Your Cart

Privacy policy

P&M Privacy Notice

As at: 01/2023

 

This Privacy Notice gives you an overview of how P&M processes your data. It applies to all websites, apps and other benefits and services offered by P&M.

If you have a question regarding this Privacy Notice or data protection at P&M you can reach out to our Privacy Team by sending an email to info@pandm.fashion. Please also send an email to our Privacy Team if you would like to request data access or data deletion, or in order to exercise other data protection rights provided in Art. 15-22 GDPR, including withdrawal of consent to marketing, opt out from newsletter etc. For more information see the sections Which data protection rights do I have? and Contact.

How you can read these Privacy Notice: We offer you various options for reading this Privacy Notice. Firstly, you can find very basic information in this section. Then we have sorted this Privacy Notice into topics relevant for you and divided it accordingly into individual chapters. If you are already a “pro”, you can jump directly to individual chapters using the dropdown menu below.

 

We have prefixed each chapter with a short overview. This overview briefly summarises the content of the chapter. If you just want a quick high-level overview of all data processing, it is advisable to read the overviews. If you want to familiarise yourself with the details, you can click on “more” under the relevant overview. The full content of the chapter will then be displayed.

We have avoided cross-references wherever possible. That way you get all information coherently explained, regardless of which chapter you are currently reading. If you read this Privacy Notice from start to finish, you may find that parts of the text are repeated. We were unable to avoid a few cross-references. For example, we summarised all country-specific data processing in a single chapter and always refer to this chapter when discussing country-specific data processing.

Which services and offers this Privacy Notice applies to: P&M processes your data in a similar way for most of our services. This Privacy Notice therefore applies to all benefits and services which we offer our European customers. This is true regardless of whether we do this via a website, an app, in transactions, on the phone, at events or via social networks or other channels. For ease of comprehension, we use the term “services” to summarise this “normal case”.

There are, however, also exceptional services where we process your data differently or for particular purposes. This may be due to the nature of a service or country-specific requirements. When we are referring to these cases (that is “deviations from the normal case”), we call them “service-specific” or “country-specific”.

Please note that P&M iOS apps released after 10 June 2021 no longer share any data with third parties for marketing purposes. In case a particular iOS app still offers features that involve data sharing with a third party for marketing purposes, your data will only be shared if you click “agree” on an iOS tracking prompt.

What you will learn in this Privacy Notice:

  • Which data P&M stores.
  • What we do with this data and what it is needed for.
  • Which data protection rights and options you have.
  • Which technologies and data we use to personalise and coordinate our services in order to offer you a secure, simple, seamless and individual shopping experience.
  • Which technologies and data we use for advertising, including the tracking technologies we use.
  1. Which data does P&M process?

P&M offers you a wide range of services, which you can also use in a wide range of ways. Depending on whether you contact us online, by phone or otherwise and on which services you use, various data from different sources may come into play. Much of the data we process is provided by you yourself when you use our services or contact us, for example when you register and provide your name or email address or address. We do, however, also receive technical device and access data which is automatically collected when you interact with our services. This may, for example, be information on which device you are using. We collect further data using our own data analyses (e.g. within the framework of market research studies and customer evaluations). We may also receive data on you from third parties, for example for credit rating agencies and payment service providers.

  1. What does P&M use my data for?

P&M processes your data in accordance with all applicable data protection laws. Of course, we observe the principles of data protection law for the processing of personal data. We therefore generally only process your data for the purposes explained to you in this Privacy Notice or shared when we collect the data. These are mainly purchase processing and the provision, personalisation and development as well as security of our services. We also use your data within the framework of the strict German and European data protection law, but also for other purposes such as product development, scientific research (especially in the areas of machine learning, artificial intelligence and deep learning) and market research, for the optimisation of business processes, the needs-based design of our services and personalised advertising.

In this chapter, we also inform you of the legal basis on which we process data for the individual purposes. Depending on the legal basis for our processing of your data, you may have additional data protection rights alongside your permanent rights such as the right to information. For example, in individual cases you have the right to object to the processing of your data. You can find further information under “Which data protection rights do I have?”.

2.1 Purchase processing and provision of online, local and personalised services

We process your data in the necessary scope to fulfil contracts and to provide and execute further services requested by you, as described in this Privacy Notice. The purposes of the necessary data processing therefore depend on the purpose of the contract agreed with you (including our General Terms and Conditions and any service-specific terms and conditions or terms of use) or services requested by you. The most important purposes are:

  • The provision, personalisation and needs-based design of our services such as the P&M shop and Zalon (including their respective websites, apps and cross-device and cross-platform functions).
  • The provision of local services, e.g. in P&M Outlet Stores and at events and trade fairs.
  • The execution of customer programmes such as P&M Outlet Card and P&M Plus.
  • The execution of purchase agreements and customer service including dispatch and payment processing, claim management as well as the processing of returns, complaints and warranty claims.
  • The provision of messages, reports, newsletters and other direct communication, insofar as these are an integral component of our contractual services or the services requested by you.
  • The guarantee of the general security, operability and stability of our service including defence from attacks.
  • Non-promotional communication with you on technical, security-related and contractually relevant subjects (e.g. fraud warnings, account blocking or contractual changes).
  • The mediation of contracts via our trading and sales platform, perhaps within the framework of the P&M partner programme or P&M Wardrobe.
  • The issuing, redemption, delivery of P&M vouchers.
  • The execution of campaigns and competitions.

The processing of payments for execution of purchase agreements is provided by P&M Payments GmbH. P&M also uses the service of external payment providers for payment processing. You can find information on external payment providers under section Who is my data forwarded to?.

Legal basis: Insofar as the purpose relates to the execution of a contract agreed with you or the provision of a service requested by you, the legal basis is Article 6 (1) b GDPR. Otherwise, the legal basis is Article 6 (1) f GDPR, whereby we may use your personal data for the above purposes if we deem it necessary to do so for our legitimate interests.

2.2 Shopping personalisation

We process your data for the provision of comfortable and useful services which correspond as well as possible to your needs and interests. Because the P&M shop’s range encompasses hundreds of thousands of products and thousands of brands, it is necessary that we present our content and offers in a needs-based manner so that you can find products you are actually interested in. This requires a user-specific evaluation of the relevance of products and content.

To personalise shopping in the P&M shop we use device and access data which we collect for usage analysis. Alongside this, we also use device and access data which we receive from advertising partners while you visit the P&M shop. If you are logged in with your customer account while visiting the P&M shop, we also use profile data, interest data and shopping data to personalise your shopping experience. We refer to this form of shopping personalisation as on-site optimisation. Only such shopping personalisation allows us to present you with suitable search results, product suggestions, style recommendations and other content corresponding to your actual interests. Without such shopping personalisation, as carried out today by many online shops as standard, your search for relevant products would be less convenient and more protracted and the utility of our range for you would be lower. Shopping personalisation does not, of course, prevent you from accessing all content. It does, however, allow you to see content which is more relevant to you more quickly.

Legal basis: The legal basis for the processing of your data for shopping personalisation within the framework of personalised services is Article 6 (1) b GDPR. The legal basis for the processing of your data within the framework of on-site optimisation is Article 6 (1) f GDPR, whereby our legitimate interests are in the above purposes.

2.3 Research, machine learning and artificial intelligence

We process the data collected on our customers for scientific research in the areas relevant to P&M. This includes in particular the research areas of machine learning, artificial intelligence, natural language processing and deep learning. Research at P&M concentrates on solutions to real, everyday online shopping problems and is meant to serve the improvement and development of the existing services range. In this way, for example, we can develop apps which can suggest products targeted to your interests and needs and recognise styles and assign products which correspond to your actual interests.

In doing this, of course, we observe recognised scientific data protection standards. This also means that we only process your data in summarised, anonymised or pseudonymised form for research purposes, for example by replacing all identifiable data such as your name with other values.

Research at P&M includes the following purposes:

  • The development of machine learning procedures allowing estimates, prognoses and analysis of the needs and interests of our users.
  • The development of technical solutions for real customer problems which our specialist departments and fashion manufacturers encounter in day-to-day business (e.g. difficulties in finding suitable products, reducing the probability of bad buys, sizing).
  • The development of technical solutions for optimising business and logistics processes.
  • The development of technical solutions facilitating the improvement and development of shopping personalisation and fraud prevention.
  • The registration of patents and publication of specialist articles.
  • Participation in research communities and academic cooperation partners.

Legal basis: The legal basis for the processing of your data within the framework of the research purposes described above is Article 6 (1) f GDPR, whereby our legitimate interests are in the above purposes.

2.4 Fraud prevention, selection of payment methods and credit checks

Prevention of fraud

In order to combat the risk of data security breaches, data pertaining to users of our services is encrypted in transmission. This applies both to ordering and to registering for a customer account. For this we use the coding system SSL (Secure Socket Layer). Encryption prevents third parties from viewing the data. To provide additional protection from external attacks, we rely on special security technologies which constantly check our systems and identify and report anomalies. We also use technical and organisational measures to secure our systems against loss, destruction, unauthorised access or distribution of customer data by unauthorised persons. In this manner we wish to keep the risk of unauthorised access as low as possible, because protecting your data is our top priority. However, we - like other companies - cannot guarantee absolute protection.

We also use technical and manual procedures for fraud prevention in order to protect us and our users from misuse of data, especially by fraudulent orders. To this end, P&M Payments GmbH summarises and evaluates your device and access data (including IP address, identifiers, user behaviour), shopping data and payment details (including address and other creditworthiness data from external credit agencies) as well as the change history of your profile information (e.g. when your delivery address was last changed) under a pseudonym when executing an order. The record is also compared with your previous usage and order habits. We also compare it to general records from all P&M orders (also from other P&M Group companies) involving confirmed or suspected fraudulent actions. This comparison allows us to identify fraud patterns and to prevent fraud and identity theft by comparing patterns. Sometimes when based on our analysis the likelihood of fraud is very high, we may cancel orders or deactivate accounts in order to minimise the risk of fraudulent orders and protect users whose accounts may have been taken over.

In some countries we offer customers the option to pay for purchases by Invoice. In the event that you select this payment method, P&M Payments GmbH transmits your name and your addresses as provided by you during checkout to external credit agencies. This serves to ensure that you are actually registered and can be reached at the disclosed addresses. P&M Payments GmbH also transmits your name and address to external credit agencies if you have selected to pay by SEPA Direct Debit to prevent payment default risks, for example, due to data misuse. Typical indicators which - usually in combination - may increase the probability of attempted fraud include:

  • Your delivery address was changed shortly before the submission of the order and/or is in a region with increased risk of fraud.
  • Your order is particularly large and/or includes products which are subject to particularly high demand at present and/or are carried out at an unusual time for your region (e.g. at night).
  • The payment methods invoice or direct debit are used for the order.
  • There were suspicious login attempts on your account before the order was submitted, the pattern of which suggests automation.
  • Your customer account is used from a suspicious IP address.
  • Your customer account is used by an unknown or suspicious device.

If our security system suspects attempted fraud or an increased risk of fraud, the relevant procedure will be forwarded to the P&M fraud team for manual investigation. Appropriate preventative measures will be taken in view of the risk of fraud (e.g. temporary blocking of the customer account or restriction of payment methods offered).

These providers collect and process data, with help from cookies and other tracking technology, to establish the end device used by the user as well as further data on the use of the website. There is therefore no assignment to a specific user.

Over the course of the order process on our website, we request a risk assessment for the user's end device from the database of providers. This risk assessment on the likelihood of attempted fraud considers, amongst other things, whether the end device has logged on using different service providers, whether the end device has a geo-reference which frequently changes, how many transactions were affected on the end device and whether a proxy connection is used.

Legal basis: If your data is processed to prevent fraud at your expense, the legal basis is Article 6 (1) b GDPR. This processing of your data otherwise occurs on the basis of Article 6 (1) f GDPR, based on our legitimate interest and that of other users in the identification and prevention of fraud and clarification of criminal offences.

Choice of payment methods

Before we show you the payment methods available for a purchase, P&M Payments GmbH will carry out a risk assessment and include the total costs for an order with P&M. Your previously collected purchase data, payment details, creditworthiness data, data on your previous payment behaviour as well as your profile information (such as surname, first name, delivery and billing address, email address, date of birth) will be used to carry out the risk assessment. The assessment and evaluation will be carried out automatically using statistically justified estimates of the default risk in relation to the payment methods we offer. In the event that payment via Invoice is available in your country and you select payment by Invoice for your items, P&M Payments GmbH shall transmit your data to external credit agencies to receive general information from these on the evaluation of the payment-specific default risks (e.g. on whether your address is plausible and up-to-date) as well as, in individual cases, creditworthiness data, perhaps on open invoices and circumstances directly resulting in a risk of payment default (e.g. insolvency, deferral due to inability to pay). Furthermore, P&M Payments GmbH transmits your data to external credit agencies in order to evaluate payment-specific default risks if you have chosen to pay by SEPA Direct Debit. Which specific creditworthiness data is taken into account in the course of the risk assessment may vary from country to country.

When deciding on the payment types offered, the total costs for the specific payment type for P&M as well as the availability of the payment type in the relevant country are considered. It may be the case that we no longer offer certain payment types, which are associated with higher costs, risks or increased returns for us, to our customers who typically return things at a rate higher than the average (for return rates higher than 70 %, for example) or who place incredibly small orders. The modification of available payment types contributes to lower return rates, which is more sustainable and more economic. At the same time, our customers continue to have the option of using our services, as every customer is offered at least one possible payment type and can then complete the purchase.

The default risk is assessed separately for each payment method in the form of an estimate. If the risk assessment yields a positive result, we can offer all the payment methods we generally offer. Otherwise, we will only offer you particular payment methods. Factors which may influence the availability of a payment method include:

  • The combination of name and address could not be found. This may result from typing errors, moves, marriage or a change of district.
  • You have given a delivery address, packing station or company address differing from the billing address.
  • There are still open claims against you.
  • There have been payment disruptions with particular payment methods in the past.

The risk assessment will not mean that you are not offered any payment method. If you are not in agreement with the payment methods offered, you can inform us of this in writing by letter or email at info@pandm.fashion. We will then check the decision again, taking your viewpoint into account.

Legal basis: The legal basis for processing of your data is Article 6 (1) f GDPR, based on our legitimate interest in avoiding default risks.

Credit check

Along with data already in P&M Payments GmbH’s possession, creditworthiness data from external credit agencies in the form of score values is also used. Score values are statistically justified estimates of the future risk of a person defaulting and are represented as a numerical value, such as a percentage. To this end, P&M Payments GmbH transmits on our behalf the personal data required for a credit check (generally your first and last name, your address and if necessary your date of birth or Social Security Number (in countries where this is required)) to the external agency. Address data may also be taken into account when calculating your score. The credit agency uses the data transmitted by us to correspondingly assess your creditworthiness on the basis of mathematical-statistical procedures.

Depending on the result of the credit check, i.e. whether it is positive or negative, we will show you appropriate payment methods which you can use to continue and complete your purchase. If you are not in agreement with this, you can inform us of this in writing or by email at info@pandm.fashion. We will then check the decision again, taking your viewpoint into account.

Legal basis: The legal basis for the credit check described above is Article 6 (1) b GDPR, because it is necessary for the execution of necessary pre-contractual measures. This processing of your data otherwise occurs on the basis of Article 6 (1) f GDPR, based on our legitimate interest and that of other users in the avoidance of payment defaults, the identification and prevention of fraud and the clarification of criminal offences.

2.5 Transfer of data on outstanding debts to collection service providers

In the event that outstanding invoices are not settled despite repeated reminders, we may transfer the data required to commission a collection service provider to a collection service provider for the purpose of collecting the debt. Alternatively, we may sell the debt to a collection service provider which is then able to file a claim in its own name. You can find information on the agencies charged with collection services in your country under "Country-specific information".

Legal basis: The legal basis for transferring data within the framework of fiduciary collection services is Article 6(1)(b) GDPR; data is transferred within the framework of selling debt on the basis of Article 6(1)(f) GDPR.

2.6 Advertising and market research, data analysis

We use your data, also within the framework of data analysis, for advertising and market research, in particular for the following purposes:

  • Classification into various target and user groups within the framework of market research (user segmentation).
  • Findings on various target groups and their respective usage habits and shopping interests.
  • The production of findings on demography, interests, our users’ shopping and usage habits as well as the marketing on these findings within the framework of advertising services provided to third parties.
  • The early identification of trends in the areas of fashion and online shopping.
  • The execution of advertising to existing customers.
  • The execution of direct marketing, e.g. in the form of newsletters.
  • The planning, execution and success monitoring of advertising corresponding to the interests of the target groups being addressed (personalised advertising).
  • Findings as to how our services are used (usage analysis).
  • The marketing of the above findings within the framework of advertising services for advertising customers.

Depending on the purpose, we use the data we have stored for data analysis. For example, we use summarised (aggregated), statistical, depersonalised (anonymised) profile information or data which can only be assigned to persons via further intermediate steps (pseudonymised profile information) as well as shopping and device and access data in order to understand and analyse purchasing processes using data analysis. This gives us anonymous or pseudonymised findings on our users’ general usage behaviour.

We process your data on the basis of balancing of interests to protect our legitimate interests or those of third parties (such as advertising partners or dealers which participate in P&M’s partner programme). P&M’s legitimate interest or that of third parties in data processing derives from the relevant purposes and is, unless otherwise indicated, of a competitive and economic nature.

Please note that P&M IOS apps released after 10 June 2021 no longer share any data with third parties for marketing purposes. In case a particular IOS app still offers features that involve data sharing with a third party for marketing purposes, your data will only be shared if you click “agree” on an iOS tracking prompt.

Legal basis: If data processing for the above purposes occurs with your consent, the legal basis is Article 6 (1) a GDPR (consent). This data processing data otherwise occurs on the basis of Article 6 (1) f GDPR, whereby the legitimate interests are for the above purposes.

2.7 Product and technology development

We use your data for product and technology development including the development and improvement of personalised services. In doing this we use aggregated, pseudonymised or anonymised data and machine learning algorithms, perhaps from our research, which facilitate estimates, prognoses and analysis in the interests of our users. In this way, for example, we can develop apps which can suggest products targeted to your interests and needs and recognise styles and assign products which correspond to your actual interests. Data is processed in relation to product and technology development particularly for the following purposes:

  • The development and improvement of personalised services and technologies for data analysis, advertising and personalised online shopping.
  • The development of technologies and concepts to improve IT security, prevent fraud and improve data protection e.g. by pseudonymisation, encryption and anonymisation technologies.
  • The development and testing of software solutions for the optimisation of necessary business and logistics processes.

Legal basis: The legal basis for the processing of your data for product and technology development purposes is Article 6 (1) f GDPR, whereby our legitimate interests are in the above purposes.

2.8 Business management and business optimisation

We transmit and process your data where necessary for administrative and logistical processes and to optimise business processes within P&M Group in order to design these in a more efficient and legally secure way and to fulfil our contractual and legal obligations (e.g. retention obligations under commercial and tax law). Many systems and technologies are shared within P&M Group. This allows us to offer a more economical, secure, unified and personalised service. Therefore, various companies within P&M Group have access to your data in so far as this is necessary for the fulfilment of the purposes named in this Privacy Notice.

Data processing for business management and business optimisation also includes, for example, the following purposes:

  • The execution and improvement of customer service.
  • The prevention and clarification of criminal offences.
  • Guaranteeing the security and operability of our IT systems.

Legal basis: The legal basis for the processing of your data for business management and optimisation is Article 6 (1) f GDPR, whereby our legitimate interests are in the above purposes. Where we process your data on the basis of legal specifications, e.g. retention obligations and money laundering tests under tax law, the legal basis is Article 6 (1) c GDPR.

2.9 On the basis of your consent

If you have given us your consent for the processing of personal data, your consent is the primary basis of our data processing. Which of your data we process on the basis of your consent depends on the purpose of your consent. Typical purposes include:

  • Subscription to a newsletter.
  • Participation in surveys and market research studies.
  • The processing of particularly sensitive data, containing e.g. your political opinions, religious or ideological convictions or state of health.
  • The recording of telephone conversations which you have e.g. with our hotline.
  • The transmission of your data to third parties or to a country outside the European Union.
  • Processing of your location data by Google Maps in specific cases, such as offering information on the nearest pick-up points of your order.

2.10 Other purposes

If data protection law allows it, we can use your data for new purposes such as carrying out data analyses and developing our services and content without your consent. It is a prerequisite for this that these new purposes which the data is to be used for were not fixed or foreseeable when the relevant data was collected and the new purposes are compatible with the purposes for which the relevant data was originally collected. For example, new developments in the legal or technical sphere and new business models and services may lead to new processing purposes.

Read less

  1. Personalised services

The development and provision of personalised functionalities and services for you is our top priority. We offer you an individual shopping experience and a range tailored to your individual interests, regardless of location, time and devices used. The processing of your data to personalise our service is therefore an integral part of P&M’s service.

 

  1. Info on websites and apps

We use your data to provide access to the P&M websites and apps. Along with the device and access data collected whenever you use these services, the type of data processed as well as the processing purposes depend especially on how you use the functions and services provided via our services. We also use the data collected when you use our services to find out how our online offering is used. We use this information and other information in the course of shopping personalisation to improve our services and for personalised advertising.

 

  1. Information about Social Media Fan Pages

P&M maintains social media profiles on the social networks of Facebook and Instagram (so-called "fan pages"). We regularly publish and share content, offers and product recommendations on our fan pages. The operators of the social networks record your usage behaviour via cookies and similar technologies upon every interaction on our fan pages or other Facebook or Instagram websites. Fan page operators can view general statistics about the interests and demographic characteristics (e.g. age, gender, region) of fan page visitors. When you use social networks, the nature, scope and purposes of processing social network data are determined primarily by the social network operators.

 

  1. Newsletter

We offer you various newsletter services which include

  • Inspirational content such as updates on brands, trends, offers, sales, categories;
  • Reminders e.g. when an item on your wishlist is reduced in price, if items in your bag are forgotten or if you asked for a size reminder;
  • Surveys which for example seek to find out whether you liked the items you purchased;
  • Personalised recommendations of items we think you might like based on your previous orders and browsing behaviour;
  • Updates from the influencers or brands that you may follow on our site.

If you signed up for newsletters, you will receive some of the newsletter services as described above (depending on the scope of your subscription). There are also service-specific newsletters, which are integral components of a particular service.

For example, you will only receive the Lounge by P&M newsletter if you are a member of the Lounge by P&M shopping club. You will need a Lounge by P&M newsletter so that you can be informed about current short time offers and use the advantages of the shopping club.

 

  1. Individual product recommendations by email and push service

In connection with our services we present information and offerings from P&M on the basis of your interests. You may receive a limited number of individual product recommendations, surveys, as well as product review requests from us regardless of whether you have subscribed to a newsletter. In accordance with legal stipulations, we preferentially use the data on your previous orders, to select individual product recommendations.

 

  1. Vouchers

We use the data submitted when ordering P&M vouchers to check and process the order and to issue and redeem the voucher. This also includes the recording and processing of the data connected to use of the voucher, especially for fraud prevention.

 

  1. How does P&M use my data for advertising?

We and our advertising partners use your data for personalised advertising presented to you in P&M’s services and on other providers’ websites and apps. We and our advertising partners use the prevailing market technologies for this purpose. This allows us to advertise in a more targeted way in order to display as many adverts and offers to you which are actually relevant to you. This allows us to better meet our users’ needs as regards personalisation and discovering new products and to interest you in our service in the long run by providing a more personalised shopping experience.

Please note that P&M IOS apps released after 10 June 2021 no longer share any data with third parties for marketing purposes. In case a particular IOS app still offers features that involve data sharing with a third party for marketing purposes, your data will only be shared if you click “agree” on an iOS tracking prompt.

 

  1. Who is my data forwarded to?

P&M only forwards your data if this is allowed by German or European law. We work particularly closely with certain service providers, for example in the area of customer service (e.g. hotline service providers), with technical service providers (e.g. running computer centres) or with logistics companies (e.g. postal companies such as DHL). These service providers may generally only process your data on our behalf under special conditions. Where we use them to process orders, the service providers only receive access to your data in the scope and for the time period required for provision of the relevant service. If you shop with a P&M partner, we forward particular shopping data regarding you to the P&M partner (e.g. your name and your delivery address), so that the P&M partner can send you the goods ordered.

 

  1. Which data protection rights do I have?

You have the following legal data protection rights under the relevant legal conditions: Right to information (Article 15 GDPR), right to deletion (Article 17 GDPR), right to correction (Article 16 GDPR), right to restriction of processing (Article 18 GDPR), right to data portability (Article 20 GDPR), right to lodge a complaint with a supervisory authority (Article 77 GDPR), right to withdraw consent (Article 7 (3) GDPR) as well as the right to object to particular data processing measures (Article 21 GDPR). If you want to exercise your data protection rights you can reach out to our Privacy Team by sending an email to info@pandm.fashion. For more information see section Contact.

 

  1. When will my data be deleted?

We will store your personal data as long as is necessary for the purposes named in this Privacy Notice, especially for the fulfilment of our contractual and legal obligations. We may also store your personal data for other purposes if or as long as the law allows us store it for particular purposes, including for defence against legal claims.

 

  1. How does P&M protect my data?

We transmit your personal data securely using encryption. This applies to your order and your customer login. We do this using the coding system SSL (Secure Socket Layer). We also use technical and organisational measures to secure our website and other systems against loss, destruction, access, change or dissemination by unauthorised persons.

  1. Changes to this Privacy Notice

Further development of our websites and apps and the implementation of new technologies to improve our service for you may require changes to this privacy notice. We therefore recommend that you re-read this Privacy Notice from time to time.

  1. Contact

You can reach out to our Privacy Team for general questions on privacy and in order to exercise your data protection rights by sending an email to info@pandm.fashion.

 

  1. Service-specific information

Our data processing may differ from service to service. Here you can find out which service-specific deviations apply.

 

  1. 17. Information on cookies

A cookie is a small amount of information that’s downloaded to your computer or device when you visit our Site. We use a number of different cookies, including functional, performance, advertising, and social media or content cookies. Cookies make your browsing experience better by allowing the website to remember your actions and preferences (such as login and region selection). This means you don’t have to re-enter this information each time you return to the site or browse from one page to another. Cookies also provide information on how people use the website, for instance whether it’s their first time visiting or if they are a frequent visitor.

We use the following cookies to optimize your experience on our Site and to provide our services.

 

Cookies Necessary for the Functioning of the Store

Name

Function

Duration

_ab

Used in connection with access to admin.

2y

_secure_session_id

Used in connection with navigation through a storefront.

24h

_shopify_country

Used in connection with checkout.

session

_shopify_m

Used for managing customer privacy settings.

1y

_shopify_tm

Used for managing customer privacy settings.

30min

_shopify_tw

Used for managing customer privacy settings.

2w

_storefront_u

Used to facilitate updating customer account information.

1min

_tracking_consent

Tracking preferences.

1y

c

Used in connection with checkout.

1y

cart

Used in connection with shopping cart.

2w

cart_currency

Used in connection with shopping cart.

2w

cart_sig

Used in connection with checkout.

2w

cart_ts

Used in connection with checkout.

2w

cart_ver

Used in connection with shopping cart.

2w

checkout

Used in connection with checkout.

4w

checkout_token

Used in connection with checkout.

1y

dynamic_checkout_shown_on_cart

Used in connection with checkout.

30min

hide_shopify_pay_for_checkout

Used in connection with checkout.

session

keep_alive

Used in connection with buyer localization.

2w

master_device_id

Used in connection with merchant login.

2y

previous_step

Used in connection with checkout.

1y

remember_me

Used in connection with checkout.

1y

secure_customer_sig

Used in connection with customer login.

20y

shopify_pay

Used in connection with checkout.

1y

shopify_pay_redirect

Used in connection with checkout.

30 minutes, 3w or 1y depending on value

storefront_digest

Used in connection with customer login.

2y

tracked_start_checkout

Used in connection with checkout.

1y

checkout_one_experiment

Used in connection with checkout.

session

checkout_session_lookup

Used in connection with checkout.

3w

checkout_session_token_<<token>>

Used in connection with checkout.

3w

identity-state

Used in connection with customer authentication.

24h

identity-state-<<token>>

Used in connection with customer authentication.

24h

identity_customer_account_number

Used in connection with customer authentication.

12w

Reporting and Analytics

Name

Function

Duration

_landing_page

Track landing pages.

2w

_orig_referrer

Track landing pages.

2w

_s

Shopify analytics.

30min

_shopify_d

Shopify analytics.

session

_shopify_s

Shopify analytics.

30min

_shopify_sa_p

Shopify analytics relating to marketing & referrals.

30min

_shopify_sa_t

Shopify analytics relating to marketing & referrals.

30min

_shopify_y

Shopify analytics.

1y

_y

Shopify analytics.

1y

_shopify_evids

Shopify analytics.

session

_shopify_ga

Shopify and Google Analytics.

session

customer_auth_provider

Shopify analytics.

session

customer_auth_session_created_at

Shopify analytics.

session

[INSERT OTHER COOKIES OR TRACKING TECHNOLOGIES THAT YOU USE]

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

Most browsers automatically accept cookies, but you can choose whether or not to accept cookies through your browser controls, often found in your browser’s “Tools” or “Preferences” menu. For more information on how to modify your browser settings or how to block, manage or filter cookies can be found in your browser’s help file or through such sites as: www.allaboutcookies.org.

Additionally, please note that blocking cookies may not completely prevent how we share information with third parties such as our advertising partners. To exercise your rights or opt-out of certain uses of your information by these parties, please follow the instructions in the “Behavioural Advertising” section above.

 

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.