Privacy Policy

Kathmandu is committed to protecting the privacy of your Personal Information (defined below). We manage your Personal Information in an open and transparent way.

This Privacy Policy applies to users in Australia, Canada, New Zealand, and the United States. Kathmandu is bound by this Privacy Policy and the requirements of applicable privacy laws which regulate how we may collect, use, disclose and store Personal Information. In some jurisdictions, these laws also specify how individuals may access and correct Personal Information held about them.

If you are visiting this website from within the United Kingdom or the European Economic Area, please refer to our privacy policy at https://www.kathmandu.co.uk/privacy-policy for the rights in addition to this privacy policy that apply to you, and further information about the applicable privacy laws which regulate how we may collect, use, disclose and store your Personal Information.

For the purposes of this Privacy Policy, “Personal Information” means information or an opinion about an identified individual (or an individual who is reasonably identifiable), whether true or not, or recorded in a material form or not.

In this Privacy Policy ‘we’, ‘us’, ‘our’ and ‘Kathmandu’ refers to (and this policy applies to) Kathmandu Holdings Ltd and all of its subsidiary companies including Milford Group Holdings Ltd, Kathmandu Ltd, Kathmandu Pty Ltd, Kathmandu (U.K.) Ltd.), Kathmandu US Holdings LLC and Oboz Footwear LLC (the “Kathmandu Group”).

By visiting any of our websites upon which a link to this Privacy Policy is displayed and/or providing your Personal Information to us, you consent to the terms and conditions in this Privacy Policy, unless you tell us to the contrary by contacting our Privacy Officer.

Kathmandu collects Personal Information about you (and possibly about your family members) directly from you (or from your authorised representative), when you:

• complete an online form on one of our websites or with a third party through a link from the Kathmandu website;
• visit and browse our websites;
• complete a hard copy form;
• apply for membership of the Summit Club;
• create an online account through one of our websites;
• purchase goods or services from us in certain circumstances such as through our website, or if you deal with us by reference to your Summit Club membership, or if you pay other than by cash;
• enter a competition, promotion or survey;
• apply for employment with us; or
• contact us by telephone, mail, email or online.

The information you give us may include your name, address, email address and phone number, financial and credit card information. With regard to your visits to our websites, we may automatically collect technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, and statistical information about visits to pages on the site, the duration of individual page view, the paths taken by you through the site, data on your screen settings and other general information. The nature of the information collected will depend on the purpose for which it is being collected. If you provide us with information about any third party, you must obtain that person’s permission to give us the information and inform them that you have given the information to us.

We may also collect Personal Information about you from a third party or a publicly available source, but only if you have consented to such collection, or would reasonably expect us to collect your Personal Information in this way. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them. We may combine this data with other information collected through the website.

Kathmandu only collects Personal Information for purposes that are directly related to our business activities, and only when it is necessary for or directly related to such purposes. We also collect Personal Information related to employment services, human resource management, and other corporate service functions.

If you provide your Personal Information to a third party via a link from the Kathmandu website, that information is collected and managed by that third party. You should familiarize yourself with their privacy policy prior to deciding whether you wish to provide them with your information.

We use your Personal Information for a variety of reasons including to:

• to carry out our obligations arising from any contracts entered into between you and us and to provide services and products to you;
• answer your inquiries and deliver customer service to you;
• to tell you about, or promote, other products that we think may be of interest to you;
• maintain and improve customer services;
• administer our Summit Club program;
• facilitate your interaction with us on our website;
• consider any application for employment made by you;
• meet our legal obligations;
• manage and resolve any legal or commercial complaints and issues;
• carry out internal functions including training; and
• conduct marketing research and analysis.

You may visit our websites without providing Personal Information, but you should be aware that we may not be able to provide you with some of the services and/or products you are seeking if we do not have certain Personal Information.

In the course of conducting our business and providing our products and services to you, we may disclose your Personal Information when one of the following applies:

• you have consented to the disclosure;
• we sell, buy, reorganize, merge, or dissolve businesses or assets;
• we engage another company or organization to perform certain business-related functions, including web hosting, maintaining databases, promotional, research or marketing activities and processing payments, provided that such companies and organizations will only receive the Personal Information (if any) necessary to allow them to perform their specific functions and we will take reasonable steps to ensure such companies and organizations appropriately protect and respect the privacy of your Personal Information;
• you would reasonably expect, or have been told, that your information is passed to those individuals, bodies or agencies; or
• it is otherwise required or authorised by law or we believe it is necessary to (i) comply with a legal obligation, (ii) protect and defend our rights or property, (iii) act in urgent circumstances to protect the personal safety of our users or the public, or (iv) protect or defend against legal liability.

We may disclose your Personal Information to:

• another member of the Kathmandu Group;
• professional advisers (such as lawyers or auditors);
• payment systems operators and financial institutions;
• third party agents or contractors with whom we contract in the ordinary course of business (e.g. web hosting and database service providers or other service providers);
• third party agents or contractors for the purpose of provision of services in connection with Summit Club activities;
• freight and logistics providers;
• advertisers and advertising networks;
• selected organisations authorised by Kathmandu to conduct promotional, research or marketing activities;
• subject to your opt-out right, to third parties for their own marketing purposes;
• analytics and search engine providers that assist us in the improvement and optimisation of our websites;
• upon lawful request from law enforcement agencies or government authorities; and
• any persons acting on your behalf including those persons nominated by you, executors, trustees and legal representatives.

We will only use or disclose your Personal Information for direct marketing purposes if you have provided your information for that purpose (e.g. by agreeing to receive marketing emails) or if you have provided consent for your information to be used in this way. From time to time, we may contact you with information about products and services offered by us and our related entities and our business partners, which we think may be of interest to you. When we contact you, it may be by mail, email or SMS. We may also provide targeted marketing to you whether directly or through online advertisement networks such as those operated by Google, based on your viewing activity of our website. For more information, see “Cookies/Tracking Technology” below.

When we use or disclose your Personal Information for the purpose of direct marketing, you can request not to receive direct marketing communications by clicking the “unsubscribe” link in any email (also known as ‘opting-out’) and we will comply with your request to ‘opt-out’ of receiving further communications within a reasonable timeframe.

You can opt out of receiving targeted advertising derived from your viewing habits by selecting from your browser’s privacy or security settings to reject, delete or block (as the case may be) the cookies or web beacons used by us in order to conduct such targeted marketing.

Kathmandu will only ever send marketing materials with your consent, and you can ask to be removed from our marketing lists at any time by contacting us directly or by updating your preferences in the preference centre through the “My Account” section on our websites or by logging in with your Summit Club ID.

In some circumstances, Kathmandu may disclose your Personal Information to overseas recipients. If this occurs, we take steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the relevant privacy laws in relation to that information. We share information between our businesses, located in Australia, New Zealand, the United Kingdom, the European Union and the United States. Sometimes we use third party platforms and services to process sales, provide web support, send marketing messages, deliver products or otherwise deliver information. These services are hosted and managed by organisations other than ourselves, and some of these services are hosted overseas. We use products and services maintained in Australia, New Zealand, the United Kingdom, Israel, China and the United States. Your Personal Information may be stored in a secure and encrypted form overseas (e.g. in data storage and cloud computing facilities operated by us (or by third parties on Kathmandu’s behalf).

We will take reasonable steps to ensure that your Personal Information is stored securely and is protected from misuse and loss and from unauthorized access, modification or disclosure. We have a range of systems and communication security measures, as well as the secure storage of any hard copy documents. Access to your Personal Information is restricted to those properly authorized to have access. We keep your Personal Information for as long as it is required to provide you with the products you requested from us and to comply with legal requirements. If we no longer require your Personal Information for any purpose, including legal purposes, we will take reasonable steps to securely destroy or de-identify your Personal Information.

Our websites are professionally hosted and operate in a secure environment. You should however be aware that there is always an inherent risk in transmitting your Personal Information via the Internet. We use Comodo and Cybersource to process online orders. Customers can see their cards being debited in real time, all in an SSL secure environment.

Please do not enter any credit card details when contacting us via email, through our Live Chat function or through our website “Contact Us” form. These functions do not form part of online transactions which use Comodo and Cybersource and therefore your credit card details will not be encrypted in these situations.

Minors under the age of 18 years are prohibited from making purchases, including subscriptions, on our websites. We do not knowingly collect Personal Information from children under the age of 16. If you are under the age of 16, please do not submit any Personal Information through our websites. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Information through our websites without their parent’s or guardian’s permission. If you have reason to believe that a child under the age of 16 has provided Personal Information to Kathmandu through our websites, please contact us, and we will endeavor to delete that information from our databases.

Cookies are pieces of information that a website transfers to your computer for record-keeping purposes. The information collected may be used by Kathmandu to improve your experience on our website. For example, if you wish to make a purchase using our online store, our cookies will collect information about what is in your shopping cart and assist us to maintain that shopping cart during the transaction.

We may also use web beacons, embedded in our website’s web pages, that work in conjunction with cookies to notify us what web pages on our website are visited by a particular IP address (including by reference to domain name), computer or device, the date and time of visit to our site, the duration of individual page views, information downloaded, hyperlinks selected and paths taken by the visitor through the site, the visitor's screen settings and other general information. That information will be collected either by us directly or by a service provider contracted for that purpose. By measuring how you interact with our website in this way, we may provide targeted marketing to you, based on your viewing activity of our website, whether directly or through online advertisement networks such as those operated by Google.

Kathmandu does not respond to "do not track" signals.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

You can request access to the Personal Information we hold about you at any time, and we will provide you with that information unless we are prevented by law from giving it to you. If we are unable to give you access to the information you have requested, we will give you reasons for this decision when we respond to your request. You will not be charged for accessing your information, although to the extent permitted by law we may charge the reasonable cost of processing your request, including photocopying, administration and postage. We will advise you of any fee payable before we process your request.

If you believe that your Personal Information is not accurate, complete or up to date or you wish to request the deletion of any Personal Information that we hold, please contact Customer Service in Australia on 1800 333 484, New Zealand on 0800 001 234, United States on + 1 347-688-4916 or via email to privacy@kathmandu.co.nz or address your request to the Privacy Officer, Kathmandu, PO Box 1234, Christchurch 8140, New Zealand.

You are also able to update your Personal Information online by entering your Summit Club or My Account login details when visiting one of our websites.

This privacy policy is effective from 1 January 2020. From time to time, our Privacy Policy will be reviewed and, if appropriate, updated. If any changes are made to this policy, these will be posted on our websites. If you use our web site after the revised Privacy Policy is updated, you will be bound by it.

If you are have queries, concerns or complaints about the manner in which your Personal Information has been collected or handled by Kathmandu or would like to request access to or correction of the Personal Information we hold about you, please write to:

Privacy Officer Kathmandu PO Box 1234 Christchurch 8140, New Zealand.
Email: privacy@kathmandu.co.nz

If you have any questions regarding Kathmandu’s Privacy Policy, please call Customer Service in Australia on 1800 333 484, New Zealand on 0800 001 234, United States on + 1 347-688-4916, or email us at privacy@kathmandu.co.nz

If you consider your privacy concerns have not been resolved satisfactorily by us, or you wish to obtain more information on privacy requirements, you can contact:

• Australia Office of the Australian Information Commissioner on 1300 363 992 or visit their website at www.oaic.gov.au
• New Zealand Privacy Commissioner (New Zealand) on 0800 803 909 or visit their website at www.privacy.org.nz
• United States Federal Trade Commission on (202) 326-2222 or visit their website at www.ftc.gov

Effective January 1, 2020, the California Consumer Protection Act (“CCPA”) requires us to provide California consumers with certain information about the processing of their personal information and rights available to them with respect to such information.

The table below sets out generally the categories of personal information (as defined by the CCPA) about California residents that we collect, disclose for a business purpose and “sell,” as defined by the CCPA. To be clear, the Kathmandu Group does not sell your personal information for money. In certain instances, we will share personal information among the members of the Kathmandu Group and with third parties who provide valuable services to the Kathmandu Group as described in the section above titled “Who do we disclose your Personal Information to?” and those third parties can use your personal information.

The section above titled “Information we may collect from you” describes the categories of sources from which we collect your personal information. The section above titled “How does Kathmandu use your Personal Information?” describes how we use your personal information. The section above titled “Who do we disclose your Personal Information to?” sets forth the categories of third parties with whom we share your personal information.

California law gives consumers the right to make the following requests, up to twice every 12 months:

• The right to request a copy of the personal information that we have collected about you in the prior 12 months.
• The right to request details about the categories of personal information we collect, the categories of sources, the business or commercial purposes for collecting information, and the categories of third parties with which we share information.
• The right to request deletion of the personal information that we have collected about you, subject to certain exemptions.
• The right to opt-out of sale of your personal information. To exercise your opt-out rights, please visit our Do-Not-Sell page at https://www.kathmanduoutdoor.com/do-not-sell-my-personal-information.

You can submit a copy, deletion and right-to-know request either (a) online at https://www.kathmanduoutdoor.com/personal-information-request or (b) by emailing us at privacy@kathmandu.co.nz.

The CCPA prohibits discrimination against California consumers for exercising their rights under the CCPA and imposes requirements on any financial incentives offered to California consumers related to their personal information, unless the different prices, rates, or quality of goods or services are reasonably related to the value of the consumer’s data. We do not discriminate against consumers when they exercise their CCPA rights.

Separate from the CCPA, under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us with personal information, as defined in that law, are entitled to request and obtain from us, free of charge, information about the personal information (if any) we have shared with third parties for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third party sharing in the prior calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to privacy@kathmandu.co.nz . In your request, please attest to the fact that you are a California resident and provide a current California address.