Yesway Ltd GDPR & Privacy Policy Compliance
Privacy Policy for Yesway Ltd, and its associated trading names.
This Privacy Policy was last changed on 21st May 2018.
1
Who we are
Yesway Limited and its associated trading names* (“Yesway”), respect your privacy.
This policy sets out how we collect and use your personal information, why we use it, with whom we share it, the rights to which you may be entitled and your choices about our use of your personal information.
When you interact with Yesway Ltd*, you trust us with your information.
There are many ways this information can help us make our service better including remembering your details so it’s easier for you to use our services / website.
We respect your privacy and we value the trust you’ve placed in us by sharing your information.
This policy covers our use of your personal information arising from use of this website as well as registering / subscribing / using our services.
If you have any questions or need any further clarity please get in touch (see “
Contact Us or call: (01522) 740818 / email: GDPR_DC@yesway.co.uk”).
2
Your information
We will collect and use your personal information when you subscribe / register to use our products
and services on behalf of your business for the purposes set out in more detail in this section.
Your information may be shared with some third parties. Yesway Ltd does not provide your details to third
parties for any marketing or promotional purposes, except where you have given your consent.
What we (Yesway Ltd) collect & how we use it
1.
Information that you give us to sign up to us and to allow us to perform our services
Your contact details, including:
- your name
- email address
- telephone
- number
- company
We use this information, including to :
•Provide our products and services;
•Manage and administer our services;
•Take payment from or give you a refund;
•On board you as a client;
•Help us ensure that our customers are genuine and to prevent fraud.
2
Information about the way you use our services including:
•The services and products that we’ve provided or you’ve purchased;
•What you paid and how;
•Whether you’ve opened electronic communications from us;
•Whether you’ve clicked on links in electronic communications from us.
We use this information, including to:
•Develop new services;
•Improve our services;
•Identify products and marketing that may be of interest to you;
•Personalise our service of things you’re interested in and how you use our services;
•Statistical analysis and research.
3
Information when you communicate with us whether in person, through our website
We use this information, including to: What we collect, how we use it, or via email, over the phone, through social
media or via any other medium, including:
•Your contact details (this may include your social media account if that’s the way you communicate with us);
•The details of your communications with us;
•The details of our messages to you.
•Answer any issues or concerns;
•Monitor customer communications for quality and training purposes.
•Develop new services;
•Improve our services;
•Personalise our service;
4
Information that we collect through
your use of our websiteincluding:
•Date and time of requests;
•The requests you make;
•The pages you visit and search engine terms you use;
•IP address.
We use this information, including to:
•Provide our services;
•Develop new services;
•Improve our services;
•Identify issues with the website and user’s experience of it;
•Monitor the way our website is used.
5
Information
that we collect from third
party partners and corporate customers
which could include:
•Credit reference agencies;
•Payment processing companies;
•Your bank;
•Data brokers.We use this information, including to:
•Provide our services;
•Manage and administer our systems;
•Take payment from or give you a refund;
•Help us ensure that our customers
are genuine and to prevent fraud;
•Personalise our service;
•Statistical analysis and research
into our clients;
•Combine this information with other
types of information mentioned
above.
6
Information that we collect incidentally from
other sources or public sources,
including:
•Information presented on our social media timelines.We use this information,including to:
•Maintain market awareness;
•Build and maintain social media branding.
7
Information that we collect from
individuals representing organisations, including:
•Contact details of individuals working for organisations;
•Other personal information regarding such individuals.
We use this information, including to:
•Build relationships with other organisations.
Why we collect and how long we keep your information
We collect and use your information for a variety of reasons. We need some
information to enter into an agreement to perform our services for your business – for example contact and payment details.
Some information processing is required by law due to our anti-fraud screening obligations or in the public interest such as making sure we verify our customers’ identities.
Some information is processed because you’ve given your consent to that, which can be withdrawn.
Other information we collect because we have legitimate business interests, for example, in:
•Understanding how our customers use our products, services and website;
•Understanding and responding to customer feedback;
•Researching and analysing the services our customers want;
•Improving our services;
•Understanding the type of products and services our customers buy and how
they use them;
•Personalise our offers so we’re better able to provide offers and ideas that are relevant to you;
•Maintaining a public profile on both traditional and social media;
•Providing security over our business and who we trade with; or
•Developing and maintaining relationships with vendors, partners and other companies and dealing with individuals who work for them in our sector.
We will keep your information for as long as it is reasonably necessary. It will depend on factors such as whether you have any contractual agreements in place with us or have interacted with recent offers and services.
We will also routinely refresh our information to ensure we keep it up-to-date.
Automated decision making
We may make automated decisions on certain matters. For example, we may do this to decide whether we can provide our services to you based on a credit check.
This will be informed by credit scoring where we share your information with credit reference agencies and confirmation of your information (including by third parties).
Depending on the outcome of the credit check, a decision will
be reached automatically as to whether we are able to provide products or services to you based on your credit worthiness.
Submitting to a credit reference check may be necessary for us to offer you a product or service / necessary under applicable law.
If this information is not provided we may chose not to agree to provide a
product or service for you.
If you disagree with the decision you are entitled to contest this by contacting us (see “Contact Us”).
Legal requirements
We may need to collect certain types of information for compliance with legal requirements relating to our anti-fraud / anti-money laundering / know your customer obligations. If this information is not provided when required,
we cannot agree to provide a product or service for you.
Your personal information may also be processed if it is necessary on reasonable request by a law
enforcement or regulatory authority, body or agency or in
the defence of a legal claims.
We will not delete personal information if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.
Information we share
There are certain circumstances where we may transfer your personal data to employees, contractors and to other parties.
•We may share your information with certain contractors or service providers.
Our suppliers and service providers will be required to meet our standards on processing information and security. The information we provide them, including your information, will only be provided in
connection with the performance of their function.
•We may also share your information with certain third parties. We will do this either when we receive your consent or because we need them to see your information to provide products or services to you. These include credit reference agencies, anti-fraud databases, screening agencies and other partners we do business with.
Your personal information may be transferred to other third party organisations in certain scenarios:
•If we’re discussing selling or transferring part or all of our business –the information may be transferred to prospective purchasers under suitable terms as to confidentiality;
•If we are reorganised or sold, information may be transferred to a buyer who can continue to provide services to you;
•If we’re required to by law, or under any regulatory code or practice we follow, or if we are asked by any public or regulatory authority –for example the Police;
•If we are defending a legal claim your information may be transferred as required in connection with defending such claim.
Your personal data may be shared if it is made anonymous and aggregated, as in such circumstances the information will cease to be personal data.
Where your information will be held we store our information on
Yesway Ltd’s computer systems/servers
and in 3rd party systems as detailed on Yesway Ltd’s data protection policy.
Our Website server is located within the European Union / EEA, in the United Kingdom.
We will only transfer data to jurisdictions outside the scope of the European General Data Protection Regulation (GDPR) where the appropriate safeguards set out in the GDPR are in place.
3
Your rights
You have certain rights in relation to your information including a right to access or to correct the information we hold on you.
Other rights may be available in certain circumstances.
We’ve listed the rights you have over your information and how you can use them below.
These rights will only apply in certain circumstances. They will generally not be available if there are outstanding contracts between us, if we required by law to keep the information or if the information is relevant to a legal dispute.
•You can remove consent, where you have provided it, at any time.
•You can ask us to confirm if we are processing your information.
•You can ask for access to your information.
•You can ask to correct your information if it’s wrong.
•You can ask us to delete your information.
•You have the right to be forgotten and you can ask that our systems stop using your information.
•You can ask us to restrict how we use your information.
•You can ask us to help you move your information to other companies.
To help with that, you have a right to ask that we provide your information in an easily readable format to another company.
•You can ask us to stop using your personal information, but only in certain cases.
•You have the right to complain to the relevant supervisory authority. Changes to the policy.
This policy will be changed from time to time.
If we change anything important about this policy (the information we collect, how we use it or why) we will highlight those changes at the top of the policy and provide a prominent link to it for a
reasonable length of time following the change.
Cookies
We use cookies that identify your browser or device. They collect and store information when you visit our website about how you use it.
For more information about cookies, the types of cookies we use and how we use them please see
our Cookie Notice
.
Security
Yesway Ltd are committed to keeping your personal information safe. We’ve got physical, technical and administrative measures in place to prevent unauthorised access or use of your information. We use advanced computer software systems, hardened against hacking, and are constantly vigelant, with 24/7 monitoring byourselves and our technology partners (web hosts etc).
For any help and assistance relating to GDPR and your data privacy, please contact us on (01522) 740818, and ask for the data controller.
Yesway Ltd, May2018 (Rev: A).