- Customer relationship management - where we mainly collect identifying data such as your name and your contact details;
- Management of the orders - where we collect information such as your name, e-mail address, billing address, delivery address, telephone number, product selections, credit card or other payment information;
- Sending commercial communications, in particular via your subscription to our newsletters by entering your e-mail address;
- Organisation of competitions or promotional operations - where we collect data such as your name, e-mail address or telephone number;
- Management of the after-sale service - where Theory answers to requests regarding our products or our brand if you contact us via email at customer.care@uk.theory.com;
- Management of the customer reviews on products - where we collect at least your e-mail address;
- Analysis of the ergonomy of our Site via some cookies or other technologies allowing us to collect information about your online browsing, such as information regarding your browser type, the country code where your device is located, the pages of our website that were viewed during your visit, the advertisements you clicked on, and any search terms that you entered on our Site.

Our Site may also use a website recording service which may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. Data collected by this service is used to improve our website usability. The information collected is stored and is used for aggregated and statistical reporting. All the data collected in connection with the ergonomy of the Site is statistical data about our users' browsing actions and patterns and does not identify any individual.

If you wish your website activity not to be recorded, please contact us via email at customer.care@uk.theory.com.

Legal basis for processing your personal data is as follows:

- Processing of data relating to customer relationship management and management of your orders are either based on the performance of a contract between you and Theory (e.g. when you create an account with us or you order a product from us), or based on our legitimate interests (transaction security helps us to prevent fraud);
- Processing of data linked with the sending of commercial communications are based on your specific consent;
- Legal basis to process data in view of the organisation of competitions or promotional operations is the performance of a contract between you and Theory (to allow you to participate to such operation);
- When you send a request regarding our products or our brand or for the management of the customer reviews on products, processing of your data is based on your specific consent;
- Processing linked to the ergonomy of our Site and the development of statistics is based either on our legitimate interests for the cookies used to improve our website and to ensure it functions properly and it is secure and safe, or on your specific consent for all the other cookies (to send targeted advertising or to propose tailored services, to run statistics). For more information, please refer to our 'Cookies' below section.


Access to Your Data

We will treat all your Personal Information as confidential. Information about our customers is important and protecting your privacy is essential to us, we do not share your personal data with any third parties other than for the limited reasons specified below.

We will only disclose data to:

- Other companies within our Group of companies;
- Suppliers we engage to process data on our behalf;
- Government bodies and law enforcement agencies to comply with legal obligations or protect some rights;
- Successors in title to our business (in the case of a transfer of assets or if we sell any or part of our business).

We share personal information with our parent company or other entities within our Group which follow practices at least as protective as those described in this Privacy Policy.

We share personal data on a limited basis with trusted suppliers we use to perform operations on our behalf. These suppliers can assist us by providing us with our Internet platform, providing marketing assistance, delivering our products to you, providing customer service or helping us to prevent fraud. We only provide them with personal information they need to perform their services and we ask them to commit to use your data only for specific listed purposes. We will always use our best efforts to make sure that these third parties will keep your personal data secure and confidential.

We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our Policy; or protect the rights, property or safety of the Site, our users, or others. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction. However, this does not include selling, renting, sharing, or otherwise disclosing personal information for commercial purposes in violation of the commitments set forth in this Policy.


Storing Your Data

The internet is used in a global environment, using it to collect and process personal data involves the transmission of data on an international basis. The data that we collect from you may be transferred to, accessed in and stored at, a destination outside the European Economic Area ("EEA"), these data will always be held securely and in line with the requirements of any applicable regulations regarding data protection.

It may also be processed by third-parties operating outside the EEA (for example in the USA), working for us or for one of our suppliers. Such third parties may be engaged in, among other things, the fulfillment of your order, the processing of your payment details and the provision of support services. Where we transfer personal data to third parties outside the EEA, we ask them to provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the EU regulation and ensure the protection of your rights as data subject. When necessary, we rely on the Commission Adequacy decision on the EU-U.S. Privacy Shield or we may ask them to enter into contracts based on the template adopted by the European Commission according to Article 46.2 of the GDPR (Adequacy decision and model clauses adopted by the EU Commission are available via this page).


How Long We Your Data

We will keep your personal data for as long as we need it to achieve the purpose for which it has been collected or to meet our legal obligations:
- We keep the data relating to the creation of an account until you request us to delete it or after a certain period of user inactivity for a maximum period of 3 years;
- Data relating to product order, either through a customer account or via the guest checkout, will be kept for the duration of our contractual relationship linked to the management of the order;
- When you take part to competitions or promotional operations, your data will be kept for the duration of such operation;
- Data relating to your subscription to our newsletter will be kept until you request us to unsubscribe or delete it or after a certain period of user inactivity (as defined by our internal retention policy, for a maximum period of 3 years);
- When you send us a request regarding our products or our brand, your data will be kept for the time necessary to handle such request;
- Personal data within cookies set on your terminal will be kept for as long as we need it to achieve the purpose for which it has been collected (e.g. session identification cookies are just kept for the duration of the ongoing session), and for a maximum duration of 13 months.

We might keep some personal data for a longer time to comply with legal or regulatory obligations (e.g. to meet our obligations linked with invoicing) or to protect our legitimate business interests (e.g. to bring a claim before the Court).


Cookie Policy

We receive and store certain types of information whenever you interact with us. When accessing our website, information about your browsing may be saved in some "cookies" files installed on your device. We issue these cookies to facilitate navigation on our website. They can also be issued by our providers in order to offer you personalised advertising when you access other websites.

In addition, some cookies may be on different areas on our Site, displaying advertising content from third-parties advertisers on your device.

Please note that only the issuer of a cookie may read or modify information contained therein.


Cookie We Use

Cookies we install on your device allow us to recognize your browser when you connect to our website.

We issue cookies for the following purposes:

- Establish traffic statistics (number of visits, page views, abandonment during the order process) to monitor and improve the quality of our services;
- Adapt the presentation of our website to the display preferences of your terminal;
- Memorise information entered in forms, manage and secure access to specific and personal places such as your account, manage your shopping cart. We may send you e-mails to keep you informed of the status of your order: you can unsubscribe at any time by clicking on the unsubscribe link in each email;
- Provide you with content, including advertising, related to your interests and customise the offers we send you.


Third-Party Cookies

When you access our Site, one or more cookies from our providers ("third-party cookies") may be placed on your device via the pages of our website or via content displayed in our advertising spaces.

The cookies placed on our website by the providers we use to promote our activities and our offers are designed to:

- Identify the products seen or purchased on our website in order to personalise the advertising offer sent to you when you access other websites;
- Send you Theory offers by email if you have authorized them when registering.

The cookies contained in the advertising spaces of our website are intended to establish statistics on advertisements (e.g. how many times it was displayed, which advertisements were displayed, number of users having clicked on each advertisement).

The issue and use of cookies by third parties are subject to the privacy policies of these third parties. We have no access or control over third-party cookies. However, we make sure that the partner companies treat the information collected on our website exclusively for our needs and in compliance with any applicable regulations.

Rakuten Advertising is a third party company that uses cookies on the website, you can view their privacy policy at this address: https://rakutenadvertising.com/legal-notices/services-privacy-policy/


Changing Your Cookie Settings

You can refuse third-party cookies by an appropriate setting of your browser. Any setting can modify your browsing on the internet and your conditions of access to certain services requiring the use of cookies.

You can configure your browser software so that cookies are saved in your device or, in order they are rejected, either systematically or according to their issuer. If your browser is set to refuse all cookies, you will not be able to make purchases or take advantage of essential features of our Website, such as keeping products in your cart or receiving personalised recommendations.

You can also configure your browser so that the acceptance or rejection of cookies is offered to you punctually, before a cookie is likely to be registered on your device.

To find out how to manage cookies on popular browsers, please see below:

- Google Chrome;
- Microsoft Edge;
- Mozilla Firefox;
- Microsoft Internet Explorer;
- Opera

To find information relating to other browsers, visit the browser developer's website.

To opt out of being tracked by Google Analytics across all websites, visit https://tools.google.com/dlpage/gaoptout.

To find out more about cookies, including how to see what cookies have been set, visit http://www.aboutcookies.org or http://www.allaboutcookies.org.


Profiling

We might display or send personalised content or communications using profiling techniques (defined by the GDPR as any form of automated processing of personal data evaluating the personal aspects relating to a natural person, in particular to analyse or predict aspects concerning the data subject's personal preferences or interests, behavior or location).


Personalised Advertising Banner

After browsing our Site, personalised banner ads may be displayed when you are on other websites. We are committed to providing you with offers that are relevant to you. Thus, the advertising banners that will be displayed will relate to products that have been viewed by browsing our Site from your device. The service offered by our provider Thoughtshift aims to offer personalised advertising displaying products or services based on the recent behavior of Internet users on the sites and applications of its partners. To do this, Thoughtshift recognizes users using cookies. To learn more about Thoughtshift or to disable this service please contact us via email at customer.care@uk.theory.com.


Targeted Information

When you agree to be contacted by us for commercial purposes, we may send you e-mails and other communications about goods and services that may be of interest to you. We do this by studying our customers' online browsing and shopping habits, and providing them with information about the products they have viewed and those they use. If you have indicated your preferences when you have given us your details, we will use them to better select the information we will send you.

We use online browsing data to track use of our Site in order to understand which products and services are of interest to you and to collect certain personal information such as name, email address, phone number, and a unique identifier associated with your device. This information is then used to assist you in the buying process including by contacting you from time to time (either by email or SMS) or to personalise advertising displayed to you online.


Transaction Security & Website Misuse

To provide you with the best services and to allow you a secure experience regarding the payment and the delivery of your orders, we will use some of your data in order to prevent and to avoid any misuse of this Site. We have asked Adyen, our service supplier, to test such data on an automated basis.

Concerned data are: data regarding the implementation of the contract (purchased items, personal information, payment method and banking data).

Following such a test, and depending on the result, we may decide to implement any relevant security measures or, when the transaction security can’t be ensured, we may decide to cancel the order. In case of an incident, such as fraudulent use of the means of payment or fraud with the delivery, the data relating to the order will be stored in a specific file which would allow us to conduct any relevant additional verification for future orders. You will be notified of any test conducted by us, allowing you to express your observations.

In the case you withdraw your consent to the processing of your personal data regarding transaction security, you may no longer be able to use the website or to place an order.


Your Personal Data Rights

You have the following rights at any time:

- The right to request access to personal data that we hold about you;
- The right to request from us rectification of any personal data that is inaccurate or incomplete;
- The right to request erasure (‘right to be forgotten’) of personal data if these data are no longer necessary in relation to the purposes for which they were collected or otherwise processed or if you withdraw your consent (we might have to keep some personal data to meet legal requirements or legitimate interests though).
- The right to obtain restriction of processing where one of the following applies:
+ If you have contested the accuracy of your personal data, processing shall be restricted for a period enabling us to verify such accuracy;
+ When processing is unlawful and you oppose to the erasure of your personal data and request the restriction of their use instead;
+ If we no longer need the personal data for the purposes of the processing but they are required by you to establish, exercise or defend your legal claims;
+ When you have objected to processing based on legitimate interests, processing shall be restricted for a period enabling the verification whether our legitimate grounds override yours.
- The right to object, on grounds relating to your particular situation, where processing of your personal data is based on our legitimate interests. You also have the right to object at any time to processing for direct marketing purposes (including profiling to the extent that it relates to such direct marketing);
- The right to data portability, meaning you have the right to receive the personal data we hold about you in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller where the processing is based on your consent or on a contract and is carried out by automated means. You have also the right to have your personal data transmitted directly from us to another controller where technically feasible;
- The right to opt out of any marketing communications that we may send you by clicking on the unsubscribe link at the bottom of any e-mail we have sent to you or, alternatively, contact us via email at customer.care@uk.theory.com, or write to us at Link Theory (UK) LTD, Data Protection, 4F 103-113 Regent Street, London, W1B 4HL, United Kingdom;
- The right not to be subject to a decision based solely on automated processing including profiling, which produces legal effects concerning you or similarly significantly affects you (unless if this decision is necessary for entering into, or performance of, a contract between you and Theory or is based on your explicit consent);
- The right to lodge a complaint with a supervisory authority if you have reasons to think that your rights on your personal data are infringed by Theory.

Note that we may ask you additional information necessary to confirm your identity to exercise your rights.


Security

We are committed to offering our customers a safe and secure environment. Whilst we take appropriate technical and organisational measures to safeguard the personal data that you provide to us, no transmission over the Internet can ever be guaranteed secure. Consequently, please note that we cannot guarantee the security of any personal data that you transfer over the Internet to us.

If you are using a computer or terminal in a public location, we recommend that you always log out and close the website browser when you complete an online session for your security. In addition we recommend that you take the following security measures to enhance your online safety:

- Keep your account passwords private. Remember, anybody who knows your password may access your account;
- When creating a password, use at least 8 characters. A combination of letters and numbers is best. Do not use dictionary words, your name, email address, or other personal data that can be easily obtained. We also recommend that you frequently change your password. You can do this by going to ‘My Account’ and clicking ‘Change name, email or password’;
- Avoid using the same password for multiple online accounts.


Links to Third-Party Websites

Certain links within the Site may be to other unrelated third party companies. We will never share your personal information with those third party companies.

Links provided on our Site to third party websites are provided as a convenience to you and we do not control those sites or their privacy practices, which may differ from ours. We do not endorse or make any representations about any third party sites that may be accessible through this site. We encourage you to review the privacy policy of any company before submitting your personal information.

The data you choose to give to unrelated third parties is covered by their privacy policies. Some third party companies may choose to share their personal data with us; that sharing is governed by that third party's privacy policy.

We cannot be responsible for personal data that third parties may collect, store and use through their websites. You should always read the privacy policy of each website you visit carefully.


Children

We do not and will not knowingly collect information from any unsupervised person under the age of 13. For the processing of the personal data of a child below the age of 13, the consent of the holder of parental responsibility is necessary. We shall make reasonable efforts to verify in such a case that consent is given or authorized that way, taking into consideration available technology.


Klarna

In order to offer you Klarna’s payment methods, we might in the checkout pass your personal data in the form of contact and order details to Klarna, in order for Klarna to assess whether you qualify for their payment methods and to tailor those payment methods for you. Your personal data transferred is processed in line with Klarna’s own privacy notice.


False E-Mails

We will never ask you to confirm any account or credit card details via e-mail. If you receive an e-mail claiming to be from Theory asking you to do so, please ignore it and do not respond.


Changes to This Policy

Our business is constantly changing and our Privacy Policy will also change. You should check our website frequently to view recent changes. Any changes to the Privacy Policy will be posted on the Site and the date at the bottom of this Policy will be amended to reflect when it was last revised.


Contact

If you have any questions or concerns relating to this Policy or any other privacy-related questions or if you would like to exercise any of your rights above described, please contact us via email at customer.care@uk.theory.com, or write to us at Data Protection, Link Theory (UK) LTD, 4F 103-113 Regent Street, London, W1B 4HL, United Kingdom.

If you wish to contact our Data Protection Officer, please contact him via email at dpo_eu@fastretailing.com.


© Link Theory (UK) LTD. 2022
Registered in England & Wales - Number 05739533
VAT Number - 877765062


Last Updated - May 2022