Last Updated: October 7, 2020
- Information We Collect
- Information Collected Related to California Residents
- How We Use Personal Information We Collect
- Sale of Personal Information
- Cookies and Similar Technologies
- When You Choose to Not Provide Personal Information
- Our Retention of Your Personal Information
- Sharing Personal Information
- Your Privacy Choices & Privacy Rights Specific to Californians
- Your Marketing Choices
- Links to Other Websites
- How We Protect Personal Information
- Children’s Privacy
- Direct Marketing and “Do Not Track” Signals
- Contact Us
Information We Collect
We collect information, including personal information, to provide better services to all our customers and Site visitors. The term “Personal Information” means any information that can be used to identify you.
For example, we may collect personal information from you when you:
- Register, subscribe, or create an account with Spanx;
- Purchase products from Spanx;
- Open or respond to our email or mobile messaging offers;
- Contact customer service or otherwise make use of our customer support tools, including, but not limited to, voice, messaging, SMS, chat, or our help center pages
- Connect, link, message, or "share" our Site via social networking sites;
- Post comments in public areas of our Site
- Provide a product review
- Sign up for notifications.
- Respond to, and complete a survey
- Report a problem or have a question about our Site or products, you may provide us with contact information, such as a phone number or email address;
- Purchase a product or sign up for an account on spanx.com or in our stores, we may collect:
- Your billing information, such as billing name and address, contact address, credit card number or debit card number;
- Information about your shopping preferences, such as the stores or website pages you have visited;
- Your demographic information, such as your date of birth and gender;
- Information collected through security systems in our stores;
- Use our Site or emails, we automatically collect information about your device and your usage of our websites or emails through cookies, web beacons or similar technologies, such as Internet Protocol (IP) addresses or other identifiers, which may qualify as Personal Information under applicable law; and
- Voluntarily submit certain information to our Site, such as filling out a survey about your experience or entering a contest, sweepstakes, or promotion, we collect the information you have provided as part of that request.
Information About Friends or Family: In certain limited circumstances, we may collect information about people you know. For example, when you purchase a gift order for a friend or family member, we ask for the gift recipient’s email address in order to process the gift order. Our Site also may include a "Refer a Friend" feature that allows you to easily forward information about Spanx to friends or family. If you elect to refer a friend or family member to our Site, we will ask for that person’s email address. We also may send that friend or family member a message on your behalf. We may store this information for the purpose of sending this message and to manage and improve our "Refer a Friend" program. You are responsible for notifying and, where necessary, obtaining the consent of your family member or friend before providing us with their information.
Information Collected Related to California Residents
During the last twelve (12) months, we have collected the following categories of personal information from consumers.
|Category||Type of Identifiers We Collect||Collected|
|A. Identifiers.||First and last name, postal address, unique personal identifier, account number, Internet Protocol address, email address.||YES|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, address, telephone number, credit card number, debit card number, or any other financial information.||YES|
|C. Commercial information.||Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||YES|
|D. Internet or other similar network activity.||Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.||YES|
|E. Geolocation Data||Physical location or movements||YES|
|F. Sensory data.||Audio, electronic, visual, thermal, olfactory, or similar information.||YES|
|G. Inferences drawn from other personal information.||Profile reflecting a person's preferences, behavior, and attitudes.||YES|
We obtain the categories of Personal Information listed above from the following categories of sources:
- Directly from our customers or their agents. For example, from information that our customers provide to order products.
- Indirectly from our customers or their agents. For example, through information we collect from our customers in the course of providing services to them.
- Directly and indirectly from activity on our website (www.spanx.com). For example, from website usage details that are collected automatically. In addition, like many companies, we use “cookies” which are small text files a website can use to recognize repeat users, facilitate the user’s ongoing access to and use of the site and to track usage behavior of, for example, the webpages you visit.
- From social media websites, such as Facebook, Twitter, LinkedIn, YouTube, Instagram, and Pinterest.
- From third parties that assist us in providing certain transactions and services (e.g. customer service, payment processing, hosting), even though it appears that you may not have left our Site.
How We Use Personal Information We Collect
We use your Personal Information in ways that are compatible with the purposes for which it was collected or authorized by you, including for the following purposes:
Sale of Personal Information
We do not sell any Personal Information.
Cookies and Similar Technologies
We and our partners use various technologies to collect and store information when you visit one of our Sites or Services, and this may include using cookies or similar technologies to identify your browser or device. We also use these technologies to collect and store information when you interact with services from our partners, such as advertising services. Our third-party advertising and analytics partners include Google, Adobe and similar partners.
The technologies we use for this automatic data collection may include:
Web Beacons. Pages of our services or our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags and single-pixel gifs) that permit us, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
Clickstream Data. Clickstream data is information collected by our computers when you request web pages from the Site. Clickstream data may include information such as the page served, the time spent viewing the page, source of the request, type of browser making the request, the preceding page viewed and similar information. Clickstream data permits us to analyze how visitors arrive at the Sites, what type of content is popular, what type of visitors in the aggregate are interested in particular kinds of content on the Sites.
When You Choose to Not Provide Personal Information
Your provision of Personal Information is required in order to use certain elements of the Site. In some instances, if you fail to provide such Personal Information, you may not be able to access and use our Site or order our products.
Our Retention of Your Personal Information
We use and retain your Personal Information for as long as necessary to fulfill the purpose for which it is being processed, to carry out legitimate business interests, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).
Sharing Personal Information
Spanx may disclose your Personal Information to commercial providers for a business purpose, which include verifying your identity when making a payment. When we disclose Personal Information for these reasons, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for the purposes set forth in the contract.
In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for one or more business purposes:
- California Customer Records Personal Information categories;
- Commercial information;
- Internet or other network activity information;
- Sensory Data;
- Inferences drawn from other personal information.
We disclose your Personal Information for a business purpose to the following categories of third parties:
- Our affiliates;
- Strategic business partners who provide goods, services and offers that enhance your experience with our Site and our products, or that we believe will be of interest to you;
- Service providers and other third parties we use to support our business, including without limitation those performing core services (such as billing, credit card processing, customer support services, customer relationship management, accounting, auditing, processing insurance claims, administering sweepstakes, surveys, advertising and marketing, analytics, email and mailing services, data storage, and security) related to the operation of our business or the Site, the processing and fulfillment of your orders, and making certain functionalities available to our users;
- Commercial providers.
We may disclose your Personal Information for legal reasons. Specifically, we will share Personal Information with companies, organizations or individuals outside of Spanx if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
- Fufill any purpose for which you provide it;
- Meet any applicable law, regulation, legal process or enforceable governmental request;
- Detect, prevent, or otherwise address fraud, security or technical issues;
- Protect against harm to the rights, property, assets or safety of Spanx, our customers or the public, content found on the Site, or to protect the Site from unauthorized use or misuse, as required or permitted by law;
- For any other purpose disclosed when you provide the information; and
- When we obtain your consent to do so.
We attempt to notify you about legal demands for your Personal Information when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
Your Privacy Choices
You may have certain rights relating to your Personal Information, subject to local data protection law. Whenever you choose to be a visitor at our Site or stores, we aim to provide you with choices about how we use your Personal Information. Subject to applicable law, you may obtain a copy of Personal Information we maintain about you. In addition, if you believe that Personal Information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the “How to Contact Us” section below. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information.
- Privacy Rights Specific to California Residents
Under the California Consumer Privacy Act, California residents have specific rights regarding their personal information. This section describes Californians’ rights and explains how California residents can exercise those rights.
Below we further outline specific rights which California residents may have under the California Consumer Privacy Act.
- Right to Access Your Data. You have the right to request that we disclose certain information to you about our collection, use and disclosure of your Personal Information over the past twelve (12) months. Any disclosures we provide will only cover the 12-month period preceding the receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
- Right to Data Portability. You have the right to a “portable” copy of your Personal Information that you have submitted to us. Generally, this means you have a right to request that we move, copy or transmit your Personal Information stored on our servers or information technology environment to another service provider’s servers or information technology environment.
- Right to Delete Your Data. You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
- Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for exercising your privacy rights conferred by the California Consumer Privacy Act.
- Exercising Your Rights
If you are a California resident who chooses to exercise your rights, you can:
- Submit a request via the online request form; or
- Call 1-888-806-7311 to submit your request.
You may also designate an agent to exercise your privacy rights on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification.
Our Response to Your Request
Upon receiving your request, we will confirm receipt of your request by sending you an email confirming receipt. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. In some instances, such as a request to delete personal information, we may first separately confirm that you would like for us to in fact delete your personal information before acting on your request.
We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option.
In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
We may deny your deletion request if retaining the information is necessary for us or our service providers to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
- Debug products to identify and repair errors that impair existing intended functionality;
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent;
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
- Comply with a legal obligation; or
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Your Marketing Choices
You may have certain choices when it comes to how we use your data and we want to provide you with information to make the choices that are right for you.
- Interest-Based Ads and Other Online Advertising. Visit http://www.networkadvertising.org or http://www.aboutads.info to learn more about your options for opting out of interest-based advertising. We do not guarantee that all of the third parties we work with will honor the elections you make using those options. Please also keep in mind that even if you opt-out of receiving ads tailored to your apparent interests, you will continue to see online ads, but the ads that you see therefore may be less relevant to your interests.
- Mobile Devices. Your mobile device may offer settings relating to cookies, pixel tags, Flash cookies, and other similar technologies. We encourage to you to visit your device’s help menu to learn about your options to limit tracking when using your device. For some information on controlling your mobile choices, click here.
- Social Media Platforms and Networks. We encourage you to review your privacy options and settings with the social media platforms and networks you use to understand what choices you have about sharing information from those platforms and networks with us.
- Email and SMS Marketing. You can opt-out of receiving marketing emails or SMS messages from us by sending us an email stating your request to email@example.com or by replying STOP to the SMS message. If we or one of our service providers acting on our behalf have sent you a promotional email, you may use the “unsubscribe” link or send us a return email asking to be omitted from future email distributions. Please keep in mind that opting out of marketing emails may impact our ability to allow you access to certain offers, benefits and features. Please also note that even if you opt out of receiving certain marketing emails, that opt-out may not apply to other transactional or legal communications that you may continue to receive from us, such as customer service messages, messages about your account or transactions with us, notices about our policies and terms, and emails responding to your communications with us or requests for information that we receive from you.
Links to Other Websites
The Sites may contain links to webpages operated by parties other than Spanx. We do not control such websites and are not responsible for their contents or the privacy policies or other practices of such websites. Our inclusion of links to such websites does not imply any endorsement of the material on such websites or any association with their operators. Further, it is up to the user to take precautions to ensure that whatever links the user selects or software the user downloads (whether from this Site or other websites) is free of such items as viruses, worms, trojan horses, defects and other items of a destructive nature. These websites and services may have their own privacy policies, which the user will be subject to upon linking to the third party’s website. Spanx strongly recommends that you review the third party’s terms and policies.
If you have any questions about the privacy practices of other websites, you should contact the parties controlling these websites for more information.
How We Protect Personal Information
Spanx maintains administrative, technical and physical safeguards designed to protect the user's Personal Information and other information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. For example, we and/or our service providers use commercially reasonable security measures such as encryption, firewalls, and Secure Socket Layer software (SSL) or hypertext transfer protocol secure (HTTPS) to protect Personal Information.
Although we take reasonable steps designed to protect your Personal Information, please be advised that no security system or means of transmitting data over the Internet can be guaranteed to be entirely secure (including without limitation with respect to computer viruses, malicious software and hacker attacks). We cannot and do not guarantee or warrant the security of your Personal Information or any information you disclose or transmit to us. We are not responsible for the acts of those who gain unauthorized access, and we make no warranty, express, implied or otherwise, that we will prevent such access, and we are not responsible for any damages or liabilities relating to any such incidents to the fullest extent permitted by law. Where required under law, we will notify you of any such loss, misuse or alteration of Personal Information that may affect you so that you can take the appropriate actions.
The Sites and Services are not designed or intended to be used by anyone under the age of 18. If you are under the age of 18 (or a minor in the jurisdiction in which you are accessing our Sites or Services), do not use the Site, or make purchases via the Site, use any interactive features of the Site, or post any Personal Information to our Site. We do not knowingly or intentionally gather Personal information about children who are under the age of 16. If a child has provided us with Personal Information, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under age 16, please contact us firstname.lastname@example.org. If we learn that we have inadvertently collected the Personal Information of a child under 16, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible and cease the use of that information in accordance with applicable law.
Direct Marketing and “Do Not Track” Signals
Spanx does not track its users over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, your browser may include controls to block and delete cookies, web beacons and similar technologies, to allow you to opt out of data collection through those technologies.
California residents are entitled to contact us to request information about whether we have disclosed Personal Information to third parties for the third parties’ direct marketing purposes. Under the California “Shine the Light” law, California residents may opt-out of our disclosure of Personal Information to third parties for their direct marketing purposes. You may choose to opt-out of the sharing of your Personal Information with third parties for marketing purposes. To make such a request you should send (a) an email to email@example.com with the subject heading “California Privacy Rights,” or (b) a letter addressed to Spanx, Attention: PRIVACY, 3035 Peachtree Road NE, Suite 200, Atlanta, GA 30305. In your request, please attest to the fact that you are a California resident and provide a current California address for our response. Please be aware that not all information sharing is covered by the California privacy rights requirements and only information on covered sharing will be included in our response. We reserve our right not to respond to requests submitted to addresses other than the addresses specified in this paragraph.
How to Contact Us
Via e-mail: firstname.lastname@example.org
By writing to us:
Atlanta, GA 30305