Download our app ›

Privacy Policy

Last updated: May 18, 2025  ·  Effective: May 18, 2025

01

Introduction

At ASOS ("we", "us", "our"), your privacy is fundamental to how we operate. This Privacy Policy explains what personal data we collect when you use our website, how we use it, who we share it with, and what rights you have over it.

This policy applies to all users of asos.com and any associated services. By using our website, you acknowledge that you have read and understood this policy.

If you have questions about this policy or wish to exercise your data rights, contact us at privacy@asos.com.

02

Data We Collect

Information you provide directly

  • Account details: name, email address, date of birth, and hashed password when you register.
  • Purchase information: billing address, shipping address, and payment method details (processed securely by our payment provider — we never store raw card numbers).
  • Communications: messages you send to our customer service team, product reviews, and responses to surveys.
  • Preferences: saved sizes, wishlist items, and marketing opt-in choices.

Information collected automatically

  • Device & technical data: IP address, browser type and version, operating system, screen resolution.
  • Usage data: pages visited, products viewed, links clicked, search queries, time and date of visits, and referring URLs.
  • Transaction data: purchase history, returns, and refund requests.

Information from third parties

  • Social login providers (e.g. Google, Apple) if you choose to sign in that way.
  • Payment processors (e.g. Stripe, PayPal) for fraud prevention signals.
  • Analytics and advertising partners as described in Section 4.
03

How We Use Your Data

We use your personal data only where we have a lawful basis to do so. Our purposes include:

  • Contract performance: processing and fulfilling your orders, managing returns, and sending shipping updates.
  • Account management: creating and maintaining your account, verifying your identity, and providing customer support.
  • Personalisation: recommending products based on your browsing history and purchase behaviour.
  • Marketing communications: sending promotional emails and offers — only where you have given us consent. You can unsubscribe at any time.
  • Security & fraud prevention: detecting and preventing fraudulent transactions and protecting our systems.
  • Legal compliance: meeting our obligations under applicable law (e.g. tax, accounting).
  • Service improvement: analysing usage patterns to improve our website, products, and services.
04

Cookies & Tracking Technologies

We use cookies, pixel tags, and similar technologies to operate and improve our website. Here is a summary of the cookie categories we use:

Essential cookies

These are strictly necessary for the website to function — for example, keeping you logged in and maintaining your shopping bag. They cannot be disabled.

Analytics cookies

We use tools such as Google Analytics to understand how visitors use our site. Data collected is aggregated and anonymised. These cookies help us identify popular pages and improve navigation.

Marketing & advertising cookies

With your consent, we use third-party advertising platforms (e.g. Meta Pixel, Google Ads) to serve relevant advertisements based on your browsing behaviour on and off our site.

Managing cookies

You can control and delete cookies through your browser settings. Disabling analytics or marketing cookies will not affect your ability to shop on our website, but some personalisation features may not work as intended.

05

Sharing Your Data

We do not sell your personal data. We may share it with trusted partners only as described below:

  • Service providers: companies that help us deliver our services — including cloud hosting, payment processing, email delivery, and logistics providers. These parties are bound by strict data processing agreements.
  • Analytics providers: to help us understand how our services are used (data is anonymised or pseudonymised where possible).
  • Business transfers: if we are involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction.
  • Legal obligations: we may disclose your data to comply with a legal requirement, court order, or to protect the rights and safety of our users or the public.
06

Data Retention

We retain your personal data only as long as necessary for the purposes set out in this policy:

  • Account data: retained while your account is active and for up to 2 years after account closure, unless you request earlier deletion.
  • Financial records: retained for 7 years to comply with accounting and tax regulations.
  • Browsing & analytics data: retained for up to 13 months.
  • Marketing preferences: retained until you withdraw consent or delete your account.
07

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Right to access: request a copy of the personal data we hold about you (Subject Access Request).
  • Right to rectification: request correction of any inaccurate or incomplete data.
  • Right to erasure: request deletion of your personal data ("right to be forgotten"), subject to legal obligations that require us to keep certain records.
  • Right to restrict processing: ask us to suspend processing your data in certain circumstances.
  • Right to data portability: receive your data in a structured, machine-readable format.
  • Right to object: object to processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent: where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, email us at privacy@asos.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

08

Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. These include:

  • SSL/TLS encryption for all data in transit.
  • Secure payment processing via PCI-DSS compliant providers.
  • Access controls limiting who within our organisation can access personal data.
  • Regular security reviews and penetration testing.

Despite these measures, no system is completely secure. If you suspect your account has been compromised, contact us immediately at security@asos.com.

09

Children's Privacy

Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.

10

International Data Transfers

We may transfer your personal data to countries outside your home jurisdiction, including countries that may have different data protection laws. Where such transfers occur, we ensure appropriate safeguards are in place — such as Standard Contractual Clauses approved by relevant data protection authorities.

11

Policy Changes

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email (if you have an account) or by displaying a prominent notice on our website before the changes take effect. The "Last updated" date at the top of this page will always reflect the most recent revision.

Your continued use of our services after changes are posted constitutes acceptance of the updated policy.

12

Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy, please reach out to our Data Privacy team:

  • Email: privacy@asos.com
  • Post: Data Privacy Team, ASOS plc, Greater London House, Hampstead Road, London, NW1 7FB, United Kingdom

For general enquiries, visit our Contact Us page.