How can we help?

INTRODUCTION

We are committed to respecting the privacy of our customers and prospects.

This privacy policy (the "Policy") explains how we collect and process your personal data.

This Policy also informs you of the categories of personal data we collect, how we use it and the rights you have to control how we use it.

As our business is constantly evolving, our Policy may be modified accordingly. We encourage you to check regularly for any changes. Any changes to this Policy will be posted on our sites and the date at the bottom of the Policy will be updated to reflect the date of the last revision.

This Policy applies to all Uniqlo customers and prospective customers. If you are browsing one of our websites, we will consider you a prospect customer. This Policy does not apply to you if you are an Uniqlo employee or contractor, or if you are a candidate applying to a position with us.

In this Policy, capitalized terms have the following meanings:

• "Data" means your personal data within the meaning of the GDPR. Personal data is information relating to a natural person who is identified or can be identified, directly or indirectly, by reference to an identification number or to one or more elements that are specific to that person.
• "Controller" means the entity that determines the purposes and means of a processing within the meaning of the GDPR.
• "GDPR" refers to the General Data Protection Regulation (Regulation (EU) 2016/679 of April 27, 2016).

2. WHO IS THE DATA CONTROLLER?

The terms "Data Controller", "we", "us" or "our" used in this Policy refer to UNIQLO EUROPE LTD, a company registered with the Companies House under number 4845064, represented by Mr. Taku MORIKAWA, in his capacity as Director and whose registered office is located at 103-113 Regent Street, London, United Kingdom, W1B 4HL.

UNIQLO EUROPE LTD is part of the FAST RETAILING CO., LTD. (the "Group").

UNIQLO EUROPE LTD manages the stores, websites, and mobile applications for the Uniqlo brand and acts as the Data Controller.

3. HOW TO CONTACT THE DATA PROTECTION OFFICER?

Our Data Protection Officer (the "DPO") ensures that your Data is processed in compliance with the law.

You can contact them by:

• Email dpo_eu@fastretailing.com
• post to UNIQLO EUROPE LTD Data Protection Officer, 151, Rue Saint-Honoré - 75001 Paris France

4. WHEN DO WE COLLECT YOUR DATA?

We may collect your Data from the following sources:

• Our websites and mobile applications: the online websites and mobile applications we operate under our own domain names/URLs and the mini-sites/pages/accounts we have created on third-party social networks such as Facebook. This includes data collected via cookies (more on this in Section 10 of this Policy).
• On-site:when you visit any of our stores and, for example, make a purchase.
• Calls, emails, SMS, instant messaging and other electronic messages exchanged directly with you: for example, communications between you and our customer service department may be analyzed to provide you with the best possible experience.
• Our collection forms: online or offline collection forms through which we collect your Data by mail, during in-store events or as part of other events.
• Your interactions with our advertisements: interactions with our brands' banner ads (for example, if you interact with one of our banner ads on a third-party site, we may receive information about that interaction).
• Profiles we create about you: duringour interactions with you, we may create Data associated with your person (for example, tracking your online purchases on one of our websites).
• Data we collect via third parties: we may collect certain Data via social networks (e.g., Facebook), advertising networks (e.g., Google), messaging applications (e.g., WhatsApp), market research (when responses are not anonymized), or when we acquire a company.

5. WHAT DATA DO WE COLLECT AND HOW?

Depending on how you interact and communicate with us (online, offline, by telephone, etc.), we may collect the following Data:

• Identification data: this includes any data we process to identify you. For example, your name, customer number, CCTV video images
• Contact information: this includes any information you give us so that we can contact you. For example, your email address, telephone number, billing, or delivery address.
• Information about your tastes and preferences: this includes, for example, your age, your opinions, your favorite products. This includes cookie-gathered data.
• Financial data: this includes your purchase history, means of payment, etc.
• Technical data: this includes information relating to your digital activities. For example, IP address, browsing activity, geolocation, account log-in data, and technical information relating to your computer/mobile device.

In the case of data collected directly from you, we mark all mandatory information on our forms with an asterisk.

As part of our day-to-day business activities, we do not collect or process any Sensitive or Special Category Data within the meaning of the GDPR (for example, Health Data) or Data of minors.

6. FOR WHAT PURPOSES DO WE PROCESS YOUR DATA, ON WHAT LEGAL BASIS AND FOR HOW LONG DO WE KEEP IT?

You will find below a list of the purposes for which the data is processed and for each of them: 

• A clear description of the operations we carry out.
• The legal basis on which they are based.
• The categories of Data processed for each purpose.
• The categories of recipients who may have access to your Data.
• The duration of data retention for each of these purposes.

6.1 CREATION AND MANAGEMENT OF YOUR ACCOUNT

6.1.1 Customer account

7. WILL YOUR DATA BE SHARED WITH THIRD PARTIES?

Customer information is important to us and privacy is a primary concern, so we refuse to share your Data with third parties, except for the limited reasons specified below. 

We may share your Data with various categories of third parties:

• Data Sharing within the Group: Where we share Data with our parent company or other entities within our Group, they have adopted privacy policies and practices that provide a level of protection at least equivalent to that described in this Policy. Such sharing is mainly carried out for the purposes of creating anonymized statistics or to meet applicable legal and accounting obligations.
• Service providers: these are external companies that we use to help us carry out our activities. The categories of service providers who may have access to your Data are listed, for each of the purposes pursued by the Data Controller, in section 6 of the Policy. These service providers, and certain members of their staff, are authorized to process only the Data required for the specific tasks for which they have been contracted, in accordance with our instructions, and are required to ensure the security and confidentiality of your Data.
• Third-party companies using your Data for their own marketing purposes: we may share with Meta, Google and other partners certain Data concerning your interactions with our websites and mobile applications. This type of sharing enables us to measure the effectiveness of our advertising campaigns and to improve our practices.
• Third party recipients using Data for legal reasons or due to a merger/acquisition: we will disclose your Data to third parties where required by law or in connection with an acquisition or merger. In the event that we sell or transfer all or part of our business or assets to another company within or outside theGroup, or in the event that any other business transaction is implemented as a result of corporate restructurings, we may disclose your Data to the acquirer of such business or assets. In this case, we believe that we have a legitimate interest in the reorganization of our corporate structure.

8. WILL YOUR DATA BE TRANSFERRED OUTSIDE OF THE EUROPEAN ECONOMIC AREA?

Your Data may be transferred to companies located in countries outside the European Union. In such cases, and prior to any transfer, we ensure that we comply with the guarantees required to ensure the security of such transfers. 

This Data may also be processed by third parties working on our behalf, such as our service providers, who may be located outside of the EEA. 

These third parties may be involved in fulfilling your order, processing your payment details and providing support services. 

Data may be transferred to Japan, the United Kingdom, the United States, and the Philippines.

For transfers of data to Japan, the United Kingdom, and the United States (to companies participating in the EU-US Data Privacy Framework - DPF), we rely on the adequacy decisions issued by the European Commission. 

When transferring data to third parties located in the Philippines and the United States (to companies not participating in the DPF), we ensure that these third parties adopt the required organizational, technical and security measures and we require them to sign contracts based on the European Commission's model clauses, in accordance with Article 46.2 of the GDPR. If you would like a copy of any of these contracts, please contact us using the contact details in sections 2 or 3 of this privacy policy.

 9. WHAT ARE YOUR RIGHTS REGARDING YOUR DATA?

9.1 Your rights

In accordance with the applicable legislation, you are entitled to:

• Right of access: you can obtain communication of all the Data concerning you that we process.
• Right of rectification: you may request to rectify inaccurate Data that we process concerning you.
• Right of deletion: you may request to delete the Data we process concerning you. However, some of your Data will be retained in order to meet our legal obligations or to defend our legal rights. If we have to abide by retention obligations, your Data might not be deleted completely, but the processing restricted.
• Right to object: you may object to the processing of your Data based on our legitimate interests. However, you must justify "reasons relating to your particular situation" in order to exercise this right, except in the case of commercial prospecting. 
• Right to portability: you may receive Data concerning you in a structured, commonly used and machine-readable format, and transmit this Data to another data controller without us being able to object, where the processing is based on your consent or on a contract and is carried out using automated processes. You also have the right to have your Data transmitted directly to another data controller, where this is technically possible.
• The right not to be subject to a decision based exclusively on automated processing, including profiling, which produces legal effects concerning you or significantly affects you (unless such decision is necessary for the conclusion or performance of a contract between us and you or is based on your explicit consent).
• The right to lodge a complaint with a supervisory authority if you consider that our practices relating to your Data do not comply with the applicable regulations. 
• Right to formulate post-mortem directives: If you reside in France, you may formulate specific and general post-mortem directives concerning the retention, deletion and communication of your Data. In the absence of such instructions, your heirs may contact us in order to (i) gain access to the processing of your Data for the purpose of "organizing and settling the estate of the deceased" and/or (ii) have your customer account closed and/or object to the continued processing of your Data.
• <
• Right to restriction: you have the right to ask an organization to temporarily freeze the use of some of your Data, in particular while your request to exercise another right is being examined. 
• Right to withdraw your consent: You have the right to revoke your voluntarily granted consent at any time with effect for the future. Please note that the data processing carried out up to that point remains lawful until the time of revocation.

9.2 Exercising your rights

We may ask you to provide additional information necessary to confirm your identity in order to exercise your rights.

You can exercise your rights by emailing dpo_eu@fastretailing.co or by writing to UNIQLO, Data Protection Officer,151, Rue Saint-Honoré- 75001 Paris France.

A reply will be sent to you within 1 month of receipt of the request.

To exercise your rights, you must prove your identity by any means. In case of reasonable doubt, you may be asked to show proof of identity.

Through your online account, you can:

• Modify or access your Data
• Withdraw your consent or object to receiving commercial prospecting
• Request deletion of your account

10. DO WE USE COOKIES OR SIMILAR TECHNOLOGIES?

10.1 What is a cookie?

A cookie is a small text file placed on your device by the websites you visit. They are widely used to make websites function more efficiently. Some of these cookies are necessary for the site to function properly. Others are used to identify you and, depending on your browsing habits, to help our teams improve the site.

A cookie cannot give access to information about you that you do not wish to share. A cookie has a limited lifespan and is deleted by your browser once it has expired. Only the company depositing the cookie is likely to read or modify the information contained in it.

10.2 Purpose and type of cookies

10.2.1 Strictly necessary cookies

These are technical cookies that are necessary for the proper functioning of our website and all the features it offers. They are responsible for storing products in your shopping cart, displaying products in your wish list, controlling the purchase process, integrating security features, enabling billing, and saving your privacy settings. Your consent is not required for the use of strictly necessary cookies on our website. For this reason, technical cookies cannot be disabled or enabled individually.

The legal basis for this data processing is Article 6(1)(f) of the GDPR (legitimate interest).

 
10.2.2 Functional cookies

Functional cookies enable us to tailor our website to the needs and interests of our customers and thus offer you a special shopping experience. Through the use of functional cookies, we can prevent you from receiving unwanted information such as inappropriate product recommendations or offers of benefits that you cannot use. In addition, the use of functional cookies allows us to offer you additional features, such as product recommendations tailored to your needs.

The legal basis for this data processing is Article 6(1)(a) of the GDPR (consent).

10.2.3 Performance cookies

Performance cookies enable us to measure the performance of our website and advertising campaigns. With their help, we determine the number of visits and the origin of visits to our website. We process the data collected in aggregated form, so that it is not possible to draw conclusions about a specific user of the website. If you disable the use of performance cookies, we will not be able to analyse the performance of our website and optimize it for your visit.

The legal basis for this data processing is Article 6(1)(a) of the GDPR (consent).

10.2.4 Targeting cookies

Targeting cookies are used by us or our partners to show you relevant content or advertisements on our websites and those of third parties. This allows pseudonymous profiles to be created based on your interests. Direct identification of you as an individual is generally not possible with this information, as only pseudonymous information is used. If you do not allow these cookies, you will receive less relevant content and advertising that is not tailored to your interests.

The legal basis for this data processing is Article 6(1)(a) of the GDPR (consent).

10.3 Cookie-related responsibilities

10.3.1 First-party cookies

We are responsible for the cookies we use on our sites.

10.3.2 Cookies issued by third-party companies (third-party cookies)

The issue and use of cookies by third parties on our sites (e.g. Google) are subject to the privacy protection policies of these third parties. These cookies are not essential for site navigation. The site integrates the technologies of advertising partners which enable the recognition of your connection terminal and the data relating to your navigation on your connection terminal in order to display advertisements adapted to your centers of interest according to your navigation.

10.4 Manage cookies

The cookies we install on your device enable us to recognize your browser when you connect to our sites and applications.

You can use our cookie management tool, which can be accessed from the cookies banner that appears when you first log on to our site and which can also be accessed from the footer of our website.

You can refuse third-party cookies by making the appropriate settings in your browser. Any such settings may affect your Internet browsing experience and your access to certain services requiring the use of cookies.

You can configure your browser so that cookies are stored on your device or, conversely, so that they are rejected, either systematically or depending on the sender.

You can also configure your browser so that you are prompted to accept or reject cookies before a cookie is stored on your device.

If your browser is configured to reject all cookies, you will not take advantage of certain features of our sites and applications, such as receiving personalized recommendations. The configuration of each browser is different. It is described in your browser's help menu, which will tell you how to modify your cookie settings. 

For more information on how to delete or control cookies, please visit http://www.aboutcookies.org.

11. HOW DO WE SECURE YOUR DATA?

While we take all necessary measures to protect your Data, it is impossible to guarantee the security of transmissions via the Internet. If you are using a device in a public place, we recommend that, for your own safety, you always log out and close your browser window after finishing a session. 

We have implemented and maintained appropriate technical and organisational measures to protect your personal data against accidental or unawful destruction, loss or alteration or unauthorised disclosure or access. 

Only authorised personnel and third-party service providers have access to personal data on a need-to-know basis, and these employees and service providers are contractually required to treat this information as confidential.

11.1 Password recommendations

We also recommend that you take the following security measures to improve your Internet security:

• Keep your passwords confidential. Remember that anyone who knows your password can access your account.
• When creating a password, use at least 8 characters, preferably a mixture of letters and numbers. Do not use your name, email address, or other easily obtainable data. We also recommend that you change your password frequently. To do so, go to 'My Account', then click on 'Change name, e-mail or password'.
• Avoid using the same password for several Internet accounts.

11.2 Recommendations on the use of links to third-party sites

Some links on our sites and applications may take you to websites operated by third-party companies. We never share your Data with these third parties.

Links to third-party sites appearing on our sites and applications are provided for information purposes only. We do not control these sites or their privacy practices, which may differ from ours. We cannot be held responsible for the Data that third parties may collect, store and use via their websites. We invite you to always carefully read the privacy policy of any website you visit.

11.3 Email scam recommendations 

We will never ask you to confirm your account or credit card details by email. If you receive an email purporting to be from us or another Fast Retailing Group company requesting such information, please ignore it and do not respond.

12. DO WE USE PROFILING? 

Profiling is the creation of an individualized profile based on an individual's data, with the aim of evaluating that person and predicting his or her behavior, such as preferences, lifestyle habits and so on.

This profiling is based on the analysis of different variables such as the type of products or services ordered and your profile.

Please refer to section 9 of the Policy for details of your rights regarding profiling.

We process your Data in order to create profiles in the following cases:

12.1 Fighting fraud

In order to guarantee you optimum quality of service and secure payments and deliveries, your Data may be processed to determine the level of fraud risk associated with our interactions. We have chosen ADYEN to carry out this Data analysis on a fully automated basis.

The Data concerned relates to the setting up of the contract (products, personal and bank details) and to the use of our sites and applications (pages visited and browsing), combined with certain anonymous data relating to the terminal used for browsing (such as screen resolution or operating system version) which can be used to identify your terminal reliably on successive visits and enable analysis of the risk of fraud.

Depending on the results of the control, we may decide to take security measures and, if the security of the order cannot be guaranteed, we may choose to cancel it.

12.2 Personalized advertising

After browsing our sites and applications, personalized advertising banners may be displayed when you visit other websites. We are committed to providing you with offers that are relevant to you. Thus, the advertising banners displayed will relate to products that have been consulted while browsing our sites and applications from your device. The aim of the service is to offer personalized advertising displaying products or services based on the recent behavior of Internet users on the sites and applications of its partners. To achieve this, our service providers use cookies to recognize web users.

If you have agreed tous contacting you for marketing purposes, we may send you emails and other communications about goods and services that may be of interest to you. To do this, we study our customers' online and in-store purchasing habits and browsing behavior. In this way, we can send personalized commercial communications or communications related to certain dates (newsletter registration, customer account creation, customer birthday, etc.).

23/05/2025

Validated by the Data Protection Officer