Privacy Policy

1. Who is Responsible

The controller responsible for processing your personal data under the EU General Data Protection Regulation (GDPR) is Comme des Garçons S.A., 16 Place Vendôme, 75001 Paris, France. If you have any questions about this Privacy Policy or how we handle your data, you can contact us at support@commedesgarcons.ltd.

2. Data We Collect Automatically

When you visit our website without registering or creating an account, we collect technical information that your browser automatically sends to our servers. This includes the pages you visit, the time and date of access, the amount of data transferred, the source from which you arrived on our site, the browser and operating system you use, and your IP address which may be anonymized. This information is necessary to ensure the security, stability and functionality of our website. It is stored temporarily and may only be checked if there are signs of illegal use. All communication is protected by SSL/TLS encryption, which you can recognize in your browser address bar by the prefix “https://” and the lock symbol.

3. Hosting and Delivery

Our website is hosted by Shopify in Ireland with data transfers also taking place to Shopify Inc. in Canada. Shopify processes all website data on its servers under strict contractual agreements to protect your privacy. Data transfers to Canada are covered by an adequacy decision of the European Commission.

In addition, we use content delivery networks provided by Bunny in Slovenia and Cloudflare in the United States. These services allow us to deliver images, scripts, and other content quickly through regionally distributed servers. Both providers operate under contracts that ensure the protection of visitor data. For transfers to the United States, Cloudflare participates in the EU–US Data Privacy Framework, which guarantees a European level of data protection.

4. Cookies

Our website uses cookies to improve your browsing experience. Cookies are small text files stored on your device that can either be temporary session cookies, which disappear when you close your browser, or persistent cookies, which remain on your device for a longer period. Some cookies are essential for the functioning of our site, such as those used for shopping carts, while others help us remember preferences, improve functionality, or provide personalized advertising if you have given us consent.

You may adjust your browser settings to decide whether to accept cookies. Please be aware that rejecting cookies may limit certain features of our website. Details of specific cookies and their duration can be found in your browser’s cookie settings and in our Cookie Policy.

5. Communication and Customer Support

You can contact us by email, through contact forms on our site or via WhatsApp Business. If you use WhatsApp to contact us, we will process the phone number and name associated with your account and if needed, additional information you provide such as an order number or email address. WhatsApp is operated by Meta Platforms, which may transfer data to servers in the United States under the EU–US Data Privacy Framework. We only store WhatsApp contact details for customers who write to us, and these are never used for any purpose other than answering your inquiries.

6. Newsletters

If you sign up for our newsletter, your email address will be securely processed by Mailchimp, a service provided by The Rocket Science Group in the United States. Mailchimp helps us send newsletters and with your consent, may track whether emails are opened or links are clicked. You can unsubscribe from our newsletters at any time by clicking the unsubscribe link included in each email. All data shared with Mailchimp is protected by strict contractual agreements and Mailchimp participates in the EU–US Data Privacy Framework.

7. Orders and Payments

When you place an order, we collect the necessary details to process and deliver your purchase, including your name, address, email and payment information. Depending on which payment method you choose, your payment data may be transmitted securely to providers such as Apple Pay, Google Pay, PayPal, Klarna, or Stripe. These providers process your payment independently in line with their own privacy policies. The purpose of this processing is solely to complete your transaction. In some cases, providers may also conduct fraud checks or credit assessments based on the information you provide.

8. Analytics and Marketing

We use tools such as Google Analytics 4, Google Ads, Meta Pixel (Facebook and Instagram), TikTok Pixel and Google Tag Manager to better understand how visitors use our website and to measure the effectiveness of our advertising campaigns. These services may process device information, IP addresses and browsing behavior to generate reports and improve targeting. All of these services are activated only with your explicit consent, which you can withdraw at any time using the cookie consent tool provided on our website. Without consent, these tools will not collect data during your visit.

9. Security of Data

We have implemented a range of technical and organizational measures to protect your personal data. These include encrypted data transmission, firewalls, restricted internal access and regular security checks. While no system can ever be completely secure, we continuously monitor and update our security practices to reduce risks. We also encourage you to use updated antivirus software and secure passwords to protect your own information.

10. Your Rights

Under data protection law, you have the right to request access to the personal data we hold about you, the right to correct any inaccurate data and the right to request deletion where there are no legal reasons for retention. You may also request that we restrict how we process your data or you may object to processing where it is based on our legitimate interests. In addition, you can request a copy of your data in a portable format and withdraw consent you have previously given, such as for receiving newsletters or for the use of cookies. If you live in California, you also have rights under the California Consumer Privacy Act (CCPA), including the right to know which categories of information we have collected about you in the last twelve months and the right to request deletion. Exercising these rights will never affect the level of service you receive.

To exercise any of these rights, please contact us at support@commedesgarcons.ltd. We will respond within the timelines set by law.

11. Retention of Data

We only keep personal data for as long as necessary. Order information is retained for the periods required by tax and commercial law, usually six years. Marketing data, such as newsletter subscriptions are kept until you unsubscribe or for up to twenty-four months. Analytics data are generally stored for shorter periods, such as two months. Once data is no longer required, it is either securely deleted or anonymized so it can no longer be linked to you.

12. Updates to this Policy

We may update this Privacy Policy to reflect changes in law, technology or our business practices. Any updates will appear here with a revised “Last updated” date. We recommend checking this page regularly to stay informed.

13. Contact Us

If you have any questions about this Privacy Policy or your data rights, please contact us at support@commedesgarcons.ltd or write to Comme des Garçons S.A., 16 Place Vendôme, 75001 Paris, France.