Our website address is: https://www.bringmedrink.co.uk.
We are committed to protecting and respecting your privacy.
Everyone has rights with regard to the way in which their personal information is handled. During the course of our activities we will collect, store and process personal information about our customers, suppliers and other third parties, and we recognise that the correct and lawful treatment of this data will maintain confidence in the organisation and will provide for successful business operations.
This policy sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it. For the purpose of UK data protection laws, the data controller is Hyperama Cash and Carry Division Ltd, Bull Close Road, Lenton Industrial Estate, Nottingham, NG7 2UT.
Data Collection Principles
When processing your information, we must comply with the six enforceable principles of good practice. These provide that your personal information must be:
- processed lawfully, fairly and in a transparent manner,
- processed for specified, explicit and legitimate purposes,
- adequate, relevant and limited to what is necessary,
- accurate and kept up-to-date,
- kept for no longer than is necessary, and
- processed in a manner than ensures appropriate security.
Information you give us
We may collect, use, store and transfer different kinds of personal information about you, including:
- Identity Data, such as your name, title and date of birth,
- Account Identity Data, such as your email address and your password,
- Contact Data, such as your billing address, delivery address, email address and telephone numbers,
- Financial Data, such as bank account and payment card details,
- Transaction Data, including details about payments to and from you, and other details of products you purchase from us,
- Technical Data, including IP addresses, your log-in data, browser type and version, time-zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website,
- Profile Data, including purchases or orders made by you, feedback and survey responses,
- Usage Data, including information about how you use our website, products and services, and
- Marketing Data, such as your preferences in receiving marketing from us and our third parties, and your communication preferences.
Special Category Data
Information relating to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, criminal convictions, sex life or sexual orientation, or certain types of genetic or biometric data is known as ‘special category’ data.
During the course of dealing with you, we do not expect to collect any ‘special category’ data about you.
How we Collect your Personal Information
We may obtain personal information by directly interacting with you, such as:
- Placing orders for products via our website,
- Creating an account on our website,
- Browsing our website while logged into your account
- Entering a competition, promotion or survey organised by us, or otherwise providing us with feedback,
- Subscribing to our publications, or otherwise requesting marketing material to be sent to you, or
- Corresponding with us by phone, email, letters or otherwise
We may obtain personal information via automated technology when you interact with our website by using cookies, server logs and other similar technologies.
We may also collect personal information about you from third parties or publicly-available sources, such as:
- Analytics providers (such as Google),
- Credit reference and fraud prevention agencies,
- Providers of technical, payment and delivery services,
- Companies House, LinkedIn and the electoral register.
How We Use Your Personal Information
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
- you have given us consent
- we need to perform a contract we are about to enter into, or have entered into, with you,
- where it is necessary for our or a third party’s legitimate interests, and your interests and rights do not override those interests, or
- where we need to comply with a legal or regulatory obligation.
We do not use ‘special category’ information.
Purposes for which we will use your Personal Information
|Purposes for which we will use the information you give to us||Legal Basis|
|To register you as a new customer||It will be necessary for the performance of the contract between you and us|
|To process your order and, if accepted, to deliver the products to you (including managing payments, fees and charges)||It will be necessary for the performance of the contract between you and us|
|To manage your queries or complaints||It will be necessary for the performance of the contract between you and us|
|To collect and recover money owed to us||It will be necessary for our legitimate business interests, namely to ensure we receive payment for products and services that you have ordered from us|
|To enable you to participate in a prize draw, competition or complete a survey.||It will be necessary for our legitimate business interests, namely to study how customers use our products, to develop them and help grow our business.|
|To create customer profile types that are used to help identify new customers from other sources. These profiles DO NOT contain personal data.||This will be done after you give your consent for us to do. |
Your consent can be withdrawn by changing your preferences using the My Account functionality on our website.
|To provide you with information about special offers and other products we sell that are similar to those that you have already received from us (which may include some ‘profiling’ to ensure you only receive information that we believe is relevant to you).||Where you have previously received marketing communications from us, then it will be necessary for our legitimate business interests, namely to ensure you continue to receive communications that you have previously agreed to receive. |
In all other cases, we will only do this if you give us your consent
|To prevent customers from trading with BringmeDrink who have been abusive or who have abused or misused the products and/or services that we supply.||It will be necessary for our legitimate business interests, namely to prevent the misuse of our products or services|
|To prevent customers from trading with BringMeDrink who have been fraudulent and to pass their details on the relevant legal/regulatory organisation.||It will be necessary in the public interest to help prevent fraudulent or dishonest behaviour.|
|To notify you when you have products in your basket that have not been through the ordering process.||It will be necessary for our legitimate business interests, namely to ensure we provide the quality of service you expect from us|
|Where goods and/or services are being provided to BringMeDrink.|
To have a contractual relation with you to supply goods and/or service.
|It will be necessary for our legitimate business interests, in order to fulfil our contractual obligations.|
|To contact you to undertake customer satisfaction surveys, invite you to provide product reviews or for market research.||It will be necessary for our legitimate business interests, namely to develop products, services, applications and designs that attract and retain customers, improving customer interaction with our sites.|
We will only use your personal information for the purpose(s) for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
What if you cannot or will not provide us with your personal information
It is a contractual requirement for you to provide us with certain information, namely your name, delivery address, phone number and email address. During the ordering process you will be required to provide payment information to our chosen payment service provider. We do not hold any of your bank or credit/payment card details. If you do not provide us or payment service provider with that information, we may be unable to accept and process your order and deliver the products to you, and/or we may have to cancel your order. You may also be liable to pay additional costs.
Our website uses encrypted cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
|Strictly necessary cookies||These are cookies that are required for the operation of our website. These include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of billing services.||Website cookies|
|Analytical / performance cookies||They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to identify issues with our site and improve the way our website works.||Google Analytics|
|Functionality cookies||These are used to recognise you when you return to our website. This enables us to personalise our content to you, greet you by name and remember your preferences (for example, your choice of language or region).||Site User Cookies|
|Targeting cookies||These cookies record your visit to our website, the pages you have visited and the links you’ve followed. We’ll use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.||Google Adwords, Facebook, Instagram, Twitter|
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website
We currently have an “implied consent” policy in place. This means that we’ll assume by your continued use of our website that you are happy for us to use the cookies listed above unless you take certain steps to opt out of using the same. You have the ability to accept or decline cookies by modifying the settings in your browser. The majority of browsers will allow the user to alter the settings used for cookies. The help menu on your browser will have further details. You may also notice that some cookies that are not related to BringMeDrink, and are in fact third party cookies. As we are unable to control these cookies, we would encourage you to look at the third-party’s website for more information about their cookies. Further information on how to change your browser settings can also be found by visiting aboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit tools.google.com/dlpage/gaoptout.
Disclosure of your Information
We may share your personal data with trusted third parties. For example, to delivery your orders, to handle complaints, for fraud management, to help us personalise our offers to you and so on.
This is the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- We require all third parties to respect the security of your personal information and to treat it in accordance with the law.
- We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Third parties we work with are:
|Courier Services||Delivery of your orders, including proof of delivery and tracking information.|
|Data Insight||Behavioural analysis that allows us to personalise your experience and the information we provide to you. We use Google Analytics.|
|Email Services||How we manage our electronic communication with you. This is done either directly from the website or via a 3rd Party E-Mail Platform such as MailChimp.|
|Fraud Services and |
|We may use a combination of Experian, DWP, Citizens Advice Bureau and the Police when fulfilling our ‘public interest’ and legal responsibilities to prevent fraud and dishonest behaviour. We may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.|
|IT Services||We use a number of partners to support our website and other business systems but only share your information with Google.|
|Legal Services||When necessary we will enlist Solicitors for resolution of legal matters.|
|Mailing Services||Addressing of printed material will be provided by Royal Mail and delivered by Royal Mail.|
|Payment Services||During the payment process you will be directed to the Stripe Payment Gateway.|
|Market Research Services||Should you wish to comment on our products or services we may provide a third party service such as FEEFO for this purpose.|
|Social Media||So we can show you products that might interest you while you are browsing the internet, we use the services of Google, Facebook, Twitter and Instagram.|
|Law enforcement||We may be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.|
|Regulatory bodies||When appropriate your personal information may be shared with HM Revenue & Customs, the UK Information Commissioner’s Office, regulators and other authorities who require reporting of processing activities in certain circumstances.|
|Affiliate Partners||So we can confirm your purchase to your chosen affiliate and ensure you receive your cashback or they can receive their commission, we use AWIN (who in turn may use other affiliate partners).|
We may also disclose your information to third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this policy.
Where we store your Personal Information
All information you provide to us is stored on our secure servers in the United Kingdom.
We will take all steps reasonably necessary to ensure that your data is treated securely, including a formal review of the security provisions of 3rd party Data Controllers we use, including taking the following safeguards:
- Network security. We deploy security and monitoring tools that restrict access and alert us to any unauthorised behaviour on our network and systems.
- Data Transfers. All data transfers are carried out using multi-layered security measures to ensure data integrity and privacy.
- Firewalls and encryption. We apply industry-standard firewall protection and use up to date, not compromised, encryption technology.
- Auditing and Testing. We carry out regular penetration testing and employ ethical hackers to ensure our infrastructure is secure and any intrusion would be quickly detected.
- PCI DSS standards. We comply with the Payment Card Industry Data Security Standards in relation to debit/credit card payments made on our website.
- Building entry controls. Our premises and those of the 3rd parties we use are access controlled and monitored always, with on-site security and CCTV traceability.
- Secure lockable desks and cupboards. Desks and cupboards are kept locked when not in use if they hold confidential information of any kind.
- Methods of disposal. Paper documents are disposed of by shredding in a manner that ensures confidentiality.
- Access and control. We maintain strictly controlled access to systems and data based on the authorised roles of staff.
- Training. We ensure our employees are trained in the importance of data security.
- Overseas transfers. Whenever we transfer your personal information outside the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring that we apply appropriate safeguards (either by transferring data only to recipients in the European Union, to recipients in countries approved by the European Commission, to recipients that are party to the EU-US Privacy Shield, or by using specific contracts approved by the European Commission).
If you are concerned about the levels of data security in any of those countries, please let us know and we will endeavour to advise what steps will be taken to protect your data when stored overseas.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long we will store your Personal Information
The length of time that we will store your data will depend on the ‘legal basis’ for why we are using that data, as follows:
|Legal Basis||Length of Time|
|Where we use/store your data because it is necessary for the performance of the contract between you and us.||We will use/store your data for as long as it is necessary for the performance of the contract between you and us.|
|Where we use/store your data because it is necessary for us to comply with a legal obligation to which we are subject||We will use/store your data for as long as it is necessary for us to comply with our legal obligations|
|Where we use/store your data because it is in the public interest||We will use/store your data for as long as it remains a matter of public interest for us to do so. The law sets out what matters are considered to be in the public interest, and we will use/store your data in accordance with those requirements|
|Where we use/store your data because it is necessary for our legitimate business interests||We will use/store your data until you ask us to stop. However, if we can demonstrate the reason why we are using/storing your data overrides your interests, rights and freedoms, then we will continue to use and store your data for as long as it is necessary for the performance of the contract between you and us (or, if earlier, we no longer have a legitimate interest in using/storing your data)|
|Where we use/store your data because you have given us your specific, informed and unambiguous consent||We will use/store your data until you ask us to stop|
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitive of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
You have various legal rights in relation to the information you give us, or which we collect about you, as follows:
- You have a right to access the information we hold about you free-of-charge, together with various information about why and how we are using your information, to whom we may have disclosed that information, from where we originally obtained the information and for how long we will use your information.
- You have the right to ask us to rectify any information we hold about you that is inaccurate or incomplete.
- You have the right to ask us to erase the information we hold about you (the ‘right to be forgotten’). Please note that this right can only be exercised in certain circumstances and, if you ask us to erase your information and we are unable to do so, we will explain why not.
- You have the right to ask us to stop using your information where: (i) the information we hold about you is inaccurate; (ii) we are unlawfully using your information; (iii) we no longer need to use the information; or (iv) we do not have a legitimate reason to use the information. Please note that we may continue to store your information, or use your information for the purpose of legal proceedings or for protecting the rights of any other person.
- You have the right to ask us to transmit the information we hold about you to another person or company in a structured, commonly-used and machine-readable format. Please note that this right can only be exercised in certain circumstances and, if you ask us to transmit your information and we are unable to do so, we will explain why not.
- Where we use/store your information because it is necessary for our legitimate business interests, you have the right to object to us using/storing your information. We will stop using/storing your information unless we can demonstrate why we believe we have a legitimate business interest which overrides your interests, rights and freedoms.
- Where we use/store your data because you have given us your specific, informed and unambiguous consent, you have the right to withdraw your consent at any time.
- You have the right to object to us using/storing your information for direct marketing purposes.
If you wish to exercise any of your legal rights, please contact our customer services team by writing to the address at the top of this policy, or by emailing us at firstname.lastname@example.org.
You also have the right, at any time, to lodge a complaint with the UK Information Commissioner’s Office if you believe we are not complying with the laws and regulations relating to the use/storage of the information you give us, or that we collect about you.
Opting Out of Receiving Marketing Communication
You can ask us to stop sending you marketing communications at any time by:
- Using the unsubscribe link in our emails.
- My Account holders can update their preferences on the website.
- Contacting our customer services team by:
- Writing to us
- Phoning us
- Emailing us at email@example.com
Automated Decision Making
We may undertake ‘profiling’ to ensure you only receive information that we believe is relevant to you (for example, where we had a special offer that was relevant only to young adults under the age of 25, we would profile those of our customers to whom we can legitimately send marketing emails to ensure that the marketing email is sent only to appropriate recipients).
We may undertake credit reference checks with Credit reference agencies where applicable.
Otherwise, we do not make any decisions that produce legal effects concerning you, or which would otherwise significantly affect you, by means of an automated decision-making process.
Third Party Links
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Changes to our Policy
Any changes we make to our policy in the future will be posted on our website and, where appropriate, notified to you by email or via social media. Please check our website frequently to see any updates or changes to our policy.
Questions, comments and requests regarding this policy are welcomed and should be addressed to our customer services team by writing to the address at the top of this policy, or by emailing us at firstname.lastname@example.org.
Sale of business
In the event that BringMeDrink is sold or integrated with another business your details may be disclosed to our advisers and any prospective purchaser and their advisers and will be passed on to the new owners of the business.
Updating your details
If any of the information that you’ve provided to us has changed, e.g. you change your email address, name or payment details, let us know by emailing email@example.com, or sending a letter to BringMeDrink, Hyperama Buildings, Bull Close Road, Lenton Industrial Estate, Nottingham, NG7 2UT
Disclosure of information
We comply with and are registered under the Data Protection laws in the United Kingdom. We take all reasonable care to prevent any unauthorised access to and use of your personal data. We maintain a responsibility to keep your information confidential and will only use it to offer relevant products and services to you. We’d also like to send you information about special features of our website or any other service or products we think may be of interest to you. If you do not wish to receive any mailings, email firstname.lastname@example.org with your email address, customer number or name and address details.
Advertisements on our site are provided by another organisation. Our advertising partner will serve ads that it believes are most likely to be of interest to you, based on information about your visit to this and other websites (this information is anonymous in that it does not include your name, street address, e-mail address or telephone number). In order to do this, our advertising partner may need to place a cookie (a small text file) on your computer. For more information about this type of online behavioural advertising, about cookies, and about how to turn this feature off, please visit youronlinechoices.com/uk
We take your security very seriously, and we’ve invested in a totally secure and safe website for you to shop. Once you checkout, we encrypt all your details using Internet standard encryption technology (TSL/SSL).
If a site is secure, a padlock will appear in the bottom right hand section of your screen when you are in the personal data/ payment card entry area. Occasionally the padlock will not be visible but the page is still secure. If you do not see the padlock, you can check by right-clicking anywhere on the page (except on an image) and select Properties. If the URL starts https: the s indicates that the page is secure.
If you have any questions about the online security of BringMeDrink please email email@example.com