Depending on where you reside and legal limitations, applicable laws in your jurisdiction may grant you the right to make certain privacy requests. Even if you do not live in one of these jurisdictions, we allow you to make the same requests, and we will take reasonable steps to fulfill them.
You may make a request to:
- Know. You may request a copy of the personal information we have collected about you.
- Delete. You may request that we delete the personal information we have collected about you.
- Correct. You may request to have inaccurate information about you corrected.
- Opt-out of sharing for targeted ads. You may opt-out of our sharing certain personal information with other parties to provide analytics services and serve targeted ads on our behalf.
How to make a request to know, delete, or correct
Click here to make a request using our online Privacy Requests Form. To fulfill your request, we may need to verify your identity. We will send you an email with a link to confirm your email address and may request additional information solely for the purposes of verifying your identity. We only use the information collected through the Privacy Requests Form or otherwise requested to fulfill and maintain records of your request.
Please follow the instructions provided in the communications sent to you, including how to access the fulfillment status and other information related to your request.
You may have an authorized agent make a request on your behalf using the Privacy Requests Form. Your agent will be required to provide written proof that you gave the agent signed permission to submit the request on your behalf. In some cases, we may ask you to verify your identity directly with us or directly confirm that you provided the agent permission to submit the request on your behalf.
You or your authorized agent may also make a request by calling us toll-free at 1-866-237-4007 or writing to us at: Privacy Requests, Legal Department - Gap Inc., 2 Folsom Street, San Francisco CA 94105, United States.
If you are a business contact, please submit your requests by calling our toll-free number or by writing to us using the contact information above.
-
Notice regarding requests to delete. After submitting a request to delete, your personal information will be deleted, including your online accounts and Loyalty Program Memberships. Deletion removes all related records, including all Loyalty Program Membership rewards, benefits, and available promotions. We are not able to reinstate and you will no longer accrue these after deletion.
-
Reviewing and correcting personal information. If you have created a customer account, you are able to review and update certain information and user preferences for your account. Please sign in and click "your account" in the top right corner of the website or the account icon in our mobile apps. You may also contact customer service or make a request to delete.
We work to fulfill requests within the time frames provided by applicable law, and, in some cases, fulfillment make take up to 30 or 45 days depending on where you reside.
Opt-out of sharing for targeted advertising
We may share personal information with other parties to provide analytics services and serve ads on our behalf targeted to your interests and based on your online activities. Information may be linked to your browser or device (like cookies and similar tracking technologies) and related to you if you have a customer account or interact with us in other ways. These parties may use the information for their own marketing and to offer products and services on our online services.
Your personal information is not shared for money, but certain uses may be deemed the “sale” or “sharing” of personal information under applicable privacy laws. We do not sell or share personal information of individuals we know to be under 16 years of age.
Please click the “Your Privacy Choices” link located at the bottom of our sites and within our mobile apps under Customer Service, to opt-out of these uses of your personal information using our Privacy Preference Page and Webform.
If you have a customer account, please sign-in first, before taking the steps on the Privacy Preference Page and Webform, so we can maintain your preference. We only use the information requested to fulfill and maintain records of your request. Your request may take up to 15 business days to process.
Some browsers allow you to enable privacy-controls in the browser's settings to automatically signal your opt-out preference to the websites you visit (like the Global Privacy Control). We honor the Global Privacy Control as a valid request to opt-out of the sharing of information linked to your browser.
You may have an authorized agent submit a request to opt-out on your behalf using the Privacy Preference Page and Webform. Your agent will be required to provide your signed permission to make the request on your behalf. The requirement for your agent to provide signed permission does not apply to requests to opt-out received via the Global Privacy Control.
Please keep in mind:
-
Opt-out tools are limited to the browser or device you use because they work off your browser ID and device ID. If you’re not signed-in to your customer account or don’t have a customer account, you will need to opt-out on each browser and device you use.
-
Your browser may save some information in its cookies and cache to maintain your privacy preferences. Clearing these may remove opt-out preferences, requiring you to opt-out again.
-
If you opt-out, you may still see ads online, but these ads will not be based on your inferred interests.
-
Some automated means may still be used to collect information about your interactions with our online services for the other purposes described in this Privacy Policy (like to remember user preferences or enable specific functionality).
-
We use necessary cookies to make our sites work. Necessary cookies enable core functionality such as security, network management, and accessibility. You may disable these by changing your browser settings, but this may affect how the sites function.
You may also choose to control targeted ads you receive within apps by using the settings and choices made available to you by your device manufacturer. Your device manufacturer will typically have their own privacy settings to block technologies used for targeted advertising or ask for your permission first.
You can read more about targeted adverting and take additional steps to control targeted advertising from many ad networks and exchanges by visiting the Digital Advertising Alliance (www.optout.aboutads.info) or European Interactive Digital Advertising Alliance (www.edaa.eu).
As online environments continue to evolve, additional opt-out mechanisms or privacy settings may become available to you. We encourage you to review the information on opt-outs and settings that browser owners, device manufacturers, technology companies, and industry associations make available to you.
Reasons a request may be denied and exceptions
We may deny your request if we are unable to verify your identity. We use your confirmation of your email address as one way to verify your identity. For example, we may deny your request, if you don’t timely respond to our request to confirm your email address or provide other requested information necessary for us to verify your identity or process your request. We may deny a request from an authorized agent if the agent does not provide required permissions.
If you make a request to delete your personal information, we may not be able to delete certain information if the information is required for us to process your purchase payments or fulfill your orders (exchanges or returns) or requested services.
If you participate in a NFT program (like Gap Threads), smart contracts are employed that collect certain information that is then stored on a blockchain that we do not control. Your information will be cryptographically transmitted and stored on that blockchain, and any deletion or modification of that information (to the extent possible on a blockchain) is governed by the terms of the relevant smart contract associated with the NFT and may not be able to be modified or deleted due to the immutable nature of the blockchain.
We may not be able to honor your request, to the extent it otherwise restricts our ability to comply with applicable law (including cooperating with law enforcement) or our regulatory obligations (like maintaining records of your requests and preferences) or in our good-faith judgment we believe information is necessary to exercise or defend a legal claim or protect our operations and property or the privacy, safety, and property of others.
If we deny your request, you may appeal our decision by writing to us using the address in your area listed under the "Contact us" section of this Privacy Policy. If you have concerns about the results of an appeal, you may contact the supervisory authority where you reside.
Non-discrimination
We do not discriminate against anyone for exercising their privacy rights or making similar requests.
Automated individual decision making
We do not make decisions about you based solely on automated processing of your personal information, including profiling, which produces legal effects or similarly significantly affects you, unless necessary for entering or performance of a contract with you based on your explicit consent or as authorized by applicable law.
Email marketing
You may opt-out of receiving marketing or promotional emails from us by clicking on the “unsubscribe” link contained in such emails. Please keep in mind that if you opt out of receiving marketing or promotional emails, we may still send you transactional communications, such as those relating to your purchases or Loyalty Rewards Program.
Text message marketing
You may opt out of receiving marketing or promotional texts from us by texting the word STOP in response to a text message or following other instructions provided to you when you elected to receive texts. You may have requested texts from more than one list, so you will need to opt-out from each list you are on.
Direct mail
You may request that we stop sending you postal mail offers through the United States post office by writing to us at: Privacy Requests, Legal Department – Gap Inc., 2 Folsom Street, San Francisco, CA 94105, United States.
Co-branded, co-sponsored, or cross-promotional offerings
If you choose to participate in a co-branded, co-sponsored, or cross-promotional offering, the brand, sponsor, or other third party involved in that offering may use your information for their own purposes, including advertising and marketing. You must contact the relevant third party directly to exercise your opt-out choices with respect to the third party’s use of your information.
Push notifications
If an online service enables push notifications on your device, you may review and update your push notification preferences by adjusting the notification settings provided by your device manufacturer. Deactivation may not apply to our in-app notifications and alerts.
In-store technologies
If you choose to use our in-store Wi-Fi services, you can opt-out of the auto-reconnect feature by adjusting your mobile device settings provided by your device manufacturer or by visiting www.smart-places.org.