Our policy applies to you if you use our products or services in store, over the phone, online, through our mobile applications or if you use any of our websites or interact with us on social media (our “Services”).
The Carphone Warehouse Limited (referred to using “We”, “Us”, “Our” or the “Company”) is a company registered in England and Wales (Company registration number: 2142673) and is part of the Dixons Carphone group of companies. Dixons Carphone is Europe’s leading specialist electrical and telecommunications retailer, wholesaler and services company, employing over 42,000 people in nine countries. We pride ourselves on giving our customers simple and independent advice on which electronic and technology products are right for them.
We collect personal information about you when you visit one of our stores, use our Websites (“Websites”), or use our web or mobile device applications (“Mobile Apps”) or if you communicate with us by phone, e-mail and social media. We refer to our Websites and Apps collectively as “Online Services”.
Personal details such as your name, address, date of birth, email address, phone number and other contact information Transaction information, such as the product you purchased, its price, your method of payment and your payment details.
Information about you like your employment details, financial position and information taken from identification documents like your passport or driving licence when we review your application for insurance or loans offered by selected third parties partners
Your account information – such as dates of payments owed and received, the subscription services you use or any other information related to your account
The phone numbers that you call/send messages to or the phone numbers that you receive calls/messages from.
The date and time of the calls and messages you send or receive through our network, and your location at the time these communications take place.
Account information, like your username, password, and other identifiers or credentials you use to access our online services or to buy our products and services, details of your shopping preferences, such as your favourite brands and products, as well as which of our stores you prefer to shop in
Information that you provide in your dealings with us. This includes when you register to use our online services, or when you subscribe to our services or request further services and/or information from us.
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data. These are set out below.
When we’re required to enter into a contract with you
We use your personal information to process your orders and payments or to give you a refund.
Where you have provided consent
We use email and text messages to communicate with you about our products and services, competitions, offers, promotions or special events where you tick a box.
To provide a free mobile phone upgrade reminder service to inform you when a product is back in stock
To send you a renewal notice
If you give us permission, to communicate with you about our third party partners that we believe may interest you
Where there is a Legitimate Interest
As a Company we are often required to process your personal data in order to carry out certain tasks relating to our business activities. In such cases, processing of personal data can be justified on grounds of legitimate interest.
To provide customer support and to respond to, and communicate with you about your requests
To contact you if we need to obtain or provide additional information
To check our records are right and to check every now and then that you’re happy and satisfied (e.g. customer surveys).
For marketing activities (other than where we rely on your consent) e.g. marketing permissions captured during the course of a sale, personalising marketing messages through social media and other third party platforms;
To send promotional material (e.g. renewals) to you in the post or inform you of our offers by telephone
To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request)
To send communications to you about your orders, purchases or accounts and bill you for using our products or services
To let you post on our blogs and interact with us through social media.
Personalise & Improve our Service
To personalise your experience on our online services. This could include providing you with interesting, relevant content, or making navigation to our Sites and Mobile Apps easier
To help us understand more about you as a customer, the products and services you use, the way you use them and how you shop across the company, so we can serve you better
Improve the content and appearance of the Website(s) or App(s), and to make sure that content is presented in the most effective manner for you
To operate, evaluate and improve our business, including the development of new products and services; to determine the effectiveness of our sales, marketing and advertising; and the analysis and improvement of our products, offers, promotions, and Online Services and other technologies
To show you relevant ads by using data collected from your devices, including your searches, location, ads that you have seen and personal information that you have given us, such as your age range, gender and topics of interest. Dependant on your Ads Settings, this data informs the ads that you see across your devices. So if you visit our website on your computer at work, you might see ads about our products or services on your phone later that night.
Where you fail to repay what you owe Us or return our property, we may need to trace your whereabouts (sometimes using a tracing Agent) in order to recover payment or reclaim property. This might be carried out by a third Party debt recovery agent on our behalf
To protect against, identify and prevent fraud and other criminal activity, claims and other liabilities
For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access.
When we’re required to comply with our Legal Obligation
We’ll use your personal information to comply with our legal obligations including:
To identify you when you contact us
To verify the accuracy of data that we hold about you
To assist HMRC and/or the Police and/or other regulatory bodies in relation to an investigation by a public authority.
Where it is in your Vital Interest
In certain circumstances it is in your vital interests for us to process your personal information. We may need to contact you if there are any urgent safety or product recall notices or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you.
Our service providers
We work with partners, suppliers, insurers and agencies so they can process your personal information on our behalf and only where they meet our standards on the processing of data and security. We only share information that helps them provide their services to us or to help them provide their services to you. For example, some of our service providers place advertising for us online, about our products and services and those of our retail partners, suppliers and third parties. As a result, where you have indicated you are happy to receive marketing from us, you might see online advertising that we have placed on the web sites you visit, or the interactive services you use.
Other organisations and individuals
We may transfer your personal information to other organisations in certain scenarios. For example:
When you apply for credit or purchase an insurance product we’ll pass on your information to trusted third party partners responsible for these products. Please note we act as a credit broker and not as a lender in respect of our insurance products credit facility within our UK and Republic of Ireland stores
If required to by law, under any code of practice by which we are bound or we’re asked to do so by a public or regulatory authority such as the Police or the Department for Work and Pensions
Information may also be shared with fraud prevention agencies to prevent fraudulent claims
If we need to do so in order to exercise or protect our legal rights, users, systems and services
With emergency services (if you make an emergency call), including your approximate location
Credit Reference Agencies
In order to process your application we’ll supply your personal information to credit reference agencies (CRAs) and they will give us information about you.
This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information. We will use this information to:
Assess your creditworthiness and whether you can afford to take the product
Verify the accuracy of the data you have provided to us
Prevent criminal activity, fraud and money laundering
Trace and recover debts
To make sure any offers provided to you are appropriate to your circumstances.
We’ll also continue to exchange information about you with CRAs on an on-going basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at www.equifax.co.uk/crain
If we do transfer information to our agents or advisers outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We’ll use one of these safeguards:
We’ll transfer it to a non-EEA country with privacy laws that give the same protection as the EEA. Learn more on the European Commission Justice website.
We’ll put in place a contract with the recipient that means they must protect it to the same standards as the EEA. Read more about this here on the European Commission Justice website
We sometimes use systems to make automated decisions based on your personal information or the information we are allowed to collect from others about you or your business (for example where we perform credit checks). This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the products, services or features we may offer you now or in the future, or the price that we charge you for them.
You have rights over automated decisions.
Under certain circumstances, you can ask that we do not make our decision based on the automated score alone
You can object to an automated decision, and ask that a person reviews it.
If you want to know more about these rights, please contact us.
We will keep your personal information for as long as you’re a customer. If you haven’t made a purchase or engaged with us for 3 years or more, then we’ll remove you from our marketing mailing lists. After you stop being a customer, we may keep your data for up to 7 years after the last time you interacted with us. This could include one of the ways specified in ‘How we use your personal information’ and for one of these reasons:
To respond to any questions or complaints
To show that we treated you fairly
To maintain records according to rules that applies to us
To establish, bring or defend legal claims.
We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it in order to help support product recalls or safety notices. If we do, we will make sure that your privacy is protected and only use it for those purposes.
We do not retain personal information in an identifiable format for longer than is necessary.
Access to Information held about you
You have the right to request what personal information we hold about you. This is sometimes called a ‘Data Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we’ll provide it to you free of charge. Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information. Except in rare cases, we’ll respond to you within 30 days after we’ve received this information or, where no such information is required, after we’ve received your request.
If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.
In certain circumstances you have the right to request a copy of your personal information from us or to have that information passed to an organisation of your choice in a format that can be easily re-used.
Right to stop or limit our processing of your data
You have the right to object to us processing your personal information if we’re not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.
Where we rely on our legitimate interests, as set out under ‘How we use your personal information’, you may object to us using it for these purposes. If we agree that your objection is justified in accordance with your rights under data protection laws, we’ll permanently stop using your data for those purposes. Otherwise we’ll provide you with our justification as to why we need to continue using your data.
You can ask us to restrict the use of your personal information if:
It isn’t accurate.
It has been used unlawfully but you don’t want us to delete it.
It’s not relevant any more, but you want us to keep it for use in legal claims.
You’ve already asked us to stop using your data but you’re waiting for us to tell you if we’re allowed to keep on using it.
Please note that we may be required by law to retain certain information. Before we are able to provide you with any information or correct any inaccuracies, we may ask you provide other details to help us respond to your request.
If you would like to exercise these rights, please contact us
Please make sure you provide the following identification documents as part of your application:
One proof of identity – we can accept an unexpired copy of either your passport or your driver’s licence
One proof of address – we can accept a copy of most recent (and less than 3 months old) credit or debit card statement or a utility bill showing the same name and address on your account or driving license where it hasn’t been used as proof of identity (see above)
We won’t send you marketing messages if you tell us not to.
You can click onto the “unsubscribe” link in any communication that we send to you by email which will automatically unsubscribe you from that type of communication. Each “unsubscribe” link only relates to that specific type of communication. Please also note that you may continue to receive Service communications in relation to the product and services we have sold to you
In relation to our App(s), you can manage your preferences in the App(s)
Please note that it may take up to 28 days to process your request.
You can also find further information within our Direct Marketing Charter, available as a separate link on our website.
The purpose of our Cookies Policy is to help explain what they are, why you are collecting them, and what information cookies store.
Please refer to our Cookies Policy available as a separate link on our website.
All companies within the Dixons Carphone Group use technical and organisational security measures to protect the personal information supplied by you against loss, destruction, and any unauthorised access by third parties.
We use so-called social plugins (buttons) of social networks such as Facebook, Google+, You Tube, Instragram and Twitter.
After activation of a button, the social network can retrieve data, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account. A social network cannot assign a visit to websites operated by our other group companies unless you activate the respective button there as well.
If you’re a member of a social network and don’t want that network to combine data retrieved from your visit to our websites with data they hold on you, you must log out from the social network concerned before activating the buttons.
If you have a question or a complaint about this policy, the way your personal information is handled, please contact us by one of the following means:
By email: firstname.lastname@example.org
Data Protection Officer
PO Box 375
You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details at: https://ico.org.uk/
We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website and/or by contacting you by email.