Sizefox | Privacy policy
Updated March 9, 2021
Welcome to Sizefox!
We are a part of Fit Analytics GmbH, a German software company based in Berlin and Chicago supporting partners across the globe to deliver sizing recommendations to millions of shoppers worldwide by using the power of machine learning.
Fit Analytics GmbH, located at Frankfurter Allee 77, 10247 Berlin, Germany, is the operator of the website http://www.sizefox.com and http://www.fitanalytics.com. We are also responsible for the application of the same name and for the solution providing size recommendations and fit prediction services for online shoppers in our partner’s online shops (“Sizefox” and “Fit Finder” / “Size Advisor”). When visiting the website of “Sizefox” (in the following referred to as “Sizefox”, “we” or “us”) or whenever you use our services and tools, you’ll automatically share some information with us.
The data and information we collect can be divided into two categories:
• Information you provide to us and
• Information we get when you use our tools and services.
We consider the protection of your data very important and focus on proper handling of your personal data. All data will be collected, used and shared solely within the statutory provisions of the applicable data protection laws. In the following, we will state and explain what data we collect, how it is handled by us, and the rights granted to you regarding our use of your data.
Information We Collect
When you use our website or get in contact with us by using our contact form, we are responsible for the collection, processing, and use of the personal data you provide to us in terms of the German Federal Data Protection Act (Bundesdatenschutzgesetz / BDSG), the German Teleservices Act (Telemediengesetz / TMG), and the General Data Protection Regulation from the European Union (Datenschutzgrundverordnung / GDPR). In addition to this, we also make sure to comply with the rights specifically granted to users in California, the United Kingdom, and Brazil.
Web Analysis Services
For purposes of need-based design and continuous optimization of our pages, we collect and use two types of cookies: essential and analytics cookies. You can choose which kind of cookies you want to accept on your device upon entering our website for the first time, and you are free to change your cookie settings at any time.
Essential cookies are needed for you to browse the website and use its features, so they can not be turned off. These cookies are set out based on our legitimate interest (Art. 6 I lit. (f) GDPR) to own and run a fully functional website. On the other hand, analytics cookies are optional cookies. They are needed to continuously improve our services. These cookies are provided by web analysis services (“Google Analytics” and “Hubspot”). If you consent to these cookies, they are placed on your device based on this consent (Art. 6 I lit. (a) GDPR).
In the context of analytics cookies, pseudonymized user profiles are created and cookies are used. The cookie-created information on your use of our website such as
• Browser type and version,
• Operating system,
• Referrer URL (previously visited page),
• Host name of the accessing computer, and
• Time of server request
is forwarded to and stored on servers located within the European Union. The information is used to analyze the use of the website, to compile reports on website activities, and to perform further services connected with website use and Internet use for purposes of market research and need-based design of these Internet pages. Such information will also be forwarded to third parties if this is required by law or such information is processed by such third party by order.
In no case will the IP address be combined with other data corresponding to the customer. The IP addresses will be anonymized so that allocation is not possible (IP masking).
You may prevent installation of cookies by making the corresponding settings in the browser software; however, we expressly point out that this will prevent comprehensive use of all functions of this website. You may object to creation of user profiles at any time. The contact data can be used for notification of objection. As an alternative, please check this Google Analytics Opt-out Browser Add-on.
All data collected in this way will be automatically deleted as soon as no processing purpose is left and thus saving the data is not needed anymore.
Collection of personal data when visiting our website
• IP address of the requesting computer (shortened/hashed)
• Date and time of access
• Name and URL of retrieved file
• Website from which the access originated
• Operating system of your computer and your browser
• Name of your Internet access provider
Collection of personal data when submitting through the contact form
• Personal identification and employment information (first name, last name, job title, country, company, phone number, work email, website, annual sales)
• Correspondence message / communication
Personal data for marketing
Collection of personal data when using our Web Application
• Gender
- • Height
- • Weight
- • Age
- • Reference clothing item or brand (optional)
- • Bra Size (for women only)
- • Body Shape
- • Fit Preference
- • In addition, your previous purchases with the Store may be accessed to provide sizing assistance after entering your basic data.
Information We Share
Receivers and processors of personal data
The following list outlines data collection and data processing providers that are used by Fit Analytics.
| Provider | Tool/Application | Information on Provider Privacy | Purpose |
|---|---|---|---|
| Amazon Web Services, Inc., 41 Terry Avenue, North Seattle, WA 98109, USA | aws.amazon.com | AWS Privacy Policy | Cloud Computing |
| Google, Inc. 600 Amphitheatre Parkway, Mountain View, CA 94043, USA | Google Analytics | Google Privacy Policies Google Analytics' data practices | Web analytics Data hosting |
| HubSpot, Inc. 25 First Street, 2nd Floor Cambridge, MA 02141, USA | Hubspot | Hubspot Privacy Policy | Web analytics |
| LinkedIn Corporation 2029 Stierlin Court Mountain View, CA 94043, USA | LinkedIn Privacy Policy | Social plug-in, Customer Relationship | |
| Redis Labs Ltd., Tower 42, 25 Old Broad St., London, EC2N 1HN, United Kingdom | Redis Database | redis.io | Cloud Database |
| Zenleads Inc., 535 Mission Street, Suite #1100, San Francisco, California 94105, USA | Apollo.io Engagement Platform | Apollo.io Privacy | Prospecting Potential Clients |
In addition to this, personal data might be shared with our affiliates. We may also share personal data for legal, safety, and security reasons. This will only take place if we reasonably believe that disclosing the information is needed to comply with any valid legal process, governmental request, or applicable law, rule, or regulation.
Receivers and processors of personal data
The following list outlines data collection and data processing providers that are used by Fit Analytics.
Data Transfer
Data processing thus might include transfer of data to a third country or international organization within the scope of Art. 13 1 lit (f) GDPR. Since the Privacy Shield was deemed illegitimate by the EuGH in July 2020, Fit Analytics made sure to include standard contract clauses within its contracts with providers residing in third countries or with international organizations.
Correction
Upon your request, we will correct or update your personal information. You can make these requests by emailing [email protected]
Opt-out
At any time, you can opt-out of receiving offerings-related, promotions-related and inquiry response-related messages from Fit Analytics. If you choose to do so, Fit Analytics will delete all your personal data collected so far. From this point onwards you will no longer receive any further information on products and services. Also, If you prefer not to use our services, please follow this link to opt out of Fit Analytics: Remove Fit Analytics from my browser.
Cookies
Cookies simplify a variety of processes, one of which is to make your visit to the website easier, more pleasant, and more meaningful. Cookies are alphanumeric information files that are automatically stored by your browser on the hard drive of your computer when visiting our internet page or our blog. If you would like to opt out of the cookies we use on any of our websites you may do so by changing your preferences here or by blocking, deleting, or disabling them as your browser or device permits.
Cookies will neither damage your computer’s hard drive nor forward personal data to us when enabling them. For example, we will use cookies to be able to identify you as a customer without making it necessary for you to log in again. The use of cookies does not mean that we receive new personal data from your online visit. Most internet browsers automatically accept cookies. However, you may also configure your computer in such a way that no cookies are stored on your computer or that a note is displayed every time you receive a new cookie.
Deactivation of cookies may also deactivate some functions of our website. The anonymous and encrypted data gathered by cookies is not intended for gathering personal data. Furthermore, the data collected from cookies will not be passed to third parties. The following cookies are used on our website, widget and blog:
| Name | Provider | Domain | Purpose | Duration |
|---|---|---|---|---|
| Essential | ||||
| _cfuid | Cloudflare | cloudflare.com | Server Protection, Intrusion Detection and Performance Optimization | 1 month |
| Preference | ||||
| _gid | This cookie is installed by Google Analytics, and it is used to store information of how visitors use a website | This cookie is installed by Google Analytics, and it is used to store information of how visitors use a website | 1 day | |
| cookielawinfo-checkbox-necessary | blog: store the user consent for the cookies in the category "Necessary" | 11 months | ||
| fita.config | Fit Analytics | fitanalytics.com | storing the user’s local configuration in order to remember the user’s opt-out preference | |
| fita.sid | Fit Analytics | fitanalytics.com | Copy of the connect.sid, but with the domain name set to our partner shop’s domain name (e.g.thenorthface.com); the full name of this cookie depends on the respective partner shop (e.g. fita.sid.tnf for thenorthface.com or fita.sid.asos for asos.com) | |
| viewed_cookie_policy | blog: used to store whether or not a user has consented to the use of cookies | 1 hour | ||
| Performance | ||||
| _gat_UA-87259869-1 | google.com | This cookie is installed by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites. | 1 minute | |
| cookielawinfo-checkbox-performance | blog: store the user consent for the cookies in the category "Performance" | |||
| Marketing | ||||
| IDE | google.com | Show Google ads on non-Google sites. | 13 months in the EEA, Switzerland, and the UK and 24 months everywhere else | |
| hubspotutk | Hubspot | hubspot.com | This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts. | 13 months |
| _hssrc | Hubspot | hubspot.com | Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. | End of session |
| _hstc | Hubspot | hubspot.com | These cookies are used to store information about how visitors use the site and to gather requests from the forms on the website. | 13 months |
| _hssc | Hubspot | hubspot.com | These cookies are used to store information about sessions of visitors in the site. | 30 minutes |
Fit Analytics Blog
Our Blog is one way to keep you updated about the latest developments in the market, our contribution or our technology. To create the Blog we are using WordPress. For any cookies placed WordPress, please refer to their specific GDPR notice in this regard.
How We Use Information
Usage of personal data from our website
Similar to most of the online services, our website uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function properly, and they do not collect any of your personally identifiable information. The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping the site and our services secure and all in all providing you with a better and improved experience and help speed up your future interactions with our website. For additional information, please refer to the Web Analysis Services from above.
Usage of personal data from our application
Fit Analytics uses all data derived from the application solely for the following purposes:
- Recommendation of clothing sizes in real-time.
- Providing fit prediction services in our partners’ online shops.
- Optimizing the overall quality of our recommendation mechanisms.
All data received this way is processed anonymously and we never collect or process any personally identifiable information (e.g. real name, address details, payment information).
IP Addresses sent to our servers by standard backend processes are hashed and truncated immediately after receipt in a non-reversible way. All data derived from our application is stored on servers and databases located inside the European Union or in the country of origin of the end user.
No data from this category is transferred outside of the European Union. All data is automatically deleted after a certain retention period.
Special country information
Users in the European Union and the United Kingdom
If you are a user in the European Union or the United Kingdom, please be aware that Fit Analytics is the controller of your personal data collected by using our website or contact form, but not the controller of your personal data when using our application(s) implemented in a webshop you used. In this case, Fit Analytics acts as a data processor on behalf of the respective store.
For personal data where Fit Analytics is the data controller you can exercise your rights of access, erasure, rectification, restriction of processing, and portability of your data from us by getting in touch with us by email ([email protected]). Furthermore, you can exercise your right to lodge a complaint with your supervisory authority.
As a user in the European Union or the United Kingdom we are only allowed to use your personal data on the basis of the legal framework set by GDPR and the UK GDPR. Fit Analytics typically relies on one or more of the following bases for this:
• Contract: we are using your information because you entered into an agreement with us.
• Contract: we are using your information because your company entered into an agreement with us and you are the Person of Contact for us.
• Pre-contractual Relationship: You used our contact form to get in touch with us about a possible collaboration.
• Consent: In some cases we’ll ask for consent to use your information for specific purposes.
• Legal obligation: We might be required by law to use your information to comply with legal obligations, for example when we need to respond to valid legal requests.
Users in California
If you are a user residing in California, you have certain specific rights under California law regarding the personal data we collect when you use our website or contact form, specifically the California Consumer Privacy Act of 2018 (“CCPA”) and the California Shine the Light law. Regarding the provisions set forth in the CCPA, we would like to inform you that
• You have the right to opt out of the sale of your personal data. Fit Analytics does not sell your personal data.
• You have the right to receive an overview of the personal data we collect, how we use it and with whom we share it with. This information is provided in this Privacy Policy in the sections entitled “Information We Collect.” “Information We Use,” and “Information We Share.”
• You have a right to know the categories of personal information we have collected or disclosed about you in the last 12 months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information. The categories of data we collect and process are:
◦ Identifiers: our widget will collect your IP address as part of standard queries. Any IP address received in such a way will be hashed and truncated before being stored in our databases.
- ○ Characteristics of protected classifications under California or federal law, such as you gender and age. The main purpose for collecting this information is to recommend the best possible size.
◦ Commercial information such as products purchased and returned at webshops including our service. This data is needed for billing purposes and for improving the size recommendation mechanics.
◦ Internet or other electronic network activity information such as our Session ID or the Order ID. This information is needed for billing purposes and to link purchases with eventual returns for improving the size recommendation mechanics.
◦ We may only collect this information when you provide it to us by using our service.
• You have a right to request we delete your personal data. We may ask you to provide some additional information to verify your identity. You or your authorized representative may make a request by contacting us by email ([email protected]).
• You have the right to make 2 free requests regarding access to your data in any 12-month period. We may ask you to provide some additional information to verify your identity.
• You or your authorized representative can exercise this right by email ([email protected]) . We will respond to your request within 45 days, and in more difficult cases we may extend our response time by another 45 days.
• You have a right to not be discriminated against because you exercise any of your rights.
California’s Shine the Light Law
California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed your personal data (if any) for their independent direct marketing purposes in the prior calendar year, as well as the type of personal data disclosed to those parties.
Users in Brazil
If you are a user in Brazil, please be aware that Fit Analytics is the controller of your personal data collected by using our website or contact form, but not the controller of your personal data when using our application(s) implemented in a webshop you used. In this case Fit Analytics acts as a data processor on behalf of the respective store. Since Fit Analytics exclusively handles anonymous data only and the respective data subject can not be identified, the LGPD does not apply according to Articles 5, 12 LGPD.
For personal data where Fit Analytics is the data controller you can exercise your rights of access, deletion, correction and portability of your data from us by getting in touch with us by email ([email protected]).
As a user in Brazil we are only allowed to use your personal data on the basis of the legal framework set by LGPD. Fit Analytics typically relies on one or more of the following bases for this:
• Contract: we are using your information because you’ve entered into an agreement with us.
• Pre-contractual Relationship: You used our contact form to get in touch with us about a possible collaboration.
• Consent: In some cases we’ll ask for consent to use your information for specific purposes.
• Legal obligation: We might be required by law to use your information to comply with legal obligations, for example when we need to respond to valid legal requests.
You are entitled to object our use of your information. Please get in touch with us if you wish to do so. In addition to this, you can always file a complaint with the national authority in your country or with our Data Protection Officer by email ([email protected]).
Final notes
This privacy notice is subject to change according to the rules and guidelines set by GDPR, CCPA, LGPD or any other law applicable to our services. Changes will be made upon amendments to any of these laws becoming legally binding.
Children
Please note that our services are not intended for users under the age of 18. Because of this we do not knowingly collect personal information from anyone under this age. If we need to rely on consent as a legal basis for processing information and your country requires consent from a parent, we may require your parent’s consent before we collect and use that information.
Do Not Track
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
Safety and Security
We use suitable technical and organizational safety measures to protect your data from accidental or intentional manipulation, partial or complete loss and/or destruction as well as unauthorized access. Our security measures are subject to continuous improvement in accordance with current technological developments.
For any questions about this Privacy Policy or your privacy rights please contact Fit Analytics using the information below:
Fit Analytics GmbH
Berlin, Germany
[email protected]