Last Updated March 2023
Choosing to shop with Next means you've placed a great deal of trust in us. In sharing your personal information we hope you in return benefit from a tailored and convenient shopping experience. With trust comes responsibility and we take this responsibility very seriously.
We are NEXT Plc (company number: 4412362), when we say “we”, “our” or “us” in this policy we are referring to the companies that are part of the NEXT Group, which are:
NEXT Retail Limited, NEXT Holdings Limited, NEXT Distribution Limited, NEXT Manufacturing Limited, NEXT Sourcing Limited, NEXT Retail Ireland Limited, NEXT Germany, NEXT Beauty Limited, Lipsy Limited, Victoria’s Secret (Intimate Apparel), GAP (West Apparel UK), Reiss (Pink Topco) and JoJo Maman Bébé (Regent Bidco 1).
We are the data controller, which means we are responsible for deciding how and why your personal information is used. We are also responsible for making sure it is kept safe, secure and handled legally.
We operate to the highest standards when protecting your personal information and respecting your privacy. If you have any questions about your personal information, or how we use it, you can contact our Data Protection Officer via email at email@example.com or by writing to our registered offices below:
UK registered address: Data Protection Officer, Next Group, Desford Road, Enderby, Leicester, LE19 4AT.
EU registered address: Data Protection Officer, Next Retail (Ireland) Ltd, 13–18 City Quay, Dublin 2, D02 ED70, Ireland.
If you place an order with us and you are outside of the UK we will transfer the data that we hold on you to NEXT Plc in the UK to facilitate your order.
You have a number of “Data Subject Rights”, we have explained below what they are and how you can exercise them. You can read more about these rights on the Information Commissioner's Office website at www.ico.org.uk, or on your local Data Protection Authority website
The above rights may be limited in some circumstances, for example, if fulfilling your request would reveal personal information about another person, if you ask us to delete information which we are required to have by law, or if we have compelling legitimate interests to keep it. We will let you know if that is the case and will then only use your information for these purposes. You may also be unable to continue using our services if you want us to stop processing your personal information.
We encourage you to get in touch if you have any concerns with how we collect or use your personal information. You have the right to lodge a complaint directly with the Information Commissioner's Office (ICO), the data protection regulator in the UK where NEXT Plc is based. The contact details for the ICO can be found on their website or you may also lodge a complaint with your local Data Protection Authority
We will only ever process your information if we have a lawful basis to do so. The lawful bases we rely on are:
To process any orders that you place with us and to facilitate any returns (Contract)
To provide you with access to an account (Contract)
To provide customer service to you (Legitimate interest)
To personalise and improve your experience when you shop (Legitimate Interest)
To inform you about products and services that may interest you (Legitimate Interest)
To keep in touch with you (Legitimate Interest)
n.b. If at any point you have made amendments to your contact preferences in the “my account” section of our website, selecting to receive communications from us, we are operating under consent instead of legitimate interest.
To ensure the Website and the services we offer you operate properly (Legitimate Interest/Consent)
To develop and improve our products, range and services (Legitimate Interest)
To prevent and detect crime (Legitimate interest/Legal obligation)
To fulfil our legal obligations (Legal obligation)
What are cookies?
Cookies are small text files that are stored on your computer, mobile device or other web enabled device when you visit the NEXT website or app. Cookies allow us to “remember” your actions or preferences over a period of time, or they may contain data related to the function or delivery of our websites. We also use the term “cookie” to describe similar technologies such as pixels or tags.
What cookies do we use?
NEXT uses the following cookies on our website and apps:
For more detailed information and a full list of cookies used on our website please select “Manually Manage Cookies” at the bottom of the page then click “Cookies Detail”.
Can I turn off or block cookies?
Alternatively, most web browsers allow some control of most cookies through the browser settings. To find out more about how to manage cookies, including how to delete cookies, visit www.allaboutcookies.org
We keep your personal information as long as you are a customer of ours and generally for 7 years afterwards to comply with legal requirements. During that time we take steps to remove any personal data as soon as we no longer need it.
We consider you a customer:
We work with a number of trusted third parties to provide you high quality goods and services. Anybody we work with is subject to stringent security and data privacy assessments before we begin to do business with them and on an ongoing basis.
We always make efforts to anonymise data and only pass over personal information that is absolutely necessary for the purposes it is being processed. We always do so securely.
We have contracts in place with all suppliers that help us to ensure security and privacy of your personal information, these are reviewed and updated regularly and always in line with data protection laws.
Our main operations are based in the UK and your personal information is generally processed, stored and used within the UK and other countries in the European Economic Area (EEA). In some instances your personal information may be processed outside the European Economic Area. For example, NEXT operates a call centre in Pune, India. Operatives in this location will have access to your account information in order to assist you with your query. We also work with suppliers and partners who may make use of Cloud and /or hosted technologies across multiple geographies.
Where we need to transfer your data outside of the UK or EEA we will use one of the following safeguards:
For customers who are based outside of the UK, we will transfer your personal data to the UK and may also transfer your personal data to third parties located in the UK to your country of residence to enable us to supply products you order from us.
We always ensure that personal data is secure by continuously developing our security systems and training for our employees. We have implemented appropriate technical and organisational security measures designed to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of processing, in accordance with applicable law.
Under the California Consumer Privacy Act (the ‘CCPA’), California residents have certain rights regarding the personal information that businesses have about them. This includes the rights to request access or deletion of your personal information, as well as the right to direct a business to stop selling your personal information.
The CCPA rights
Right to opt-out of sale:
While NEXT does not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). We support the CCPA and wish to provide you with control over how your personal information is collected and shared.
Right to request disclosure:
You have the right to request disclosure about what categories of Personal Information NEXT has sold or disclosed for a business purpose about you and the categories of third parties to whom the personal information was sold or disclosed. You have a right to request disclosure of specific pieces of personal information. Below is a complete list of the personal information that you can include in your request.
Right to request deletion:
You have the right to request that NEXT delete any personal information about you that was collected from you. Please note that there are exceptions where NEXT does not have to fulfil a request to delete personal information, such as when the deletion of information would create problems with completing a transaction or compliance with a legal obligation.
Right to non-discrimination:
NEXT will not discriminate against you (e.g., through denying goods or services or providing a different level or quality of goods o/r services) for exercising any of the rights afforded to you.
How do we handle your requests?
We endeavour to respond to a verifiable consumer request within the required timeframes. If we need more time, we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain why we cannot comply with a request, if applicable. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
California and Delaware “Do Not Track” disclosures
California and Delaware law require NEXT to indicate whether it honours your browser’s “Do Not Track” settings concerning targeted advertising. NEXT adheres to the standards set out in this Notice and does not monitor or respond to Do Not Track browser requests.
We do not knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, please do not attempt to register for NEXT services or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible. If you believe that a child under 13 may have provided us their personal information, please contact us.
Should you need to contact us please write to:
UK registered address:
Data Protection Officer
EU registered address:
Data Protection Officer
Next Retail (Ireland) Ltd,
13–18 City Quay,
or you can email: firstname.lastname@example.org
Are you sure you want to navigate away from this site?
If you navigate away from this site
you will lose your shopping bag and its contents.