Last updated May 2023
Choosing to shop with REISS means you've placed a great deal of trust in us. In sharing your personal information we hope you in return benefit from a tailored and convenient shopping experience. With trust comes responsibility and we take this responsibility very seriously.
If you shop in REISS stores you will find more information at the end of this document about how REISS will use your data.
NEXT and REISS are joint data controllers of your data which means we are jointly responsible for deciding how and why your personal information is used. We’re both also responsible for making sure it is kept safe, secure and handled legally when we are processing it. We operate to the highest standards when protecting your personal information and respecting your privacy.
We are NEXT Plc (company number: 4412362), when we say “we”, “our” or “us” in this policy we are referring to the companies that are part of the NEXT Group.
If you have any questions about your personal information, or how we use it, you can contact our Data Protection Officer via email at email@example.com or by writing to our registered offices below:
UK registered address: Data Protection Officer, NEXT Plc, Desford Road, Enderby, Leicester, LE19 4AT.
EU registered address: Data Protection Officer, NEXT Retail (Ireland) Ltd, 13–18 City Quay, Dublin 2, D02 ED70, Ireland.
If you place an order with us and you are outside of the UK we will transfer the data that we hold on you to NEXT Plc in the UK to facilitate your order.
You have a number of “Data Subject Rights”, we have explained below what they are and how you can exercise them. You can read more about these rights on the Information Commissioner's Office website at www.ico.org.uk, or on your local Data Protection Authority website.
Right of access - You have the right to request a copy of the personal information that we hold about you.
Right to rectification – If you think any of your personal information that we hold is inaccurate, you have the right to request it is updated. We may ask you for evidence to show it is inaccurate.
Right to erasure (also known as the Right to be Forgotten) – You have the right to request that we delete your personal information that we hold.
Right to restriction of processing – You have the right to request we restrict or suppress the personal data we hold about you.
Right to data portability – You have the right to ask us to electronically transfer your personal information to another organisation in certain circumstances.
Rights with regards to automated decision making, including profiling – We sometimes use your personal information to make decisions by automated means. This involves us analysing your account activity including applications, orders, payments etc. We do this to confirm your identity, prevent and detect crime, and lend responsibly. This automated decision making is necessary if you would like to continue to shop with us online. You have a right to reject automated decisions, but it may mean that you can only shop with us in our stores.
Right to withdraw Consent – Where we are relying on your consent for processing you can withdraw or change your consent at any time.
The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information.
We encourage you to get in touch if you have any concerns with how we collect or use your personal information. You have the right to lodge a complaint directly with the Information Commissioner's Office (ICO), the data protection regulator in the UK where NEXT Plc is based. The contact details for the ICO can be found on their website or you may also lodge a complaint with your local Data Protection Authority
We will only ever process your information if we have a lawful basis to do so. The lawful bases we rely on are:
Contract – This is where we process your information to fulfil a contractual arrangement we have made with you.
Consent – This is where we have asked you to provide explicit permission to process your data for a particular purpose.
Legitimate Interests - This is where we rely on our interests as a basis for processing. Generally this is to provide you with the best products and services in the most secure and appropriate way, but not where our interests are overridden by your interests.
Legal Obligation – This is where we have a statutory or other legal obligation to process the information, such as for the investigation of crime or to meet responsible lending criteria.
Vital interests – This is where the processing of personal information is necessary to protect someone’s life.
To process any orders that you place with us and to facilitate any returns (Contract & Consent)
We take payment details to process payment for any credit or debit card orders you place with us. We share these details with our chosen payment processors.
We use your account information plus your chosen delivery address details to; deliver your purchases and keep you informed of their status, and to process any returns including (where appropriate) collecting the item from you.
Our chosen payment processors may store your payment card details at your request to speed up your checkout in the future.
We collect your email address to allow us to send you an e-receipt.
To provide you with access to an account (Contract)
To register an account with us we capture information such as your name, contact and delivery information, and a password to protect your account (account information). We use the same information on an ongoing basis to manage and provide secure access to your account, and provide you with the services you request.
To provide customer service to you (Legitimate Interest)
We record calls and keep correspondence (customer service records) when you contact our customer service teams or interact with us on social media. We use these customer service records to manage your queries or complaints effectively, for quality monitoring and to continually improve our services
To offer and manage any credit we provide to you (Contract & Legitimate Interest)
When you apply for and use credit with us we will use your account information to make searches with third parties who will give us information about you, such as your financial history. We do this to assess your creditworthiness and product suitability.
We use purchase and payment history, along with your account information on a cyclical basis to manage your credit facility with us.
We use your account information, purchase history, payment history and third party information to collect and recover money that is owed to us should your account fall into arrears. Please see the section on “third parties we share data with and receive data from” below for more information.
To personalise and improve your experience when you shop (Legitimate Interest)
We keep a record of how you interact with our website and any marketing you are exposed to, we use this data, along with purchase history, demographics, account information and third party information, to show you products and offers from across our brands that we think you will be most interested in and to tailor your experience.
We use your account information, information on the devices you use to access our sites and your interactions with us to operate personalised features across our websites, apps and communication.
We will use marketing preferences and previous transaction history data to manage customer appointments and make recommendations to you when you shop in store or through virtual appointments.
To inform you about products and services that may interest you (Legitimate Interest)
We use technologies such as cookies within digital marketing networks, ad exchanges and social media networks such as Facebook’s Custom Audience to get relevant marketing messages across to you and other customers. We share aggregated and anonymised information about the customer segments we are interested in reaching with advertising partners, so they can focus on showing adverts to those who are most likely to be interested in our products, services and offers, and to prevent them showing you irrelevant or repetitive advertisements.
We share limited information with selected suppliers to enable them to identify new prospective customers on our behalf and to prevent us repeatedly advertising products or services you have already bought
We receive information on how you interact with our adverts and content on third party websites and social media platforms (such as Google or Facebook) which we use to tailor the information that is displayed to you.
To keep in touch with you (Legitimate Interest & Consent)
Unless you tell us you don’t want us to, when you register for an account and shop with us we start to keep you up to date with news of products and services, offers, promotions and Sale information. You can change your preferences at any time by accessing your online account or by using the link in every email that we send to you.
When we send you communications we use records of how you interact with our website and any other marketing we have sent to you, along with purchase history, to tailor the messages to include information you are most likely to be interested in.
We use your account information to notify you about important service messages, such as material changes to this policy, product recalls or information about your account.
Where you interact directly with the promotion of an event, prize draw or competition, and you provide your consent, we will use the details you provide, specific in that instance, to send invites, identify entrants and winners, or to enter you into the competition, in-line with the terms and conditions.
To ensure the Website and the services we offer you operate properly (Legitimate Interest/Consent)
We use other cookies and similar technologies to help us understand how you use the site, this allows us to optimise your shopping experience and continually improve our site.
We gather information about the devices you use to access our sites (desktop and mobile) for example your IP address and device type, to ensure the site is secure and works across multiple platforms.
We use information for logistics planning, demand forecasting, management information, dealing with errors on our site, and general research and development.
To develop and improve our products, range and services (Legitimate Interest & Consent)
We may contact you to take part in customer satisfaction surveys, if you respond we collect your feedback and contributions (customer feedback). We use this information to develop the services we offer.
We work with information providers that specialise in consumer profiling, such as Experian and Merkle. These organisations provide demographic or other data to help better understand customers' demographics, lifestyles or shopping behaviours, usually linked to the areas where people live.
We use information about how you browse and engage with our website to improve our websites.
We use all information, including third party data in the development of new products, services and systems to ensure they work as expected and will be useful to our customers.
To prevent and detect crime (Legitimate interest/Legal obligation)
We use your account information, order history and payment history to assist in monitoring for fraudulent transactions or suspected money laundering.
When you register an account, apply for credit or contact our call centres we use your account, application and purchase history information to confirm your identity.
We use device identifiers and IP addresses in fraud prevention and investigation, and to maintain network and data security.
To fulfil our legal obligations (Legal obligation)
We use your data to ensure we comply with any requirements imposed on us by law or court order, including disclosure to law or tax enforcement agencies and authorities or pursuant to legal proceedings.
We will share data with regulatory and other official bodies if they make formal requests.
We will maintain records to meet regulatory and tax requirements.
We will use your account information to contact you in connection with product recalls or other similar product quality issues and to comply with our legal obligations in connection with the sale of age restricted products.
What are cookies?
Cookies are small text files that are stored on your computer, mobile device or other web enabled device when you visit the NEXT website or app. Cookies allow us to “remember” your actions or preferences over a period of time, or they may contain data related to the function or delivery of our websites. We also use the term “cookie” to describe similar technologies such as pixels or tags.
What cookies do we use?
NEXT uses the following cookies on our website and apps:
For more detailed information and a full list of cookies used on our website please select “Manually Manage Cookies” at the bottom of the page then click “Cookies Detail”.
Can I turn off or block cookies?
Alternatively, most web browsers allow some control of most cookies through the browser settings. To find out more about how to manage cookies, including how to delete cookies, visit www.allaboutcookies.org
We keep your personal information as long as you are a customer of ours and generally for 7 years afterwards to comply with legal requirements. During that time we take steps to remove any personal data as soon as we no longer need it.
We consider you a customer:
As long as you hold an open credit account,
For 2 years from the point you last made a purchase from our website using a non-credit account, or
During any time we are managing a customer service request from you.
We work with a number of trusted third parties to provide you high quality goods and services. Anybody we work with is subject to stringent security and data privacy assessments before we begin to do business with them and on an ongoing basis.
We always make efforts to anonymise data and only pass over personal information that is absolutely necessary for the purposes it is being processed. We always do so securely.
We have contracts in place with all suppliers that help us to ensure security and privacy of your personal information, these are reviewed and updated regularly and always in line with data protection laws.
NEXT Group companies – We will share your personal information, in certain circumstances with the other companies within the NEXT Group. This is so that we can provide personalised services across our Group.
NEXT and REISS - as joint data controllers NEXT and REISS will share personal information in order to maintain the working relationship, provide continuity of business to you as a customer and to ensure that personal information remains accurate and up to date.
Delivery Partners – Helping us to deliver the goods you order to you including our brand partners that dispatch and deliver goods to you directly.
IT Companies – Supporting us in maintaining our website and other business systems including; providing phone lines, data storage facilities, and providing and supporting Cloud based infrastructure used in providing our products and services.
Marketing Companies and Online Advertising - Helping us to manage our electronic communications to you and to help us show you the advertising you are most likely to be interested in, companies that provide marketing and advertising assistance (including management of email marketing operations, mobile messaging services such as SMS, and services that deploy advertising on the internet or social media platforms, such as Facebook and Google) as well as analysis of the effectiveness of our advertising and communications campaigns.
We use technologies such as cookies, pixels, and device IDs within digital marketing networks, ad exchanges and social media networks such as Facebook’s Custom Audience to get relevant marketing messages across to you.
Consumer profiling organisations - These organisations provide demographic or other data to help better understand customers' demographics, lifestyles or shopping.
Payment processors - Payment card processors to process credit and debit card payments and store payment information.
Credit Reference Agencies (CRAs) - We share your personal information with CRAs on an ongoing basis, including details of settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at:
Experian Credit Reference Agency Information Notice
TransUnion Credit Reference Agency Information Notice
Equifax Credit Reference Agency Information Notice
We also take information from CRAs to allow us to make decisions about your credit account and credit facility.
Fraud prevention services - Before we provide goods and services to you, we use third parties to undertake fraud and money laundering checks and verify your identity. These organisations will report to us on industry fraud indicators and if they have reason to believe an identity is fraudulent. If we have reason to suspect fraud or other criminal offences we will pass your personal information to fraud prevention agencies (such as CIFAS) or law enforcement agencies for the detection, investigation and prevention of crime. If we think there is a risk of fraud, we may suspend activity on your account or refuse access to your account and/or cancel an order. If we do this we will inform you by email or SMS and ask you to contact us.
Debt collection agencies (DCAs) - If you default on repayments to your credit account we may share your data with DCAs to allow them to collect the outstanding debts from you.
Debt purchase companies –Where appropriate will share certain information on defaulted accounts with prospective debt purchasers as part of the negotiations for sale of the debt.
Debt management companies – where we have received appropriate instruction we will share information about your credit account with debt management companies to allow them to assist you with managing your debts.
Research and analytics companies - We may share personal details to allow research companies and feedback providers to contact you directly on our behalf in order to capture your opinions on our products, services, websites and apps. We may ask these research companies to analyse the results so that we can better understand your online experience, which will help us to improve our services. We only provide them with the information they need to perform their function. This may take the form of a survey, where you may be asked to review a product or service you’ve bought or provide general feedback on our products and services. You will always have the choice about whether to take part in our market research or surveys. We may share information with specialist companies to analyse customer information to help us better understand how you use our services and to tailor products, services and offers that may be relevant for you. We utilise companies that help us track and record the way you navigate our website, so that we can understand your online experience and use it to improve our services and offer a more personalised experience.
Product technicians – We use professional third party companies to assist us in independently reviewing issues and complaints with our products. We will share information with these technicians to allow them to review the product and return it to you or to review the product in your home.
General service companies - Such as insurance companies, printers and mailing houses that assist us in providing our products and services.
Regulators and law enforcement - We will share data with regulators and other official bodies (including law enforcement) if they make formal requests or pursuant to legal proceedings.
Our main operations are based in the UK and your personal information is generally processed, stored and used within the UK and other countries in the European Economic Area (EEA). In some instances your personal information may be processed outside the European Economic Area. We work with suppliers and partners who may make use of Cloud and /or hosted technologies across multiple geographies.
Where we need to transfer your data outside of the UK or EEA we will use one of the following safeguards:
The European Commission approved standard contractual clauses in contracts for the transfer of personal data to third countries.
The International Data Transfer Agreement and Addendum for the transfer of personal information to third countries.
Other EU approved mechanisms, as required by data protection legislation. More information of these measures can be found at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/rules-international-transfers-personal-data_en
For customers who are based outside of the UK, we will transfer your personal data to the UK and may also transfer your personal data to third parties located in the UK to your country of residence to enable us to supply products you order from us.
We always ensure that personal data is secure by continuously developing our security systems and training for our employees. We have implemented appropriate technical and organisational security measures designed to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of processing, in accordance with applicable law.
Under the California Consumer Privacy Act (the ‘CCPA’), California residents have certain rights regarding the personal information that businesses have about them. This includes the rights to request access or deletion of your personal information, as well as the right to direct a business to stop selling your personal information.
The CCPA rights
Right to opt-out of sale:
While NEXT does not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). We support the CCPA and wish to provide you with control over how your personal information is collected and shared.
Right to request disclosure:
You have the right to request disclosure about what categories of Personal Information NEXT has sold or disclosed for a business purpose about you and the categories of third parties to whom the personal information was sold or disclosed. You have a right to request disclosure of specific pieces of personal information. Below is a complete list of the personal information that you can include in your request.
Right to request deletion:
You have the right to request that NEXT delete any personal information about you that was collected from you. Please note that there are exceptions where NEXT does not have to fulfil a request to delete personal information, such as when the deletion of information would create problems with completing a transaction or compliance with a legal obligation.
Right to non-discrimination:
NEXT will not discriminate against you (e.g., through denying goods or services or providing a different level or quality of goods or services) for exercising any of the rights afforded to you.
How do we handle your requests?
We endeavour to respond to a verifiable consumer request within the required timeframes. If we need more time, we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain why we cannot comply with a request, if applicable. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
California and Delaware “Do Not Track” disclosures
California and Delaware law require NEXT to indicate whether it honours your browser’s “Do Not Track” settings concerning targeted advertising. NEXT adheres to the standards set out in this Notice and does not monitor or respond to Do Not Track browser requests.
We do not knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, please do not attempt to register for NEXT services or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us their personal information, please contact us.
When you shop in a REISS store REISS are the data controller of that data. REISS uses CCTV for security monitoring, and to protect customers, staff and products. CCTV is processed under legitimate interests. REISS ordinarily keep the footage for twenty-eight days after the date of capture, following which it is overwritten, although it may be processed for longer, for example if it is relevant to an investigation. REISS do not share this data, other than as required with authorities such as the police and the emergency services. Your rights regarding this footage are as set out in the “Your rights” section above.
Should you need to contact us please write to:
UK registered address:
Data Protection Officer
EU registered address:
Data Protection Officer
NEXT Retail (Ireland) Ltd
13–18 City Quay
or you can email: firstname.lastname@example.org
Are you sure you want to navigate away from this site?
If you navigate away from this site
you will lose your shopping bag and its contents.