Skip to content

Privacy Policy

The following privacy policy applies from the 09th May 2018

1. What do you do with my personal data?

We use your data to provide you, and other giffgaffers, great services. That includes doing things like:

  • Improving our products and services for you and other giffgaffers including managing the network to ensure everyone gets the best experience, performing market research to understand our members views and personalising our experiences to make our service more intuitive & engaging;
  • Providing you with the products and services you have selected, keeping you up-to-date and informed and responding to your enquiries such as notifying you when you are running low in your goodybag, confirming your payback rewards or highlighting giffgaff promotions and competitions we think you will be interested in;
  • Legal, regulatory or business reasons such as assisting with crime and fraud prevention, assessing credit risk when provisioning loans and ensuring we provide the products and services you have selected.
More info

We may use information about you to:

Improve our products and services

  • Enhance and personalise the products and services that we offer you and to develop new products and services;
  • Perform analysis and research and monitor usage behaviour;
  • Manage our network and your use of our network;
  • Aggregate information about you, your spending and your use of the services with information about other users of the services in order to identify trends;
  • Analyse information about you including your calling, searching, browsing and location data on a personalised or aggregated basis.

Provide you with services and information

  • Provide you with the products and services you have selected and to manage your account with us;
  • Provide you with access to parts of this site;
  • Contact you if necessary;
  • Tell you about any new services or functionality (eg: the introduction of a new messaging service);
  • Market our products and services to you;
  • Send you information about our products and services by email or other means if you have opted in to receiving relevant marketing communications;
  • Send you information about products and services offered by other companies that we think you might be interested in if you have opted in to receiving relevant marketing communications.

Satisfy our legal, regulatory and business requirements

  • Help us keep your account safe, eg: checking your identity;
  • Investigate any complaints or other enquiries that you raise;
  • Check whether you or members of your household qualify for credit (this may be because you and/or one of your family members has applied for a loan through giffgaff gameplan or you have chosen to purchase a device on giffgaff.com with a loan through giffgaff gameplan);
  • Assess credit risk, assess the provision of loans, debt tracing, debt recovery, credit management and crime, fraud and money laundering detection and prevention.

We may also disclose your personal information or information about your usage of our services to certain third parties. This data may identify you personally or may be included in aggregated and anonymised data (which means you will not be identified). These third parties may use this information:

  • To provide you with targeted giffgaff or third party offers, promotions, adverts or commercial communications if you have opted in to receiving relevant marketing communications;
  • To give them a better understanding of our business; and/or;
  • To provide you with products and services or to improve the products or services you are already receiving.

See “Who do you share my personal information with (and why)” for further details about the types of third parties your information may be disclosed to.

We are allowed to use your information in these ways because:

  1. We need it to provide you with products and services and to manage your account with us;
  2. We need to use some of your information to comply with legal and regulatory obligations (such as legal obligations to keep details of calls made by customers for a certain period of time);
  3. We have a legitimate business interest in some uses of your information (such as conducting market research); and/or;
  4. You may have given your consent to us to use your data for certain activities, eg: marketing communications.
Hide more info

[Top]

2. How long will you keep my personal data?

We keep information while you're our customer and after you've left us.

We use your information to provide you with the products and services you have selected and for a variety of other reasons.

For example, we might need to sort out disagreements, stop fraud and abuse, prove that you had an account with us or follow our legal obligations. Or the police may need it as evidence. We may also keep information about how you use our products or services.

In each case, the length of time that we need to keep the information may be different, but we will only keep the information for as long as we need it.

More info

We have a legal obligation to keep data about your communications (calls and texts) for 12 months. This includes the number calling, the number called and the time and duration of the call. We do not retain the content of the call or text. Law enforcement agencies are entitled to access this data in support of the investigation, detection and prosecution of serious crime.

Hide more info

[Top]

3. Who do you share my personal data with and why?

We will share your information in the following situations:

  • With partners, suppliers, agents and subcontractors who help us deliver the products and services you've chosen to use;
  • When you have provided your consent;
  • When we have legal or regulatory requirements such as a request from the competition authority, law enforcement agency or a credit reference agency.
More info

We may share your information:

  • With our current and prospective partners, agents and subcontractors (for example, advertisers and content providers) who are involved in delivering products or services used or ordered by you;
  • With other companies in the giffgaff group, including their respective partners, agents and sub-contractors;
  • With any relevant public authority or law enforcement agency;
  • With any debt collection agency or credit reference agency;
  • Where there is a change (or prospective change) in the ownership of giffgaff to new or prospective owners. In these circumstances we would require them to keep it confidential;
  • Where we (or an affiliate processing your data on our behalf) are required to do so by law, regulation or legal proceedings;
  • Where we believe it is necessary to protect giffgaff or third-party rights and property;
  • Where you give us false or inaccurate information and/or we identify or suspect fraud;
  • In response to a valid, legally compliant request by a competent authority;
  • During emergencies when we believe physical safety is at risk;
  • In response to a complaint that you have breached the services terms & conditions or any other product or service terms.
Hide more info

[Top]

4. What data do you hold about me? (and how do you get it?)

We collect information in three ways:

    1. Directly from you, such as information filled in within application or registration forms, surveys and community posts;
    2. From the products and services you use, such as the calls you make on the giffgaff network, your browsing history including the websites you visit and your location data;
    3. From 3rd parties, such as information from credit reference agencies and fraud protection agencies.
    More info

    We collect such information as:

    • Your contact information including name, address, email address and telephone number;
    • Your order history including top-ups and goodybag purchases;
    • Your payment details including debit or credit card details, banking details and Paypal details;
    • Your account settings including adult content, auto top-up and recurring goodybags;
    • Your Community interactions including posts and comments;
    • Your communications with us including requests and complaints;
    • Your activity/interactions on our website;
    • Your device location data and Internet Protocol (IP) address;
    • Your use of our services including but not limited to;
      • Phone numbers and/or email addresses of calls, texts, MMS, emails and other communications made and received by you and the date, duration, time and cost of such communications;
      • Usage data to check compliance with our fair usage policy;
      • Credit report information if you have taken up the credit check service through our website or applied for a loan through giffgaff gameplan;
      • Loan information and loan application data including employment details, relationship details and homeowner status if you have applied for a loan through giffgaff gameplan or you have chosen to purchase a device on giffgaff.com with a loan through giffgaff gameplan);
      • Bank transaction data if you have signed up to this service within giffgaff gameplan;
      • Product application data if you have accessed products through product comparison services via giffgaff gameplan.

    How we collect information:

    We collect information directly from you when you are asked to provide personal details about yourself, including but not limited to when you:

    • Purchase products or services from us;
    • Register to become a giffgaff customer;
    • Submit enquiries or comments to us or contact us;
    • Enter any promotions, competitions or prize draws via the services;
    • Join any of our schemes including our Participation scheme;
    • Use any giffgaff products and services (including where you participate in the giffgaff community by posting on our Blogs and Forums);
    • Take part in market research; and/or;
    • When you make changes to or terminate your account with us.

    We collect information about you indirectly:

    • When you use any giffgaff products and services, including but not limited to when you visit orbrowse this site or use our mobile network;
    • From third parties including but not limited to those who provide our financial services, take payments and manage product orders and dispatch;
    • We may also collect information about you from other sources, including but not limited to: credit reference agencies, fraud prevention agencies and business directories and other commercially or publicly available sources;
    • Our website uses a website recording service which records mouse clicks, mouse movements and page scrolling. Data collected by this service is used to improve our website usability. The information collected is stored and anonymised and then used for aggregated and statistical reporting. You will not be personally identified;
    • We use cookies and similar technologies to provide us with information about your usage of our website, to support our functionality and to give you the best possible on-line experience. Read our Cookie Policy to learn more.
    Hide more info

    [Top]

    5. What rights do I have?

    You have the following rights:

    • To be informed about how we use your personal data (the purpose of this Privacy policy);
    • To update your personal data. You can update or amend your information by visiting the My Details section of my giffgaff. For data not updateable through My giffgaff, you will need to contact us;
    • To ask us to delete your personal data. However, there may be circumstances where we are legally entitled to retain it;
    • To get a free copy of your personal data. A subset of your data (limited to data that you have provided to us) is available in a machine-readable format if required;
    • To object to the processing of your data and have it restricted. There may be circumstances where you ask us to restrict the processing of your information, but we are legally entitled to refuse that request;
    • To review some automated decision-making or profiling (automated processing to determine certain things about you);
    • The right to make a complaint to the Information Commissioner (www.ico.org.uk) if you think that any of your rights have been infringed by us.
    More info

    To exercise any of your rights, you will need to contact our member services team (on-line request forms for this will be available from the 25th May 2018). You will need to provide the following information so that we can verify your identity:

    • a colour copy of the account holder's passport, driving licence, birth certificate or utility bill;
    • SIM serial number (SSN) (if your request is related to your phone account).

    giffgaff are required to respond to your request within 1 month. Where requests are complex and excessive, giffgaff is permitted an additional 2 months to process your request. However, in these circumstances we would provide an update on your request within 1 month of receiving it.

    When requesting a copy of your personal data, you can also do this via post.

    giffgaff reserve the right to charge an admin fee or refuse a request where requests for data are clearly unreasonable or excessive, particularly if they are repetitive.

    Hide more info

    [Top]

    6. How do I change my marketing preferences?

    You can opt in and out of marketing communications at any time by changing your preferences within my giffgaff. You will be able to choose to receive marketing communications about the products and services you have chosen, all marketing communications from giffgaff or options from selected partners.

    You can also opt out of marketing communications by following unsubscribe links at the bottom of any marketing emails or text messages received from giffgaff.

    We will never give your personal data to a third party for marketing unless you have expressly given us your permission.

    [Top]

    7. How do you ensure my data is secure?

    giffgaff is committed to keeping your data secure. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure.

    More info

    Security of Communications
    Please be aware that communications over the Internet, such as e-mails and webmails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the World Wide Web/Internet. giffgaff cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

    giffgaff Blogs, Chat rooms and Forums
    You are reminded that chat rooms and opinion forums are for public discussion. Any personal information that you choose to supply when you participate in these discussions is widely accessible. Never reveal any personal information such as your telephone number, postal or email address when you participate in these discussions.

    Users 13 and under
    If you are aged 13 or under, please get your parent or guardian's permission before providing any personal information or before taking part in any www.giffgaff.com discussion. Users without this consent are not allowed to provide us with personal information.

    Co-Branded Micro Sites and Third Party Sites
    Some web pages and Micro Websites included within giffgaff's websites may be co-branded with third party names, logos, or properties. These Micro Websites are operated or maintained by or on behalf of giffgaff. While such third parties are sponsors of these web pages or Micro Websites, the third parties do not share in any personally identifiable information collected within those web pages or Micro Websites unless otherwise stated.

    This policy does not apply to third party sites that you may access via our Portals. You should therefore ensure that you are familiar with the applicable third-party privacy policy before entering any personal information on a third party site.

    This policy does not apply to third party sites operated by those promoting giffgaff, including Super Recruiters. Whilst giffgaff provides guidance to Super Recruiters in respect of their use and protection of personal data, giffgaff requires such third party sites to maintain a privacy policy. You should, therefore, review relevant policies to learn about how your personal data will be treated.

    Non-EEA Use of Information
    The information you provide to us may be passed to third parties located outside the European Economic Area. Countries outside the European Economic Area do not always have strong data protection laws. However, we will always take steps to ensure that your information is used by third parties in accordance with this policy. This can be done in a number of different ways, for instance:

      • The country that we send the data to might be approved by the European Commission;
      • The recipient company might have signed up to a contract obliging them to protect your information; or;
      • The recipient is located in the US and is a certified member of the EU-US Privacy Shield scheme.

    In other circumstances the law may permit us to otherwise transfer your information outside the EEA. In all cases, however, we will ensure that any transfer of your information is compliant with data protection law.

    Hide more info

    [Top]

    8. What else can I do to ensure my data is secure?

    Along with a section on Privacy, Get Safe Online has plenty of other good advice about protecting yourself online

    [Top]

    9. How can I contact you?

    If you would like more information or would like to raise any queries with us in relation to your information, you can contact us by writing to the Data Protection Officer at:

    Data Protection Officer
    giffgaff Ltd
    Belmont House
    Belmont Road
    Uxbridge
    UB8 1HE

    [Top]

    10. Changes to this Privacy policy

    We will check this policy from time to time and post any changes here.

    We may also let you know about these changes by email, voicemail, text or media message or via a national advertising campaign.

    [Top]

    11. Resolving Privacy Issues

    We will always try our best to resolve any data privacy issue you may have. You have the right to refer any data privacy issue to the Information Commissioner's Office at any time.

    [Top]

    1. About this Privacy Policy

    This privacy policy explains how we will use the personal data that you provide to us when you register to use the gameplan website or mobile application services in accordance with the applicable Terms and Conditions relating to those services, available here (the "Services"). It also explains how we use the personal data that we have obtained about you through your use of the Services. The personal data that we collect about you is referred to in this policy as your "information". Please read this statement carefully.

    References to our "Website" is to https://www.giffgaff.com/gameplan/ and references to the "App" is to the giffgaff gameplan mobile application.

    During your use of the Services, you will be able to access other services offered by us or our partners. Where you access these other services, the privacy policy relating to that service will apply (this may be the privacy policy of one of our third party partners). Additional terms and conditions may be presented when signing up for specific products and services.

    [Top]

    2. About us and how to contact us

    The data controller in respect of your personal data is giffgaff Limited. Our registered address is 260 Bath Road, Slough SL1 4DX and Company Number is 04196996. In this Privacy Policy, "we", "us" and "our" refers to giffgaff or giffgaff gameplan, and "you" and "your" refers to the giffgaff member who is accessing the Service.

    If you have any queries about the use of your information, you can contact our Data Protection Officer at:

    Data Protection Officer, giffgaff, Belmont House, Belmont Road, Uxbridge UB8 1HB.

    [Top]

    3. Information we collect about you

    We use your information to provide you with great products and services and to improve our existing offering. We also use your information to ensure everyone gets the best experience, by understanding our members views and personalising our experiences to make our products and service more intuitive and engaging. More detail around the purpose of our collecting your information can be found in section 4. below.

    The categories of information that we may collect about you are as follows:

    • Information that you authorise your bank to share with us: bank account number and sort code, your account balance, your bank account transactions (incoming and outgoing);
    • Information you give to us: name, e-mail address, address, telephone number, date of birth, information you provide to us about your goal on the Website or in the App, information you provide us through our comparison services accessible through the Website or the App including (but not limited to) loans, credit cards, energy and car insurance;
    • Information we collect about you:information collected during your use of the Services including your location, phone numbers, e-mail addresses and other communications made and received by you and the date, duration, time and cost of such communications. Technical information, including the type of device you use, a unique device identifier (for example, your device's IMEI number, internet protocol address, the MAC address of the device's wireless network interface, or the mobile phone number used by the device if you access the Services on a mobile phone), mobile network information, your operating system, the type of browser you use and the time zone setting. Details of your use of the App and Website including your searching history, browsing history (including the websites you visit), traffic data, weblogs and other communication data. We collect some of this information using cookies – please see our Cookie Policy for further information about our use of cookies and your choices about them. We also use Google Analytics to collect some of this information about you; for more information about Google Analytics, please refer to Google’s privacy policy here.
    • Information from third party sources: information you provide to our third party comparison service providers that are accessible through the Website or the App including loans, credit cards, energy and car insurance. Online advertisers or third parties share information with us to measure or improve the performance of ads on our Website or App, or to determine what kinds of ads to show you. This includes information about your visits to an advertiser’s site or purchases you made from them, or information about your interests from a third-party service, which we might use to help show you ads.

    If you fail to provide us with the mandatory information that we request from you, you will not be able to sign up to the Services.

    If your information changes at any time whilst you are using the Services, you must update it by logging into your giffgaff account and making the necessary changes.

    [Top]

    4. Use of your information

    As a general rule, we use your information so that we can better understand our members which enables us to provide you and other members with a better experience and better services. We use your information for the purposes set out below, which are categorised by the legal bases applicable to the purposes described:

    • It is necessary for the performance of the contract with you or to take steps to enter into it. This includes verifying your identity, administering the agreement between us in accordance with our Terms and Conditions, to provide you with the Services, including analysing and reporting on your account and transaction data that we obtain from your bank, managing your account, communicating with you (for example, sending you important service related messages), providing updates on the status of your account (for example, we may contact you to ask you to refresh your consent for us to access your bank account information when your current consent is due to expire or we may notify you to warn you that your giffgaff account will be closed due to non-use), dealing with any complaints and notifying you of any changes to this statement or our Terms and Conditions.

      To provide you with the Service, we use analytics to personalise your member account based on your past bank transaction history. As a result, we’ll make assumptions about what we believe to be your representative monthly income, your regular transactions and your typical variable monthly spend (broken down into a number of categories).

    • It is necessary for our legitimate interests or that of a third party. This includes:
      • verification of your identity by your bank to enable your bank to authenticate the connection between us and your bank account;
      • analysis of information about you including your calling, searching, browsing and location data on a personalised or aggregated basis to inform our marketing strategy and to enhance and personalise your experience;
      • verifying the accuracy of data that we hold about you and create a better understanding of you as a member;
      • aggregating information about you, your spending and your use of the Services with information about other users of the Services in order to identify trends ("Aggregated Data"). Aggregated Data will not contain information from which you may be personally identified;
      • analysis of your open banking data in order to improve our credit checking processes;
      • for statistical, analysis and system testing (including monitoring usage behaviour) in order to understand your needs and provide a better service to you, and to help us develop and improve our products and services;
      • network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
      • to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
      • to assess and improve our service to members through recordings of any calls with our contact centres;
      • contacting you to ask you to participate in customer satisfaction surveys and market research (by email, letter, SMS or phone) and to undertake and analyse those surveys and research, this is to allow us to benchmark our services and evaluate new and existing products and services; and
      • management of queries, complaints, or claims.
    • It is necessary for compliance with a legal obligation. This includes when you exercise your legal rights under data protection law, to verify your identity, for the establishment and defence of our legal rights, for activities relating to the prevention, detection and investigation of crime, and for compliance with our legal and regulatory responsibilities.

    • You have given us your consent to:

      • contact you via email or text or “push” notification with marketing information about our goods and services, promotions and offers;
      • show you adverts that you might be interested in. We use cookies to identify your interests, which helps us to customise your member experience; and
      • share your information with our recommended third party partners for them to contact you with marketing information about their products and services.

      You may withdraw your consent for us or any authorised third parties to use your information for marketing purposes at any time. Please see 'Marketing' below for further information on how to unsubscribe.

    If you use any of our other services, we may associate any category of information with any other category of information that we hold about you and will treat the combined information as personal data in accordance with this Privacy Policy, and our any of our other privacy policies applicable to the particular service for which we hold your information, for as long as it is combined.

    In relation to our obligations under the Payment Services Directive (2015/2366) (PSD II), we will not:

    • access any information about you other than information from your designated payment accounts for which you have given us your consent to access, and associated payment transactions;
    • request from your bank any sensitive payment data linked to your designated payment accounts that we have access to; or
    • use, access or store any information for any purpose except for the provision of the account information service explicitly requested by you.

    You may cancel your access to any of the Services if you no longer wish to receive them. You can do this by contacting your bank and asking them to revoke our access, or by clicking the “remove my account” button which appears throughout your use of the Services.

    [Top]

    5. Disclosure to and use by third parties

    We may disclose your information to the following third parties:

    • Other companies in the giffgaff group, including their respective partners, agents and subcontractors.
    • Our third party partners who are in involved in the delivery of the Services, including comparison services. In some cases, these third parties may act as the controller of your information and, if this is the case, we recommend that you read the privacy policy of the relevant third party, which will apply to the processing of your information.
    • Third parties acting on our behalf in the delivery of the Services, including TrueLayer (please see TrueLayer Privacy Policy here and our Terms and Conditions for more information), back-up and server hosting providers, IT software and maintenance providers and their agents and third parties that provide communication fulfilment services.
    • Third parties from whom you have opted in to receive marketing communications.
    • Online advertisers and third party companies that we or they use to audit or improve the delivery and performance of ads or content on websites and apps (for example, through Google Analytics).
    • To any competent authority or law enforcement agency where we are required to disclose your information by law or in order to detect, investigate and prevent crime (we or any fraud prevention agency may pass your information to law enforcement agencies).
    • Courts in the United Kingdom or abroad or other relevant third parties as necessary to comply with a legal requirement, for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations.
    • Market research organisations engaged by us to undertake customer satisfaction surveys and market research.
    • Any third party who is restructuring, selling or acquiring some or all of our business or assets or otherwise in the event of a merger, re-organisation or similar event.

    We may pass Aggregated Data to third parties, such as advertisers, content providers and business partners or prospective business partners, to give them a better understanding of our business and to bring you a better service. Aggregated Data will not contain information from which you may be personally identified.

    Please remember that, if you access any of our other services through the App or Website, your data will be used in the ways set out in the privacy policies relevant to that service. This may include disclosing your data to third parties not listed above. Please refer to the relevant privacy policy for more information about how your information is used for that particular service.

    [Top]

    6. Data anonymisation and use of aggregated information

    Your information may be converted into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from it. Aggregated data cannot be linked back to you as a natural person. It might be used to conduct research and analysis, including to produce statistical research and reports. This aggregated data may be shared in several ways, including with our group companies.

    [Top]

    7. Retention of your information

    If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not retain personal information in an identifiable format for longer than is necessary.

    We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date it is no longer needed by us for any of the purposes listed under section 4 “Use of your information”.

    The only exceptions to this are where:

    • the law requires us to hold your personal information for a longer period, or delete it sooner
    • you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Erasing your personal information or restricting its processing)
    • in limited cases, the law permits us to keep your personal information indefinitely provided we put certain protections in place.

    In relation to your bank account information, this is only retained by us in limited circumstances:

    • If you do not renew your consent and you do not revoke it, your consent will have lapsed. In this instance we will retain your bank account information for a period of 9 months after your consent has lapsed, before your bank account information will be immediately and permanently removed from our systems or anonymised (in the event you do not renew your consent before the end of this nine month period).
    • If you revoke your consent/remove your bank account on a given date (see final paragraph of section 4), we will not retain your bank account information for any longer than the given date (i.e. your bank account information will be immediately and permanently removed from our systems at the point of your revocation).
    • Provided you continue to renew your consent we will retain your bank account information for a period of 7 years, so for example, if you have continued to provide consent for a seamless period of 8 years, we will only retain your bank account information for the last 7 of those 8 years.

    [Top]

    8. Transfers to third countries/where we store your information

    We store your information on servers located within the European Economic Area (EEA).

    Your information may be transferred to a country outside of the EEA by us or any of the third parties referred to above. Where adequate protections for your information do not exist under the applicable laws of that third country, we (or the party transferring your information) will take necessary steps to ensure that appropriate safeguards are put in place to maintain the same levels of protection as are needed under UK data protection legislation. Safeguards include imposing contractual obligations on the recipient of your information or subscription to ‘international frameworks’ that ensure adequate protection. Please contact our DPO for more information about the protections that are in place.

    If you use our Services whilst you are outside of the EEA, your information may be transferred outside of the EEA in order to provide you with the Services.

    Please note that, as we use Google Analytics, Google may transfer your information outside of the EEA and we recommend that you read Google’s privacy notice for further information. Google is registered with the Privacy Shield for transfers of personal data to the US.

    [Top]

    9. Security

    Where you have chosen a password that enables you to access the Services on our App and/or Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

    Unfortunately, the transmission of information via the internet is not completely secure. We will put in place reasonable and appropriate controls to ensure that your information remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.

    Our Website may contain links to other websites run by other organisations. This Privacy Policy does not apply to those other websites and apps‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites and apps even if you access them using links that we provide. In addition, if you linked to our Website from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.

    [Top]

    10. Marketing

    When registering to receive the Services, we will ask you if you would like to give your consent to receive marketing information directly from us, and/or the third parties notified to you at the time of asking, for marketing purposes including, amongst other things, to identify and offer you further products, services and offers which we think might interest you.

    We will only share your personal information with our recommended third party partners for them to contact you with marketing information about their products and services where you have indicated that you would like us to do so. Please use the link on the page requesting your consent to marketing to find out more about these third parties. Once shared, the relevant third party’s privacy policy will apply to their processing of your personal information, not ours. If you’d like to opt-out of receiving marketing from a third party after giving your consent, you can do so at any time by contacting the relevant third party directly.

    You have the right to opt-out of our use of your personal information to send marketing to you. To withdraw your consent, please update your contact permissions in the “My Profile and Settings” section on your member dashboard. For e-mail marketing, you can click on the unsubscribe link in the relevant e-mail, and for push notifications sent to you via the App, you can switch these off by changing the settings on your mobile device. From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you consent to continue receiving marketing information from us.

    [Top]

    11. Your rights

    Under data protection law, you have rights in respect of the personal information relating to you. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within one month from either (i) the date that we have confirmed your identity or (ii) where we do not need to do this because we already have this information, from the date we received your request. You have the following rights:

    • to be informed about the processing of your information (this is what this statement sets out to do);
    • to have your information corrected if it’s inaccurate and to have incomplete information completed – you can update your details at any time by logging into your account;
    • to object to processing of your information where we rely on legitimate interests to process it (see 'Use of your information' above) or where we are using it for direct marketing purposes;
    • to restrict processing of your information in certain circumstances including where you contest the accuracy of it, you have objected to it and we are assessing whether we can continue processing it for our legitimate interest or we no longer need your information but you ask us to keep it to establish, exercise or defend a legal claim;
    • to have your information erased in certain circumstances including where it is no longer necessary for our purposes, you withdraw your consent or you object to the processing and we have no overriding legitimate interest to continue using it;
    • to withdraw your consent to our processing of your personal data where we’ve relied on your consent;
    • to request access to your information and information about how we process it;
    • to move, copy or transfer your information ("data portability") in certain circumstances and where feasible; and
    • rights relating to automated decision making, including profiling.

    The way we process your information and the legal basis on which we rely on to process your information may affect the extent to which these rights apply. If you would like to discuss or exercise any of these rights, please contact our DPO on the details provided at the beginning of this policy.

    You have the right to lodge a complaint with the Information Commissioner’s Office where your information has or is being used in a way that you believe does not comply with data protection laws. We encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have. You can also contact our DPO with any data protection concerns.

    [Top]

    12. Changes to Privacy Policy

    Any changes we may make to our Privacy Policy in the future will be uploaded to this page and, where appropriate, notified to you by e-mail. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the Website and App. Any changes will take effect on the effective date as set out in the modified terms.

    [Top]