Birkenstock Holding plc
1-2 Berkeley Square
London W1J 6EA
U.K.

Registered under the Companies (Jersey) Law, 1991
Registration Number: 148522
UK company numbers: BR025976 and FC040859

If you would like to contact us, please contact us using the information below
Email: ir@birkenstock-holding.com
Mail: 1-2 Berkeley Square, London W1J 6EA, U.K.

The Controller within the meaning of Art. 4(7) General Data Protection Regulation (GDPR) and the General Data Protection Regulation as it forms part of the domestic law in the United Kingdom by virtue of section 3 of the EU (Withdrawal) Act 2018 (including as further amended or modified by the laws of the United Kingdom or a part of the United Kingdom from time to time) (UK GDPR) is:

Birkenstock Holding plc
1-2 Berkeley Square
London W1J 6EA
United Kingdom

dpo@birkenstock-holding.com

For general questions regarding this Privacy Policy or data protection issues, or to submit any data-related requests, appeal any of our decisions, or view this Privacy Policy in an alternate form, please contact us via

dpo@birkenstock-holding.com

This Privacy Policy applies solely to your interactions with us through our investor relations website and investor relations email alert services (the “Services”). If you provide Data (as defined below) to us through another means or through another website, the provision and/or use of such Data shall be subject to a separate privacy notice. This Privacy Policy is supplemented by a California Privacy Policy that outlines specific rights granted under the CCPA to individual California residents and provides information regarding how such California residents can exercise their rights under the CCPA. Please read and understand the California Privacy Policy if it is applicable to you.

2.1 Personal data is information referring to an identified or identifiable natural person (hereinafter referred to as “Data”). By using or receiving our Services, we process the following categories of data in particular:

2.2 Data that you make available to us: When you contact us (e.g., via subscribing to investor alerts), you provide us with Data. The exact Data that you provide is shown in the respective data entry forms. For example, the following Data may be included: Your name and email address.

The relevant data entry form will tell you whether you are contractually or legally obligated to provide us with the relevant Data or what consequences it may have if you do not provide us with the Data.

2.3 Data we collect about you: We may also collect information and/or Data about you from third parties. If you visit this website or otherwise use our Services, we may also store access data in server log files.

2.4 Information we collect through automatic data collection technologies:

(a) Cookies: In order to make your visit to our website efficient and to enable the use of certain functions, we use cookies on various pages. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of the Services. Unless you have adjusted your browser setting so that it will refuse all cookies, our system will issue strictly necessary cookies when you direct your browser to the Services.

(b) Web Beacons. Pages of the Services and any emails you receive from us may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

(c) Flash Cookies. Certain features of the Services may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from, and on the Services. Flash cookies are not managed by the same browser settings as are used for browser cookies.

2.5 Special categories of personal data: We do not collect or process any special categories of personal data.

3.1 We process your Data only in accordance with the relevant statutory provisions and only if permissible by an applicable legal regulation (in particular from the GDPR). Should we wish to process your Data for purposes other than those for which it was originally collected, we will ensure that we have a sufficient legal basis to do so. In particular, we will base processing of your Data on the following legal basis. Please note that these examples are only intended to make the categories of legal basis more transparent and are not an exhaustive list.

3.2 Consent (Art. 6(1)(a), Art. 7 UK GDPR and GDPR): We will only process certain Data if you have given us your express and voluntary consent in advance. You have the right to revoke your consent at any time with effect for the future.

3.3 Performance of a contract / precontractual measures (Art. 6(1)(b) UK GDPR and GDPR): In the course of the performance or initiation of any contract with us, we must process certain Data.

3.4 Compliance with a legal obligation (Art. 6(1)(c) UK GDPR and GDPR): We need to process some of your Data in order to comply with legal obligations to which we are subject.

3.5 Protection of legitimate interests (Art. 6(1)(f) UK GDPR and GDPR): We also process some of your Data to protect our legitimate interests or the legitimate interests of third parties, unless your interests are overriding in individual cases.

We do not sell your Data to third parties. Among other things, we will process your Data for the following purposes:

Contract-related processing purposes

4.1 Data collection and use for contract performance: We collect and process Data voluntarily provided to us when providing you with the Services. The respective data entry forms will show what Data we collect. We use the Data provided by you to meet our contractual obligations towards you and to process your inquiries.

Data processing on the basis of consents

4.2 Use of your Data for advertising purposes: We may use your Data to communicate with you about your orders, certain products or marketing campaigns and to recommend products or services that might be of interest to you. You may revoke your consent to the use of your Data for advertising purposes at any time in whole or for individual measures with effect for the future. You may contact us at this email address, dpo@birkenstock-holding.com, or at the address shown in Section 1 of this Privacy Policy.

4.3 Email alerts: If you register to receive our investor email alerts, we will process your name and email address to send you our investor email alerts on a regular basis. You may revoke your consent to the use of your Data for these purposes at any time in whole or for individual measures with effect for the future. You may contact us at this email address, dpo@birkenstock-holding.com, or at the address shown in Section 1 of this Privacy Policy or click the unsubscribe link on our investor relations website to opt-out.

Data processing for compliance with legal obligations

4.4 We are subject to certain legal obligations when providing the Services. This includes, among others, the obligation to ensure the security of your Data when using the Services. For this purpose, we may process your Data as part of measures to ensure data security.

Data processing on the basis of legitimate interests

4.5 Storage of access data in server log files: When you visit this website or use our Services, we may store access data in server log files, such as the name of the requested file, date and time of access, the transferred data volume, and the requesting provider. We use this data exclusively to ensure an efficient operation of this website and to improve our offering.

We will always take appropriate steps to ensure that your Data will be processed, protected, and transmitted in accordance with the applicable legal requirements. We may disclose aggregated data about our users, and data that does not identify any individual, without restriction.

We may disclose Data that we collect or you provide as described in this Privacy Policy:

(a) To our subsidiaries and affiliates;

(b) To contractors, service providers, and other third parties we use to support us and the Services and who are bound by contractual obligations to keep Data confidential and use it only for the purposes for which we disclose it to them;

(c) To third parties as part of the use of cookies and tracking functions within this website and third parties who send out email alerts and newsletters on our behalf;

(d) To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Birkenstock Holding Limited’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Data held by Birkenstock Holding Limited about users of the Services is among the assets transferred;

(e) To fulfill the purpose for which you provide the Data;

(f)  For any other purpose disclosed by us when you provide the Data;

(g) With your consent;

(h) To comply with any court order, law, or legal process, including to respond to any government or regulatory request;

If we transfer your Data to service providers and affiliated companies outside the United Kingdom and/or European Economic Area (EEA), the transfer will only take place if the UK Government or the EU Commission has confirmed an adequate level of data protection to the third country (Art. 45(1) UK GDPR and GDPR) or if other appropriate data protection guarantees within the meaning of Art. 47 UK GDPR and GDPR exist (e.g., binding corporate rules in accordance with Art. 46(2)(b), Art. 47 UK GDPR and GDPR, standard data protection clauses issued by the Information Commissioner’s Officer or EU Commission in accordance with Art. 46(2)(c)). For more information, please see the contact details provided in Section 1 of this Privacy Policy.

In accordance with Art. 17 UK GDPR and GDPR, your Data will be stored for as long as we are legally obligated to do so or as long as we need your Data for the purposes stated under Section 4. Your Data will then be deleted in order to comply with the principle of data minimization.

For example, after complete performance of the contract or erasure of your customer account, your Data will be blocked for further use and erased after the expiry of statutory retention periods, unless you have expressly consented to further use of your Data or we reserve the right to use your Data beyond this scope, which is permitted by law and about which we will notify you. Deletion of your customer account is possible at any time either via a message to our Customer Service department or via a function provided in the customer account.

8.1  You may assert a number of different rights to which data subjects are entitled. To do so, please contact us using the contact details given in Section 1 of this Privacy Policy.

Right of access

8.2 You may request information about the Data stored about you (Art. 15 UK GDPR and GDPR). This information includes the categories of Data processed by us, the purposes of the processing, the origin of the Data where we have not collected it directly from you, and, if applicable, the recipients to whom we have transmitted your Data. You may receive from us a free copy of the data about you which we hold. If you are interested in further copies, we reserve the right to invoice you for any additional copies.

Right to rectification and erasure

8.3 You may request the rectification of inaccurate Data and the completion of incomplete Data concerning you. (Art. 16 UK GDPR and GDPR). In addition, you may also request the erasure of your Data under the conditions of Art. 17 UK GDPR and GDPR. This may be the case, for example, if:

(a) the Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;

(b) you withdraw consent on which the processing is based and where there is no other legal ground for the processing;

(c) you object to the processing of your Data and there are no overriding legitimate grounds for the processing or you object to the processing of your Data for direct marketing purposes;

(d) the Data has been unlawfully processed,

unless processing is necessary:

(a)  to ensure compliance with a legal obligation that requires us to process your Data;

(b)  especially with regard to legal retention periods; or

(c)  to assert, exercise, or defend legal claims.

Right to restriction of processing

8.4 You may also have the right to restrict the processing of your Data, i.e., to mark the stored Data with the aim of restricting their future processing. For this purpose, one of the conditions specified in Art. 18 UK GDPR and GDPR must be met, i.e.,

(a) you contest the accuracy of the Data, for a period enabling us to verify the accuracy of the personal data;

(b) the processing is unlawful and you oppose the erasure of your Data and request the restriction of its use;

(c) we no longer need your Data, but it is required by you for the establishment, exercise, or defense of legal claims; or

(d) you have objected to processing pending the verification whether our legitimate grounds override yours.

Right to data portability

8.5 Finally, you may also have a right to receive the Data concerning you, which you have provided to us in a structured, commonly used, and machine-readable format. You may also request that we transmit your Data directly to another controller, where technically feasible (Art. 20 UK GDPR and GDPR).

Right to object

8.6 You may object to processing of your Data at any time on grounds relating to your particular situation, provided that the data processing is based on your consent or on our legitimate interests or those of a third party. In this case, we will no longer process your Data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims. If we process your Data for direct marketing purposes, you may object to the processing at any time (Art. 21 UK GDPR and GDPR). Your right to revoke your consent to the processing remains freely exercisable at any time, regardless of your right of objection.

Right to lodge a complaint with a data protection authority

8.7 You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your Data by us is in breach of applicable data protection law.

8.8 The data protection supervisory authority responsible for us is:

UK ICO (the Information Commissioners Office)

We have taken appropriate technical and organizational security measures to ensure the protection of your Data. We have developed an internal security concept for this purpose.

10.1 The Services are not intended to be used by children under 18 years of age. If you are under 18, do not register for, use, or access the Services. If we learn we have collected or received Data from a child under 18 through such individual’s use of the Services, we will delete that Data. If you believe we might have any Data from or about a child under 18 that was collected thorough such individual’s use of the Services, please contact us at dpo@birkenstock-holding.com

The provisions of the GDPR are available at:
https://eur-lex.europa.eu/legal-content/en/txt/?uri=celex%3a32016r0679

Last updated: October 2023