This Policy was last updated on November 17, 2022
This Policy addresses these topics:
What information do we collect and how do we use it?
1. Information You Provide
When you visit our Services, you may provide us with certain personal information, such as your name, address, phone number, email address, personal preferences, payment card number, purchase and ordering information, demographic information, responses to survey questions, questions and inquiries, and any other information you choose to provide. Our Services may also give you the option to upload or share pictures or videos of yourself and others.
We collect this information at various places on our Services, such as when you check out with your online order; communicate with our chatbot; subscribe to email offers and mobile messaging offers; participate in surveys; enter contests or sweepstakes; or interact with special-event or program offers.
We may collect information that you provide on our Services about people you know. For example, we collect your gift recipient's contact information to process your gift orders.
2. Information Your Devices Provide Automatically
When you interact with our Services, we obtain certain information by automated means, including the following:
a. Location Information
We may obtain information about your location when you access or use our Services: for example, via your browser information and other similar device, software, or browser attributes (like IP address), our store locator page, or our mobile applications. For more details, please see "What choices do you have over how your information is used?" below.
b. Navigational Information
When you access our Services, your computer, phone, or other device may provide navigational information, such as browser type and version, service-provider identification, IP address, the site or online service from which you came, and the site or online service to which you navigate.
c. Device Information
We also may obtain information about the computer or mobile device you use to access our Services, such as the hardware model, operating system and version, identification numbers assigned to your mobile device, such as the ID for Advertising (IDFA) on Apple devices, and the Advertising ID on Android devices, mobile network information, and website or app usage behavior.
d. Cookies, Clear Gifs, Analytics, Device Identifiers, and Similar Technologies
To better understand how you interact with our Services, we may collect information using cookies, clear gifs (also known as web beacons or web bugs), and similar technologies.
A cookie is a small amount of data that is stored by your browser on your device. It's used to do things like see how you navigate our Services and what you click on; remember you and your online purchases when you return; and recognize you and honor a special deal for you when you redeem one of our offers from a third party’s site. This helps us improve and deliver our Services, provide better customer service, tailor and improve your online experience, and tailor offers to you based on your unique tastes and a combination of your online and offline (e.g., in-store) interactions and purchase history.
A clear gif is a nearly invisible pixel-sized graphic image on a web page, web-based document or email message. It helps us do things like view the URL of the page on which the clear gif appears and the time the site, document, or email in question is viewed; and recognize you and honor a special deal for you when you navigate from a third party’s site to redeem one of our offers that may have appeared there. Clear gifs in emails help us confirm the receipt of, and response to, our emails, including those that you forward to friends and family; and they help deliver a more personalized or better online experience.
In addition to cookies and clear gifs, we may also use device identifiers, web storage, third-party provided analytics services, such as session replay services, and other similar technologies and services, to collect information about your interactions with our content and Services. Session replay services consists of an analytics application that allows us to capture and analyze your interaction with our Services to better identify and repair any technical errors and optimize our Services. Such technologies and third-party-provided services may observe or record your activities when using our Services, including movements, scrolling, visit duration, clicks, information typed, and other interactions.
To facilitate our Services, we enable our third-party service providers to be part of your communications and interactive experiences with us. When you interact or communicate with us, you are also interacting and communicating with or through our third-party service providers and their technologies (session replay, for example). These technologies, illustrated above, may be used to help us understand which of our interactive experiences online users like most; and to diagnose, troubleshoot, optimize, debug, rectify, and fix our Services. Cookies, clear gifs, session replay services, and similar technologies also allow us to associate your online navigational information and purchases and interactions (both online and offline) with personal information you provide (such as name, address, phone number, survey responses, and email address). We associate this information to deliver products and services to you; improve our business; transact business; and market our products and services on this and other online services through a variety of media like email, mobile advertising, and direct mail.
For information about your options with respect to cookies, see "What choices do you have over how your information is used?" below.
3. Information Derived Through or Provided by Others
Affiliated entities, sister brands, vendors, social media networks, and advertising networks may provide us with, or supplement, information about you (with your consent where required by applicable law). We may use this information for a variety of operational or marketing purposes, such as to correct shipping information, market to you, deliver more relevant offers through customer insights, improve our business, and transact business.
4. Third-Party Analytics and Personalization Services
We may use third-party analytics services to analyze site metrics and performance, analyze our visitors' preferences, address technical issues, optimize our Services for better user experiences, and serve personalized content to you through the use some or all of the technologies described above, such as cookies, clear gifs, session replay software, and other similar technologies. For information about your options with respect to cookies, see "What choices do you have over how your information is used?" below.
5. How We Use the Information We Obtain
We use the personal information we obtain through the Services to:
a. deliver our Services;
b. process your online orders and returns;
c. facilitate payment and transactions;
d. create and manage your online account;
e. personalize your online experience with content and offers that are tailored to your interests;
f. provide customer service and respond to your inquiries and requests;
g. include you in surveys and contests;
h. enable you to post your content, such as comments, images or videos;
i. facilitate networks of online social activity centered around our products and services;
j. improve our Services, the manner in which offers are made on our Services, and the interactions and experience visitors have with our Services;
k. diagnose, troubleshoot, optimize, debug, rectify, and fix our Services;
l. l. enable you to interact with third-party content service providers, whether by linking to their sites, viewing their content within our online environment, or by viewing our content within their online environment;
m. facilitate information security, and fraud monitoring and prevention;
n. n. send you or serve tailored information (including through email, direct mail, text messages, and digital advertising) about our products, services, and events that may be of interest to you based on your purchases and interactions (both online and offline) and
o. create aggregated, pseudonymized or anonymized information for statistical purposes.
How is technology used to serve our advertisements on other online services and what choices do you have?
On our Services, we and third parties may collect information about your online activities to provide you with advertising about products and services tailored to your interests. We contract with third-party advertising companies, which may collect information about your use and interactions with the Services over time and across third-party websites and online services, for use in delivering tailored online display and banner advertising to you on other websites and online services. To serve this advertising, these third-party companies place, use, or rely on the technologies described above, including cookies, clear gifs, analytics, device identifiers and similar technologies to obtain information about customer interactions with us through our Services and interactions with other online services. These companies use the information they collect to serve you ads that are targeted to your interests.
You can specify your preferences over the use of some of these technologies by opening Cookie Preferences to view or change your preferences to address future cookie placement.
You may also specify your preferences through a centralized registry. To learn about how to opt out of interest-based advertising in general, click the following:NAI Opt Out or DAAC Opt Out
Please note that even if you opt-out of interest-based advertising by a third party, these tracking technologies may still collect data for other purposes, including analytics. This means that you will still see ads from us, but the ads will not be tailored to you and therefore may be less relevant to you and your interests.
Your preferences only apply to the web browser you use so you must specify them for each web browser on each computer you use. This means, once you opt out of targeted advertising, for instance, if you later delete your browser’s saved cookies, you will need to opt-out again.
If you agree to receive promotional communications from us, we may also use services provided by third-party platforms (such as social media and other websites) to serve targeted advertisements on such platforms to you or others, and we may convert your email address or other information into a unique value and provide it to the third-party platform so that they can match the information with their data to a user on their platform. To opt-out of the use and sharing of your information for such purposes, please see"What choices do you have over how your information is used?".
Our Services do not respond to “Do Not Track” signals.
How do our services interact with third-party services and content?
We link to third-party sites and services, or otherwise display third-party content through our Services, for your convenience and information. These third-party sites and services may operate independently from us. The privacy practices of the relevant third parties, including details on the information they may collect about you, is subject to the privacy statements of these parties, which we strongly suggest you review. To the extent any linked third-party sites and services are not owned or controlled by us, we are not responsible for these third parties’ information practices.
Here are examples of the types of third-party content and services available through or via our Services:
1. Interactive Maps
We may facilitate easy access to the online maps of content providers like Google to help you get quick location, driving, and contact information for our stores.
2. Sweepstakes, Contests, and Survey Sites
3. Social Networking and other Third-Party Sites and Services
What information do we share with, or disclose to, third parties and our sister brands?
We may share information about you with certain third parties, as described below, and as otherwise described in this Policy. We do not sell or otherwise share personal information about you, except as described in this Policy.
1. Our Sister Brands
We may share the information we collect about you, such as your postal and email address, customer preferences and purchase history, with affiliated entities that operate our sister brands so they may market to you. Such sister brands include White Barn Candle Co. We will obtain your consent to this sharing to the extent required by applicable law. If you don’t want this information shared with our sister brands, follow the instructions below in "What choices do you have over how your information is used?"
2. Service Providers and Contractors
We provide or make available personal information, and your communications and interactive experiences with us, to third-party service providers, processors, and contractors whom we engage to provide services to us. These third-party services are integrated into all the data and communications processing activities that are covered by this Policy. When you interact or communicate with us, you are also interacting and communicating with or through our third-party service providers and their technologies. These processing services and activities include, for example, fulfilling orders; processing payments; providing customer service through chat or chatbot features; monitoring activity on our Services; diagnosing troubleshooting, optimizing, debugging, rectifying, and fixing our Services; delivering surveys and related analysis (which could be combined with Services usage analytics); maintaining databases; hosting and operating our microsites, mobile websites and mobile applications; administering, sending and monitoring emails and text messages; serving online advertisements as described above; and providing consulting services.
3. Other Marketers
We may occasionally provide you with the opportunity to opt in to receive email messages from third parties. If you do opt in, we'll share your email address with the specific third party in question. Please review the privacy policies of these third parties to learn more about how they treat your personal information.
4. Law Enforcement and Emergency Response
We may disclose personal information about you (a) if we are required or permitted to do so by law or legal process (such as a court order or subpoena); (b) in response to requests by government agencies, such as law enforcement authorities; (c) to establish, exercise, or defend our legal rights; (d) when we believe disclosure is necessary or appropriate to prevent physical or other harm or financial loss; (e) in connection with an investigation of suspected or actual illegal activity; or (f) otherwise with your consent.
5. Sale or Merger
We reserve the right to share and/or transfer your personal information in the event we sell or transfer all or a portion of our business assets (including, without limitation, in the event of a merger, acquisition, joint venture, reorganization, dissolution, or liquidation).
What choices do you have over how your information is used?
We offer you certain choices in connection with the personal information we obtain about you.
You may opt out of Bath & Body Works email by following the instructions located at the bottom of each marketing email or by contacting Customer Service at 1-888-684-6412.For Relay Service, dial 711 or use an internet protocol relay service. If you opt out of the email list, we may still send you operational or transactional messages, such as password-reset or account related information, from the relevant brand or line of business. You may also call us at 1-888-684-6412 for Stores Customer Service and 1-800-395-8008 for Online-Orders Customer Service. For Relay Service, dial 711 or use an internet protocol relay service.
2. Mobile Text Messaging
If you've signed up for mobile text messages but later decide you no longer wish to receive them, simply follow the opt-out instructions included in a mobile text message, or reply STOP to one of them.
3. Mobile Push Notifications/Alerts
With your consent, we may send push notifications or alerts to your mobile device. You can deactivate these messages at any time by changing the notification settings on your mobile device.
4. Location Information
You may have the ability to turn location-based services on and off by adjusting the settings of your internet browser or mobile device.
5. Postal Mail
If you'd like to specify your preferences for our postal mail, simply follow the instructions on the mailer; or dial 1-888-684-6412. For Relay Service, dial 711 or use an internet protocol relay service.
6. Cookies and Clear Gifs
Visit How is technology used to serve our advertisements on other online services, and what choices do you have? to learn about how to specify your preferences over our use of cookie and similar technologies. You can also set your browser to notify you when you receive a cookie or to not accept certain cookies. However, if you decide not to accept cookies you may not be able to take advantage of all of the features on our Services.
7. Our Sister Brands
If you don't want your information shared with our sister brands for those brands’ own direct marketing purposes, please contact us at 1-888-684-6412 to make a request. For Relay Service, dial 711 or use an internet protocol relay service.
8. Social Sharing
To opt-out of the sharing of your personal and purchase details with social networking sites and other third-party platforms for the purposes of serving tailored advertisements to you or others, please complete this opt-out form.
How do you update your personal information?
You may update or modify your billing- and shipping-related information, and other account information, by logging onto our Services (e.g., Your Account on bathandbodyworks.ca) or by calling us at 1-888-684-6412. For Relay Service, dial 711 or use an internet protocol relay service.
Upon request, we’ll (1) provide you with access to your personal information in our records, subject to limited exceptions set out under applicable privacy laws; (2) inform you of the existence, use and general disclosure of your personal information; and (3) correct or update any personal information that is inaccurate or incomplete, as necessary. You may request this information by calling 1-888-684-6412 or by contacting us as set out below. For Relay Service, dial 711 or use an internet protocol relay service. We may request certain personal information for the purpose of verifying the identity of the individual seeking access to their personal information records.
How do we protect personal information?
We maintain administrative, technical, and physical safeguards designed to protect the personal information that we collect through our Services against accidental, unlawful, or unauthorized destruction, loss, alteration, access, disclosure or use.
Our administrative safeguards include implementing, maintaining, and training employees on company privacy and information security policies and procedures. Our physical and technical safeguards include maintaining physical security policies and standards to protect company systems and data, and a cybersecurity program overseen by our executive leadership team.
We retain your personal information for as long as necessary to fulfill the purpose(s) for which it was collected, to comply with our contractual obligations and legitimate business needs, and to comply with applicable laws.
Do we collect children's personal information?
Our Services are designed for a general audience and are not directed to children. We do not knowingly collect or solicit personal information from children under the age of thirteen (13) (or other relevant ages, which may apply by virtue of applicable law) through our Services. If we become aware that we have collected personal information from a child under such age, we will promptly delete the information from our records. If you believe a child under such age may have provided us with personal information, please contact us as specified in the Whom May I Contact for General Inquiries? section of this Policy.
Where is personal information stored and processed?
Our employees, involved in data processing, and our servers are based in Columbus, Ohio, US, and other locations throughout the United States. We work with affiliated and unaffiliated service providers in the United States, India, China, and other jurisdictions around the world.
Whom may I contact for general inquiries?
If you have general questions, comments, or concerns about our Policy or the manner in which we or our service providers treat your personal information, please contact us at 1-888-684-6412. For Relay Service, dial 711 or use an internet protocol relay service.
Or contact us via:
ATTN: Privacy Matter
Bath & Body Works
3 Limited Parkway
Columbus, OH 43230
How will we communicate updates to our policy?
This Policy may be updated periodically to reflect changes in our personal information practices, as indicated at the top of this Policy.