Skip to main content
Begin main content

BOAFIT.COM PRIVACY POLICY

Last Updated: January 1, 2021

 

Thank you for visiting www.BoaFit.com (the “Site”), which is operated by Boa Technology, Inc. This policy (this “Privacy Policy”) describes what information we and our subsidiaries (collectively, “BOA”) collect about you, how we collect it, how we use it and share it, and what choices you have regarding it. This Privacy Policy is incorporated into and is a part of the BOAFit.com. This Privacy Policy expressly covers BOA, Habu, and any other brands, companies, or sites owned or operated by Boa Technology, Inc.

Please read this Privacy Policy carefully.

 

YOUR CONSENT TO THIS POLICY

By using the Site, you expressly consent to the collection, use and disclosure of information as described in this Privacy Policy.

PERSONAL INFORMATION WE COLLECT

We may collect or may have collected the following categories of information about you. In some cases, the information we collect may fall within more than one category:

  • Contact information and personal identifiers, such as your name, address, email address, telephone number, and username or social media handle.
  • Device identifiers, such as information about your device like your IP address, or other online identifiers.
  • Demographic information, such as your age, sex, and gender (some of which may be protected by applicable law).
  • Physical characteristics, such as your shoe size.
  • Commercial information, such as the products or services you have purchased, returned or considered, and your product preferences.
  • Payment information, such as your method of payment and payment card information (including payment card number, expiration date, delivery address and billing address).
  • Biometric information, such as facial images (for example, if you post a picture to one of our social media pages).
  • Identity verification information, in order to verify you when you call customer support or make other requests.
  • Online or network activity information, such as information regarding your interaction with the Site, digital properties, and advertisements, information about your browsing and search history on the Site, and log file information, which includes, but may not be limited to, your browser type, webpages you visit, and other electronic network activity.
  • Audio information, such as recordings of your voice when you call our customer support.
  • User Content, such as your communications with us and any other content you provide (including photographs, videos, reviews, articles, survey responses, and comments).
  • Inferences drawn from or created based on any of the information identified above.

HOW WE COLLECT YOUR PERSONAL INFORMATION

We may collect or may have collected personal information about you from various sources. The categories of sources from which we may collect personal information are:

  • Directly from you, such as when you make a purchase or return on the Site, contact us with a question or complaint, create an account on the Site, inquire about a warranty, respond to a survey, or sign-up to receive marketing communications. 
  • From your friends or family members, such as when your friend or family member sends you a gift or tags you on a post to one of our social media pages.
  • Cookies and automatic collection methods. When you visit the Site or use one of our mobile applications, and when you open or click on emails we send you, we (and third parties we work with) may automatically collect information from your browser or device using technologies such as cookies, web beacons, pixel tags, and similar technologies. Cookies are small text files that websites send to your computer or other Internet-connected device to uniquely identify your browser or to store information or settings in your browser. Web beacons or pixel tags are small images which are embedded into the Site or emails that provide us with information about your browser or device, or whether you open or click on the emails we send you. These technologies enable us, or the third parties who place such technologies, to collect information such as device identifiers and online or other network activity information. Our Cookie Policy describes what we do in that regard.
  • Through other technologies, such as call recording technology when you speak to customer support.
  • From our business partners and service providers, such as demographic companies, analytics providers, advertising companies and networks, third-party retailers, and other third parties that we choose to collaborate or work with.
  • From social media platforms and networks, such as Facebook, Twitter, Pinterest, and Instagram. For example, we may obtain your information from a social media platform or network if you interact with us on social media or choose to log-in to the Site using your social media credentials.
  • From our affiliates that you have interacted with.

HOW WE USE YOUR PERSONAL INFORMATION

We may use or may have used the information we have about you:

  • To provide products and services to you, such as fulfilling orders and processing payments, creating, servicing and/or maintaining your account with us, assisting with product selection and replenishment, and managing current or past purchases. 
  • To communicate with you, including to respond to your inquiries or complaints, and to help you place an order.
  • To administer your participation in special events, contests, surveys, and promotions.
  • For marketing and advertising, such as to send you marketing and advertising materials via postal mail, text message or email, and to show you advertisements for products and/or services tailored to your interests on social media and other websites.
  • For analytics purposes, such as to understand how you use the Site, understand your preferred method of purchasing with us; determine what browser and devices you use to visit the Site; and to evaluate and improve our products, services, advertisements, and website and mobile applications.
  • To operate and improve our business, including to provide quality assurance, conduct research and development to develop new products and services, and perform accounting, auditing and other internal business functions.
  • For legal and security purposes, such as to detect, prevent, and prosecute harmful, fraudulent, or illegal activity, loss prevention, identify and repair bugs on the Site or mobile applications, and to comply with applicable legal requirements, relevant industry standards and our policies.

We also may use or may have used the information in other ways for which we provide specific notice at the time of collection.

HOW WE SHARE YOUR PERSONAL INFORMATION

In general, we do not share personal information about you with third parties for such third-parties’ own marketing or advertising purposes. We do share personal information with third parties for other purposes. For example, we share personal information with:

  • The BOA family of brands and companies, such as our affiliates, parents, and subsidiaries;
  • Brand Partners, such as shoe companies that offer products with the BOA Fit System, if you click on a link on our Site to shop on one of our Brand Partner’s sites;
  • Service providers that provide products or services to us, that help us market or advertise to you (including co-branded marketing and advertising), or that provide products or services to you (such as delivering packages to you). Even with this access to personal information necessary to perform these functions, those third parties are not authorized by BOA to disclose your information for any other purposes;
  • Social media platforms and networks such as Facebook, Twitter, Pinterest, and Instagram that offer functionalities, plugins, widgets, or tools in connection with the Site or mobile application (e.g., to log into an account, or to share inspiration, finds, purchases, and other content with your friends and followers on social media). If you choose to use these functionalities, plugins, widgets, or tools, certain information may be shared with or collected by those social media companies—for more information about what information is shared or collected, and how it is used, see the applicable social media company's privacy policy; 
  • Parties to business transactions such as those we deal with in mergers, acquisitions, joint ventures, sales of assets, reorganizations, divestitures, dissolutions, bankruptcies, liquidations, or other types of business transactions. In these types of transactions, personal information may be shared, sold, or transferred, and it may be used subsequently by a third party;
  • Online third-party companies for our own advertising purposes, including to: serve advertisements across the Internet; track and categorize your activity and interests over time on the Site and mobile application, and on third-party websites and mobile applications; and to identify the different device(s) you use to access websites and mobile applications. We share information with these companies, and these companies may collect information—including automatically collected information when you use the Site or mobile application. These third-party companies also may possess or obtain information about you from your interactions: directly with the third-party companies; with other websites, mobile applications, or companies that the third-party companies work with; or from your interactions with advertisements the third-party companies help to display to you. The information that these companies collect or that we share may be used to customize or personalize the advertisements that are displayed to you. We may share personal information with the third-party companies we work with for our purposes, though in general we do not share personal information about you with third parties for third-party marketing or advertising purposes. We may also share other information at our discretion, including automatically collected information, which may be used by third parties for third-party marketing, advertising, and other purposes; and
  • Additional third parties such as law enforcement, government entities, courts, or other third parties as required or allowed by applicable law, or otherwise to help prevent harm or fraud to us, you, our customers, or other third parties. We also may share personal information with third parties upon your request or with your approval, though we may not be able to accommodate all requests.

DO WE COLLECT CHILDREN’S INFORMATION?

The Site is not directed at or intended for children under the age of 13 and we do not knowingly collect personal information from such individuals. If you become aware that your child has provided us with personal information without your consent, please contact us at [email protected] and we will take steps to remove such information within a reasonable time.

HOW WE SECURE PERSONAL INFORMATION

We take reasonable and appropriate measures to help keep information secure, and to help prevent it from becoming disclosed to individuals who are not described in this Privacy Policy. To that end, we use a third-party payment processing systems that comply with the Payment Card Industry Data Security Standard (PCI-DSS), which is an industry wide security standard designed to protect the confidentiality and security of your credit card information, by encryption using secure socket layer technology (SSL) and storage with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

In addition, we also take commercially reasonable measures to secure and protect all other information transmitted via or stored on the Site and transmitted to and from the Site. These measures include the use of appropriate technical, physical, and administrative safeguards. Nevertheless, no security system is impenetrable. We cannot and do not guarantee that information that users of the Site may happen to transmit or otherwise supply, or that any communications conducted on or through the Site, is or will be secure. You agree to immediately notify us of any breach of Site security, this Privacy Policy or the Terms of Use of which you become aware. BOA EXPRESSLY DISCLAIMS ANY REPRESENTATION OR WARRANTY, WHETHER EXPRESS OR IMPLIED, WITH RESPECT TO ENSURING, GUARANTEEING OR OTHERWISE OFFERING ANY DEFINITIVE PROMISE OF SECURITY IN CONNECTION WITH YOUR PERSONAL INFORMATION OR ANY OTHER INFORMATION THAT YOU PROVIDE TO US THROUGH THE SITE OR DIRECTLY TO BOA.

CALIFORNIA PRIVACY RIGHTS

Under the California Consumer Privacy Act (“CCPA”), California residents have certain rights regarding the personal information that businesses have about them. This includes the rights to request access or deletion of your personal information, as well as the right to direct a business to stop selling your personal information.

Right to Notice. You have the right to be properly notified of the following:

  • Personal Information We Collect: Please review the section of this Privacy Policy titled “PERSONAL INFORMATION WE COLLECT” for more information about the personal information we collected about you in the past 12 months.
  • Why We Collect Personal Information: Please review the section of this Privacy Policy titled “HOW WE USE YOUR PERSONAL INFORMATION” for more information on why we collect personal information about you in the past 12 months.
  • How We Collect Personal Information: Please review the section of this Privacy Policy titled “HOW WE COLLECT YOUR PERSONAL INFORMATION” for more information on how we collect personal information about you in the past 12 months.
  • With Whom We Share Your Personal Information: Please review the section of this Privacy Policy titled “HOW WE SHARE YOUR PERSONAL INFORMATION” for more information on how we share personal information about you in the past 12 months.

Right to Access Your Information: You have the right to request the following covering the 12 months preceding your request:

  • The specific pieces of personal information we have collected about you
  • The categories of personal information that we have collected about you
  • The categories of sources from which we collected the personal information
  • The purpose for collecting or selling the personal information
  • The categories of personal information that we have disclosed about you, the purpose for disclosing such personal information and the categories of third parties with whom we disclosed such personal information

The categories of personal information that we have sold about you, as well as the categories of third parties to whom we sold such personal information If you would like to exercise your right to request access, please submit your request by emailing us at [email protected].

Right to Deletion: You have the right to request that we delete any personal information about you that we have collected from you. Please note that there are exceptions where we do not have to fulfill a request to delete information, such as when the deletion of information would create problems with the completion of a transaction or compliance with a legal obligation. If you would like to exercise your right to request deletion, please submit your request by emailing us at [email protected].

Right to Opt-Out of Sale: While we do not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). We support the CCPA and wish to provide you with control over how your personal information is collected and shared. You have the right to direct us to not sell your personal information. If you would like to exercise your right to request opt-out of sale, please click DNS or submit an email to [email protected]

Please note that we may still use aggregated and de-identified personal information that does not identify you or any individual; we may also retain information as needed in order to comply with legal obligations, enforce agreements, and resolve disputes.

Right to Non-Discrimination: We will not discriminate against you (e.g., through denying goods or services, or providing a different level or quality of goods or services) for exercising any of the rights afforded to you.

Verifiable Consumer Requests: Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access to your personal information twice within a 12-month period. The verifiable consumer request must: 1) Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative of that person; and 2) Describe your request with sufficient detail that allows us to properly understand, evaluate and respond to it. We cannot respond to your request to exercise your access and/or deletion rights if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password-protected account sufficiently verified when the request relates to personal information associated with that specific account. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Response Timing and Format: We attempt to respond to a verifiable consumer request within 45 days after we receive it. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing within 45 days after we receive your initial request. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. Any disclosures we provide will only cover the 12-month period prior to the date we receive the verifiable consumer request. The response we provide will also provide the reasons we cannot comply with a request, if applicable. For access requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

Financial Incentive: We may offer you various financial incentives such as discounts and special offers when you provide us with contact information and identifiers such as your name and email address. When you sign-up for our loyalty program, email list or other discounts and special offers, you opt-in to a financial incentive. You may withdraw from a financial incentive at any time by opting out from our email or closing your loyalty member account. Generally, we do not assign monetary or other value to personal information, however, California law requires that we assign such value in the context of financial incentives. In such context, the value of the personal information is related to the estimated cost of providing the relevant financial incentive(s) for which the information was collected. 

Complaints: In compliance with the CCPA, we commit to resolve complaints about your privacy and our collection or use of your personal information. California residents with inquiries or complaints regarding this Privacy Policy should contact us at [email protected]. California’s Shine the Light law. California residents with an established business relationship with us can request information once a year about sharing their personal information with third parties for the third parties’ direct marketing purposes. If you would like to request more information under the California Shine the Light law, and if you are a California resident, you can email us at [email protected].

TRANSFERS OF PERSONAL INFORMATION OUTSIDE OF THE EUROPEAN ECONOMIC AREA (EEA)

BOA operates globally, but its main administrative offices are based in the United States and that’s where our data processing activities primarily occur.

You acknowledge and agree that any Personal Information we collect from your use of the Site will be transferred to, processed, and stored in the United States. The United States does not have an adequacy decision from the European Commission, which means that the Commission has determined that the laws of the United States do not provide legal protection that is equivalent to EU data protection laws. This means that in certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities of the United States may be entitled to access your personal data. Nevertheless, we have implemented appropriate safeguards to protect the Personal Information we collect from the Site.

In addition, and for the purposes described in this Privacy Policy, we may transfer your Personal Information from the EEA to a US-based BOA affiliate or third party. In such cases, and in order to ensure appropriate safeguards for such transfers are in place, we have entered into European Commission-approved standard contractual clauses with such US-based affiliates and third parties.

DATA SUBJECTS IN EEA

References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation. For purposes of European data protection legislation, and except when acting as a processor on behalf of you, we are the controller of your personal information covered by this Privacy Policy.

Legal basis for processing: We only use your personal information as permitted by law. We are required to inform you of the legal basis of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at [email protected].

Legal BasisTo provide the Services

Processing Purpose You have entered a contract with us and we need to use your personal information to provide services you have requested or take steps that you request prior to providing services.

To send you marketing communications/advertisements These processing activities constitute our legitimate interests. We consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

For security, compliance, fraud prevention and safety Processing is necessary to prosecute or defend legal claims.

For compliance with law Processing is necessary to comply with our legal obligations.

With your consent Processing is based on your consent. Where we rely on your consent, you have the right to withdraw it anytime in the manner indicated in the Services or by contacting us at [email protected].

Use for new purposes – We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Your rights: European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

Right of access. The right to obtain access to your personal data.

Right to rectification. The right to obtain rectification of your personal data without undue delay where that personal data is inaccurate or incomplete. 

Right to erasure. The right to obtain the erasure of your personal data without undue delay in certain circumstances, such as where the personal data is no longer necessary in relation to the purposes for which it was collected or processed.

Right to restriction. The right to obtain the restriction of the processing undertaken by us on your personal data in certain circumstances, such as where the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of that personal data.

Right to portability. The right to portability allows you to move, copy or transfer personal data easily from one organization to another.

Right to object. You have a right to object to processing based on legitimate interests and direct marketing. You can submit these requests by email at [email protected]. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

Complaints: If you have a complaint about how we handle your personal information or respond to your request, you may be able to complain to your data protection authority. We ask that you kindly contact us first, so that we have an opportunity to resolve your complaint.

RETAINING YOUR PERSONAL DATA

How long we retain personal information varies according to the type of information in question and the purpose for which it is used. We delete personal information within a reasonable period after we no longer need to use it for the purpose for which it was collected (or for any subsequent purpose that is compatible with the original purpose). This does not affect your right to request that we delete your personal data before the end of its retention period. We may archive personal data (which means storing it in inactive files) for a certain period prior to its final deletion, as part of our ordinary business continuity procedures. We also may retain personal information for fraud prevention or similar purposes.

LINKED SITES

For your convenience, some hyperlinks may be posted on the Site that link to other websites not under our control. We are not responsible for, and this Privacy Policy does not apply to, the privacy practices of those sites or of any companies or organizations that we do not own or control. We encourage you to seek out and read the Privacy Policy of each website that you visit. In addition, should you happen to initiate a transaction on a website that our Site links to, even if you reached that site through our Site, the information that you submit to complete that transaction becomes subject to the privacy practices of the operator of that linked site. You should read that site’s terms of use and privacy policies to understand how personal information that is collected about you is used and protected.

OPT-OUT FROM MAILINGS

The Site provides you with several opportunities to agree to receive communications about special offers or programs from BOA, and any of our affiliated brands or divisions. If at any time you wish to stop receiving communications from us please send us an email to [email protected] with the phrase "Privacy Opt-out: BOA Mailings" in the subject line, or write to us at the address provided below, and we will remove you from our mailing list. Alternatively, for e-mail communications, you may opt out of receiving such communications by following the unsubscribe instructions set forth at the bottom of our promotional e-mail messages.

WHAT CHOICES DO YOU HAVE?

When corresponding with BOA or our representatives, or when making a request for information or otherwise interacting with BOA or others through the Site, you choose what information to supply, whether you wish to receive further information, and by what method of communication such information should be delivered. Please take care to share only such information as is needed or that you believe is appropriate. If you would like to exercise any of rights of access, correction, deletion, etc., please contact us by email at [email protected].

UPDATES TO THIS PRIVACY POLICY

This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our personal information practices. You should review this Privacy Policy periodically so that you keep up to date on our most current policies and practices. We will post a prominent notice on the Site to notify you of any significant changes to our privacy practices and indicate at the top of the Privacy Policy when it was last updated.

WHO CAN YOU CONTACT FOR MORE INFORMATION?

If you have any questions or suggestions about the Site, BOA, or our privacy practices, please contact us at [email protected].

ACKNOWLEDGEMENT
BY ACCESSING OR USING THE SITE, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, AND CONSENT TO THE PRIVACY PRACTICES, AND TO THE USES AND DISCLOSURES OF INFORMATION THAT WE COLLECT ABOUT YOU, THAT ARE DESCRIBED IN THIS PRIVACY POLICY, AND YOU AGREE TO BE BOUND BY THE TERMS OF USE REFERENCED ABOVE.