Privacy Policy
To download or preview our Privacy Policy as pdf, click here.
COS works to ensure your privacy is protected when you are using our services online. We therefore have a policy setting out how your personal data will be processed and protected. Any changes we have made to this data policy can be found by visiting our website.
1. Personal details
Personal details are any data that contains information of the personal or material relationships of an identified or identifiable user (hereinafter referred to as “data”). For example, this includes data such as a user’s name, e-mail address, residential address, telephone number, gender or date of birth.
These details are kept by COS, a brand within the Hennes & Mauritz Group with the mother company - H&M Hennes & Mauritz AB - acting as the party responsible for your personal data under the Swedish Data Protection Act and its subsidiaries acting as personal data assistants/processors on behalf of the mother company. H&M Hennes & Mauritz AB (hereinafter referred to as “COS”, “we”, “us”) maintains and processes your personal data in Sweden and in accordance with this Act.
We are committed to ensuring that all of your personal information is kept private so we provide security for all purchases you make online. Your data will be transmitted in encrypted form and will only be handled in accordance with our Data Privacy Policy. As the contents of this policy will be updated from time to time, please remember to re-read it on your next visit to our website.
We take the importance of Data Privacy seriously and would like to ensure that your privacy is protected while using the services offered by the company. That is why we have compiled a Data Privacy Policy in which we explain how we handle your personal data. We will only collect, process and use your data, if you give your consent or if such processing or use is permitted according to a legal provision. The only data that will be collected, processed and used is data that is required to perform and use our services or data that you provide to us voluntarily.
2. Why do we collect data?
In providing your personal details you consent to us using the data collected in order to meet our commitments to you and provide the service you expect when shopping at COS online. This will include processing of orders for shipping, text message notification of delivery status and sending information such as new services or other marketing offers which may be of interest to you. We would also like to notify you of any changes or enhancement to our services by e-mail, telephone or mail. Your details may be used to monitor traffic to and from our website to help us improve the design and layout of the site. In the event of any problem with delivery of your items, we will use the information to get in contact with you.
3. Who has access to the data?
a. For the purposes of a credit check, identity verification, credit control and debt recovery, COS will share your data with credit information agencies (such as SCHUFA), additional business information services companies or collection companies. As we rely on the services of Group companies affiliated with us to perform our services, this data will also be provided to them.
b. For online job applications, your data will be handled by our service provider Taleo who will save data on our behalf. Taleo has been obligated by us to comply with the applicable statutory provisions on data protection and, accordingly, to obligate any internal or external employees whom it engages to observe confidentiality.
c. For newsletter subscription, your data will be handled by our service provider Apsis, who will save data on our behalf. Apsis has been obligated by us to comply with the applicable statutory provisions on data protection.
d. We undertake to ensure that our Group and partner companies will only process and use your data for the intended purposes. There will be no further unauthorised sharing of data with other companies or organisations.
4. What kind of data do we collect and for what purpose is it used?
We require your data for the following purposes:
a. Registration: To register at cosstores.com (we need your e-mail address, name and address);
b. Placing orders: To process your orders via cosstores.com (we need your name, address, credit card or Paypal details);
c. Newsletter: To subscribe to our newsletter (we need your e-mail address and country of residence);
d. Contact details: To answer your queries (we need your e-mail address);
e. Taking part in competitions: To inform the winners (we need your e-mail address, name, address or telephone number);
f. Personalising offers: To optimise our services, we will save cookies on your computer (for more detailed information on this, see below);
g. Job application process: To complete online job applications, we will collect and process your master data, as well as your job application data, (for more detailed information on this, see below).
5. Information on the use of address data
For the purposes of making a decision on the creation, performance or termination of a contractual relationship with you and in the context of risk management, we will collect or use probability values for your future conduct – or have another party use them – and we will also use your address details to calculate these probability values.
6. Where will your data be saved and processed?
Your data will in general be saved and processed in Sweden, while Taleo data (for recruiting purposes) is saved and processed in Holland.
7. For how long will the data be stored?
a. Your data will only be stored for as long as it is required for the provision of our services or as long as is prescribed according to statutory or legal requirements.
b. We will delete any data we receive from you in the context of our online job application process at the latest five months after entering your job application into our job application database. If you applied for a training position, the duration of storage will be higher due to the lengthy job application and allocation periods, to a maximum of twelve months.
8. Card purchases - how do we protect your data?
a. We have technical and organisational measures in place to protect your data against loss, manipulation or unauthorised access by third parties. We adjust our security measures on a regular basis in accordance with on-going technical developments.
b. For your security, we will encrypt your data, in particular with the SSL (Secure Socket Layer) procedure. This means that the information is passed through a secure connection and that your card details cannot be read by external parties. For card purchases we work with an authorised payment agent that helps us to check directly with your bank that the card is valid for purchases. In addition, we will occasionally require you to identify yourself by way of a user ID and password, before you can use certain services.
9. Where can I turn to find out what data is held?
You have the right to request any and all information we have stored on you at all times. We will not charge you a fee for providing this information. Should your data be incorrect or stored in error, we will be happy to correct, block or delete it. We also request you to inform us of any changes to your data. You can withdraw your consent to us using your personal data for marketing purposes (e.g. sending magazines, newsletters or offers) whenever you like.
Please direct your information requests, questions, complaints or suggestions on data privacy to customerservice@cosstores.com
10. Cookies
A cookie is a small text file sent from a web server to a browser, which the browser sends back to the server whenever it visits the website again. It is saved locally on your computer’s hard drive. We use cookies to optimise COS online to meet your needs as they make navigation easier and more user-friendly. You can select the "do not allow cookies" setting in your browser. You can find the procedure in instructions from your browser's manufacturers. We would like to remind you that if you do not accept the cookies, then the functionalities on COS online and our websites will be extremely limited and some services may not work at all.
11. Links
cosstores.com may contain links to other websites beyond our control. We cannot be held liable for breaches of integrity or content on these websites - we simply provide the links to make it easier for people visiting our site to find more information within specific areas.
12. Copyright
Copyright COS (H&M Hennes & Mauritz AB). All rights reserved. All materials contained within this website are protected by copyright belonging to COS and H&M Hennes & Mauritz AB.
13. How does the online job application procedure work and how do we process the data you provide for it?
Our online job application procedure is managed by our service provider is Taleo.
The job application database will show you a list of open positions within COS per country.
You can enter basic information (forename/surname, address), as well as your job application data (CV, professional training/experience, references and other documents) into the job application database and only those employees responsible for filling the open position will have access to your data. These employees are obligated to observe the relevant applicable data privacy provisions. We will only use your data for the purposes of selecting staff.
In registering your interest/making an application you consent to our processing your personal details in a recruitment process. We will only store your details subsequently with your consent. It is our policy not to request sensitive information from applicants via our website. Therefore do not submit sensitive information (e.g. racial/ethnic origin, political views, religious/philosophical convictions, membership of trade unions, health, sex life) when you register your interest or send your application to us.
To download or preview our Privacy Policy as pdf, click here.
