PRIVACY POLICY

OUR COMMITMENTS

YOUR DATA IS YOURS

We believe that you should have control over your personal data that you have shared with Decathlon. Your personal data, which you have shared with us, will only be used by Decathlon. We are transparent about the use of your data. We undertake never to disclose or share such data unless - this is important to us. While we sometimes use outsourcers, they act only on our behalf and in accordance with our instructions.

OUR COMMUNICATIONS ARE PERTINENT

Whatever your sport, whatever your passion, our aim is to support you as best as we can in your sporting activities and choice of products. We will not offer you flippers and a swimsuit if you have just purchased a pair of skis, and we will not send you advice about yoga if you have just taken up judo.

HOW DOES IT WORK?

PURPOSE OF THIS CUSTOMER PRIVACY NOTICE

Decathlon respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy notice together with our Cookie Policy and any other privacy policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements other privacy notices and policies and is not intended to override them.

CONTROLLER

Decathlon Egypt LLC, is the controller and responsible for your personal data. We have appointed a data protection officer (DPO) who is overseeing this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.

CONTACT DETAILS

If you have any questions about this privacy notice or our privacy practices, please contact us in the following ways:

  • Company: Decathlon Egypt LLC
  • Email address: [email protected]
  • Postal address: Legal Team, Decathlon Egypt LLC, unit number A1-07-10, ground floor, City Center Almaza, , Almaza, Cairo – Egypt - 11775

If, despite our efforts, you believe your privacy rights have not been respected, you have the right to make a complaint at any time to the Personal Data Protection Center, the Egyptian regulator for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the PDPC so please contact us in the first instance.

CHANGES TO THE PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES

We keep our privacy notice under regular review.

This version was last updated on 1 April 2024.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

THIRD PARTY LINKS

This website may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

HOW DO WE COLLECT YOUR DATA?

THE DATA WE COLLECT ABOUT YOU

Personal data or personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you, which we have grouped together as follows:

  1. Identity Data (includes your first name, surname, username or similar identifier, title, date of birth and gender)

  2. Contact Data (includes your billing address, delivery address, email address and telephone number)

  3. Transaction Data (includes your details about payments to and from you and other details of products and services you have purchased from us)

  4. Technical Data (includes your internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the website)

  5. Profile Data (includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses)

  6. Usage Data (includes information about how you use our website, products and services)

  7. Marketing and Communications Data (includes your preferences in receiving marketing from us and our third parties and your communication preferences)

We also collect, use and share Aggregate Data such as statistical or demographic data for any purpose. Aggregate data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregate Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data, which will be used in accordance with this privacy notice.

We do not collect any Special Categories of Personal Data about you (this would include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health/ disability, genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law or under the terms of a contract we have with you and you fail to provide the data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods and services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through:

  1. Direct interactions

You may give us your identity, contact and financial data by filling in forms or by communicating with us by email, chat or otherwise. This includes personal data you provide, for example, when you:

  • Order our products or services

  • Create an account on our website, in store or Decathlon app

  • Subscribe to our service or publications

  • Request marketing to be sent to you

  • Enter a competition, promotion or survey

  • Give us feedback or contact us

  1. Automated technologies or interactions

As you interact with our website, we will automatically collect information about your device, web browser, browsing behaviour and activities. We collect this personal data by using cookies and other similar technologies. We may also receive information about you if you visit our websites employing our cookies. Please see our Cookie Policy for further details.

  1. Third parties or publicly available sources

Not all the personal information we hold about you will always come directly from you. We may also collect information from third parties such as our partners, service providers and publicly available websites (such as social media platforms) for the purpose of: compliance with our legal and regulatory obligations; offering services we think may be of interest; helping us maintain data accuracy; providing and enhancing our services and so on. For example, we may receive identity, contact and technical data if you log into one of our products through Facebook. Facebook provides us with some of your Facebook user details. We may use these details to market our products and services to you on Facebook. We may also obtain technical data from analytics providers such as Google.

HOW DO WE USE YOUR PERSONAL DATA?

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the circumstances where:

  1. i. we need to perform a contract with you

  2. ii. it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests

  3. iii. we are required to comply with a legal obligation

  4. iV. we have obtained your consent

PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA

We have set out below a description of all the ways we plan to use your personal data. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

  1. 1. Your purchases in stores and online

Love buying new sports gear? Whether in the various sections of our stores or on the pages of our website, this is often the first step towards new sporting adventures.

But just when you can already imagine yourself with your new products in your hands (or on your feet), you have to fill out a data collection form! Have you experienced this situation? So have we. So what is the point of these forms? Let us explain:

We collect and process your personal data in order to manage your purchase (for example, we may need your delivery address or invoicing address) and to avoid fraudulent transactions (to prevent purchases made with a stolen bank card). Finally, it goes without saying that we also process the data linked to your means of payment! Want to know more? Below is a case-by-case explanation of how we process your data when you make purchases in stores and online:

ACTIVITY

TYPE OF DATA

LAWFUL BASIS FOR PROCESSING

STORAGE PERIOD

Processing website, mobile app and in-store orders (including Second Life)

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  5. E. Technical

  6. G. Usage

  1. i. Performance of a contract with you

  1. The data transmitted to our delivery service providers is stored for one year after delivery of your order.

  2. All other data connected to orders is stored for 10 years.

  3. Data connected to your bank card is stored for 12 months.

Prevention of fraudulent online payments

  1. B. Contact

  2. C. Financial

  3. D. Transaction

  4. E. Technical

  5. F. Profile

  1. ii. Necessary for our legitimate interests

  1. Your data is stored for 12 months.

Invoicing of online and in-store purchase

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  5. E. Technical

  6. F. Profile

  7. G. Usage

  1. iii. Necessary to comply with a legal obligation

  1. Data connected to your invoices is erased after 10 years in line with legislation in force from time to time.

Using our system for prevention of bad cheques

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  1. ii. Necessary for our legitimate interests

  1. We store your data for a maximum of three years, and for 24 hours while the cheque is being cleared.

Payments by cheque

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  1. i. Performance of a contract with you

  1. Cheque related data is stored for one week.

Managing gift card orders

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  1. i. Performance of a contract with you

  1. Your data is erased after 10 years.

Maintenance services

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  1. i. Performance of a contract with you

  1. Your data is erased after 10 years.

Marketplace

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  1. i. Performance of a contract with you

  1. Your data is erased after 10 years.

  1. 2. Rental Service

Our mission is to make sport sustainably accessible to the many, and rental is a great way to reduce our carbon footprint whilst offering another way to enjoy sport.

ACTIVITY

TYPE OF DATA

LAWFUL BASIS FOR PROCESSING

STORAGE PERIOD

Booking rental products online

  1. A. Identity

  2. B. Contact

  3. C. Financial

  4. D. Transaction

  1. i. Performance of a contract with you

  1. The data transmitted to our delivery service providers is stored for one year after delivery of your order.

  2. All other data connected to orders is stored for 10 years.

  3. Data connected to your bank card is stored for 12 months.

  1. 3. Management of your Decathlon account

Why should you create an account? Your Decathlon account is a veritable dashboard, enabling you to keep useful and important information together in one place.

For instance, your Decathlon account offers you the possibility of tracking the status of your order, viewing your purchasing history and even finding your receipts!

You can also tell us via your account if you want to receive our communications, including our sporting advice, special offers, etc.

This account is, of course, optional. It is based entirely on your consent. Basically, you create your account if and for how long you want to. You can also withdraw your consent whenever you wish if you want to delete your account.

ACTIVITY

TYPE OF DATA

LAWFUL BASIS FOR PROCESSING

STORAGE PERIOD

Authentication (access to your Decathlon account))

  1. B. Contact

  2. E. Technical

  1. iv. Your consent

  1. We store your data for the period of three years following your last login.

Service communication

  1. A. Identity

  2. B. Contact

  3. D. Transaction

  4. E. Technical

  5. F. Profile

  1. ii. Necessary for our legitimate interests

  1. We store your data for the period of three years following your last login.

  1. 4. Marketing

When it comes to marketing, respecting your peace of mind and the relevance of our messages are the two rules on which we never compromise.

We have no intention of sending you unwanted advertising. While you may find our advice interesting, rest assured we will endeavour not to tell you about our new boxing gloves if your passion is dance!

When you do us the honour of allowing us to get to know you better (for example, by telling us about the sports you like to practise, your level of proficiency and so on), with your prior authorisation we are then able to send you tailored messages (for example, advice about your favourite sports, special offers in your area and various events and campaigns).

Lastly, and most importantly, we promise never to transfer any of your information whatsoever. In other words, you will not end up receiving ads for washing powder. This point is important to us.

ACTIVITY

TYPE OF DATA

LAWFUL BASIS FOR PROCESSING

STORAGE PERIOD

Promotional offers, competitions and campaigns

  1. A. Identity

  2. B. Contact

  3. D. Transaction

  4. E. Technical

  5. F. Profile

  6. G. Usage

  7. H. Marketing and Communication

  1. iv. Your consent

  2. In some cases, we may rely on the exception called the soft opt-in.

  1. Your data is erased three years after your last contact.

  1. 5. Management of safety recalls in connection with products

At Decathlon, safety is our number one priority. We develop our products in compliance with the standards and regulations in force.

However, in the event of a defect in one of our products, we want to be able to contact you quickly and personally. To do this, we may decide to use your contact details (phone, email or post) where available. What happens if we do not have your details? We may have to ask you to share them when you purchase products presenting a risk to your safety in the event of malfunction (particularly in relation to bikes, diving and climbing equipment, etc.). The details will not be used for any other purposes.

ACTIVITY

TYPE OF DATA

LAWFUL BASIS FOR PROCESSING

STORAGE PERIOD

Management of safety recalls

  1. A. Identity

  2. B. Contact

  3. D. Transaction

  1. ii. Necessary for our legitimate interests

  1. Your data is erased five years after your purchase.

  1. 6. Customer service, queries and feedback

Passionate as we are, obtaining the satisfaction of our sport people is our driving force. However, unexpected situations may occur, for example, an error in your order, delayed delivery, a fault in the product and so on.

Our Customer Services Team (CLT) is at your disposal to help you at such times and ensure you obtain the satisfaction you are entitled to expect. You can contact them by email or by chat.

We process certain data concerning you in order to process your chat messages and emails. Depending on the nature of your claim, this data may be shared with other internal departments if they are directly involved in resolving your problem.

ACTIVITY

TYPE OF DATA

LAWFUL BASIS FOR PROCESSING

STORAGE PERIOD

Your contact with the CLT

  1. A. Identity

  2. B. Contact

  3. D. Transaction

  1. iv. Your consent

  1. Your data is erased two years after our last contact.

Your reviews of products, services and shopping experience

  1. A. Identity

  2. B. Contact

  3. D. Transaction

  1. ii. Necessary for our legitimate interests

  2. iv. Your consent

  1. Your review is displayed for a period of 12 months and erased three years after being published.

GOOD TO KNOW

COOKIES

For more information about the cookies we use, please see our Cookie Policy.

CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collect it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis, which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

DISCLOSURE OF YOUR PERSONAL DATA

We may share your personal data with the parties set out below for the purposes set out above.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach. We will notify you and any relevant Egyptian regulator of a breach where we are legally required to do so.

DATA RETENTION

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe that there is a prospect of litigation.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data; the potential risk of harm from unauthorised use or disclosure of your personal data; the purposes for which we process your personal data and whether we can achieve those purposes through other means, as well as any applicable legal, regulatory, tax, accounting or other requirements.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research and statistical purposes, in which case we may use this information for as long as necessary without further notice to you.

INTERNATIONAL DATA TRANSFERS

Your data may be transferred outside the Arab Republic of Egypt (A.R.E) or the European Economic Area (EEA). Please rest assured that such transfers are carried out very carefully. Let us explain...

WHY DO WE TRANSFER YOUR DATA?

The transferring of your data outside the EEA is chiefly explained by the location of our outsourcers. In effect, in order to offer you a high quality service, we have decided to outsource certain operations to specialized service providers with extensive expertise in their fields (e.g. hosting). Some of these service providers are established outside the EEA.

HOW ARE THESE DATA TRANSFERS GOVERNED?

We may share your personal data within the Decathlon Group as well as with our non-A.R.E based service providers within the Decathlon Group worldwide. Doing so may involve transferring your data outside the A.R.E.

Irrespective of the countries in which our outsourcers are established, we always select them with the utmost care. This is particularly the case as to the manner in which your data is kept secure. These outsourcers only act based on Decathlon's instructions and do not use your data for anything other than to perform the agreed services on our behalf. Relevant written contracts are in place between Decathlon and the selected outsourcers.

Where our service providers are established outside the A.R.E, we seek to priorities countries in which the legal system offers a satisfactory level of security. Where this is not possible, we manage such transfers using appropriate legal mechanisms to ensure that at least one of the below safeguards is implemented.

  1. We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection to personal under the provisions of the GDPR. 

  2. Where we use non-Egypt based service providers, we may use specific contracts approved for use in the A.R.E, which give personal data the same protection it has in the A.R.E .

  3.  Please contact us if you require further information on the specific mechanism used for transferring personal data out of the A.R.E.

YOUR PRIVACY RIGHTS

WHAT ARE YOUR RIGHTS?

Providing us with your data does not mean you lose control of them. Under certain circumstances, the Egyptian Personal Data Protection Law grants you rights regarding your personal data including the right to:

  • Access your personal data

  • Correct your personal data

  • Erase your personal data

  • Restrict your personal data processing

  • Receive a copy of certain personal data or transfer that personal data

  • Object to personal data processing

  • Not to be subject to automated decision-making, including profiling, in certain circumstances

HOW CAN YOU EXERCISE YOUR RIGHTS?

If you wish to exercise any of your privacy rights, please inform us using the contact details section above.

IS THERE A FEE?

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee as stipulated by the applicable laws in the A.R.E or refuse to comply if the request is clearly unfounded, repetitive or excessive.

WHAT DO WE NEED FROM YOU?

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request.

To ensure your request is processed as efficiently as possible, do not forget to indicate the type(s) of processing to which your request pertains and to tell us about the right(s) you wish to exercise.

IS THERE A TIME LIMIT?

We try to respond to all legitimate requests within one month. Occasionally, it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

THIRD PARTIES

INTERNAL THIRD PARTIES

  • Decathlon Group companies acting as joint controllers or processors based in the EEA provide IT and system administration services and undertake leadership reporting.

EXTERNAL THIRD PARTIES

  • Marketplace acting as an independent controller based in the A.R.E and providing an online platform to enable sellers established in the A.R.E to manage sales to customers

  • Service providers acting as processors based in the A.R.E, administration services

  • Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the A.R.E and providing their services to us

  • Regulators and other authorities acting as processors or controllers based in the A.R.E and requiring reporting of processing activities in certain circumstances