TJX Europe Privacy Statement and Cookies Policy
Effective Date: December 2022
The TJX Companies, Inc. and its affiliates (collectively, “TJX”, “we”, “us” or “our”) operate our stores, websites, and mobile apps. This Privacy Statement pertains to the personal information we collect or generate about our customers in our stores, on our websites, or via mobile apps. This Privacy Statement describes the types of information collected, and how your information is used, shared and protected. It also explains the choices you have relating to your information and how you can contact us.
The TJX entity responsible for processing your information (the “data controller”) will depend on where you are located. Refer to Appendix A for information about the data controllers. Please note that T.K. Maxx and HomeSense are trading names of the data controllers.
Information we collect
The categories of information about you that we may collect, use, disclose and otherwise handle may vary by country and applicable law. Typically, we will collect, store and process information about you if you use our websites to view or buy products, e-vouchers or gift cards, or if you voluntarily provide us with such information, for example when you subscribe to our mailing list, enroll in our loyalty programme, enter a promotion or competition, contribute content about yourself to our websites, whether by direct upload, posting such content to one of our social media pages or by using a hashtag or other identifier that we use to integrate social media content with our websites, or if you apply for a job or take part in inquiries or surveys. This information will be processed by electronic means and includes:
- contact details including name, e-mail, telephone number and address;
- login and account information, including screen name, password and unique user ID;
- personal details including gender and date of birth;
- payment or credit card information;
- personal preferences including your marketing and cookie preference;
- content you may provide via a form on our websites;
- your image and any personal information that you include in content that you contribute to our websites (such as comments, photos and videos) as well as the name of the social media account from which you contribute that information; and
- other personal information you provide to us on our websites, via mobile apps, on feedback forms, in our stores or when you interact with us in other ways, both online and offline.
Use of information
Subject to applicable law, we may collect, use, disclose or otherwise handle your information in pursuit of our legitimate business interests while maintaining appropriate technical and organizational measures to protect the information. These interests include to:
- enable the use of and make improvements to our websites;
- send direct marketing materials to you if you have agreed for us to do so;
- operate, evaluate and improve our business and websites;
- manage customer, supplier and vendor relationships;
- enroll you in and administer our loyalty and other rewards programs upon your request;
- improve merchandise selections and customer service;
- identify your product and service preferences;
- notify you about new products, services, features, promotions, events and special offerings relating to TJX that we think you will find valuable; and
- administer your participation in promotions, contests and sweepstakes.
Where we have a contract with you, we process your personal information as necessary for performance of the contract. This includes to:
- process business transactions and related activities; and
- supply our goods and services.
We also may use the personal information we collect to protect us against and prevent fraud, claims, and other liabilities and to comply with or enforce applicable legal and regulatory requirements, industry standards, and our policies and terms. We use personal information for these purposes when it is necessary to protect, exercise or defend our legal rights, or when we are required to do so by a law that applies to us. This includes to:
- verify your identity in certain instances (such as when you return merchandise or request a refund);
- meet any legal and regulatory requirements; and
- secure our operations and protect against, identify and help prevent fraud, unauthorized activity, claims and other liabilities and minimize risk.
If we plan to use the personal information that you provide to us for other purposes beyond those described above, we will provide you with information about that processing at the time of collection.
Sharing information with third parties
We do not sell, otherwise disclose, or share information we collect and hold about you, except as described in this Privacy Statement.
We share personal information with third parties who perform services on our behalf. We use third parties to host our websites or mobile apps, operate certain of its features, send e-mails, print or send mailings, run our sweepstakes, contests or other promotions, conduct customer research, authorize and process your payments, manage and analyze data and our advertising effectiveness, provide customer support, manage customer claims, prevent fraud, protect our assets and data, and fulfill orders. These third parties are not authorised by us to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements. Any personal information shared with such third parties is protected as described below.
Subject to applicable law, we may also share the personal information we obtain with our affiliates, subsidiaries and other group companies for the purposes described in the prior paragraph. If we share your personal information with such entities, we will ensure that an adequate level of protection is in place to protect your personal information in accordance with applicable law.
We also may disclose information about you: (i) if we are required to do so by law, regulation or legal process (such as a court order or subpoena) including lawful requests by public authorities to meet national security or law enforcement requirements; (ii) in response to requests by government agencies, such as law enforcement authorities; (iii) for the purpose of or in connection with legal proceedings, or otherwise for the purpose of establishing, exercising or defending our legal rights; or (iv) when we believe disclosure is necessary or appropriate in connection with an investigation of suspected or actual illegal activity.
We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganisation, dissolution or liquidation), but only where we have first taken reasonable steps to ensure the security and confidentiality of your information.
How we protect your information
We maintain appropriate technical and organisational measures to protect personal information against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access. However, we cannot guarantee the effectiveness of these safeguards, and nothing in this notice shall be construed as an express or implied warranty against loss, misuse or unauthorized access, disclosure, alteration or destruction.
Service providers who might have access to your information in order to provide services on our behalf will be contractually obliged to keep such information in confidence, implement adequate data security measures, and may not use that data for any other purpose.
Links to other websites
Our websites may contain links to other third party websites for your convenience and information. These websites may operate independently from us. Linked websites may have their own privacy policies or notices, which we strongly suggest you review if you visit any linked website or applications. We are not responsible for the content, use or privacy practices of any website or applications that are not affiliated with us.
Retention of your information
We take reasonable steps to ensure that the information we process is reliable for its intended use, is accurate, up-to-date and complete, and is limited to the information required to carry out processing for the purposes described in this Privacy Statement. We retain your information for as long as necessary to fulfil the purposes for which we collect it, except if required otherwise by law.
We may transfer to and store the information we collect about you in countries other than the country in which the information was originally collected, including the United States and other destinations outside the European Economic Area (“EEA”), in accordance with applicable law. Those countries may not have the same data protection laws as the country in which you provided the information. When we transfer your information to other countries, we will protect the information as described in this Privacy Statement and comply with applicable legal requirements providing adequate protection for the transfer of information to countries outside the EEA. This includes by entering into the European Commission’s EU Standard Contractual Clauses with the data recipient or ensuring that the data recipient has implemented Binding Corporate Rules. To obtain a copy of the safeguards we have put in place, please contact us as indicated below.
Please note that individuals in Poland have the right to object to data transfers to other data controller entities within the TJX group.
Subject to applicable law, you may have certain rights with respect to our processing of your information. You may have the right to request access to the information we hold about you, obtain confirmation as to whether or not information concerning you exists, be informed of the content and source of such information and check its accuracy. In addition, subject to applicable law, you have the right to correct, update, erase, restrict, or object to the use of, your information held by us.
Also subject to applicable law, you have the right to receive a copy of your personal information in a structured, commonly used, machine readable format, including a right to have that personal information transmitted to another organization.
If you change your mind and no longer wish to receive marketing communications from us, you have the right to request that we cease sending marketing communications, whether by e-mail or otherwise, to you. You can do this by:
- checking the applicable box(es) on any form we may use to collect information from you;
- clicking the unsubscribe link displayed in any of our marketing e-mails; or
- otherwise requesting that we do not process your information for marketing purposes.
You can withdraw any consent given to us at any time and free of charge, but you may no longer be able to benefit from our services if you do so.
To exercise these rights or to make a complaint or submit an inquiry about our privacy practices, please contact us by email at firstname.lastname@example.org or write to us at:
Data Protection Officer
73 Clarendon Road
To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information.
You also may lodge a complaint with the data protection authority in your country if you are not satisfied with our response.
Updates to our privacy statement
This Privacy Statement may be updated periodically and without prior notice to you to reflect changes in our processing of your information and privacy practices. We will post a prominent notice on each of the applicable websites to notify you of any significant changes to our Privacy Statement and indicate at the top of the Privacy Statement when it was most recently updated.
TJX Europe cookies policy
Effective Date: December 2022
The TJX Companies, Inc. and its affiliates (collectively, “TJX”, “we”, “us” or “our”) operate our stores, websites, and mobile apps. We collect certain information by automated means when you visit us, such as how many users visited our websites and the pages accessed. We collect this information through various means such as "cookies," "web beacons" and IP addresses, as described in this policy.
The TJX entity responsible for processing your information (the “data controller”) will depend on where you are located. Refer to Appendix A for information about the data controllers. Please note that T.K. Maxx and Homesense are trading names of the data controllers.
Certain pages on our websites may contain "web beacons" (also known as Internet tags, pixel tags and clear GIFs). These web beacons allow third parties to obtain information such as the IP address of the computer that downloaded the page on which the beacon appears, the URL of the page on which the beacon appears, the time the page containing the beacon was viewed, the type of browser used to view the page, and the information in cookies set by the third party.
An IP address is a unique identifier that certain electronic devices use to identify and communicate with each other on the Internet. When you visit our websites, we may view the IP address of the device you use to connect to the Internet. We use this information to determine the general physical location of the device and understand from what geographic regions our website visitors come. We also may use this information to enhance our websites.
Categories of cookies and other automated technologies
Strictly necessary cookies.
These cookies are essential in order for our site to operate properly and enable you to use its features. Without these cookies, certain services (like shopping carts, etc.) cannot be provided.
|Drupal||SSESS###########||This cookie is used by Drupal to link a user to a session so that information about their visit can be stored on the server as they move from one page to the next. This cookie also helps avoid session highjacking.||Session||First Party|
|Drupal||SSESS0dee5d4ab0c72846ecf90666eb2a38ef||This cookie is used by Drupal to link a user to a session so that information about their visit can be stored on the server as they move from one page to the next. This cookie also helps avoid session highjacking.||Session||First Party|
|Gigya||gmid||Used to identify the logged in user. If declined, the user cannot login to the system.||Session||First Party|
|Gigya||hasGmid||Internal cookie for the Web SDK. If declined, user may be intermittently logged out.||13 Months||First Party|
|Gigya||ucid||Unique computer identifier used for generating reports, and used by the Web SDK to get saved response.||13 Months||First Party|
|Gigya||gig_bootstrap_3_||Internal cookie for the Web SDK.||365 Days||Third Party|
|Gigya||gig_canary||Indicates whether the client is using the canary version of the Web SDK.||365 Days||First Party|
|Gigya||gig_canary_ver||The version name of the Web SDK's canary version.||Session||First Party|
|Gigya||apiDomain_3_gTNlxQv0D4i6o5nlOJLSgDkZgGWYS5VJtUeCmzxa2_t9A2lV0LgVSBcEbHvUiBcW||The shared domain API calls for all sites in a group should be sent to.||365 Days||Third Party|
|Gigya||gig_canary_3_gTNlxQv0D4i6o5nlOJLSgDkZgGWYS5VJtUeCmzxa2_t9A2lV0LgVSBcEbHvUiBcW||Used to indicate whether the user is using the canary version of the Web SDK.||365 Days||First Party|
|Gigya||gig_canary_ver_3_gTNlxQv0D4i6o5nlOJLSgDkZgGWYS5VJtUeCmzxa2_t9A2lV0LgVSBcEbHvUiBcW||Used to indicate whether the user is using the canary version of the Web SDK.||Session||First Party|
|Gigya||apiDomain_XXXXXX||The shared domain that the Gigya identity management API calls for all sites in a group should be sent to.If declined, SSO will not function.||365 Days||Third Party|
|Gigya||_gig_lt||Used for authentication to the site.||365 Days||First Party|
|Gigya||gig_toggles||This value is sent to SAP Customer Data Cloud in order to identify toggles that the back-end behavior depends on to process the specified toggle. Required for SDK defined toggles to function.||365 Days||First Party|
|Gigya||glt_3_ueOG1Roxo1kudtUh_CFamduClcEbERv09l5gKthMqk66DO5bBSaxeb5KEt94sB66||Used for authentication to the site.||365 Days||First Party|
|Gigya||gltexp_3_ueOG1Roxo1kudtUh_CFamduClcEbERv09l5gKthMqk66DO5bBSaxeb5KEt94sB66||Used to control the expiration of login tokens.||365 Days||First Party|
|Gigya||glt_xxxxxx||Used as a security measure to ensure only a designated user can log into their account.||365 Days||First Party|
|Gigya||gltexp_XXXXXX||Used to control the expiration of login tokens.||Dynamic||First Party|
|uvisited||Set by our custom module which confirms that the lightbox banner popup on the homepage has been displayed and there’s no need to display it again on the next page view||Session||First Party|
|popupOrder||This cookie stores the lightbox banner popup on the homepage order values.||30 days||First Party|
|popupOrderShow||This cookie store a 1 or 2 value (if the user visited for the first time the value will be 1 and will appear the popup no 1, if the user visited second time the value will be 2 and the popup showed will be the 2nd one).||Session||First Party|
|OneTrust||eupubconsent||Used to store the user's consent to the data collection purposes. The cookie holds an encrypted consent string that vendors participating in the IAB framework can read and determine the user's consent.||365 Days||First Party|
|OneTrust||OptanonAlertBoxClosed||Used to identify users who are shown the site information notice and in some cases only when they have actively closed the notice down. It enables the site not to show the message more than once to a user.||365 Days||First Party|
|OneTrust||OptanonConsent||Used to store information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given.||365 Days||First Party|
These cookies are used to deliver adverts more relevant to users based on their interests. They can also be used to limit the number of times users see an advertisement as well as help measure the effectiveness of an advertising campaign. They can be placed on a device by us or by a third party with our consent. For example, where you choose to link to various social networks (such as Facebook, Twitter and Pinterest) via our website, these social network sites may place cookies on your device and use these to target advertising to you on their or other websites.
|AddToAny||__cfduid||This domain is owned by AddToAny. The main business activity is: These cookies are for the purpose of sharing pages and content that interests you on our site through third party social networking or other websites.||365 Days||Third Party|
|_fbp||Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers||90 Days||Third Party|
|fr||Contains browser and user unique ID combination for targerted advertising purposes.||90 Days||Third Party|
|Flashtalking.com||flashtalkingad1||Set by flashtalking.com. Used to register what ads the user has seen.||2 Years||Third Party|
|_gat_gtag_xxxxxxxxxxxxxxxxxxxxxxxxxxx||Used to throttle the request rate - limiting the collection of data on high traffic sites.||10 minutes||First Party|
|IDE||This cookie is set by Google and is activated when a user plays videos that are embedded on our website from Youtube.||365 Days||Third Party|
|test_cookie||This cookie is set by Google to enable advertising to be displayed to the visitor||15 minutes||Third Party|
|YouTube||CONSENT||Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website.||2 years||Third Party|
|YouTube||GPS||Detecting a unique ID on mobile devices to enable tracking based on geographic GPS location.||Session||Third Party|
|YouTube||VISITOR_INFO1_LIVE||This cookie is used as a unique identifier to track viewing of videos||Session||Third Party|
|YouTube||YSC||Tracking views of embedded videos.||Session||Third Party|
These cookies collect information about how visitors interact with our websites, such as what pages are visited and what errors may have occurred. The information collected is used to improve how our websites work.
|_ga||Used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in the site and used to calculate visitor, session and campaign data for the sites analytics reports.||2 years||First Party|
|_gat||Used to throttle the request rate - limiting the collection of data on high traffic sites.||10 minutes||First Party|
|_gid||Used to store and update a unique value for each page visited.||24 hours||First Party|
|New Relic||JSESSIONID||The JSESSIONID cookie is used to store a session identifier so that New Relic can monitor session counts for an application. The cookie value is generated by Jetty||Session||Third Party|
Cookies are used with your consent in accordance with applicable law. To manage your preferences related to cookies and other automated technologies on our website, access our cookies preference centre below. Please note, Strictly Necessary cookies cannot be turned off as they are required for our site to function properly.
If you have any questions about our information practices, please contact our Data Protection Officer by email at email@example.com or write to:
Data Protection Officer
73 Clarendon Road
- TJX UK, incorporated and registered in England and Wales with company number 03094828 and registered office at 73 Clarendon Road Watford WD17 1TX, UK.
- TJX IRELAND UNLIMITED COMPANY, incorporated and registered in Ireland with company number 316341 and registered office at 12 Northbrook Road, Ranelagh, Dublin 6, Ireland.
- TJX DISTRIBUTION LTD. & CO. KG, incorporated and registered in Germany with company number HRA 23488 and registered office at Peter-Mueller-Strasse18, 40468 Duesseldorf, Germany.
- TJX DEUTSCHLAND LTD & CO KG, incorporated and registered in Germany with company number HRA 19118 and registered office at Peter-Mueller-Strasse18, 40468 Duesseldorf, Germany.
- TJX EUROPEAN DISTRIBUTION SP. Z.O.O., incorporated in Poland and registered in the District Court for Warsaw, XII Commercial Division of the National Court Registry with KRS 0000329221, NIP: 7010180875, REGON 141840956, BDO 000104218, share capital: 8 050 000 PLN and registered office at Chmielna 19, 00-021 Warsaw, Poland.
- TJX POLAND SP Z.O.O, incorporated in Poland and registered in the District Court for Warsaw, XII Commercial Division of the National Court Registry with KRS: 0000329191, NIP: 7010180987, REGON 141840908, BDO 000010230, share capital: 35 000 000 PLN and registered office at Chmielna 19, 00-021 Warsaw, Poland.
- TJX EUROPE BUYING GROUP LIMITED, incorporated and registered in England and Wales with company number 06846443 and registered office at 73 Clarendon Road Watford WD17 1TX, UK.
- TJX ITALY MERCHANTS S.R.L., incorporated and registered in Italy with company number 05956200488 and whose office address is at Via Vespasiano da Bisticci 4/6, 50136 Florence, Italy and whose registered agent’s address is at Lungarno Guicciardini n. 21, 50100 Florence, Italy.
- TJX NEDERLAND B.V., incorporated and registered in The Netherlands with company number 62425102 and whose registered office at Hogehilweg 17, 4th floor, 1101CB Amsterdam, The Netherlands (“TJX Netherlands”).
- TJX OESTERREICH LTD. & CO. KG, incorporated and registered in Austria with company number FN 417129 a. and whose registered office is at Mariahilfer Str. 77-79, 1060 Wien, Handelsgericht Wien, Austria (“TJX Austria”).
Love designer labels and unique finds for less?
We’re a match made in big brand heaven with exciting men’s, women’s and kids’ fashion, beauty, shoes, accessories and homeware brands at up to 60% less than the RRP. Amazing TK Maxx prices and fresh deliveries throughout the week mean that there are ridiculous possibilities every day!
And if you love TK Maxx Home, you'll adore Homesense!