https://giftsvouchers.co.uk (the “website”) is owned by Redu Group Limited.
Our registered address is:
Redu Group Limited, 2 Lighthouse View, Spectrum Business Park, Seaham, SR7 7PR
Our company number is: 08931545.
Redu Group Limited is the data controller and responsible for your personal data.
PURPOSE OF THE PROCESSING AND THE LEGAL BASIS FOR THE PROCESSING
Redu Group Ltd will only use your personal data where the law allows us to. Most commonly we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you;
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
- Where we need to comply with a legal obligation.
LEGITIMATE INTERESTS OF REDU GROUP LTD OR THIRD PARTIES
Redu Group Ltd have a legitimate interest in processing the personal data which is provided by customers at the point of sale for marketing purposes.
We may also use your personal data for other specific legitimate purposes such as:
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have either explicitly consented to.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To notify you about changes to our service.
We may also use your data, or permit selected third parties, such as but not limited to; participating retailers or Tillo to use your data to provide you with services and information about goods which may be of interest to you and we may contact you about these by post or telephone. We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
We do not sell, rent or lease customer lists to third parties. We may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party. In addition, we may share data with trusted partners to help us perform affiliate marketing, statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal data except to provide these services to us, and they are required to maintain the confidentiality of your personal data.
If you are an existing customer, we will only contact you by electronic means (e-mail, SMS, Push, Phone) or post with information about goods and services similar to those which were the subject of your original consent if you have consented to receive such marketing or you have entered into a contract with us or purchased from us and have not opted out of receiving marketing.
If you are a new customer, and where we permit selected third parties, such as participating participating retailers, or Tillo, to use your personal data, we (or they) will contact you by electronic means only if you have consented to this.
DATA WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information that you provide by filling in forms on our site www.giftsvouchers.co.uk
- User name and password – If we collect a user name and
password, this is so we can keep your personal data secure and so that we can have your information to hand each
time you visit us.
- Name, address and postcode – Without this we won’t
know where to send your order or to whom, we also use postcodes to quickly get your full address to save you
typing it out and in some cases to identify whether we deliver or offer services in your area. If you have
location services enabled on your smart device we may also use this to recommend restaurants / applicable
services in within the area you are in.
- Email address – We send confirmation of your orders
via email and will send you informational messages as well as offers which may interest you.
- Telephone numbers – If there are any problems with
your order or we need to check anything, we need to be able to contact you quickly.
- Date of Birth – We may request this to verify your
- If you contact us, we may keep a record of that
- We may also ask you to complete surveys that we use
for research purposes, although you do not have to respond to them.
- Details of your visits to our site and the resources
that you access.
- App usage data – including location
Where we need to collect personal data by law, or under the terms of a contract with you, and you fail to provide the data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example to provide you with products or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case.
We do not collect Special Categories of personal data about you (this includes details about your race, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect information about criminal convictions and offences.
DATA WE MAY SHARE
Redu Group Ltd are required to share the personal data provided by its customers to third parties in order to fulfil contractual obligations. The following are categories of recipients that customer information could be shared with:
- Data Centres – This is so we can store your data securely
- Fulfilment Houses – To allow us to fulfil and send you a physical card if you have ordered one.
- External IT Providers – To provide disaster recovery and back up services
- Payment Providers – To process your payment securely
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.
All information you provide to us is stored on our secure servers. Any payment transactions are encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Unfortunately, the transmission of information and personal data via the internet is not completely secure.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access. We may disclose your personal data to any member of our group (Redu Group Ltd), which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. We will not disclose your personal data to any of the relevant third parties listed above in this section for marketing purposes. Our Data Protection Officer can provide you with contact details of our third parties upon request if required. You are able to do this by emailing our Data Protection Officer at [email protected]
Redu Group Ltd retain all customer personal data for 5 years after they last interacted with us. Where there has been a period of 5 years after the end of membership and where has been no interaction between the organisation and the customer within this time, their personal data is erased and securely disposed of. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.
In some circumstances we will anonymise your personal data (so it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without notice to you.
RIGHTS OF DATA SUBJECTS
You have the right to make a Subject Access Request to Redu Group Ltd’s Data Protection Officer in the event that you wish to determine what personal data we hold about you. We welcome these requests and aim to respond within 72 working hours of receipt. Occasionally it could take us longer than 72 hours if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You will not have to pay a fee to access your personal data (or to exercise any other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
You have the right to request your data to be erased. This can be done by contacting [email protected] Please bear in mind this is not an absolute right and there maybe instances where we cannot completely erase your data (e.g. when the personal data is required for the exercise of legal claims or to comply with any legal obligation placed upon us), if an exception does come up this will be discussed with you when you make the request.
You have the right to rectification. If you notice that any of your details are incorrect please contact the customer service team who will be more than happy to rectify this. We will also send transactional reminders to request that you notify us of any changes to your personal data so that we can keep your data up to date.
You have the right to portability. This is where you would like to transfer your data to another organisation. To request this, please contact [email protected] We will provide this within a structured CSV file for you to provide to a third party.
You also have a right to lodge a complaint with the Supervisory Authority (Information Commissioners Office in the UK), should you feel that we have not handled your personal data in line with legislative and regulatory requirements (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of the other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to your request to speed up our response.
We do not transfer your personal data outside of the European Economic Area.