Privacy Policy

We are Goyard UK Ltd, a company registered in England and Wales under company no. 66585748 and having a registered office at Elsley Court, 20-22 Great Titchfield Street, London, United Kingdom, W1W 8BE (“we”, “our”, “us”). We are the publisher of the website accessible at https://www.goyard.com ("the Website").

At Goyard, we take the privacy and security of your personal data very seriously. This policy explains what personal data we collect about you, why we need it, how we use it and the rights you have regarding it.

We are the controller of your personal data. This means that we are responsible for what happens to any data you send to us, and we are subject to certain legal obligations about how we store it, who we send it to and what we can lawfully do with it. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using the details set out below: rgpd@goyard.com 

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where any identifying markers have been removed.

In the context of the processing of personal data, Goyard collects and processes the following categories of data about you:

• Customer identification data (surname, first name, age, gender, nationality, passport number);
• Contact data (telephone number, postal address and email);
• Geographical area (city, country);
• Order customization file and associated message;
• Browsing data of customers and prospects (IP address, type of equipment, etc.);
• The history of past orders (purchase counter, date of purchase, name of buyer if different, order number, purchase history);
• Payment data in figures;
• A log of any contact you have had with us (by email or via online chat);
• Certain marketing and logistical information (orders, sales, after sales service etc.), sales reports, complaints and information requests, email campaigns;
• Video surveillance data for our physical sales;
• Application data (CV and cover letter) where you have applied for a job with us.

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to purchase a product, you will need to provide us with your name and contact details).

In principle, we collect all personal data processed directly from you when you contact us through our website or purchase a product in a shop. We will collect technical data from your browser when you visit our Website.

We endeavour to ensure that the personal data we hold is accurate at all times. We therefore encourage you to update your data should any changes occur. We may also ask you to update your data from time to time.

4.1. The purposes of our processing

The processing that we carry out is for the following purposes:

• Management and follow-up of enquiries made by customers or prospects and the responses to them;
• Remote and in-store sales management;
• Customer quality management involving a rating;
• Management and follow-up of orders and deliveries;
• Payment management;
• Management and follow-up of the after-sales service;
• Management and monitoring of product guarantees;
• Communication management, Gazette & Newsletter (newsletter registration and commercial prospecting if you sign up);
• Compliance with legal obligations, particularly in terms of accounting;
• Management and follow-up of applications.

4.2. The legal bases on which we process your personal data

We only process your personal data if at least one of the following conditions is met:

• your consent to the processing operations has been obtained;
• We have a legitimate interest in processing your personal data (or a third party has such an interest), which is not overridden by your own interest and to which you do not object;
• the performance of a contract between us and you which requires us to carry out the processing of personal data concerned;
• we are bound by legal and regulatory obligations that require the processing of personal data.

We do not share the personal data we collect about you with any third party, unless we are required to do so by law.

Only the following categories of persons may be given access to your personal data:

• Authorised Goyard staff members;
• the competent authorities or courts;
• Goyard’s parent company or other Goyard subsidiaries; 
• Goyard's service providers and subcontractors, only to the extent that they need to access your personal data to perform their activities (e.g. our IT service providers).

We ensure that only authorised persons have access to your personal data. Goyard has a strict security policy which ensures that the data it processes is only passed on to those who need to access it. Where your personal data is transferred in this way, we ensure that the recipient is subject to appropriate duties of security and confidentiality.

All of our primary subcontractors are located within the European Union. For this reason, we will need to transfer your personal data outside of the United Kingdom. Sending personal data from the UK to any country in the European Economic Area (“EEA”) is lawful under current law. If this changes, we will make other arrangements to ensure that your personal data is kept always transferred securely and lawfully.

Goyard Group companies are located throughout the world. As a result, your personal data may be transferred outside of the United Kingdom and the EEA. This includes transfers to countries where the law does not provide sufficient protection for personal data according to the European Commission or the UK Information Commissioner’s Office.

In order to ensure the lawfulness of data transfers in such situations, the Goyard Group has put in place Standard Contractual Clauses (the "SCCs") to enable Goyard Group companies to transfer personal data from the UK, through the EEA and on to other Goyard Group companies located outside the EEA in accordance with European data protection law. For more information on the SCCs we have signed, please contact us at rgpd@goyard.com.

We keep the personal data of our customers only as long as absolutely necessary in order to manage our commercial relationship with those customers, and to send them any marketing information which we can lawfully send to them.

Our retention policy is available on request.

Under certain circumstances, you have rights under data protection law in relation to your personal data. You have the right to:

• Request access to the personal data we hold about you;
• Request corrections to any of the personal data we hold, if it is inaccurate;
• Ask us to erase your personal data;
• Object to the way in which we process your personal data; or
• Request transfer of your personal data in a commonly-used file format.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. If you wish to exercise any of the rights set out above, please contact us. We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.

You have the right to make a complaint at any time to the Information Commissioner's Office (“ICO”), the UK regulator for data protection issues. Details of how to do this can be found on their website, which you can access by clicking here. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Update date : 10/04/2023