The information you provide when making a job application is processed by Abercrombie & Fitch Management Co., 6301 Fitch Path, New Albany, Ohio, USA ( “A&F,” “we,” “us,” “our”) and the relevant local Abercrombie & Fitch entity in the United Kingdom (“UK”) or European Economic Area (“EEA”). A full list of Abercrombie & Fitch entities can be found at the end of this notice..
PURPOSES
If you fill out an employment application, we will collect personal data such as your name and contact details, including your personal e-mail address, and, where appropriate, your resume/curriculum vitae. We will use this information for recruitment management purposes, which include evaluating you as a candidate for the position(s) for which you apply and any other positions that we consider you may be suitable for and to contact you about these positions. If you are hired, we may also use your e-mail address to communicate with you for reasons related to your employment.
JUSTIFICATION FOR PROCESSING
Our processing of your personal data is necessary for A&F’s legitimate interests in recruiting associates. The application process requires you to provide your personal data, except in limited instances where A&F indicates that certain information is voluntary. If you refuse to share personal information with A&F, we may not be able to hire you.
STORING YOUR INFORMATION
We store and process your personal data in the United States and in your country, if you are located outside the United States, for the purposes mentioned above. The time period for which we keep personal data depends on the purpose for which we collected it. In all cases we keep it for as long as necessary to fulfil the purposes for which we collected it. We will then delete the personal data, unless we are legally required to retain it or if we need to retain it to comply with our legal obligations.
SHARING YOUR INFORMATION WITH OUR GROUP
For purposes related to those mentioned above, we may disclose the information that you provide to us with any member of our group, which means our subsidiaries, our ultimate holding company and the subsidiaries of our holding company, which may be located outside the UK and EEA, including those countries which do not ensure an adequate level of data protection.SHARING YOUR INFORMATION WITH THIRD PARTIES
For purposes related to those mentioned above, we may disclose the information that you provide to us with our service providers. We or they may also need to disclose your personal data if required to do so under applicable laws, rules, or regulations. Any service providers engaged by A&F will have access to your personal data solely to the extent necessary to enable them to perform those services on A&F’s behalf and are required to appropriately safeguard the privacy and security of your personal data.
APPLICANTS IN THE UNITED KINGDOM AND EUROPEAN ECONOMIC AREA
a. Transferring Data Outside the UK and EEA A transfer of your personal data may take place to countries outside the UK and EEA, such as the United States, which do not ensure an adequate level of data protection. We will therefore ensure – where necessary – that all adequate safeguards are in place and that all applicable laws and regulations are complied with in connection with such transfer. You may request information about the safeguards that we have put in place regarding such transfers by contacting us as described in the Questions About Privacy section below.
b. Your Rights Subject to applicable law, you may (1) request access to the personal data we maintain about you; (2) request that we update, correct, amend, or erase your personal data; or (3) request the restriction of our use of your personal data. You also may object at any time to the use of your personal data, on grounds relating to your particular situation, where we use that data based on our legitimate interests as described above.
If you wish to exercise these rights, please contact us as specified in the Questions About Privacy section below. For further information about your privacy rights, please contact your local data protection supervisory authority or consumer protection agency. If you are not satisfied by our response, you may lodge a complaint with the data protection supervisory authority in your country.
INFORMATION SECURITY
Abercrombie & Fitch Co.’s (A&F Co.) Digital Site Compliance team conducts regular audits of the various compliance features across the company’s websites and digital experience. This includes A&F Co.’s privacy policy language, consent collection, email collection, opt-out procedures, and subject access request procedures. All components of these audits are performed on a rolling basis but are completed at least annually.
A&F Co. tracks cybersecurity as an enterprise risk, which is reflected in its 10-K and reports multiple times a year to executive governance via the Enterprise Risk Management process, the Audit Committee, and the Board of Directors. A&F Co. performs an average of 20 external information risk assessments each year, including formal audits through PCI and SOX obligations. The results of these assessments are shared with the various groups mentioned above.
PRIVACY TRAINING AND INFORMATION SECURITY TEAM
Abercrombie & Fitch Co. (A&F Co.) values our customers’ privacy, and we are committed to protecting their personal information. A&F Co. trains our global home office, stores, and distribution center associates on customer data handling and privacy best practices on an ongoing basis. The company provides additional training to individual teams on privacy compliance best practices and emerging risks as needed. Targeted training occurs frequently throughout the year and regular audiences include the Marketing, Data Analytics and User Experience teams. In addition, the Information Security Team provides ongoing, company-wide training on email phishing.
The Privacy and Information Security teams conduct risk assessments of every new third-party vendor who will handle customer information. These third party vendors are then required by contract, where applicable, to treat customer information compliantly and with care.
QUESTIONS ABOUT PRIVACY
If you have any questions, comments or concerns regarding our privacy practices or our legal compliance, please email us at privacy@anfcorp.com or write to us at the address set out below:Attn: Legal-Privacy Team Abercrombie & Fitch 6301 Fitch Path New Albany, Ohio 43054 US
EQUAL OPPORTUNITY EMPLOYMENTAbercrombie & Fitch Co. is an equal opportunity/affirmative action employer © Abercrombie & Fitch Co. 2012.
LOCAL A&F ENTITIESAUSTRIA
A&F Hco Stores AT GmbH
Office Park I
Top B02
1300 Wien-Flughafen, AustriaBELGIUM
AFH Belgium SPRL
Square de Meeus
37 – 4th Floor
1000 Brussels, BelgiumFRANCE
Abercrombie & Fitch (France) SAS
64-66 Rue des Archives
75003, Paris, FranceGERMANY
Spaces Kennedydamm
Floor 3, Kaiserswerther Street 135
Dusseldorf 40474IRELAND
A&F Hollister Ireland Limited
c/o A&L Goodbody
25-28 North Wall Quay
Dublin 1, IrelandITALY
Abercrombie & Fitch Italia S.R.L.
Via Fabio Filzi, 25/A Torre A
20124 Milano, ItalyNETHERLANDS
AFHCo Stores NL BV
Laarderhoogtweg 25
1101 EB Amsterdam
The NetherlandsPOLAND
AFH Poland sp. Z o.o
Inoffice group
Tarasy Business Center
59 Zlota str.
00-120 WarsawSPAIN
Abercrombie & Fitch Spain S.L.
Calle Pepe Isbert 11B, Piso 2D
28017 Madrid, SpainSWEDEN
AFH Sweden Aktiebolag
c/o Regus
Svetsarvägen 15
171 41 Solna, SwedenUNITED KINGDOM
AFH Stores UK Limited
3 Savile Row
London W 1S 3PB
United Kingdom