Cybersecurity Risk Management and Strategy Disclosure	12 Months Ended
Feb. 01, 2025
Cybersecurity Risk Management, Strategy, and Governance [Line Items]
Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]	Risk Management and Strategy. The Company has developed an information security program to assess, identify, and manage material risks from cybersecurity threats, which is included in our overall risk management system and processes through a layered governance structure. The program includes policies and procedures that identify how security measures and controls are developed, implemented, and maintained. An internal cyber risk assessment is conducted annually. The risk assessment is used by management to consider implementing and augmenting cybersecurity controls where feasible and appropriate with the intent of mitigating cybersecurity risk exposure. The Company employs a broad array of cybersecurity tools and controls to manage exposure to cybersecurity risks. In addition, the Company retains third-party security firms in different capacities to provide some of these controls or monitor cybersecurity threats to our technology systems. For example, third parties are used to conduct independent assessments, such as vulnerability scans and penetration testing, and to confirm PCI DSS compliance. Additionally, third parties are also used to monitor security alert systems. The Company engages with a number of service providers in connection with normal business operations. The Company uses a variety of processes to address cybersecurity threats related to third-party service providers, including, where appropriate, pre-acquisition diligence, and imposition of contractual data security and privacy obligations. In addition, the Company is a member of an industry cybersecurity intelligence and risk sharing organization and participates in other information sharing groups and trade organizations to stay abreast of ongoing cyber risks, cyber incidents, and newly disclosed vulnerabilities and attack vectors. The Company utilizes multiple training methodologies to ensure associate awareness of cybersecurity risks and practices. Associates are required to undergo security awareness training when hired and annually thereafter. In addition, the Company conducts tabletop exercises and other readiness exercises to enhance incident response preparedness. Disaster recovery plans have been put in place, and are tested, to prepare for potential disruptions in technology on which we rely. The Company has an Information Technology Governance, Risk, and Compliance function to address information technology risks, including cybersecurity risks. Additionally, a working committee of management meets periodically to review, assess, and manage material risks from cybersecurity threats. The Company has written cybersecurity incident response plans that are reviewed, and updated if necessary, at least annually. The plans identify cross-functional incident response teams which are comprised of representatives from management, including the Chief Information Security Officer (CISO) and General Counsel. The plans provide for notification to the Executive Committee of the Board of Directors and the full Board of Directors, as appropriate, of any actual or suspected significant cybersecurity incidents and require regular updates to these parties during the investigation of such incidents. The Company is currently unaware of any risks from cybersecurity threats, including those from publicly disclosed incidents with respect to other companies, that have materially affected, or are reasonably likely to materially affect the Company, including strategies, results of operations, or financial condition.
Cybersecurity Risk Management Processes Integrated [Flag]	true
Cybersecurity Risk Management Processes Integrated [Text Block]	The Company has developed an information security program to assess, identify, and manage material risks from cybersecurity threats, which is included in our overall risk management system and processes through a layered governance structure. The program includes policies and procedures that identify how security measures and controls are developed, implemented, and maintained. An internal cyber risk assessment is conducted annually. The risk assessment is used by management to consider implementing and augmenting cybersecurity controls where feasible and appropriate with the intent of mitigating cybersecurity risk exposure. The Company employs a broad array of cybersecurity tools and controls to manage exposure to cybersecurity risks.
Cybersecurity Risk Management Third Party Engaged [Flag]	true
Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]	true
Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]	false
Cybersecurity Risk Board of Directors Oversight [Text Block]	The Company has written cybersecurity incident response plans that are reviewed, and updated if necessary, at least annually. The plans identify cross-functional incident response teams which are comprised of representatives from management, including the Chief Information Security Officer (CISO) and General Counsel. The plans provide for notification to the Executive Committee of the Board of Directors and the full Board of Directors, as appropriate, of any actual or suspected significant cybersecurity incidents and require regular updates to these parties during the investigation of such incidents. Oversight of the information security program sits with the Company’s President and ultimately with the full Board of Directors. The full Board of Directors is briefed as appropriate but not less than annually on cybersecurity risks and the Company’s efforts to mitigate exposure from those risks.
Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]	Executive Committee of the Board of Directors
Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]	The plans provide for notification to the Executive Committee of the Board of Directors and the full Board of Directors, as appropriate, of any actual or suspected significant cybersecurity incidents and require regular updates to these parties during the investigation of such incidents.
Cybersecurity Risk Role of Management [Text Block]	The Company has an Information Technology Governance, Risk, and Compliance function to address information technology risks, including cybersecurity risks. Additionally, a working committee of management meets periodically to review, assess, and manage material risks from cybersecurity threats. The Company has written cybersecurity incident response plans that are reviewed, and updated if necessary, at least annually. The plans identify cross-functional incident response teams which are comprised of representatives from management, including the Chief Information Security Officer (CISO) and General Counsel. In addition to the working committee meetings described above, the CISO and Senior Director of Technology meet regularly with the Company’s President and with other members of senior management to review the current state of the cybersecurity program and emerging threats to the Company.
Cybersecurity Risk Management Positions or Committees Responsible [Flag]	true
Cybersecurity Risk Management Positions or Committees Responsible [Text Block]	Chief Information Security Officer (CISO)
Cybersecurity Risk Management Expertise of Management Responsible [Text Block]	The CISO has been with the Company for 40 years, is a certified CISSP, CRISC, and CIPM and oversees a team of experienced individuals.
Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]	The Company has an Information Technology Governance, Risk, and Compliance function to address information technology risks, including cybersecurity risks. Additionally, a working committee of management meets periodically to review, assess, and manage material risks from cybersecurity threats. The CISO, who reports to the Senior Director of Technology, is the management position with primary responsibility for the development, operation, and maintenance of our information security program. In addition to the working committee meetings described above, the CISO and Senior Director of Technology meet regularly with the Company’s President and with other members of senior management to review the current state of the cybersecurity program and emerging threats to the Company.
Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]	true

Cybersecurity Risk Management and Strategy Disclosure

12 Months Ended

Feb. 01, 2025

Cybersecurity Risk Management, Strategy, and Governance [Line Items]

Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block]

Risk Management and Strategy. The Company has developed an information security program to assess, identify, and manage material risks from cybersecurity threats, which is included in our overall risk management system and processes through a layered governance structure. The program includes policies and procedures that identify how security measures and controls are developed, implemented, and maintained. An internal cyber risk assessment is conducted annually. The risk assessment is used by management to consider implementing and augmenting cybersecurity controls where feasible and appropriate with the intent of mitigating cybersecurity risk exposure. The Company employs a broad array of cybersecurity tools and controls to manage exposure to cybersecurity risks.

In addition, the Company retains third-party security firms in different capacities to provide some of these controls or monitor cybersecurity threats to our technology systems. For example, third parties are used to conduct independent assessments, such as vulnerability scans and penetration testing, and to confirm PCI DSS compliance. Additionally, third parties are also used to monitor security alert systems.

The Company engages with a number of service providers in connection with normal business operations. The Company uses a variety of processes to address cybersecurity threats related to third-party service providers, including, where appropriate, pre-acquisition diligence, and imposition of contractual data security and privacy obligations. In addition, the Company is a member of an industry cybersecurity intelligence and risk sharing organization and participates in other information sharing groups and trade organizations to stay abreast of ongoing cyber risks, cyber incidents, and newly disclosed vulnerabilities and attack vectors.

The Company utilizes multiple training methodologies to ensure associate awareness of cybersecurity risks and practices. Associates are required to undergo security awareness training when hired and annually thereafter. In addition, the Company conducts tabletop exercises and other readiness exercises to enhance incident response preparedness. Disaster recovery plans have been put in place, and are tested, to prepare for potential disruptions in technology on which we rely.

The Company has an Information Technology Governance, Risk, and Compliance function to address information technology risks, including cybersecurity risks. Additionally, a working committee of management meets periodically to review, assess, and manage material risks from cybersecurity threats.

The Company has written cybersecurity incident response plans that are reviewed, and updated if necessary, at least annually. The plans identify cross-functional incident response teams which are comprised of representatives from management, including the Chief Information Security Officer (CISO) and General Counsel. The plans provide for notification to the Executive Committee of the Board of Directors and the full Board of Directors, as appropriate, of any actual or suspected significant cybersecurity incidents and require regular updates to these parties during the investigation of such incidents.

The Company is currently unaware of any risks from cybersecurity threats, including those from publicly disclosed incidents with respect to other companies, that have materially affected, or are reasonably likely to materially affect the Company, including strategies, results of operations, or financial condition.

Cybersecurity Risk Management Processes Integrated [Flag]

true

Cybersecurity Risk Management Processes Integrated [Text Block]

The Company has developed an information security program to assess, identify, and manage material risks from cybersecurity threats, which is included in our overall risk management system and processes through a layered governance structure. The program includes policies and procedures that identify how security measures and controls are developed, implemented, and maintained. An internal cyber risk assessment is conducted annually. The risk assessment is used by management to consider implementing and augmenting cybersecurity controls where feasible and appropriate with the intent of mitigating cybersecurity risk exposure. The Company employs a broad array of cybersecurity tools and controls to manage exposure to cybersecurity risks.

Cybersecurity Risk Management Third Party Engaged [Flag]

true

Cybersecurity Risk Third Party Oversight and Identification Processes [Flag]

true

Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag]

false

Cybersecurity Risk Board of Directors Oversight [Text Block]

Oversight of the information security program sits with the Company’s President and ultimately with the full Board of Directors. The full Board of Directors is briefed as appropriate but not less than annually on cybersecurity risks and the Company’s efforts to mitigate exposure from those risks.

Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block]

Executive Committee of the Board of Directors

Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block]

The plans provide for notification to the Executive Committee of the Board of Directors and the full Board of Directors, as appropriate, of any actual or suspected significant cybersecurity incidents and require regular updates to these parties during the investigation of such incidents.

Cybersecurity Risk Role of Management [Text Block]

In addition to the working committee meetings described above, the CISO and Senior Director of Technology meet regularly with the Company’s President and with other members of senior management to review the current state of the cybersecurity program and emerging threats to the Company.

Cybersecurity Risk Management Positions or Committees Responsible [Flag]

true

Cybersecurity Risk Management Positions or Committees Responsible [Text Block]

Chief Information Security Officer (CISO)

Cybersecurity Risk Management Expertise of Management Responsible [Text Block]

The CISO has been with the Company for 40 years, is a certified CISSP, CRISC, and CIPM and oversees a team of experienced individuals.

Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block]

The CISO, who reports to the Senior Director of Technology, is the management position with primary responsibility for the development, operation, and maintenance of our information security program. In addition to the working committee meetings described above, the CISO and Senior Director of Technology meet regularly with the Company’s President and with other members of senior management to review the current state of the cybersecurity program and emerging threats to the Company.

Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag]

true