Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Jan. 31, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk Management and Strategy We have robust programs in place for assessing, identifying and managing material risks from cybersecurity threats. Our approach leverages a comprehensive suite of security tools and initiatives, including but not limited to, Managed Security Service Providers, Extended Detection and Response monitoring, internal reporting mechanisms, and advanced detection and monitoring tools. Our information security program is continuously evaluated through internal audits and a range of security exercises, including tabletop simulations, penetration testing, vulnerability assessments and red team exercises. Identified security gaps from these assessments are systematically integrated into our risk remediation processes and incorporated into our security tools and applications to enhance our overall cybersecurity policies and procedures. In addition, we conduct annual Payment Card Industry Data Security Standard compliance reviews and independent third-party penetration testing to ensure our defenses remain resilient and aligned with industry best practices. Our global cybersecurity team is composed of multidisciplinary Information Technology (“IT”) professionals from key regions, led by our Global Director of Cybersecurity. This team is responsible for providing comprehensive reporting to executive management and auditors, covering cybersecurity threats, assessments, findings and strategic direction for future improvements. We ensure continuous endpoint monitoring in collaboration with a third-party cybersecurity firm. For high or critical severity incidents, rapid response protocols are in place, including isolation, segmentation and forensic analysis by our cybersecurity team. Additionally, we have engaged a dedicated third-party threat hunter to assist in identifying Indicators of Compromise. Our Global Director of Cybersecurity leads a quarterly cybersecurity governance meeting, bringing together IT teams from all subsidiaries. This meeting serves as a forum to review ongoing and upcoming security initiatives, regulatory compliance and industry best practices. We conduct an annual tabletop exercise facilitated by an external cybersecurity specialist. This exercise simulates various attack scenarios, testing our incident response plans and procedures to ensure effective threat detection, mitigation and remediation. It also evaluates potential business impacts, including business continuity, backup strategies, data protection, compliance, and regulatory requirements such as GDPR, CCPA and PCI. Participants include IT leadership, finance, legal, insurance, and operations teams across all subsidiaries, ensuring a coordinated and well-prepared response to cybersecurity threats.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	We have robust programs in place for assessing, identifying and managing material risks from cybersecurity threats. Our approach leverages a comprehensive suite of security tools and initiatives, including but not limited to, Managed Security Service Providers, Extended Detection and Response monitoring, internal reporting mechanisms, and advanced detection and monitoring tools. Our information security program is continuously evaluated through internal audits and a range of security exercises, including tabletop simulations, penetration testing, vulnerability assessments and red team exercises. Identified security gaps from these assessments are systematically integrated into our risk remediation processes and incorporated into our security tools and applications to enhance our overall cybersecurity policies and procedures. In addition, we conduct annual Payment Card Industry Data Security Standard compliance reviews and independent third-party penetration testing to ensure our defenses remain resilient and aligned with industry best practices.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Board of Directors Oversight [Text Block]	Governance Our board of directors provides comprehensive oversight of enterprise risk management, including information security, technology and cybersecurity threats. The audit committee of our board of directors is responsible for evaluating the adequacy and effectiveness of internal controls, particularly those designed to assess, identify and manage material cybersecurity risks. The audit committee receives quarterly cybersecurity reports from the Chief Information Officer (“CIO”) and cybersecurity team, detailing material risks, threats and mitigation efforts. In the event of a cybersecurity incident, the Global Director of Cybersecurity or senior IT leadership will escalate the issue to the Disclosure Committee, following the Incident Response Plan’s predefined escalation criteria. Security incidents are classified based on severity (Critical, High, Medium), impact, and nature, ensuring efficient risk prioritization, resource allocation and incident response management. Our Disclosure Committee includes key executives and senior leadership, including the Executive Vice President, Chief Growth and Operations Officer, Chief Financial Officer, CIO, Senior Vice President of Finance, Senior Vice President of Investor Relations and Treasurer, Senior Vice President of Legal Counsel and Vice President of Legal Counsel. Additionally, it comprises senior representatives from financial reporting, internal audit, financial planning and analysis, and tax functions, ensuring a comprehensive approach to risk oversight and compliance. Our CIO has over 28 years of experience leading our technology operations and more than 40 years of expertise in information technology, spanning the banking and fashion apparel industries. Our Global Director of Cybersecurity has over 20 years of experience in information technology, with a specialized focus of more than seven years in cybersecurity, risk management, and compliance. He holds Certified Information Systems Security Professional (“CISSP”) and Certified Ethical Hacker (“CEH”) credentials. Additionally, he serves as a governing body member for the New York Evanta CISO community. For further discussion of the risks associated with cybersecurity incidents, see our “Risks Related to Cybersecurity, Data Privacy and Information Technology” under “Risk Factors.”
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	The audit committee of our board of directors is responsible for evaluating the adequacy and effectiveness of internal controls, particularly those designed to assess, identify and manage material cybersecurity risks.
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The audit committee receives quarterly cybersecurity reports from the Chief Information Officer (“CIO”) and cybersecurity team, detailing material risks, threats and mitigation efforts. In the event of a cybersecurity incident, the Global Director of Cybersecurity or senior IT leadership will escalate the issue to the Disclosure Committee, following the Incident Response Plan’s predefined escalation criteria. Security incidents are classified based on severity (Critical, High, Medium), impact, and nature, ensuring efficient risk prioritization, resource allocation and incident response management.
Cybersecurity Risk Role of Management [Text Block]	Our Disclosure Committee includes key executives and senior leadership, including the Executive Vice President, Chief Growth and Operations Officer, Chief Financial Officer, CIO, Senior Vice President of Finance, Senior Vice President of Investor Relations and Treasurer, Senior Vice President of Legal Counsel and Vice President of Legal Counsel. Additionally, it comprises senior representatives from financial reporting, internal audit, financial planning and analysis, and tax functions, ensuring a comprehensive approach to risk oversight and compliance.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Executive Vice President, Chief Growth and Operations Officer, Chief Financial Officer, CIO, Senior Vice President of Finance, Senior Vice President of Investor Relations and Treasurer, Senior Vice President of Legal Counsel and Vice President of Legal Counsel
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	Our CIO has over 28 years of experience leading our technology operations and more than 40 years of expertise in information technology, spanning the banking and fashion apparel industries. Our Global Director of Cybersecurity has over 20 years of experience in information technology, with a specialized focus of more than seven years in cybersecurity, risk management, and compliance.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The audit committee receives quarterly cybersecurity reports from the Chief Information Officer (“CIO”) and cybersecurity team, detailing material risks, threats and mitigation efforts.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Jan. 31, 2025

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy

We have robust programs in place for assessing, identifying and managing material risks from cybersecurity threats. Our approach leverages a comprehensive suite of security tools and initiatives, including but not limited to, Managed Security Service Providers, Extended Detection and Response monitoring, internal reporting mechanisms, and advanced detection and monitoring tools. Our information security program is continuously evaluated through internal audits and a range of security exercises, including tabletop simulations, penetration testing, vulnerability assessments and red team exercises. Identified security gaps from these assessments are systematically integrated into our risk remediation processes and incorporated into our security tools and applications to enhance our overall cybersecurity policies and procedures. In addition, we conduct annual Payment Card Industry Data Security Standard compliance reviews and independent third-party penetration testing to ensure our defenses remain resilient and aligned with industry best practices.

Our global cybersecurity team is composed of multidisciplinary Information Technology (“IT”) professionals from key regions, led by our Global Director of Cybersecurity. This team is responsible for providing comprehensive reporting to executive management and auditors, covering cybersecurity threats, assessments, findings and strategic direction for future improvements.

We ensure continuous endpoint monitoring in collaboration with a third-party cybersecurity firm. For high or critical severity incidents, rapid response protocols are in place, including isolation, segmentation and forensic analysis by our cybersecurity team. Additionally, we have engaged a dedicated third-party threat hunter to assist in identifying Indicators of Compromise.

Our Global Director of Cybersecurity leads a quarterly cybersecurity governance meeting, bringing together IT teams from all subsidiaries. This meeting serves as a forum to review ongoing and upcoming security initiatives, regulatory compliance and industry best practices.

We conduct an annual tabletop exercise facilitated by an external cybersecurity specialist. This exercise simulates various attack scenarios, testing our incident response plans and procedures to ensure effective threat detection, mitigation and remediation. It also evaluates potential business impacts, including business continuity, backup strategies, data protection, compliance, and regulatory requirements such as GDPR, CCPA and PCI. Participants include IT leadership, finance, legal, insurance, and operations teams across all subsidiaries, ensuring a coordinated and well-prepared response to cybersecurity threats.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Board of Directors Oversight [Text Block]

Governance

Our board of directors provides comprehensive oversight of enterprise risk management, including information security, technology and cybersecurity threats. The audit committee of our board of directors is responsible for evaluating the adequacy and effectiveness of internal controls, particularly those designed to assess, identify and manage material cybersecurity risks. The audit committee receives quarterly cybersecurity reports from the Chief Information Officer (“CIO”) and cybersecurity team, detailing material risks, threats and mitigation efforts. In the event of a cybersecurity incident, the Global Director of Cybersecurity or senior IT leadership will escalate the issue to the Disclosure Committee, following the Incident Response Plan’s predefined escalation criteria. Security incidents are classified based on severity (Critical, High, Medium), impact, and nature, ensuring efficient risk prioritization, resource allocation and incident response management.

Our Disclosure Committee includes key executives and senior leadership, including the Executive Vice President, Chief Growth and Operations Officer, Chief Financial Officer, CIO, Senior Vice President of Finance, Senior Vice President of Investor Relations and Treasurer, Senior Vice President of Legal Counsel and Vice President of Legal Counsel. Additionally, it comprises senior representatives from financial reporting, internal audit, financial planning and analysis, and tax functions, ensuring a comprehensive approach to risk oversight and compliance.

Our CIO has over 28 years of experience leading our technology operations and more than 40 years of expertise in information technology, spanning the banking and fashion apparel industries. Our Global Director of Cybersecurity has over 20 years of experience in information technology, with a specialized focus of more than seven years in cybersecurity, risk management, and compliance. He holds Certified Information Systems Security Professional (“CISSP”) and Certified Ethical Hacker (“CEH”) credentials. Additionally, he serves as a governing body member for the New York Evanta CISO community.

For further discussion of the risks associated with cybersecurity incidents, see our “Risks Related to Cybersecurity, Data Privacy and Information Technology” under “Risk Factors.”

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

The audit committee of our board of directors is responsible for evaluating the adequacy and effectiveness of internal controls, particularly those designed to assess, identify and manage material cybersecurity risks.

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The audit committee receives quarterly cybersecurity reports from the Chief Information Officer (“CIO”) and cybersecurity team, detailing material risks, threats and mitigation efforts. In the event of a cybersecurity incident, the Global Director of Cybersecurity or senior IT leadership will escalate the issue to the Disclosure Committee, following the Incident Response Plan’s predefined escalation criteria. Security incidents are classified based on severity (Critical, High, Medium), impact, and nature, ensuring efficient risk prioritization, resource allocation and incident response management.

Cybersecurity Risk Role of Management [Text Block]

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Executive Vice President, Chief Growth and Operations Officer, Chief Financial Officer, CIO, Senior Vice President of Finance, Senior Vice President of Investor Relations and Treasurer, Senior Vice President of Legal Counsel and Vice President of Legal Counsel

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The audit committee receives quarterly cybersecurity reports from the Chief Information Officer (“CIO”) and cybersecurity team, detailing material risks, threats and mitigation efforts.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true