Privacy Notice for Customers of Ann Summers
Version 2.2
August 2024
Introduction
We take the safety and security of our customers’ personal information seriously and have prepared this Privacy Notice to explain to you, our customers, how we use that personal information.
We keep this Notice under regular review, and this version was last updated on 1 August 2024.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
1. Important information and who we are
Purpose of this notice
This Notice tells you about your privacy rights and how the law protects you and sets out the basis on which we use the personal information you share with us.
To make sure you have a full picture of how we collect and use your personal information, this Notice describes:
- The types of information we collect about you;
- who is responsible for that personal information;
- how we will use it;
- who we may disclose it to; and
- your rights and choices in relation to it.
In this Notice we use the words personal information to describe information that is about you and which identifies you.
You have the right to object to our use of your personal information in certain circumstances. A summary of your right to object (along with your other legal rights relating to that personal information) and the details of who to contact if you want to exercise them can be found in the 'Your rights in relation to your personal information' section below.
It is important that you read this Notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you so that you are fully aware of how and why we are using your personal information. This Notice supplements other notices and privacy policies and is not intended to override them.
Our website and products are not intended for people who are under the age of 18, and we do not knowingly collect data relating to children.
Who is responsible for the personal information that we hold?
Ann Summers Limited, which owns the brand ‘Ann Summers’ is a company registered at Gold Group House, Godstone Road, Whyteleafe, CR3 0GG, United Kingdom with company number 01034349.
‘Ann Summers’ is also used as a trading name by Ann Summers Ireland (Retail) Limited, which is a company registered at 38 Upper Mount Street, Dublin 2, Dublin, Ireland in the Republic of Ireland with company number 302789.
If you shop in a store of ours that is located in the Republic of Ireland, both Ann Summers Ltd and Ann Summers Ireland (Retail) Limited dictate the purpose for which your personal information is used and how it is used and both companies are joint controllers of your personal information. In all other cases, Ann Summers Limited dictates the purpose for which your personal information is used and how it is used and is the controller of your personal information.
Contact Information
Both companies have appointed a single Data Privacy Manager who is contactable by email to support@annsummers.com, or by post at Gold Group House, Godstone Road, Whyteleafe, CR3 0GG.
2. The Personal information we collect about you
The personal information that we collect, use and store about you may include the following:
| Category | Examples | Collected from |
| Identity | name, social media handle, title and date of birth, your image | You, when you sign up for an account, place an order, or attend one of our stores. |
| Contact | billing address, delivery address, email address and telephone numbers | You, when you sign up for an account or place an order. |
| Financial | bank account and payment card details | You, when you make payment for a purchase. |
| Transaction | details about payments to and from you and other details of products and services you have purchased from us | You, when you purchase products from us. |
| Technical | internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website | You, when you browse our website. |
| Profile | your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses | You, when you place an order, complete a survey or browse our website. |
| Usage | information about how you use our website, products and services | You, when you browse our website. |
| Marketing | your preferences in receiving marketing from us and our third parties and your communication preferences | You, when you make a purchase, subscribe to our mailing list. |
| Sensitive Information | Information that relates to, or is suggestive of, your sex life or sexual orientation | You, based on the products you purchase from us. |
A note about Sensitive Information
Due to the nature of business, unusually we have cause to collect and process the Sensitive Information set out above. We will only ever use this Sensitive Information for the purpose of fulfilling your order, and/or in accordance with your explicit consent.
3. How we use your personal information
We use your personal information in various ways, for a variety of different purposes, and we will only ever use if we have a legal reason to do so. Sometimes we might ask for your explicit consent to process your data in a certain way (including when we are required to handle Sensitive Information), but mostly we will rely on other legal reasons, which include the following:
- it is necessary to enter into or perform the contract we have with you;
- it is necessary to comply with our own legal obligation that we are subject to;
- it is in our legitimate interests to process your personal information, and your fundamental rights do not override those interests.
We have set out in the table below the main purposes for which we use your personal information, together with the applicable legal basis that we rely on for doing so. Where we rely on our legitimate interests as a legal basis, we have also set out those interests.
| Purpose | Type of Data | Legal Reason |
| To register you as a new customer |
|
To perform the contract we have with you |
| To process and deliver your order including: (i) to select your products and pack your order; (ii) to provide updates on your delivery status; (iii) to manage payments, refunds and (iv) to collect and recover money owed to us |
|
|
| To manage our relationship with you, which will include: (i) notifying you about changes to our terms or privacy policy; (ii) managing any complaints or enquiries; (iii) notifying you about any product recalls |
|
|
| To enable you to partake in a prize draw, competition or complete a survey. |
|
|
| To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) |
|
|
| To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you |
|
Legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
| To ask you to leave a review for a product you have purchased. |
|
Legitimate interests |
| To use data analytics to improve our website, products/services, marketing, customer relationships and experiences. |
|
Legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
| To make suggestions and recommendations to you about goods or services that may be of interest to you. |
|
Legitimate interests (to develop our products/services and grow our business) |
| To allow us to survey the activity inside our stores using CCTV. |
|
Legitimate interests (crime prevention and ensuring the safety of our staff) |
How do we use your personal information for marketing?
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms to help ensure that you only receive the marketing, advertising and offers that may be relevant to you.
Promotional offers from us
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have requested information from us or purchased products from us and you have not opted out of receiving that marketing.
Third party marketing
We will get your express consent before we share your personal data with any third party for marketing purposes.
Opting out
You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product purchase.
Cookies
You can set your browser to refuse all or some browser cookies, or to alert you when website set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see Cookie Policy.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law
4. How we share your personal information
Transfers to third parties
We may transfer personal information to third parties as follows:
- Data processors. These organisations will process your personal information on our behalf for the purposes described above.
- Professional advisors. These include accountants, lawyers and auditors that assist us in carrying out our business activities.
- Regulators, authorities, and other third parties. As necessary for the purposes described above, personal information may be transferred to courts and other authorities (e.g. HMRC and law enforcement agencies).
- Third parties that offer alternative or deferred payment options. These third party providers include Klarna, Clearpay and Paypal and Global-e. If you select one of these payment methods at the checkout, we will pass your contact and order details to that provider so they can assess whether you qualify for their payment methods, and to tailor those payment methods for you. If we do this, your personal information will be controlled by the provider, and subject to their own privacy policy.
Klarna’s Privacy Policy is available here. - Third parties to whom we may transfer or sell our business or its assets.
For a full list of the categories of third parties that we may share your personal information with, please contact us.
We require all third parties to whom we disclose your personal information to treat it securely and in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Where will we transfer your personal information?
Our head office is located in the UK. Some of the recipients we may share your personal information, with may be in countries outside of the UK, so their processing of your personal information will involve a transfer outside of the UK.
Whenever we transfer your personal information out of the UK, we are committed to taking all necessary measures to ensure that transfers of your personal information are adequately protected as required by applicable data protection law. This includes ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information.
- Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal information the same protection it has in the UK.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the UK.
5. How long we hold your personal information for
Our policy is to not keep personal information for longer than is necessary. By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see your legal rights below for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
6. How we store your data
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have also put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
7. Your legal rights
You have several legal rights in relation to your personal information.
- The right to be informed. This is why we have provided you with this Notice, detailing exactly how we will use your information and for what purpose.
- The right of access your personal information. YYou have the right to request a copy of the information we hold about you.
- The right to correct your personal information. You have the right to ask us to correct the personal information that we hold about you if it is incorrect or incomplete.
- The right to withdraw your consent. Where we are relying on consent to process your personal information you have the right to withdraw that consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
-
The right to erasure of your personal information. In certain circumstances you have the right to ask that your personal information be deleted. For example:
- If it is no longer necessary for us to retain your personal information in relation to the purposes for which it was collected;
- if you withdraw your consent, and there is no other legal ground that we may rely on for the continued use of your personal information;
- if you object to the use of your personal information (as set out below);
- if we have used your personal information unlawfully; or
- if your personal information needs to be erased to comply with a legal obligation.
-
The Right to Object. You have the right to object to the processing of your personal information in certain circumstances. For example:
- if we are relying on a legitimate interest to process your personal information and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms; and
- if you object to the use of your personal information for direct marketing purposes.
-
The right to restrict the use of your personal information. You have the right to suspend our use of your personal information in certain circumstances. For example:
- if you want us to establish the accuracy of the personal information;
- if our use of the personal information is unlawful but you do not want us to erase it;
- if you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- if you have objected to our use of your personal information and we are verifying whether our grounds for the use of your personal information override your objection.
- The right to request that your personal data is transferred to you or a nominated third party. If you initially provided consent for us to use your personal information, or where we you’re your personal information to perform a contract with you, you have the right to request a copy of your personal information to be provided to you in a commonly used, or “machine readable, format”.
You also have the right to lodge a complaint with the supervisory authority in the UK, which is the Information Commissioner's Office (the 'ICO') or, where you are a customer located in the Republic of Ireland, the supervisory authority in the Republic of Ireland, which is the Data Protection Commission, as applicable. More information can be found here: https://ico.org.uk/ or https://www.dataprotection.ie.
Exercising your rights
If you require our assistance to exercise any of these rights, please contact us.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Privacy Notice for Customer Service Users of Ann Summers
Version 1.0
February 2025
Introduction
We take the safety and security of your personal information seriously and have prepared this Privacy Notice to explain to you, the users of Ann Summers’ customer service function, how we use that personal information.
We keep this Notice under regular review, and this version was last updated on 1 February 2025.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
1. Important information and who we are
Purpose on this Notice
This Notice tells you about your privacy rights and how the law protects you and sets out the basis on which we use the personal information you share with us. To make sure you have a full picture of how we collect and use your personal information, this Notice describes:
- the types of information we collect about you;
- who is responsible for that personal information;
- how we will use it;
- who we may disclose it to; and
- your rights and choices in relation to it.
In this Notice we use the words personal information to describe information that is about you, and which identifies you. You have the right to object to our use of your personal information in certain circumstances. A summary of your right to object (along with your other legal rights relating to that personal information) and the details of who to contact if you want to exercise them can be found in the 'Your rights in relation to your personal information' section below.
It is important that you read this Notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you so that you are fully aware of how and why we are using your personal information, such as the Customer Privacy Notice that would have been made available to you if and when you purchased products from us. This Notice supplements those other notices and is not intended to override them.
Our website and products, and also our customer service function, are not intended for people who are under the age of 18, and we do not knowingly collect data relating to children.
Who is responsible for the personal information that we hold?
Ann Summers Limited, which owns the brand ‘Ann Summers’ is a company registered at Gold Group House, Godstone Road, Whyteleafe, CR3 0GG, United Kingdom with company number 01034349.
‘Ann Summers’ is also used as a trading name by Ann Summers Ireland (Retail) Limited, which is a company registered at 38 Upper Mount Street, Dublin 2, Dublin, Ireland in the Republic of Ireland with company number 302789.
If you are contacting us concerning a product that you purchased in the Republic of Ireland, both Ann Summers Ltd and Ann Summers Ireland (Retail) Limited dictate the purpose for which your personal information is used and how it is used and both companies are joint controllers of your personal information. In all other cases, Ann Summers Limited dictates the purpose for which your personal information is used and how it is used and is the controller of your personal information.
Contact Information
Both companies have appointed a single Data Privacy Manager who is contactable by email to dataprotection@annsummers.com, or by post at Gold Group House, Godstone Road, Whyteleafe, CR3 0GG.
2. The personal information we collect about you
When you access our Customer Services Function you may provide to us, and we may collect, use and store the following types of personal information:
| Category | Examples |
| Identity | Name |
| Contact | Billing address, delivery address, email address and telephone numbers |
| Financial | Bank account and payment card details |
| Transaction | Details about payments to and from you and other details of products and services you have purchased from us |
| Technical | Not applicable for customer service users |
| Profile | Not applicable for customer service users |
| Usage | Information about you that you have provided to us when you have used our customer services function previously |
| Marketing | Not applicable for customer service users |
| Sensitive Information | Information that relates to, or is suggestive of, your sex life or sexual orientation, or that relates to injuries or medical conditions that may be attributable to your use of our products |
A note about Sensitive Information
Due to the nature of the products sold by our business, unusually we may have cause to collect and process the Sensitive Information set out above. We will only ever use this Sensitive Information for the purpose of managing your customer service issue, and/or in accordance with your explicit consent.
3. How we use your personal information
When you provide your personal information in order to access and make use of our customer services function, we will only ever use it for the purpose of managing your complaint or query and if we have a legal reason for doing so.
Additionally, if we may be required to handle your Sensitive Information, we might ask for your explicit consent to process your personal information in a certain way, but mostly we will rely on other legal reasons, which include the following:
- it is necessary to enter into or perform the contract we have with you;
- it is necessary to comply with our own legal obligation that we are subject to;
- it is in our legitimate interests to process your personal information, and your fundamental rights do not override those interests.
We have set out in the table below the main purposes for which we use your personal information to provide our customer service function, together with the applicable legal basis that we rely on for doing so. Where we rely on our legitimate interests as a legal basis, we have also set out those interests.
| Purpose | Type of Data | Legal Reason |
| To identify you as a customer where you have raised a query relating to an order |
|
To perform the contract we have with you |
| To respond to queries or complaints that relate to the processing and delivery of your order including: (i) to provide updates on your delivery status; and (ii) to manage payments, refunds and goodwill gestures. |
|
|
| To respond to complaints that relate to an injury you may have suffered when using our products |
|
|
| Where you are a potential rather than an actual customer, to provide information about a product you have enquired about |
|
|
How do we use your personal information for marketing?
We will not use the personal information you provide to our customer service function for marketing or promotional purposes, nor will we share that data with any third party for marketing purposes.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law
4. How we share your personal information
Transfers to third parties
We may transfer personal information to third parties as follows:
- Data processors. These organisations will process your personal information on our behalf for the purposes described above.
- Professional advisors. These include accountants, lawyers and auditors that assist us in carrying out our business activities.
- Regulators, authorities, and other third parties. As necessary for the purposes described above, personal information may be transferred to courts and other authorities (e.g. law enforcement agencies).
- Third parties to whom we may transfer or sell our business or its assets.
For a full list of the categories of third parties that we may share your personal information with, please contact us.
We require all third parties to whom we disclose your personal information to treat it securely and in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Where will we transfer your personal information?
Our head office is located in the UK. Some of the recipients we may share your personal information with may be in countries outside of the UK, so their processing of your personal information will involve a transfer outside of the UK.
Whenever we transfer your personal information out of the UK, we are committed to taking all necessary measures to ensure that transfers of your personal information are adequately protected as required by applicable data protection law. This includes ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information.
- Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal information the same protection it has in the UK.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the UK.
5. How long we hold your personal information for
Our policy is to not keep personal information for longer than is necessary. By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see your legal rights below for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
6. How we store your data
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have also put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
7. Your legal rights
You have several legal rights in relation to your personal information.
- The right to be informed. This is why we have provided you with this Notice, detailing exactly how we will use your information and for what purpose.
- The right of access your personal information. You have the right to request a copy of the information we hold about you.
- The right to correct your personal information. You have the right to ask us to correct the personal information that we hold about you if it is incorrect or incomplete.
- The right to withdraw your consent. Where we are relying on consent to process your personal information you have the right to withdraw that consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent
- The right to erasure of your personal information. In certain circumstances you have the right to ask that your personal information be deleted. For example:
- The Right to Object. You have the right to object to the processing of your personal information in certain circumstances. For example:
- The right to restrict the use of your personal information. You have the right to suspend our use of your personal information in certain circumstances. For example:
- The right to request that your personal data is transferred to you or a nominated third party. If you initially provided consent for us to use your personal information, or where we you’re your personal information to perform a contract with you, you have the right to request a copy of your personal information to be provided to you in a commonly used, or “machine readable, format”.
- If it is no longer necessary for us to retain your personal information in relation to the purposes for which it was collected;
- if you withdraw your consent, and there is no other legal ground that we may rely on for the continued use of your personal information;
- if you object to the use of your personal information (as set out below);
- if we have used your personal information unlawfully; or
- if your personal information needs to be erased to comply with a legal obligation.
- if we are relying on a legitimate interest to process your personal information and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms; and
- if you object to the use of your personal information for direct marketing purposes.
- if you want us to establish the accuracy of the personal information;
- if our use of the personal information is unlawful but you do not want us to erase it;
- if you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- if you have objected to our use of your personal information and we are verifying whether our grounds for the use of your personal information override your objection.
You also have the right to lodge a complaint with the supervisory authority in the UK, which is the Information Commissioner's Office (the 'ICO') or, where you are a customer located in the Republic of Ireland, the supervisory authority in the Republic of Ireland, which is the Data Protection Commission, as applicable.
Exercising your rights
If you require our assistance in order to exercise any of these rights, please contact us.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Sign up to emails and get
15% OFF
your first order
Stay in the loop on all things Ann Summers:
Updates on new arrivals, inspiration, offers and events!
*Discount only available on full price products and 5% off discounted products
By inputting your information, you agree that we can use it in accordance with our Privacy Policy. You are able to unsubscribe from marketing at any time. By proceeding you agree to our Terms and Conditions.
You must be over 18 to join our mailing list.
By inputting your information, you agree that we can use it in accordance with our Privacy Policy. You are able to unsubscribe from marketing at any time. By proceeding you agree to our Terms and Conditions.
You must be over 18 to join our mailing list.
Sign up to emails and get up to 15% OFF your first order
*15% Discount only available on full price products and 5% off discounted products
Stay in the loop on all things Ann Summers: Updates on new arrivals, inspiration, offers and events!
By inputting your information, you agree that we can use it in accordance with our Privacy Policy. You are able to unsubscribe from marketing at any time. By proceeding you agree to our Terms and Conditions.
You must be over 18 to join our mailing list.