Hotter Shoes: Privacy Policy

Privacy Policy

Introduction

This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data and keep it safe.

Hotter Shoes Limited (“we”, “our”, “us”) is a "controller" of your personal information. This is a legal term – it means that we make decisions about how and why we use your personal information, and because of this, we are responsible for making sure it is used in accordance with data protection laws.

We are a company incorporated in England and Wales under registration number 14705827. Our Registered Address is Woolovers House, Victoria Gardens, Burgess Hill, England, RH15 9NB.

There are different reasons under data protection law for which we may collect and process your personal data.
We can collect and process your data

  • with your consent (for example, when you opt-in to receive email marketing).
  • Sometimes we need your personal data to comply with our contractual obligations (for example, if you order an item from us online, we’ll collect your address details and pass your details to our courier so they can deliver your order).
  • If the law requires us to, we may need to collect and process your data (for example, we can pass on details of people involved in fraud or other criminal activity to law enforcement).

In specific situations, we need to use your data to meet the legitimate interests of our business in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom, or interests (for example, we will use your purchase history to send you personalised offers. We will also send you marketing emails and direct mail when you shop with us and do not choose to opt-out).

WHAT DATA WE COLLLECT, AND HOW WE USE YOUR DATA

We want all our customers to have the best possible experience when shopping with us. We try and improve customer experience by building up the richest picture of who you are and what you are interested in. We do this by combining data we have about you to offer you the most relevant products, promotions, and services. Data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.

If you wish to change how we use your data, please see the ‘Your Rights’ section below.

Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to buy products from us and you are unlikely to receive our best customer service.

Here’s when, how, and why we’ll use your personal data:

Any questions? Contact our Data Protection Officer by emailing [email protected]

WHEN PLACING AN ORDER (online, app, in-store or over the phone)

  • When you visit any of our websites, we will capture information gathered using cookies in your web browser. You can find out more about how we use cookies here.
  • To display the most relevant content to you on our websites or apps, we’ll use your data to personalise your website or app experience. This is either based on your consent to receive app notifications and/or for our website to place cookies or similar technology on your device or based on our legitimate interest.
  • When you place an order on one of our websites, we will ask you to log into your existing account, to create a new account in our database, or checkout as a guest. When you create an account with us, we will capture (with your consent) your name, date of birth (optional, we will occasionally use this to send customised offers, usually on or around your birthday, and in an anonymised way to understand the demographics of our customers), address, email, and telephone number. We will also ask you whether you want to opt-in to receive marketing from us. For your security, we’ll also keep an encrypted record of your login password. When you checkout as a guest with us, we will capture your name, address, email, and telephone number. We will use this data to fulfil our contractual obligations, as well as protect our legitimate business interests.
  • When you abandon your session or basket before completing your checkout, we will send you email notifications. We do this based on our legitimate interest.
  • We use third-party analytical services, such as Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed does not contain personally identifiable information of any of our site visitors and is done based on our legitimate business interests.
  • We use third party services to help maintain the security and performance of our websites. To deliver this secure service they process, on our behalf, the IP addresses of visitors to our websites and apps and this is done based on our legitimate business interests.
  • When you comment on or review our products and services, we will with your consent capture any personal information you give as part of the review or feedback process.

When Visiting our website or apps

  • When you contact us by phone, we collect Calling Line Identification (CLI) information to improve our efficiency and effectiveness and protect our legitimate business interests.
  • When you contact us, we will ask you for personal data to identify your existing account or to create a new account in our contact centre systems (K3 & Navision). When you create an account with us, we will capture (with your consent) your name, date of birth (optional, we will occasionally use this to send customised offers, usually on or around your birthday, and in an anonymised way to understand the demographics of our customers), address, email, and telephone number. We will also ask you whether you want to opt-in to receive marketing from us. The information held on K3/Navision is used to process your orders, to record and store your details and marketing preferences, to arrange returns and store sales transaction data. This is to fulfil our contractual and legal obligations, as well as protect our legitimate business interests.
  • We will use your data to respond to your queries, refund requests and complaints. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We may also use this data when training our staff to make sure we continually improve our customer service. We do this based on our contractual obligations to you, our legal obligations, and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
  • When you contact our customer service team via email, we use Transport Layer Security (TLS) to encrypt and protect email traffic in line with best practice. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software to protect our legitimate business interests. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law. Any exchange of information over email is recorded within our Contact Centre systems (Zoho and Outlook) and used for future contact with you in relation to account management. We will not add you to any marketing database unless you ask us to.

WHEN COMMUNICATING WITH OUR CONTACT CENTRE VIA PHONE, EMAIL, OR ANY OTHER METHOD

  • When you contact us by phone, we collect Calling Line Identification (CLI) information to improve our efficiency and effectiveness and protect our legitimate business interests.
  • When you contact us, we will ask you for personal data to identify your existing account or to create a new account in our contact centre systems (K3 & Navision). When you create an account with us, we will capture (with your consent) your name, date of birth (optional, we will occasionally use this to send customised offers, usually on or around your birthday, and in an anonymised way to understand the demographics of our customers), address, email, and telephone number. We will also ask you whether you want to opt-in to receive marketing from us. The information held on K3/Navision is used to process your orders, to record and store your details and marketing preferences, to arrange returns and store sales transaction data. This is to fulfil our contractual and legal obligations, as well as protect our legitimate business interests.
  • We will use your data to respond to your queries, refund requests and complaints. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We may also use this data when training our staff to make sure we continually improve our customer service. We do this based on our contractual obligations to you, our legal obligations, and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
  • When you contact our customer service team via email, we use Transport Layer Security (TLS) to encrypt and protect email traffic in line with best practice. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software to protect our legitimate business interests. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law. Any exchange of information over email is recorded within our Contact Centre systems (Zoho and Outlook) and used for future contact with you in relation to account management. We will not add you to any marketing database unless you ask us to.

IN ONE OF OUR STORES

  • To protect our customers, premises, assets, and employees from crime, we operate CCTV systems in our stores which record images for security. We do this based on our legitimate business interests. If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts. Our aim is to protect the individuals we interact with from criminal activities.
  • When you shop in-store, we will ask you for personal data to identify your existing account or to create a new account in our database. When you create an account with us, we will capture (with your consent) your name, date of birth (optional, we will occasionally use this to send customised offers, usually on or around your birthday, and in an anonymised way to understand the demographics of our customers), address, email, and telephone number. We will also ask you whether you want to opt-in to receive marketing from us. The information held on our database is used to process any orders to be delivered to your home, to record and store your details and marketing preferences, to arrange returns and store sales transaction data. This is to fulfil our contractual and legal obligations, as well as protect our legitimate business interests. Where the product you wish to buy is in-stock, you do not need to provide any personal information to buy from one of our stores. If the product you wish to buy is not in stock you have the option to have the product delivered to your home, in which case we will capture your personal data when you place the order. If we don’t collect your personal data as part of an order which needs to be delivered to your home, we won’t be able to process your order and comply with our contractual obligations.
  • When you fill in any forms. For example, if an accident happens in store, a colleague may collect your personal data (with your consent).

OTHER TIMES WE'LL USE YOUR PERSONAL DATA

  • With your consent, or whenever you purchase with us and do not choose to opt-out of receiving marketing communications (based on our legitimate business interest), we will use your personal data, preferences, and order details to send you marketing via post, email, web, text, telephone and through our contact centres about relevant products and services including tailored special offers, discounts, promotions, events, competitions and so on. You are free to opt out of hearing from us by any of these channels at any time, if you wish to change how we use your data, please see the ‘My Rights’ section below.
  • When you are opted into email communication, we assume (based on our legitimate business interest), the permission to use your email address to contact you extends to its use within other third-party advertising platforms, including but not limited to Google & Facebook. You may see banner advertisements or other forms of sponsored content and personalised search engine results because of this type of advertising. You can review the partner's privacy policies, which include details of how to opt out of advertising within each platform, by following the links below:

Google: https://policies.google.com/technologies/ads?hl=en-US

Facebook: https://www.facebook.com/help/568137493302217

  • To protect our business and your account from fraud and other illegal activities. This includes using your personal data to maintain, update and safeguard your account. We’ll also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites. We’ll do all of this as part of our legitimate interest. For example, by checking your password when you login and using automated monitoring of IP addresses to identify possible fraudulent logins from unexpected locations.
  • Sometimes we will send communications which are either required by law or necessary to inform you about changes to the service we provide, for example product recall notices or changes to terms and conditions. These service messages will not include marketing or promotional content and do not require your consent – if we did not use your personal details, we would be unable to meet our legal obligations.
  • To display the relevant content to you on our websites or apps, we will use your data relating to your preferred brands or products and so on. We do so based on your consent to receive app notifications and/or for our website to place cookies or similar technology on your device. If not using cookies or similar technology, then based on our legitimate interest. For example, we might display a list of items you’ve recently looked at or offer you recommendations based on your purchase history and any other data you’ve shared with us.
  • To administer any of our prize draws or competitions which you enter, based on your consent given at the time of entering.
  • To comply with our contractual or legal obligations to share data with law enforcement. For example, when a court order is submitted to share data with law enforcement agencies or a court of law.
  • We may occasionally send you survey and feedback requests to help improve our services. These messages will not include any marketing or promotional content and do not require prior consent when sent by email or text message. We have a legitimate interest to do so as this helps make our products or services more relevant to you.
  • We’ll combine data captured from across Hotter Shoes, third parties to whom you have given consent to share data, and data from publicly available lists to build a rich picture of who you are and what you like, and to inform our business decisions. We do this based on our legitimate business interest. For example, by combining this data, this will help us personalise your experience and decide which are the most relevant products, offers or content to share with you. We also use anonymised data from customer purchase histories to identify trends within our customer base. This may then guide our business strategies.
  • To develop, test and improve the systems, services, and products we provide to you. We’ll do this based on our legitimate business interests.
  • We gather statistics around email opening and clicks using industry standard technologies. We do this based on our legitimate business interest to help us monitor and improve our communications via this channel.
  • To help us to recommend items of interest. For example, you might tell us your shoe size, which we’ll use to guide our suggested items. We’ll only ask for and use your personal data collected for recommending items of interest and to tailor your shopping experience with us. Of course, it’s always your choice whether you share such details with us.
  • We use social media platforms directly, rather than using a third-party system. This is managed by specially trained in-house advisors at Hotter Shoes. If you send us a private or direct message via social media, the message will be stored by the social media site itself, however you are able to sign in and change your privacy settings on these. We will not actively share this information outside of Hotter Shoes.

HOW WE PROTECT YOUR PERSONAL DATA

We know how much data security matters to all our customers. We will treat your data with the utmost care and take all appropriate steps to protect it. We secure access to all transactional areas of our websites and apps using ‘https’ technology. Access to your personal data is password-protected, and sensitive data (such as payment card information) is secured and encrypted to ensure it is protected. We regularly monitor our system for possible vulnerabilities and attacks, and we carry out testing to identify ways to further strengthen security.

HOW LONG WE KEEP YOUR PERSONAL DATA

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

When you place an order, we’ll keep the personal data you give us for a minimum of six years so we can comply with our legal and contractual obligations.

We also send your details to our third-party manufacturers or suppliers, but that is only so they can process your order. This data is not stored permanently by our partners and is retained for up to 2 years. You are entitled to contact them directly for clarification.

We also send your details to our third-party logistics partners, but that is only so they can deliver or collect your goods. This data is not stored permanently by our partners and is retained for up to 2 years.

WHO WE SHARE YOUR PERSONAL DATA WITH

There are times when we need to share your personal data with trusted third parties. For example, with delivery couriers to comply with our legal obligations, or to technology partners to help us personalise our offers to you for example.

  • We provide only the information they need to perform their specific services.
  • They may only use your data for the exact purposes we specify in our contract with them.
  • We work closely with them to ensure that your privacy is respected and always protected.
  • If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.


When you purchase a product from us that is delivered by the manufacturer or supplier of said product, we will pass on your contact details so that they can deliver your purchased product. The same applies to any warranties or guarantees provided by the manufacturer or supplier of the product you bought. For example, if you buy a coat from us we will pass your details to the supplier of the coat to ensure the delivery of the goods and to fulfil any supplier product guarantees. We do that to ensure that we fulfil our contractual obligations to you.

If the manufacturers or suppliers wish to pass your details to other third parties (for example their logistics partner), or use it for other purposes, they must provide you with sufficient information about whom they share your personal data with, and for what purposes they intend to use it, and in some cases, they may be required to ask for your consent to do so. If they do not provide you with that information or collect your consent, and you are worried that they may have shared your personal data with someone else, you are entitled to contact them directly for clarification.

Examples of the kind of third parties we work with are:

  • IT companies who support our website and other business systems.
  • Operational companies such as delivery couriers to contact you about your order delivery & occasionally service review messages.
  • Direct and digital marketing companies and agencies who help us manage our communications with you.
  • Printers and mail fulfilment companies who help us manage our direct mail to you.
  • Google/Facebook to show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites. See our Cookies Notice for details.
  • Data insight companies to ensure your details are up to date and accurate and to help us manage our communications with you.

SHARING YOUR DATA WITH THIRD PARTIES FOR THEIR OWN PURPOSE

We will only do this in very specific circumstances, for example:

  • With your consent, given at the time you supply your personal data, we may pass that data to a third party for their direct marketing purposes. For example, if you enter a competition and tick a box agreeing that the prize provider company can send you promotional information directly.
  • For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
  • We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
  • We may, from time to time, expand, reduce, or sell the group and this may involve the transfer of divisions or the whole business to new owners. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.

  • Data Cooperatives – We may share your name, address, and details about what you’ve ordered from us with our data cooperative partners. Our partners are Abacus ("Epsilon") and Experian. These partners manage prospect pools on behalf of UK retailers. Epsilon (registered as Epsilon International UK Ltd) is a company that manages the Abacus Alliance on behalf of UK retailers and charities. The participating retailers are active in the clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, home interiors and travel categories. Our partners analyse information about what our customers buy to help us understand your buying patterns. This helps us plan what we send you, based on what you like to buy. They also help us to ensure that you don’t hear from us if you don’t want to therefore if you’ve told us that you don’t want to receive another catalogue from us, we’ll share your information with them to ensure you’re added to a suppression list. In addition, the partners analyse what sort of products might interest you and pass your name and address to companies whose products are likely to appeal to you. You can opt out of your name and address being passed to other companies at any time by contacting us using any of the methods on our Contact Us page https://www.hotter.com/gb/en/info/contact-us, or by managing your third-party marketing preferences in ‘My Account’ when logged in to your online account.

  • Epsilon

Visit https://abacus.epsilon.com/services-privacy-policy/

Email [email protected]

  • Experian

Visit www.experian.co.uk/cip

Email [email protected]

Phone 0115 828 6738

WHERE YOUR PERSONAL DATA MAY BE PROCESSED

We are a UK based company and so we will transfer your data within the UK, which is outside of the EU. We may also need to share your personal data with third parties and suppliers outside the European Economic Area (EEA).

Protecting your data outside the UK

We may transfer personal data that we collect from you to third-party data processors in countries that are outside the UK.

For example, this might be required to fulfil your order, process your payment details or provide support services.

If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed in the UK. For example, our contracts with third parties stipulate the standards they must always follow. If you wish for more information about these contracts, please contact our Data Protection Officer using the details listed in our Contact Us section.

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

YOUR RIGHTS

You have the right to be informed about how your personal data is being used. This is done, for example, through this privacy notice. You have a right to access any personal data we hold about you. We strive to be as open as we can be in terms of giving you access to your personal information. You can find out if we hold any personal information by making a 'Subject Access Request' under GDPR Legislation. If we do hold information about you, we will:

  • give you a description of it
  • tell you why we are holding it
  • tell you who it could be disclosed to

  • let you have a copy of the information in an intelligible form.



To make a request to Hotter Shoes for any personal information we may hold, you need to put the request in writing, addressing it to our Data Protection Officer at the address provided below. If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone. If we do hold information about you, you can ask us to correct any mistakes or erase any of your personal data we hold by contacting the Data Protection Officer using the details listed in our Contact Us section.

MAKING A COMPLAINT

When we receive a complaint, we make up a file containing all the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile statistics showing information like the number of complaints we receive, but not in a form which identifies anyone. We usually must disclose the complainant's identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person's record is in dispute. If a complainant does not want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis. We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for up to 6 years from closure. It will be retained in a secure environment and access to it will be restricted according to the 'need to know' principle. Similarly, where enquiries are submitted to us, we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide. Hotter Shoes strives to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures. This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Hotter Shoes collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.

LINKS TO OTHER WEBSITES

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

CHANGES TO THIS PRIVACY NOTICE

We keep our privacy notice under regular review. This privacy notice was last updated on Friday 1st December 2023.

CONTACT US

If you want to request information about our privacy policy you can email us to [email protected] or write to Stephen Kehl, Data Protection Officer, WoolOvers House, Victoria Gardens, Burgess Hill, England, RH15 9NB.