Privacy policy

This policy should be read in conjunction with our Terms of Service.

Who we are

This Privacy Policy is issued by Measmerize LTD Italian branch, whose registered address is Via Francesco Daverio, 6 – 20122 Milan (Italy) and Measmerize LTD UK branch, whose registered address is 2 Hampton Court Road, First Floor, Birmingham (England) B17 9AE (collectively, "Measmerize," "we," "us").

Introduction

Our mission is to provide you with an accurate size recommendation, and for this purpose we collect information about you. As explained on this Privacy Policy, we may collect information from different sources, for example directly from you (when you input data on our Measmerize Widget ("Widget"), which is used to provide size recommendations. We may also collect information on your internet browsing through cookies and other tracking technologies. We make use of advanced AI solutions based on machine learning, which allow us to provide accurate size recommendations. The AI based technology is not used for any decision-making process or other activities which may have a material impact on your life. We use them only to provide specific and accurate size recommendations.

We may also receive information from brands that we partner with ("Brand") when you interact and make a purchase on websites of the Brand ("Brand Website"), notably information on your purchases and returns made on the Brand Website.

For the information that Brand shares with us, we and Brand are in control of personal information and act as independent controllers. The purposes and conditions of the data processing by Measmerize are specified in details in this Privacy Policy.

We collect and process your personal information with utmost care, and in compliance with the EU Regulation 2016/679 (GDPR) and other applicable data protection laws (collectively, "Privacy Laws").

We strive to provide with an accurate size recommendation, but we cannot and do not guarantee that our recommendations are correct, accurate and free of errors. Our recommendation is in no way binding for you and you may choose a different size than the one indicated.

This Privacy Policy applies to the website www.measmerize.com, to the Widget and other applications that we manage, where we'll post this Privacy Policy, which explains what kind of personal information we collect, how we use it, for how long we store it, who we might share it with, and your rights in relation to the information we collect.

Within this privacy policy, we will address the following topics:

  1. What personal information do we collect and how do we collect it?
  2. Why do we collect your personal information and what is the legal basis for processing and for how long we keep your personal data?
  3. How long do we keep your personal information?
  4. Who do we share personal information with?
  5. How is personal information secured?
  6. How can I exercise my privacy rights?
  7. How can I contact Measmerize?
  8. Additional Terms.

This Privacy Policy was last updated in October 2024.

We invite you to regularly review this Privacy Policy in order to acknowledge any updates on collection and conditions of processing your personal data.

Before submitting any personal data, please read this Privacy Policy carefully to understand how we process your personal data and the features of said processing.

By accessing or using our website, the Widget, our applications and by interacting with us, you confirm that you have read this Privacy Policy and that you understand how we collect, process, use and disclose your personal data as herein described.

What personal information do we collect and how do we collect it?

We collect information directly from you or from other sources, as below specified.

(i) Personal Information you provide us. We collect personal information by asking you questions about yourself in order to define the best size recommendation for you for a specific product. We upload our Widget on the Brand Website and when you open it to receive size recommendations, we ask you, depending on the product you're browsing, the following 'Widget Information':

  • for shoes: gender, year of birth, weight, height, usual shoe size, country/region of origin, width of foot sole (narrow, average, wider);
  • for apparel: gender, year of birth, weight, height, bra size, country/region of origin, qualitative description of body for shoulder, chest, waist, hips, leg length (smaller, average, wider).

(ii) Personal Information we receive from Brand.

Brand we partner with provides us with some information relating to the fit of their products. This is information about Brand's products and does not contain personal information relating to you.

In addition, Brand may provide us with information on the products you purchase (and potentially return) on the Brand Website, such as product code; price; size; quantity per size; reason for return, as applicable, transaction code, in pseudonymized form that does not allow us to identify you (the 'Brand Information').

(iii) Personal Information automatically collected. While you visit our website, applications and while you use our Widget and/or visit the Brand Website, we automatically collect information through cookies and other tracking technologies.

For more specific information on the cookies and other tracking technologies we use, please refer to our Cookie Policy.

We receive information from analytics cookies (like Google analytics) which are third party cookies placed on our website and the Brand Website providing us with information on your interaction with the websites and your Internet browsing. For these cookies, you may provide or deny consent as you land on the Brand Website through the cookie banner.

We also use cookies in our Widget, which are first-party cookies and provide us with the information you upload on our Widget and on interaction with the same, on the products browsed on the Brand Website and recommendations you receive. For these cookies, you may provide or deny consent as you land on the Brand Website through the cookie banner.

Tracking script. This is a code script that is placed on the Brand Website and when you create an order, the following information is transmitted to us: order number, whether to purchase products you received a size recommendation and, in case you did, what size was recommended to you.

Why do we collect your personal information, what is the legal basis for processing and for how long we keep your personal data?

Below you can see a chart where we explain the purposes of data processing by Measmerize and, as applicable in your jurisdiction, the relevant legal basis, what personal information we process in relation to the processing purposes below identified and for how long your personal information is kept.

Purpose of processingLegal basis of processingPersonal Information processedData retention period
Preparing reports on the performance of our size recommendation services.Art. 6.1 (f) GDPR (legitimate interest).Widget Information; Brand Information.Personal data will be kept for six months and thereafter will be made irreversibly anonymous.
Facilitating your size selection on the Brand Website.Art. 6.1 (f) GDPR (legitimate interest).Widget Information; Brand Information.Personal data will be kept for six months and thereafter will be made irreversibly anonymous.
Providing you with our recommendation services.Art. 6.1 (b) GDPR (processing is necessary for the performance of a contract with you, notably to provide you with the requested size recommendation services).Widget Information; Brand Information.Personal data will be kept until you receive our recommendation services and close our Widget.
To ensure the proper technical functioning of our size recommendation services, to prevent frauds, misuse of IT systems as well as the update and evolution of our services and to improve the usability and experience of the Widget.Art. 6.1 (f) GDPR (our legitimate interest).Widget Information; Brand Information.Personal data will be kept for six months and thereafter will be made irreversibly anonymous.
To provide personalized recommendations and remember the Widget Information and size recommendations provided to you on different Brand’s websites.Art. 6.1 (a) GDPR (your consent).Personal Information collected through cookies and other tracking technologies – other than technical/necessary cookies.Personal data will be kept for the time specified in our Cookie Policy, which is linked through the Brand’s cookie banner and cookie policy, and thereafter will be made irreversibly anonymous, unless you revoke your consent before.
To respond to your requests or claim you wish to make by telephone, email and ordinary mail.

Art. 6.1 (b) GDPR (processing is necessary for the performance of a contract with you, for information functional to delivery to you of our services).

Art. 6.1 (f) GDPR (our legitimate interest in responding to your requests).

Widget Information; and other information necessary for this purpose.Personal data will be kept for one month and then will be deleted.
To comply with applicable laws and regulations.Art. 6.1 (c) GDPR (processing is necessary for compliance with a legal obligation to which we are subject).Widget Information; and other information necessary for this purpose.Personal data will be kept until necessary to comply with our obligations under applicable laws and regulations and thereafter will be deleted.
To defend or exercise a legal claim, including possible related investigations.Art. 6.1 (f) GDPR (processing is necessary for the purposes of our legitimate interests).Widget Information; and other information necessary for this purpose.Personal data will be kept until necessary to exercise or defend our claims under applicable laws and regulations and thereafter will be deleted.
Potential merger and acquisition activities.Art. 6.1 (f) GDPR (processing is necessary for the purposes of our legitimate interests).Widget Information; Brand Information and other information necessary for this purpose.Personal data will be kept until necessary to finalize the merger and acquisition activities and thereafter will be deleted.

When Measmerize relies on legitimate interest as legal basis for the processing, a balancing test is performed in order to ensure that your interests and fundamental rights and freedoms are not overridden. Further information may be obtained by contacting Measmerize as described below. The legitimate interests of Measmerize could in particular be enhancing size recommendation, improving our services and the accuracy of our recommendations, prevention of fraud, misuse of IT systems, IT and network security, internal investigations, or potential merger and acquisition activities.

You are not required to provide all personal information identified in this Privacy Policy to use our size recommendation services or to interact with us, but we may not provide the services or information you request if you do not provide certain personal data.

In the above chart listing the purposes of processing, when the legal basis of processing is contract performance or compliance with laws and regulations, providing of data is mandatory and if you do not provide them, we will not be able to respond to your request or provide the requested size recommendation services. When the legal basis is legitimate interest, providing of data is functional to the applicable processing purposes and denial may jeopardize the same. For the processing purposes based on consent (i.e., cookies and other tracking technologies), providing of data is optional and not providing data will not have any consequence.

We may also link and/or combine the information we collect about you from the various devices you use.

How long do we keep your personal information?

We will only keep your data for as long as necessary to carry out our services or as long as we are required by law. Please see the section Why do we collect your personal information, what is the legal basis for processing and for how long we keep your personal data above for further information on data retention periods.

Please be aware that Measmerize uses an automated process to provide you with a recommendation. We do not consider this to be an “automated decision” (as defined by GDPR) as you are free to make any final decision regardless of what we recommend.

Who do we share personal information with?

Protecting the privacy and security of your personal data is a priority at Measmerize. Except as otherwise described in this Privacy Policy, we do not share with, sell or rent your personal data to third parties.

We may share your personal data with third parties as follows:

  • Competent Authorities and as Required by Law. Measmerize may release your personal data when we determine, in our reasonable judgment, that it is necessary to (a) comply with the law, regulation, legal process, or requests of competent authorities; (b) enforce or apply the terms of any of our policies or user agreements; or (c) protect the rights, property or safety of Measmerize, our employees, our customers, users, or others, in line with the Privacy Laws.
  • Sales, Mergers, and Acquisitions. If Measmerize becomes involved in a merger, acquisition, or any form of sale of some or all of its business or assets, your personal data may be provided to the entities and advisors involved. We will provide you with an updated privacy notice or we will publish on our website, Widget and applications and updated privacy notice in case the purposes and conditions of processing described in this Privacy Policy change as a result of any such transaction.

We may disclose your personal information to third party service providers acting as our data processors which provide services functional to the processing purposes above identified, for example for IT maintenance services. These third party are bound by contract to process personal data only according to our instructions and the Privacy Laws. The updated list of processors is available contacting us at the contact details indicated below at How can I contact Measmerize.

How is personal information secured?

We take appropriate security measures, including physical, technological, and procedural measures, to help to safeguard your personal data and to prevent unauthorized access and disclosure. In addition, we use industry-standard technology, such as edge-protection devices and encryption in the transmission of certain personal data, designed to prevent unauthorized persons from gaining access to the same, and, as technology develops, we will take additional measures to improve security. No method of transmission over the Internet, or method of electronic storage, however, is 100% secure. Therefore, we cannot guarantee its absolute security.

How can I exercise my privacy rights?

You can contact us or our DPO at the contact details indicated below at How can I contact Measmerize to exercise at any time your privacy rights.

If you have provided your consent for some processing activities, you can withdraw it at any time with future effect. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal. Pursuant to the Privacy Laws, you have the right to:

  • Right of access: You may request access to your personal data. If you request such access, we will provide you with all the information required by the Privacy Laws, including in particular the purposes of the processing, categories of data processed, categories of recipients, data retention periods, and your rights. To the extent permitted by the Privacy Laws, to facilitate the management of your request, you may be asked to specify: (a) which processing activity you wish to exercise your right to access and (b) which data categories you wish to gain access to. If you request more than one copy of the personal data processed, you may be charged a reasonable fee, taking into account the administrative costs. In any case, we must take into account the rights and freedoms of others, so this right is not absolute.
  • Right to portability: In certain cases, you may also obtain a copy of your personal data that is commonly used and machine-readable in order to enable you to exercise your right to data portability and to transfer them to another data controller or request us to transfer such data directly to another data controller to the extent this is technically possible.
  • Right of rectification: You may also ask us to rectify all personal data pertaining to you that is inaccurate and to complete any incomplete information.
  • Right of erasure: Under certain circumstances, you may request that your personal data be erased, for example if such data is no longer required for the purposes set out in section Why do we collect your personal information and what is the legal basis for processing above, if you withdraw your consent, if your personal data has been unlawfully processed, or if you have objected to the processing and we have no overriding legitimate grounds for the processing. We may nevertheless need to retain certain limited data in an archived database, in particular if they have a statutory personal data retention obligation or if the data is necessary to exercise or defend a right in a court of law.
  • Right to limit the processing: Under certain circumstances, you may request to limit the processing of your personal data, in particular when you request that your personal data be rectified where, notably, one of the following applies (a) you contest the accuracy of the data, (b) the processing is unlawful and you oppose the deletion of your data, or (c) the data is no longer needed for the purposes listed in section Why do we collect your personal information and what is the legal basis for processing above, but are required by you for the establishment, exercise, or defense of legal claims. In this case, your personal data, except for storage, may only be processed with your consent, or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of substantial public interest.
  • Right to withdraw your consent: Where the processing of your personal data is based on your consent, you may at any time withdraw any consent you have previously given to us. Such withdrawal will not affect the lawfulness of the processing based on your consent prior to such withdrawal.
  • Right to lodge a complaint: You have the right to lodge a complaint with a competent supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you consider that the processing of your personal data infringes the Privacy Laws. For details about the competent supervisory authority in your jurisdiction, see European Data Protection Board (EDPB) members.
  • Right to object: As applicable under the Privacy Laws, you have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data and we may be required to no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing or for the establishment, exercise, or defense of legal claims.
  • Right to object to direct marketing: When your personal data is processed for direct marketing purposes, you have the right to object at any time and without justification to the processing of your personal data for such direct marketing purposes (including profiling insofar as it relates to such direct marketing).

You may contact us or our DPO using the contact details indicated at How can I contact Measmerize below to exercise your privacy rights, ask the updated list of data processors, and any information on the processing of your personal data.

How can I contact Measmerize?

If you have questions or comments regarding this Privacy Policy or our privacy practices, to enforce your privacy rights, for the updated list of our data processors and of third parties with whom we share your personal data, as well as for any information on the processing of your personal data, you can contact us at:

Measmerize Ltd, Italian branch registered address at Via Francesco Daverio, 6 – 20122 Milan (Italy), email: [email protected].

If you would like to report a security concern about any of our services, please contact us at [email protected].

Additional Terms

Children's and Minor's Privacy. Our website, Widget, applications and services are not designed to attract minors, in particular children under the age of 18. Measmerize does not market to or knowingly collect personal data from anyone under the age of 18. Children should not use our website, Widget, applications and services without permission from their parents.

Our website, Widget, services and applications may provide links to websites, applications and services of third parties. We do not approve and are not responsible for the processing of your personal data by these third parties, even if we provide a link to the relevant websites, applications and services. These companies have their own personal data protection policies, and we strongly recommend that you read them. Our website, services and applications may be offered through third-party websites, platforms or channels. These companies have their own personal data protection policies, and we strongly recommend that you read them. We decline all liability regarding the personal data protection practices of these websites, applications and services not provided by us. This Privacy Policy applies solely to personal data collected by Measmerize.

Additional information for US residents

Information for California Residents

If you reside in California, we are required by the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”) (collectively, “California Privacy Law”) to provide you with information about how we use and disclose your Personal Information, and you may have certain rights with regard to your Personal Information. We have included this California-specific information below.

CA Personal Information. We may collect certain categories and specific pieces of information about individuals that are considered "Personal Information" in California ("CA Personal Information"). Specifically, we may collect the following categories of CA Personal Information:

  • Personal identifiers (gender, date of birth, weight, height, typical bra size, qualitative body/foot description, typical shoe size, country of origin);
  • Internet activity data (internet usage data); and
  • Inferences drawn from personal information that could be used to create the profile of an individual.

Sources of CA Personal Information. We may collect this CA Personal Information directly from you, from your interactions with us, and from third parties. The categories of third parties from whom we collect CA Personal Information include the following: third-party partners (e.g., Brand); third-party service providers; and advertising service providers and partners.

Purposes of Collection. We collect and use CA Personal Information as follows:

  • Business Purposes
    • Preparing reports on the performance of our size recommendation services on the Brand Website;
    • Facilitating your size selection on the Brand Website;
    • Providing you with our recommendation services;
    • To ensure the proper technical functioning of our size recommendation services, to prevent frauds, misuse of IT systems as well as the update and evolution of our services and to improve the usability and experience of the Widget;
    • To provide personalized recommendations and remember the Widget Information and size recommendations provided to you on different Brand websites;
    • To respond to your requests or claims by telephone, email, and ordinary mail;
    • To comply with applicable laws and regulations;
    • To defend or exercise a legal claim, including possible related investigations; and
    • Potential merger and acquisition activities.
  • Commercial Purposes
    • Provide you with marketing and advertising, to the extent we collect this CA Personal Information only from users of our corporate website, and not the Widget.

Disclosure of CA Personal Information. We also share and/or disclose your CA Personal Information as follows:

  • Disclosing your CA Personal Information for Business Purposes. We may disclose the above categories of CA Personal Information to third-party service providers; other Measmerize entities; relevant parties and advisors in the case of a sale, merger, or acquisition; and law enforcement agencies, as permitted and required under applicable laws, for any of the Business Purposes described above.
  • Disclosing your CA Personal Information for Commercial Purposes. We may share the above categories of CA Personal Information with third party applications (e.g., Google Analytics) and advertising service providers and partners, for any of the Commercial Purposes described above.

We do not collect any CA Personal Information that may be considered sensitive personal information within the meaning of California Privacy Law.

We do not knowingly share the CA Personal Information of individuals under 16 years of age, in a manner that constitutes a "sale" under California law.

Retention of CA Personal Information. We retain your CA Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include (i) for as long as we have an ongoing relationship with you; (ii) as required by a legal obligation to which we are subject to; or (iii) as advisable in light of our legal position (such as in regard of applicable statutes of limitations, litigation, or regulatory investigations).

Your Rights under California Law. Subject to certain exceptions detailed in California Law and other applicable laws and regulations, as a California resident, you have the right to: (i) request to know/access your CA Personal Information, including the specific pieces and the categories of CA Personal Information we have collected or shared about you and the categories of sources from which we have collected the CA Personal Information; (ii) request deletion of your CA Personal Information; (iii) receive information about the CA Personal Information about you that we have "sold" to (as such term is defined under California Law) or “shared” with third parties within the past 12 months, including the categories of third parties; and (iv) request correction of your CA Personal Information; and (v) opt-out of the “Sale” or “sharing” of your CA Personal Information, as such terms are defined under California Privacy Law.

Exercising California Consumer Rights. If you are a California resident and wish to request the exercise of these rights as detailed above or have questions regarding the CA Personal Information collected or shared with third parties, please contact us via [email protected].

  • You may be asked to provide additional proof of identification so that we can verify your identity and validate the request.
  • Please note that you are limited by law in the number of requests you may submit per year. In some instances, we may decline to honor your request. For example, we may decline to honor your request if we cannot verify your identity or confirm that the CA Personal Information that we maintain relates to you. In other instances, we may decline to honor your request where an exception under California privacy laws applies, such as where the disclosure of CA Personal Information would adversely affect the rights and freedoms of another consumer.
  • In any case, we will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of products, based solely upon this request.

Authorized Agents: To the extent that you elect to designate an authorized agent to make a request on your behalf, they must provide appropriate documentation including written signed permission from you, proof of your identity, and verification of their identity; or a valid, designated power of attorney as defined under the California Probate Code.

CA Shine the Light. Under California's "Shine the Light" law (California Civil Code Section 1798.83), if you are a California resident who provides Personal Information in obtaining products or services for personal, family, or household use, you may request to opt-out of such sharing by a brand at no-cost by following the instructions in the "Consumer Rights" section above. Please be aware that your opt-out will apply only to the sharing by that particular brand.

Information for Other US Residents

Where required by applicable law, you may have the right to obtain confirmation that we maintain certain personal information relating to you, to verify its content, origin, and accuracy, as well as the right to access your personal information, request its correction, and request deletion or portability of your personal information. Additionally, in certain US states, we may only process your sensitive personal information, as those terms are defined under applicable law, with your consent. You can exercise your rights, as applicable depending on the US state where you reside, by contacting us as detailed below.

  • In some US states, you can designate an authorized agent to make a request on your behalf. We will comply with your request as soon as reasonably practicable and as required by applicable law. Please note that we may need to retain certain information for record-keeping purposes, to complete any transactions that you began prior to your request, or for other purposes as required or permitted by applicable law. In any event, should you choose to exercise any of your rights as detailed above, we will not discriminate against you by offering you different pricing or products, or by providing you with a different level or quality of products, based solely upon this request.
  • In certain US states, if we refuse to take action on a request, you may appeal our decision within a reasonable period of time by contacting us as outlined below and specifying you wish to appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the appropriate regulatory authority for your jurisdiction.

Opt-Out of Sale, Sharing, and Targeted Advertising. You may have the right to opt-out of the sale or sharing (as those terms are defined by applicable law), or the use of or processing of your data for targeted advertising purposes. To exercise this right, you can email us at [email protected].