Archive
Privacy Policy
CLO Virtual Fashion, LLC and its Affiliates ("CLO" or “we”) respects the privacy rights of its users and protects the personally identifiable information collected, stored and used in connection with your use of our websites and any other websites that we may later own or operate; software and services such as CLO and Marvelous Designer (the “Software”); CLO-SET; CLO-SET Connect; APIs; instruction sets and related documentations (each of which is referred to as “Service”, and collectively as “Services”); and your installation and use of any software that we include as part of Services.
To further this commitment, we have adopted this Privacy Policy ("Privacy Policy") to guide how we collect, store, and use the information you provide us. In this Privacy Policy, any data processed by us or through the Services and qualifies as personally identifiable information under applicable law is referred to interchangeably as "Personal Information" or "Personal Data". Capitalized terms not defined here have the same meaning as those terms defined in General Terms of Use.
For some processing activities, in particular within the use of CLO-SET CONNECT (accessible at https://connect.clo-set.com/) or if you, as a natural person, are our direct customer and contractual partner for using our Services, we, can be a controller under the European Union (EU) General Data Protection Regulation ("GDPR"). Our processing of personal data in this context is subject to the GDPR to the extent you, as a data subject, are in the EU/EEA and where (1) the processing is related to the offering of goods or services, irrespective of whether a payment of the data subject is required, to you, or (2) the monitoring of your behaviour as far as your behaviour takes place within the EU/EEA. This Privacy Policy also includes the information which we are required to provide under the GDPR.
As a controller, our contact details are as follows:
CLO Virtual Fashion, LLC
285 Fulton St, FL 58 STE T,
New York, NY 10007
U.S.A
legal@clo3d.com
For any questions regarding data protection, please contact legal@clo3d.com.
The contact details of the controller's representative in the EU are as follows:
CLO Virtual Fashion GmbH
Briennerstr. 45 a-d
80333 Munich
Germany
legal@clo3d.com
We may modify this Privacy Policy from time to time. We will notify you of any revisions to this Privacy Policy by posting the latest version here and by indicating the last modified date at the top. It is important that you review this Privacy Policy regularly to ensure you are updated as to any changes.
We do not knowingly collect Personal Information from children under the age of 13. If you are a parent or guardian and believe your minor child has provided us with Personal Information without your consent, please contact us at privacy@clo-set.com and we will take steps to delete such Personal Information from our systems.
Personal Information will be processed in accordance with such applicable law, our Privacy Policy, and our various Terms of Use for the applicable part of our Services that you use ("Terms"). Please note that Personal Information which has been irreversibly anonymized in compliance with applicable data protection standards will no longer qualify as Personal Information under such laws. However, CLO ensures that any anonymization process applied is designed to prevent re-identification, and such data will only be treated as anonymized where re-identification is no longer reasonably possible For the avoidance of doubt, CLO may retain and use data that have been irreversibly anonymized, provided that such data no longer qualify as Personal Information under applicable data protection laws. CLO shall hold a worldwide, royalty-free right to use, analyze, and commercialize such anonymized and aggregated data for legitimate business purposes.
Where we aggregate or derive anonymized statistical data from your Personal Information, we will only do so on the basis of your explicit consent or where such processing is necessary for our legitimate interests, provided that your rights and freedoms are not overridden. You may withdraw your consent at any time by contacting us at privacy@clo-set.com. Upon withdrawal, we will cease any further use of your Personal Information for aggregation purposes and ensure that any previously aggregated data can no longer be linked back to you.
1/ Scope of Privacy Policy
This Privacy Policy describes CLO's collection and use of Personal Information submitted and collected through our Services. Personal Information includes any information that directly or indirectly identifies you, such as your name, address, telephone number, or e-mail address, as well as online identifiers and related data that may reasonably be linked to you, including IP addresses, user IDs, cookies, device information, and usage data maintained in a personally identifiable form.
Please be aware that websites with links to and from our Services may collect Personal Information about you. This Privacy Policy does not apply to, and CLO does not control, the data processing activities of such third-party websites. However, where the inclusion of a link, plug-in, or similar technology on our Services results in the automatic transmission of your Personal Information to a third party, CLO and such third party may act as joint controllers with respect to that initial collection of data, in accordance with Article 26 of the GDPR.
To the extent we process personal data on behalf of our customers, especially for our Services such as CLO-SET, CLO Software and CLO CONNECTOR, we are acting as a processor on behalf of the relevant customer who is the controller (e.g. this applies to the personal data provided by our customers via our Services such as CLO-SET, CLO Software and CLO CONNECTOR, including the personal data of our customers' authorized users of these Services).
This Privacy Policy does not apply to our processing of personal data as a processor; for information on such processing activities, please approach the relevant controller. You may also contact us, and we will endeavour to render your request to the relevant controller.
For clarification: This Privacy Policy does apply to our processing of personal data of our customers that are natural persons and our direct contractual partners. It also applies to the processing of personal data within CLO-SET CONNECT.
2/ Information We Collect
We may collect and process the following categories of Personal Information for the purposes described below :
Personal Information such as your name, address, telephone number, e-mail address, credit card number, and transaction history when you register for an account with CLO, make sales inquiries, request support, or make a purchase or payment.
If you contact us or respond to messages and communications that we send to you, we may keep a record of that correspondence.
When you use our Services, we collect Personal Information that is included in the input, file uploads, or feedback that you provide to our Services.
User feedback, community discussions, chats and other interactions on our Services.
We automatically collect certain information about your use of our Services and the resources that you access. This information may include internet protocol (IP) addresses, MAC Address, operating system, browser and device information (including but not limited to browser and device type, settings, unique identifiers, version, language settings, and configuration), date/time stamp, log files generated during usage of the Services, and/or program or system error messages and other system information. We may also collect information such as the types of information about your activity on a page or screen, access times and duration of access as well as your time zone, country, and your computer connection while you use our Services. We may combine this automatically collected log information with other information we collect about you to improve our Services, to improve marketing, analytics, or website functionality.
If you access our Services on your mobile telephone or other mobile device, including tablets, we may collect mobile device identifiers, including but not limited to MAC Address, and IP Address. Certain aspects of our Services will create and assign to your device an identifier that is similar to an account number. We may collect the name you have associated with your device, device type, telephone number, country, geo-location and any other information you choose to provide or allow us to access.
Contact information, Profile information (such as profile photo), cryptocurrency wallet address, or other data you choose to give us.
Please see our CCPA Notice below to see more details on the type of Personal Information we may have collected from you, as the data indicated in that section is not just limited to data we collect from California residents (the purposes, categories, sources, and uses of our data collection indicated in our CCPA Notice applies for all data subjects from whom we collect Personal Data or Personal Information).
Each processing activity is carried out on a specific legal basis as required under applicable data protection laws, including the performance of a contract with you, compliance with legal obligations, the pursuit of our legitimate interests (such as improving our Services and ensuring their security), or your explicit consent where required.
CLO retains Personal Information only for as long as necessary to fulfill the purposes for which it was collected, and in accordance with our Data Retention Policy. Information regarding the applicable legal bases, retention periods, and the categories of recipients for each processing activity is available upon request at privacy@clo-set.com
Please keep in mind that when you voluntarily make Personal Information publicly viewable, that information will be publicly available and can be collected and used by others. For example, if you post your email address publicly, you may receive unsolicited messages by third parties over which we have no control. We cannot control who views information (and what they do with information) you voluntarily post publicly.
3/ How We Collect
CLO collects data from you when you choose to provide it to us directly, such as via an online form; when you provide it to us automatically (such as when you log in to access the online authentication version of our Services and use such Services); or when you communicate with our customer support team. On rare occasions, we may also collect your personal data from third parties, such as in cases where you do not communicate directly with us but with one of our independent resellers or in cases where one of our customers invites you to collaborate via our Services.
CLO and third parties also use certain technologies described below to collect data to deliver excellent experiences.
Cookies.
Cookies are small text files placed on your device that can be recalled by a web server in the domain that placed the cookie. We use cookies for various purposes including to help recognize and remember you when you are logged into our Services so we can maintain your settings and preferences, analyzing the performance of our Services, maintain the integrity of our Services, and for other lawful bases. These cookies do not track your browsing activity on non-CLO related websites. For more information, please review our Cookie Policy. To manage your cookie preferences, please visit Cookie Settings of respective Services.
Web Beacons.
We also use "web beacons" to help deliver cookies and gather usage and performance data. Our website may include web beacons, cookies, or similar technologies from third-party service providers. By providing us with information about how you interact with our Services, these tools help us analyze and learn how to make our Services better and customize our communications with you. The following analytics technologies are in use: Google Analytics
Clear Gifs.
We may also use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. For this reason, these types of clear gifs are tied to personally identifiable information.
You have access to tools to control the data collected by cookies, web beacons, and similar technologies. For example, you can use controls in your Internet browser to limit how the websites you visit are able to use cookies and to withdraw your consent by clearing or blocking cookies. However, if you disable cookies, your ability to use some features or areas of our Services may be affected. For consent obtained via our websites, you also have the possibility to withdraw such consent easily via our websites (generally via the corresponding link in the footer of the relevant website or in the relevant Cookie Policy).
CLO and our partners, such as marketing partners and analytics providers, may use tracking technologies such as cookies, beacons, tags, and scripts. These technologies are used in analyzing trends, administering our websites, tracking users' movements around the websites, and to gather demographic information about our user base as a whole. We use cookies for various purposes including our shopping cart, to remember users' settings, and for authentication. Users can control the use of cookies by adjusting individual browser settings. However, if you reject cookies, you may still use our websites, but your ability to use some features or areas of our websites may be limited.
We may also use tools or third-party analytical software to automatically collect and use certain non-Personal Information that does not directly enable CLO to identify you.
Use & Sharing of Information Collected
We use your Personal Information and non-Personal Information, both individually or combined together:
To help us manage, operate and deliver our Services to you;
To improve your experience with our Services;
To develop new products or services for you;
To provide you with customer support;
To communicate with you about our Services;
For marketing and promotional purposes;
For internal training purposes and statistical analyses;
To conduct research; and
To prevent fraud, criminal activity, or misuses of our Services, and to protect the security of our IT systems, architecture, and networks.
Except to the extent that third party targeted advertising cookies constitute a "sale" of Personal Information under applicable law, CLO does not sell Personal Information, including Personal Information of anyone under 16 years old. To the extent that third party advertising cookies constitute a "sale" of Personal Information under applicable law, you may opt-out of these third party targeted advertising cookies in Cookie Settings of respective Services. You may also email privacy@clo-set.com with any questions or requests.
CLO may share your Personal Information as follows:
With our Affiliates (i) to improve your experience with our Services and develop new products or services for you, (ii) to conduct research; and (iii) to provide you our Services or information about other services and promotional materials;
With partners, vendors and service providers who support our business, such as by providing technical infrastructure services, analyzing how our Services are used, providing customer service, facilitating payments or conducting surveys. A list of sub-processors we use to support delivery of our Services is available at legal.clo-set.com/sub-processors/sub-processors;
With other users of our Services in a way that is consistent with the functionality of our Services (e.g. your profile photo that you post on CLO-SET CONNECT);If the ownership or control of all or part of our Services or their assets changes, with the new owner; and
For other legitimate purposes, such as the purposes indicated at the bottom of this page in the CCPA Notice (the purposes, categories, sources, and uses of our data collection indicated in our CCPA Notice applies for all data subjects from whom we collect Personal Data or Personal Information).
In a business transaction, such as a merger, acquisition, dissolution (including bankruptcy), change of control, or a sale of all or a portion of our assets, customer information, including Personal Information, generally is one of the transferred business assets.
In the event that CLO undergoes such transactions, including preparation of any of such transactions, we may share, disclose or transfer all of your information, including Personal Information, to the successor.
Any third party to which we transfer or sell our assets will have the right to continue to use the personal and other information that you provide to us in the manner set out in this Privacy Policy.
Occasionally we may be required by law enforcement or judicial authorities to provide Personal Information to the appropriate governmental authorities. We will disclose Personal Information upon receipt of a court order, subpoena, or to cooperate with a law enforcement investigation.
5/ Safeguards
CLO maintains appropriate safeguards that ensure the security, integrity, and privacy of the Personal Information we collect and store about our account holders.
Personal Information collected by CLO is stored in secure operating environments that are not available to the public and that are only accessible by authorized employees. We also have security measures in place to protect the loss, misuse, and alteration of the information under our control (i.e., maintain data quality). Before we allow web users to access their Personal Information, for example, we verify their identity by requesting that they submit information such as their username and password. We also take reasonable steps to ensure that third parties to whom we transfer Personal Information provide sufficient protection of such data.
Your Personal Information may be transferred to, and stored at, a destination outside the country of your residence. It may also be processed by personnel of our Affiliates and third party service providers who may operate outside the country of your residence. In such a case, we will take reasonable steps to require such third party in possession of your Personal Information to take commercially reasonable security measures to protect the information.
However, unfortunately, no data transmission over the internet or any wireless network can be guaranteed to be secure. As a result, while we strive to protect your Personal Information, please be aware that: (a) the security, integrity and privacy of any and all information and data exchanged between you and us through our Services cannot be guaranteed; and (b) any such information and data may potentially be viewed or tampered with in transit by a third party despite our use of transport encryption technologies.
6/ Links to Third Party Sites or Services
You should be aware that our Services may from time to time contain links to third-party sites, products or services. CLO is not responsible for the privacy practices or the content of such sites or services. If you are concerned about the privacy policy of a certain third party, we recommend that you read the privacy policy of the site or service to which you link before you submit any Personal Information.
7/ Your Rights Related to Personal Information and Access to Personal Information
You have certain rights regarding your Personal Information, subject to local data protection laws. These may include the following rights:
to access your Personal Information held by us (right to access, to the extent the GDPR applies: see Art. 15 GDPR);
to rectify inaccurate Personal Information and ensure it is complete (right to rectification, to the extent the GDPR applies: see Art. 16 GDPR);
to erase/delete your Personal Information to the extent permitted by other legal obligations (right to erasure; right to be forgotten, to the extent the GDPR applies: see Art. 17 GDPR);
to restrict our processing of your Personal Information (right to restriction of processing, to the extent the GDPR applies: see Art. 18 GDPR);
to transfer your Personal Information to you or to another controller (right to data portability, to the extent the GDPR applies: see Art. 20 GDPR);
to object to any processing of your Personal Information carried out on the basis of our legitimate interests (right to object, to the extent the GDPR applies: see Art. 21 GDPR). Where we process your Personal Information for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;
not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects ("Automated Decision-Making"; to the extent the GDPR applies: see: Art. 22 GDPR). Automated Decision-Making currently does not take place on our websites or within our Services; and
to the extent we base the collection, processing and sharing of your Personal Information on your consent, to withdraw your consent at any time, without affecting the lawfulness of the processing based on such consent before its withdrawal (right to withdraw consent, to the extent the GDPR applies: see Art. 7(3) GDPR).
To exercise your rights, please contact us at privacy@clo-set.com.
We try to respond to all legitimate GDPR related requests without undue delay and in any case within one (1) month of receipt of the request and will contact you if we need additional information from you in order to honor your request.
Occasionally it may take us longer than one (1) month, taking into account the complexity and number of requests we receive; in such case we will at least inform you of any such extension within one (1) month of receipt of your requests.
CLO makes good faith efforts to enable you to review, update or correct your Personal Information in our possession. In order to do so, please log into your account or contact privacy@clo-set.com. If you contact us, we will need sufficient information from you to establish your identity and to verify your access request, and also to assist us in handling your request. Please note that even if Personal Information is changed or deleted according to your request, CLO may still retain some of your Personal Information to resolve disputes, enforce CLO user agreement(s), and comply with technical and legal requirements and constraints related to the security, integrity and operation of our Services.
To the extent that the GDPR applies to the processing of your personal data, as a data subject you also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR). You can exercise this right in particular with the data protection supervisory authority in the country in which you have your habitual residence or place of work. You may find information on the supervisory authorities in the EU and the EEA at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.
8/ Retention; Deactivated or Terminated Accounts
Please be aware that even after your account is terminated or deleted, some or all of your information may still remain visible to others. A request to delete and/or terminate your account will not result in the removal of information that has been irreversibly aggregated or anonymized, or information that we are legally required or technically unable to delete. CLO will assess such limitations objectively and will inform you of the reasons preventing complete deletion, where applicable.We are not able nor are we obligated to remove any of your information from a third party provider or platform that is not our (sub-)processor. Moreover, please be aware that even after you delete your account or your account is terminated, your information may not be deleted in its entirety from our servers and servers of the third party with whom such information have been shared.
When you sign up for an account with CLO, CLO retains the Personal Information you store on our Services for as long as your account is active and, thereafter, only for a limited period necessary to comply with legal obligations, resolve disputes, or enforce our agreements, in accordance with our Data Retention Policy. If you delete your account, we will initiate deletion of this information after 30 days, but please note: (1) there might be some latency in deleting this information from our servers and back-up storage; (2) a request to delete and/or terminate your account will not result in the removal of information collected and already put in aggregate form; (3) we are not able nor are we obligated to remove any of your information from a third party provider or platform that is not our (sub-)processor; and (4) we may retain your information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.
9/ Opting Out
If at any time you wish to opt out of having your Personal Information shared with third parties and/or receiving information from CLO (via e-mail or postal mail) about new products, services, or promotions, you can do so by adjusting your account settings, by clicking "unsubscribe here", "manage your preferences", or their functional equivalent, or by emailing us at privacy@clo-set.com.
10/ International Privacy Practices
The Services are provided through and managed on servers located and operated within the United States. When you access or use our Services from outside the United States, your Personal Information may be transferred to, stored, and processed in the United States, where our main infrastructure and certain service providers are located.
Such international data transfers are carried out in compliance with applicable data protection laws and rely on appropriate safeguards to ensure an adequate level of protection for your Personal Information.
Where applicable, CLO relies on the EU–U.S. Data Privacy Framework, or, if not available, on the Standard Contractual Clauses approved by the European Commission pursuant to Article 46(2)(c) of the GDPR.
Specifically, CLO uses Microsoft Azure data centers located in the United States. For transfers of Personal Information to Microsoft Corporation (One Microsoft Way, Redmond, WA 98052, USA), such transfers are governed by the Standard Contractual Clauses and by Microsoft’s certification under the EU–U.S. Data Privacy Framework, as applicable.
11/ Inquiries
If you have any questions or wish to file a complaint, please feel free to email us at privacy@clo-set.com.