1. What information will we use?
By participating in the Nectar programme in the United Kingdom (the “Programme”), we will collect and use information about you and any additional collectors within your account ("your information"). This information includes your registration details, information about the use of your Programme account, shopping purchases and other information that you give us or that we collect, including about your use of internet connected devices.
2. How will your information be used?
We, companies participating in the Programme, and other organisations and service providers that we work with or partner with from time to time (as described in more detail in the 'Who will we share your information with?' section below), may use your information to:
- operate the Programme, for example to enable you to collect and redeem Points, provide other programme-related services and ensure that the applicable terms and conditions are observed;
- analyse how you use the Programme and our marketing channels such as our website and our app;
- assess the effectiveness of our marketing activities and the marketing activities we carry out on behalf of companies participating in the Programme;
- identify the devices you use to access the internet and when interacting with the Programme, and link such devices to you – for example your use of the Programme App on your tablet or mobile, and your use of partner Apps or websites which may link to the Programme;
- understand your behaviour based on the information available to us and to send or show you information, offers, surveys and online advertisements for the products or services which we believe are most likely to interest you.
One of the benefits of being part of the Programme is that we can show or send you offers or adverts that are relevant to you by various channels, including online. We decide what offers and adverts to show or send you using an automated decision making process which takes into account:
- the information you have provided to us as part of your participation in the Programme, including, amongst other things, purchases you have made when using your Programme account,
- information obtained from third party sources, as identified in “What information will we use”.
3. When we can use your information
We collect and use your information in the following situations:
- where our use of your information is necessary for us to perform the contract or contracts that we have with you. These contracts include the terms and conditions of our app, the Collector Rules, and any other agreements which we enter into with you from time to time;
- where our use of your information is for the purposes of our legitimate interests or the legitimate interests of companies participating in the Programme and we have made sure that your information, and your rights in relation to that information, are protected. For example, we may rely on this legal basis if we and/or the companies participating in the Programme use your information to understand and improve our (or their) products or services, to help find out what information, products and services are most likely to interest you, to send or show you information, offers, and online advertisements for these products or services, or to ensure that the Programme and its related services are delivered and used in accordance with the law and the terms and conditions that apply to them, including the Collector Rules;
- where we believe it is necessary to use your information to comply with a legal obligation to which we are subject; and
- where we have your consent. We will rely on your consent to:
- collect device identifiers from your devices, provided you have given consent to the App provider, your mobile phone provider, or via the device settings;
- use information about your location that we get from these technologies and the app to show you advertisements and offers which we think you may be interested in; and
- use your information for marketing to you by email, text message and other methods of electronic communication from time to time in accordance with your data choices.
Where we rely on consent to use your information, you have the right to withdraw that consent at any time. Please see the 'Your choices and rights' section of this policy for more details.
4. The period for which we will keep your information
We will keep your information for as long as is necessary for us to fulfil the purposes that we describe in this policy. As a general rule, however, we will keep:
- the information you provide when you register with the Programme, together with any updates you make to that information, for the duration of your membership with the Programme;
If you do not earn or redeem Points for a period of 12 months we may in accordance with the Collector Rules, deem you to be inactive and suspend or close your account. Your information will be kept and securely stored anonymously for a further period of 12 months after you are deemed to be inactive, following which we will ensure that your personal data is no longer retained.
5. Who will we share your information with?
We may share your information within the Sainsbury’s Group (which can be found here on http://about.sainsburys.co.uk/) and with the companies participating in the Programme and their group companies. A list of the Programme‘s participating companies is available here on nectar.com. We may also share your information with:
- other organisations and service providers (which includes the other members of the Sainsbury’s Group) that we work with or partner with from time to time including, for example: third party websites, analytics providers and advertising and media companies to enable them to show you adverts or offers which may interest you, including online, and mailing houses so that we can send you information or offers in the post;
- our professional advisors;
- any law enforcement agency, court, regulator, government authority or other third party where we believe this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party; and
- any third party that purchases, or to which we transfer, all or substantially all of our assets and business. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your information uses it in a manner that is consistent with this policy.
We promise we'll never share your details with anyone else
6. Transferring your information internationally
Your personal information may be transferred internationally. Sometimes we will need to transfer your information out of the United Kingdom, for example, we operate a contact centre in India and outsource some of our IT services to India and to the USA. Countries to which we transfer information may have different standards to control how your information is used and protected and these standards may not be as strict as those in place in the United Kingdom. If we transfer your information to a country which does not have data protection laws which offer an adequate level of protection for your information, we will make sure that the organisation which receives your information is a participant in the Privacy Shield Framework (for more information, please visit the Privacy Shield website), put in place appropriate safeguards to protect your information, or otherwise ensure that we can transfer your information in a way that complies with data protection law (for example, in some circumstances we may ask for your explicit consent to make a transfer of your information).
Where we put in place appropriate safeguards to protection information which we transfer, the safeguards may include securing additional legal agreements to protect your information. You can obtain a copy of these agreements by contacting the Data Protection Officer, Nectar 360 Limited using the details below.
7. Your choices and rights
You have a number of rights in relation to your information, and can make a number of choices about how we collect and use it. For example, you can decide not to receive marketing material from us, tell us how you want to receive marketing communications from us, and object to some of the ways in which we use your information.
Note that some of the choices or changes you make may impact our ability to maintain your account or provide you with Points or Rewards (for which you can exchange Points collected), and your account may need to be closed. We will notify you if such action is necessary.
You can log into the 'Manage Account' section of our website to:
- access and update the contact and personal details we hold about you;
- view your Points statement and Programme account transaction history;
- opt-out of receiving marketing communications to your device and/or by telephone including calls to your mobile or other number, SMS, and email from us;
- opt-out of receiving postal marketing communications from us and companies participating in the Programme;
- find out how to opt out if you do not want your information to be shared (in the form of cookies or similar technologies) with third party websites that we may work with from time to time so that those third party websites can show you adverts or offers that may interest you online.
You can contact us using the details below to:
- request access to your information if you cannot locate it in the 'Manage Account' section of our website;
- ask that we update, complete or correct your information if you are unable to do so in the 'Manage Account' section of our website;
- ask that we erase or restrict our use of your information;
- request that we provide your information to you in a commonly used electronic format and to have that information transmitted directly to another organisation (this is known as the right to 'data portabililty'); and/or
- object to our, or companies participating in the Programme, using your information in certain circumstances – for example, to see how you use the Programme, our website and app, and to understand your behaviour and identify and link the devices you use to you.
If you are concerned about how your information is used, please contact us at FAO Data Protection Officer, Freepost RRXL-TGET-CGZX, Nectar, Clipper Boulevard, Dartford, DA2 6QB; or contact us via email at firstname.lastname@example.org. Alternatively you have a right to complain to the Information Commissioner's Office.
8. Who we are
We are Nectar 360 Limited, a company registered in England under number 4224736. Our registered office is at 33 Holborn, London EC1N 2HT. We are the Data Controller. We are owned by the Sainsbury’s Group. Get in touch by contacting the Data Protection Officer in writing at the above address, or you can contact the Programme contact centre on 0344 811 0811 to raise any questions or concerns.
We protect your information, our business depends on it.