Customer Care

Privacy Policy

Customer Care

Privacy Policy

Customer Care

Privacy Policy

Privacy Policy: MR PORTER

Date: 1 January 2021

THE NET‑A‑PORTER GROUP LIMITED is committed to protecting and respecting your privacy. This notice describes what personal data we collect, how we will use that data and how we keep your data safe. For additional information on how we use cookies, please refer to our Cookie Policy. For all other information regarding our services, please refer to our Terms & Conditions.

In this Privacy Notice we will cover:

  1. Who is the data controller?

  2. What personal data do we process, for which purpose and what is our legal basis for processing it?

3.  Who will process your data?

4.  Data transfer outside the European Union

5.  How long do we keep your data?

6.  Your rights

7.  Security

1. Who is the data controller?

The data controllers for any personal data we hold about you are THE NET‑A‑PORTER GROUP LIMITED of 1 The Village Offices, Westfield London, Ariel Way, London, W12 7GF, United Kingdom and our parent company, YOOX NET‑A‑PORTER GROUP S.p.A. of Via Morimondo 17, 20143 Milan, Italy, a company with sole shareholder subject to direction and coordination by Compagnie Financière Richemont S.A,.

We are responsible for ensuring that your data is held securely, that you are given accurate information about how your data is used, and that your rights regarding your data are respected. The products we sell are not aimed specifically at individuals under the age of 18, we do not promote our products to this market and we cannot identify individuals of this age and under, on our database. Please refer to our Terms & Conditions for more information. Please also read our Registration & Account Terms and Conditions which apply to you when you register for an account on our website or App.

2. What personal data do we process, for which purpose and what is our legal basis for processing it?

We collect data from you when you visit our websites:,, or while using our associated apps (“websites and Apps”). The data we collect includes your name, email address, telephone number and shipping/billing address, your day and month of birth, your favourite designers and information regarding your browsing and shopping behaviour. Data is collected when you place an order, call our Customer Care team, register with us, opt into our marketing communications, browse our site and use other services offered by our site. The data we collect is used to take your order, process payment and deliver your purchase to you. We also use it to deliver marketing communications, give access to services for registered users, personalise your visit to our site and provide assistance via our Customer Care team.

We must have a valid reason for processing your personal data and we may not collect, store or use data about you that is not compatible with that reason. There are four valid reasons for our use of your personal data: Performance of a Contract, our Legitimate Interests as a business, a Legal Obligation we are required to follow and Consent which you provide to us.

If you have given your consent to our use of your personal data, you are entitled to withdraw this consent at any time.

The data we process, and the legal basis we use to process it is detailed below:


Purpose: When you purchase a product from our websites and Apps we ask you for the personal data necessary to allow us to fulfil our contract with you including despatching your item and taking payment from you. Your personal data will also used to manage your requests for customer service.

Personal Data Processed: Contact details (name, address, postcode, phone number), financial details (credit and debit card details etc), delivery address.

Purpose: When you register on the website, convert your guest account to a registered account or download the App we ask you for the personal data necessary to allow you to benefit from services reserved to registered users.

Personal Data Processed: Name, email address, day and month of birth, designer and other preferences.

Purpose: If you are a member of a reward programme with one of our partners, your personal data will be used to fulfil your reward including despatching your item, taking payment from you and managing your requests for customer service        

Personal Data Processed: Contact details (name, address, postcode, phone number), financial details (credit and debit card details etc), reward value, partner programme, delivery address.

**Purpose: **When you sign up to our Recommend a Friend scheme following a friend’s referral.

**Personal Data Processed: **Name, email address and order ID

Purpose: When you have referred a friend to get validation of the referral and the referral reward.

**Personal Data Processed: **Name and email address


Purpose: For NET‑A‑PORTER , MR PORTER and THE OUTNET direct marketing by email.

Personal Data Processed: Name, email address, browsing and purchase history, date of consent.

Purpose: Push notifications via our websites and Apps to offer goods and services that may be relevant to you. These can be configured in the settings of your device or browser.

Personal Data Processed: Products purchased, viewed, or placed in cart, name, device ID or IP address; language used to navigate and version of your use (country); information on the device and browser you use; date and time when you provided consent to receiving web push notifications; date of creation of the account; date of last visit to our site.

Purpose: When you receive email marketing communications from us after entering a competition run by one of our affiliate partners.

Personal Data Processed: Name and email address.

Purpose: When you have signed up to take part in our market research programmes.

Personal Data Processed: Name, email address and dependent upon the type of research, other relevant information, for example age or place of domicile may also be collected.


**_Purpose: _**Calls to our Customer Care team are recorded to ensure a high level of customer service to our clients, to enable the development of staff training and to manage complaints or disputes

Personal Data Processed: Recordings of calls to our Customer Care teams, customer name, account ID and order ID.

**_Purpose: _**To monitor how our websites and Apps are used so that we are able to provide a personalised browsing experience, to help us improve the websites and Apps to make them more user-friendly and help you find products that could be of interest.

Personal Data Processed: Device information, IP address_, _analysis of website navigation via cookies event trackers, beacons and other technologies. For more information about how we use cookies please read our Cookie Policy.

**_Purpose: _**To analyse the performance of product ranges, anticipate market trends and monitor website and App visitor behaviour patterns using third party services such as Adobe Analytics

Personal Data Processed: Internet log information that is anonymised, so that individuals cannot be directly identified.

**_Purpose: _**To understand customers’ patterns, their needs, the products and services that they are interested in, we analyse shopping histories, browsing histories, customer demographics and market research information. In this way, we identify customers’ groups or segments who display similar behavioural patterns.

This helps us to offer an enhanced customer experience and to provide relevant products, personalised services and offers, and to better manage customers’ relationships. It also helps us tailor the marketing that individuals receive in our marketing messages or are shown on our own and other websites and mobile apps, including social media.

Personal Data Processed: Customer ID, e-mail address, browsing data, IP address, order history, products added to wish list or basket, age, gender, physical address, market research information such as attitudes to fashion, service needs and spend on designer clothing.

**_Purpose: _**When we have a service message we need to send you via email confirming your order or returns or informing you of any changes that might affect your order, our service to you or changes to terms and conditions

**_Personal Data Processed: _**Name and email address.

**_Purpose: _**When you save an item to your Shopping Bag, but don’t check out, we’ll send you an email service message to remind you that you haven’t checked out

Personal Data Processed: Name, email address, item(s) saved in Bag.

Purpose: When you make a purchase on any of our websites, we will use some of your personal data to carry out anti-fraud activities: we have a legitimate interest in carrying out this activity to prevent and prosecute any fraudulent activity.

Personal Data Processed: Name, billing and shipping address, email address, phone number, payment information, previous order history.

Purpose: When providing your personal data for email communication purposes you also consent to us using tracking technologies in the email to make sure the email has been delivered, that you have opened it and to monitor if you have clicked on any of the links. This information helps us to measure the value of our communications and to provide you with relevant content at the right frequency, in compliance with our Retention Policy.

**_Personal Data Processed: _**Email address and engagement with email and its content.

**_Purpose: _**When you use our live chat facility to message and talk to our Customer Care team we have a legitimate interest to ensure we handle and manage any query you have regarding the products and services we provide.

**_Personal Data Processed: _**Your name, the pages you have viewed and items in your Shopping Bag and any other contact details you might provide to us during the course of the conversation.

Purpose: To make size recommendations for specific garments

**_Personal Data Processed: _**Your clothes and shoe size, age, weight and details of the fit of the item

**_Purpose: _**To collect information on our brand influencers and understand their impact.

**_Personal Data Processed: _**Publicly available data on your social network that includes name, username(s), posts, views, followers, shares, comments and bio descriptions and to which NET‑A‑PORTER may add further information such as contact details (phone number, email and address), industry category, territory, age, gender, favourite products or other relevant information

**Purpose: **When you make a purchase on any of our websites, we will use some of your personal data to carry out anti-fraud activities: we have a legitimate interest in carrying out this activity to prevent and prosecute any fraudulent activity.             

Personal Data Processed: Name, billing and shipping address, email address, phone number, payment information, previous order history.

Purpose: We may use your data to establish or exercise our legal rights or to defend against any legal claims.

**Personal Data Processed: **Identification data and other personal data that may be relevant to the specific legal claim.

**_Purpose: _**From time to time we may target NET‑A‑PORTER.COM visitors with products from our other brands – MR PORTER and THE OUTNET and vice versa.

**_Personal Data Processed: _**Name, IP address, email address, purchase/browsing history


**_Purpose: _**When you make a purchase on our websites and Apps, we are required to process your personal data to meet our legal obligations in accordance with the tax provisions and other statutory rules which apply.

**_Personal Data Processed: _**Contact details and details of your financial transaction with us.

**_Purpose: _**When we process your information in response to you exercising your data subject rights.

**_Personal Data Processed: _**Name, contact information, purchase history, other information you have specifically requested.

3. Who will process your data?

Your personal data will be processed by the internal staff of the THE NET‑A‑PORTER GROUP LIMITED who have been specifically trained and authorised for this processing. In carrying out the processing for distribution of our products and managing our supply chain, the data may also be transmitted to our parent companies YOOX NET‑A‑PORTER GROUP S.p.A and Compagnie Financière Richemont S.A,

Your personal data will also be transmitted to third parties that we use to provide our services; these parties have been rigorously assessed for the way in which they manage personal data and may only use your data for the exact purposes that we specify in the contract with them.  

The third parties in question belong to the following categories:

  • Companies such as payment service providers that help us to process your order.
  • Companies that help us to deliver your purchases such as couriers and parcel delivery companies who deliver your goods and act as Data Controllers for the duration of the delivery process.
  • Professional service providers, such as email delivery suppliers, IT software providers, marketing and research agencies, analytics companies and website hosts who help us to run our business,
  • Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud.
  • Governmental bodies and regulators to comply with our legal obligations.
  • Aggregated data that does not identify individuals is shared with internal teams, relevant service providers and brand partners for business planning purposes

We may also transfer your personal data to a buyer or potential buyer if our assets are acquired by another organisation. The purchaser will be required by law to use your personal data only as described in this Privacy Policy.

4. Data transfer outside the European Union

Now the UK is no longer part of the European Union we rely on standard contractual clauses with third party processors who are providing a service that requires personal data to be transferred from the EU into the UK, alongside any supplementary measures that are deemed necessary on a case-by-case basis. We rely on similar legal arrangements when personal data is transferred from YOOX NET‑A‑PORTER SpA to THE NET‑A‑PORTER GROUP LIMITED.

Some of the third parties listed in the previous section 'Who will process your data?' may be located in countries outside the European Union that nevertheless offer an adequate level of data protection, as established by specific decisions of the European Commission.

The lawful transfer mechanism of your personal data to countries that do not belong to the European Union and that have not been assessed as offering adequate levels of protection will be performed only

  1. after Standard Contractual Clauses have been put in place alongside any supplementary measures that are deemed necessary on a case-by-case basis;
  2. if the transfer is necessary for the purchase of goods offered on our website or for registration on the website or use of services on the website;
  3. for the management of your requests.

5. How long do we keep your data?

We keep your personal data for a limited period of time in line with our data retention policy. The specific retention period will vary according to the reason for processing your personal data. After this period, your data will be permanently erased or otherwise irreversibly rendered anonymous.

6. Your rights

You have the following rights under data protection law:

**The right to request a copy of the personal data that we hold about you.**The right to ask us to correct any inaccuracies in the personal data we hold about you.

The right to withdraw your consent to marketing.

The right to object to our processing of your personal data on the basis of our legitimate interest.  

The right to request the deletion of your personal data in certain circumstances.

The right to data portability to transfer your data to another entity.

The right related to automated decision making including profiling. We use profiling to make relevant and tailored recommendations to you. We do not use automated decision-making processes that would have a potentially damaging effect on you. But if we did, you have the right to obtain human intervention, express your point of view, obtain an explanation of the decision and challenge it.

To exercise any of these rights, you can sign in to your account, contact our Customer Care team at or +44 330 022 5700 or write to our Data Protection Officer (DPO) by writing to "Data Protection Officer" at one of the addresses below, or by email to the DPO address (

Data Protection Officer (DPO)


1 The Village Offices,

Westfield London,

Ariel Way,


W12 7GF

Data Protection Officer (DPO)


Via Morimondo 17,

 20143 Milan,


If you believe that NET‑A‑PORTER GROUP LIMITED are processing your data illegally, you have the right to lodge a complaint with the Supervisory Authority. In the UK, this is the ICO.

As the UK is no longer part of the European Union (EU) we are required to appoint a 'representative in the Union' to handle privacy matters and act as a point of contact for European residents whose data we process. We have appointed YOOX NET‑A‑PORTER GROUP S.p.A as our representative. 

7. Security

We are committed to taking appropriate technical, physical and organisational measures to protect personal information against unauthorised access, unlawful processing, accidental loss or damage, and unauthorised destruction.

In particular, we use security measures that employ pseudonymisation or encryption of your data to ensure the confidentiality, integrity, and availability of your data as well as the resilience of the systems and services that process them. We have the ability to restore the availability and access to personal data in the event of a physical or technical incident. Furthermore, NET‑A‑PORTER GROUP LIMITED undertakes to test, verify and regularly evaluate the effectiveness of technical and organizational measures in order to ensure continuous improvement in the safety of processing

8. Changes to this notice

We keep our Privacy Policy under regular review in order to reflect changes in our services and in privacy regulation. This Privacy Policy was last updated on 1 January 2021. We will contact you if we make significant changes in the Privacy Policy.