Why Data Protection Is So Important for Zalando

Millions of customers trust us with their data, and we handle this information responsibly.

Zalando SE Data Protection
Data protection is a top priority for us.

Our Handling of Personal Data

As a European company, we are subject to the rules of the European General Data Protection Regulation (starting May 25, 2018, until then German Federal Data Protection Act as a German company). We comply with the strict provisions of the regulation regarding the use, storage and processing of personal data. Our customers can view their personal information on their customer account at any time, meaning they always know what personal information about them we can access. If customers want further information, we provide this free of charge. We only pass on the personal data of our customers to third parties, such as logistics service providers or banks, as far as it is legally permitted, in particular, if this is required for the execution of the contract, invoicing, or if the customer has previously consented to it. In turn, our service providers may use the forwarded data only to fulfill their task. They must also strictly adhere to the provisions of the applicable data protection laws.

  1. Legal Provisions

    The use, storage and processing of personal information is based on the strict rules imposed by the German Data Protection Act, the German Telemedia Act and European directives.

  2. Best Surfing Experience

    Cookies are used primarily to optimize the purchasing experience and to adapt offers to meet the wishes of customers.

  3. Data Distribution

    Personal data is passed on to third parties such as chairs or banks only if it is legally permissible to do so or our customers have approved such a transmission of data.

  4. Encryption

    Personal data whether at the point of order or login is transmitted in encrypted form using SSL technology. This means that we protect our customers’ data against unauthorized access by third parties.

  5. Data Procession

    The manner in which visitors use our shops is evaluated in pseudonymized* form, which means that at no point is behavior assigned to any individual person or persons.

  6. Payment by Credit Card

    We are PCI-DSS-certified, which means that we abide by the very high standards of the credit card industry in order to protect personal data during credit card transactions.

  7. Payment

    We offer customers methods of payment, thereby enabling a convenient purchasing experience. We pass on such data to our payment service providers only for data for which the handling of payments is required.

  8. Experts

    In order that we can constantly maintain our high security standards we established an internal tech security team, that works closely with outside experts.

*Pseudonymization involves personal characteristics such as the name of the customer being replaced by a pseudonym, for example a combination of numbers. This means the person concerned can be identified only if the pseudonymization process is traced; this requires use of the appropriate "key".


1. Zalando’s Security Measures


2. Use of Cookies


3. How Can Our Customers Prevent Common Risks of Fraud?

Related Content