Privacy & Cookies Policy

Webloyalty International Limited (“Webloyalty”, “We”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy and Cookies policy will inform you how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

1. About Webloyalty and this Privacy and Cookies Policy

Webloyalty are committed to protecting and respecting your privacy. We want you to know how and why we use any personal data we collect from you, hold about you, you provide to us, or we otherwise process. This Privacy and Cookies Policy will also explain the choices you have available to you about your data. In providing your data to us or using our services or our websites you agree to this Policy and accept the practices outlined in this Policy.

This website is not intended for children and we do not knowingly collect data relating to children.

“Personal data” and “your data” mean any information about you which is personally identifiable or can be related back to you such as your name, address, telephone number, email address, marketing preferences, service selections and queries.

Webloyalty International Limited is the controller and is responsible for any personal data collected through or as a result of your visit to this website (www.webloyalty.co.uk). If you have a concern about your data or a question about this Policy for our Data Protection Officer, please contact them by email at dpo@webloyalty.co.uk.

Data we collect

This policy applies only to information collected through this website (www.webloyalty.co.uk), you will find Privacy & Cookies policies for each of the Webloyalty products on their websites, details of all our products can be found in the ‘About us’ section of this website.

We collect information from you when you request information from us or make contact with us. In order to do so, you may be asked to enter relevant contact information such as your name, email address, mailing address, and telephone number. However, you do not need to provide this data in order to visit the site.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (Legitimate Business Purpose).
  • Where we need to comply with a legal or regulatory obligation.
  • Where you have provided your consent.

1.1 How we use your data

The data we collect will depend on your interactions with us, the preferences you select and if you sign up to our newsletter. The data we collect includes the following:

  • Name and contact data necessary to adequately respond to your queries, to enable us to provide you with requested information about our services, for the provision of our newsletter and to determine your membership to any of our products. The specific legal ground we are processing your personal data on is provision of a service to you.
    • The type of data we would collect includes your: first name and last name, postal address, email address, telephone/mobile number, and other similar contact data, and
    • any information you provide to us for your calculation on the “Revenue Calculator”
  • Feedback data where we will process your data for certain legitimate business purposes to improve our products and services for your continued enjoyment and to assist in the development of new products and services based on your feedback.
    • This may be through comments and reviews you have left for the product/service, surveys, updates to your information, or through the information you provide to our customer service desk.
    • We may also use your data to conduct market research by asking you to participate in a survey about topical issues, conducted by us, our partners or third parties. If you receive a survey from us, we will always tell you how any information you provide in the survey will be used. If you receive a survey from our partner or selected third party, please read their privacy policy before submitting any of your data.
    • Participation in surveys is voluntary and it is up to you whether to take part.
  • ·    Anonymised data and aggregated data – anonymisation is the process of converting personal data to anonymised data so that it does not identify you or any individual and will not allow you or any individual to be identified through its combination with other data. We collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but it is not considered personal data in law as this data does not directly or indirectly reveal your identity. In addition to the way we process your data explained above, we will use anonymised data and aggregated data to improve the quality of our existing products/services, develop new features, products/services and for overall research purposes. An example would be where we aggregate your data on how often you use the product/service to calculate the percentage of users accessing a specific website feature. As this data is anonymised and does not identify you, we may share this data with Webloyalty controlled affiliates, subsidiaries and our parent company as well as third parties and partners. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We will also use your data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. You may receive marketing communications from us about similar products and services if you have requested information from us or purchased goods or services from us or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing by clicking the unsubscribe link in the email or SMS. You may unsubscribe from these communications at any time. 

1.2 Data where we need your consent

We will ask you for your express opt-in consent before we share your personal data with any company outside Webloyalty controlled affiliates and our parent company for marketing purposes. We will provide you with more information about the categories of these companies at the time of asking you for your express opt-in consent. This will typically be for products/services offered by other companies which may be of interest to you based on the product/service you have with us or may be for another purpose which will also be made clear to you at the time of obtaining your express opt-in consent.

We will also ask you for your express opt-in consent before we send you marketing communications about our products/services that are not similar to what you currently have with us.

If you provide your explicit opt-in consent to receive such marketing communications, we may provide you with further options where you can choose how to receive it, such as email, SMS, physical mail or telephone and the frequency of such marketing communications. If you have provided your explicit consent to receive marketing communications but later change your mind, you can edit your preferences on how you receive them, how often you receive them or even stop receiving them altogether.

1.3 Processing for Legitimate Business Purposes

We explain throughout the Policy when and why we process your data for a legitimate business purpose. A legitimate business purposes means the interests of Webloyalty in conducting and managing our business to enable us to give you the best products and services and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You have the right to object to this processing if you wish and if you wish to do so please contact our Data Protection Officer. If you do object, this may affect our ability to carry out the tasks for your benefit where we are processing your data for a legitimate business purpose.

2. Sharing your data

We may share your data if: it is necessary to do so in order to provide you with a product/service; if we have a legitimate business purpose for doing so; or if you have given us your explicit consent to do this.

Please note that when you are redirected to one of our product sites, or that of a partner or third party from our website, if you provide personal data to any of those partners or third parties, your data will be governed by their privacy policy. You should read their privacy policy before you submit any of your data to their websites.

2.1 Sharing your data with partners and selected third parties

Third party providers of information security services will have access to your data for the purposes of monitoring our networks and websites to help keep your data secure. This processing is undertaken for legitimate business purposes.

2.2 Sharing your data within the Group

We may share your data among any Webloyalty controlled affiliates, and our parent company throughout the world who are acting as our data processor and only processing your data according to our instructions for legitimate business purposes. If you would like to see an up to date list of these companies, please click here.  We will do this in order to process transactions and ensure you are able to use the product/service. Your data is still protected in the same manner as set out in this Policy in line with applicable laws. Click here to understand our position on the transfer of data outside of the European Economic Area.

2.3 Sharing your data for compliance purposes

Additionally we reserve the right to access and disclose your information in order to comply with applicable laws, to comply with lawful requests from governments, law enforcement agencies or parties whose request we reasonably consider to be justified in connection with any allegations by any party about your abuse of our services, to operate our systems properly or to protect ourselves or our users from any of the scenarios mentioned in this section. This includes protecting the rights of Webloyalty through the enforcement of the terms governing the product/service and protecting our customers from spam or activity which may defraud users of our product/service.

3. Cookies and similar technologies

This section of the Policy sets out how we use cookies and similar technologies (“cookies”) on and in connection with this site. Cookies are text files containing small amounts of information which are downloaded by your internet browser and stored on your device when you visit a website.

3.1 How we use information we collect through cookies

We store information that we collect through cookies, log files, clear gifs, and/or third party sources to create a summary of your preferences. We tie your personally identifiable data in order to improve the content of the site for you and/or to determine your preferences. We may match information collected from you through different means or at different times, including, for example, information collected online and offline, and use such information along with information obtained from other sources, including third parties. To do this, it is often necessary to share this information with carefully selected vendors and partners we work with, such as companies that perform marketing services and other business operations for us.

3.2 More information about cookies

We use a mixture of strictly necessary and analytics cookies – these cookies enable you to move around our website, use its features and help us to optimise our website based on your usage. Without the strictly necessary cookies, services you’ve asked for (such as completing an application form or logging into a secure area of our website) can’t be provided.

We use session and persistent cookies on this site. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies and reject persistent and session cookies by following the directions provided in your Internet browser’s “help” file or by visiting www.allaboutcookies.org. If you reject persistent or session cookies, you may still use our site, but you may not be able to access all of the site’s functionality or your access may be limited.

We are continually looking to adopt and implement new practices and technologies in order that we may improve your user experience. We may update this policy from time to time with details of new cookies.

Details of the cookies we currently use on this website are shown below:

[cookie_audit_category style=”winter”]
Cookie type Name Duration Purpose
Strictly necessary WordPress Browser session Strictly necessary for website functionality https://wordpress.org/
YouTube Browser session Enable embedded videos to play https://www.youtube.com/
CookieControl Persistent (max. 12months) Used to remember the user’s choices about cookies on this website
Analytics Google Analytics
_ga
_gid
_gat
_gac
AMP_TOKEN
Persistent (max. 12months) Used to collect information about how visitors use our website. We use the information to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come from and the pages they visited. https://analytics.google.com/analytics/web/
Pardot Persistent (max. 12months) These cookies help us to understand our visitor and prospect activities on our website. They collect information in an anonymous form and are used to remember user preferences and behaviour on our site. https://help.salesforce.com/articleView?id=pardot_basics_cookies.htm&type=5

3.3 How we use cookies

We use cookies to:

  • remember choices you have made and personalise your use of the site;
  • remember and recognise you on subsequent visits to the site;
  • identify how you use this site, including tracking how you use the site, such as information on where you came from, what content you viewed on the site, and the duration of your visit;
  • deliver content and advertising more relevant to you and your interests. This includes cookies used by advertising networks, which may be subject to a separate privacy policy on how the advertising network uses information they collect. Please see the How we use third party cookies for advertising and re-targeting purposes below for further information. We link the information we obtain from or store in cookies to any data we gather about you (see How we use information we collect through cookies above).

4.2 How we use third party cookies for advertising and re-targeting purposes

We may also use cookies to enable the use of advertising technology to serve you advertisements that we feel may be relevant to you when you visit search engines, our site and/or third party sites upon which we advertise. This technology uses information about your previous visits to our site and the third party sites upon which we advertise to tailor advertising to you. In the course of serving these advertisements, a unique third-party cookie may be placed or recognised on your browser to enable us to recognise you.

4.3 Web Beacons

We may use web beacons, provided by our ad serving partner, to help manage our online advertising. These web beacons allow us and/or our ad serving partner to access individual cookies when a browser visits the site. This allows us to identify which advertisements or listings served by our ad serving partner bring users to our website. Web beacons are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on webpages and are about the size of the period at the end of this sentence. We link the information gathered by clear gifs to your data (see How we use information we collect through cookies above).

4.4 Log files and Internet Protocol (IP) Address

Like many websites, we gather certain information relating to website use automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp and clickstream data. We use this information, which does not by itself identify individual users, to analyse trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole. After collection, during our processing of the data, we link this automatically-collected data to the data we hold about you.

Where you are using our websites, we may use your IP address to help diagnose problems with our server and to administer our website. Your IP address may also be used to help identify you for the duration of a session and to gather broad demographic information. Your IP address will never be linked to any personally identifiable data unless you are in the process of making a purchase, in which case the link between this information will terminate upon your final purchase.

4.5 Third party websites using Cookies

Our websites may contain links to third party websites some of which may also use cookies. This Policy does not cover third party websites which will be subject to their own privacy and cookies policies. Webloyalty does not have access to or control over cookies or other features used by such sites. Please contact them directly for more information about their privacy practices.

4.6 Clickstream

As you use the internet, a trail of electronic information is left at each website you visit. This information, which is sometimes referred to as “clickstream data”, can be collected and stored by a website’s server. Clickstream data can tell us the type of computer and browsing software you use, the address of the website from which you linked to our website, and, in some instances, your e-mail address. We may use clickstream data to determine how much time visitors spend on each page of our site, how visitors navigate throughout the site and how we may tailor our web pages to better meet the needs of visitors. This information will only be used to improve our websites. Any collection or use of clickstream data will be anonymous and aggregated and will not contain any of your identifiable data except where you have selected an email address that identifies your name.

4. Your Rights

4.1 Right to rectification

You can update and amend your data held by us if inaccurate or incomplete by emailing us at enquiries@webloyalty.co.uk writing to Webloyalty International Privacy Policy, Sentinel House, Airspeed Road, Portsmouth, Hampshire, PO3 5RF, calling 0800 0859 377 or visiting your profile page if you have an online account with one of our products/services.

4.2  Right of access, restriction of processing and erasure

If you would like to see the data we process on you, restrict the processing of your data or have it deleted you can contact our Data Protection Officer who will investigate the matter and take you through the necessary steps to provide you with the data you requested or to delete it. If you would like it deleted, in particular any data which is necessary for us to process to provide you with the product/service, you will no longer be able to use the product/service. If applicable, our Data Protection Officer will explain any circumstances where we are not be able to erase your data such as the exercise or defence of a legal claim and situations where you can restrict the processing of your data. Our Data Protection Officer will respond to your query within 30 days of receiving your request.

4.3 Right to object

You can edit or remove your information from our marketing database by emailing, writing or calling us using the contact details above, specifying your name, the email or other address/ telephone number you used to register with us and, if referring to a web registration, your user name in the email. You may also do this online if you have an online account by visiting your preferences page.

In addition, if you have provided us with your explicit consent to receive marketing communications via email, you will normally find an unsubscribe link at the bottom of the marketing emails you receive, which you can use to tell us if you no longer wish to receive marketing communications from that source.

If you object to us processing your data based on a legitimate business purpose, please contact our Data Protection Officer who will investigate and take action on the matter.

5. Security

Securing your personal and non-personal information is very important to us. All customer databases are held in a secure environment and (except for law enforcement authorities in limited circumstances) only those Webloyalty employees or other persons who need access to your data in order to perform their duties are allowed such access. Any of these employees or persons who violate our privacy and/or security policies may be subject to disciplinary action, including possible termination and civil and/or criminal prosecution. Where you are using our websites, we take proactive steps to put safeguards in place to provide for the secure transmission of your data from your computer to our servers. However, due to the inherent open nature of the Internet, we cannot guarantee that communications between you and Webloyalty, and Webloyalty and you, will be free from unauthorised access by third parties, such as hackers. We have implemented all necessary and reasonable technical and organisational measures to protect your data including:

  • data minimisation and encryption of personal data;
  • the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and
  • a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

Our websites utilise Standard SSL encryption on pages where secure information is transmitted over the Internet. We also use Verisign as our Certificate of Authority. If you would like more information on our Verisign Certificate, please visit https://www.verisign.com/?dmn=verisign.co.uk

6. Other important information

6.1 Updates to this Policy

We may update this Policy when necessary to reflect changes in our products/services. Please check the last updated date at the top of this Policy to ensure you are reviewing our most current version and understand how we protect your data. If there are any material changes to this Policy which change the way we collect and use your personal data, we will let you know by either posting on this website a notice of the changes we are making before they take effect or by sending you a notification.

6.2 Transfers

As part of the products and services offered to you, for example through our website, the information you provide to us will be transferred to and processed in countries inside and outside of the European Economic Area (EEA) in particular to the US for the purposes of payment processing, ad hoc application maintenance and systems support. If we transfer or store your personal data outside the EEA in this way, we will take steps with the aim of ensuring that your privacy rights continue to be protected, as outlined in this privacy policy and in accordance with the Data Protection Act 2018. If you use our service while you are outside the EEA, your personal data may be transferred outside the EEA in order to provide you with these services. Where you have used our services to make travel arrangements such as booking flights, hotels or cruises, your data will be transferred to the third party in the country where you have made the arrangements.

Whenever we process or transfer your personal data out of the EEA, we always ensure that an adequate level of protection is afforded to it. It is the case for example when we process or transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission (to see the list, please visit: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm). Whenever our affiliates or providers based in the US process your data, we include relevant mechanisms (such as standard contractual clauses approved by the European Commission, so-called EC model clauses) in contracts and agreements with them and/or rely on the EU-US Privacy Shield framework when our affiliate or provider is Privacy Shield certified to ensure that any processing of your data is in accordance with Privacy Shield obligations, namely : Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access and Recourse; and Enforcement and Liability. If you would like to know more about our parent company’s privacy policy and privacy shield certification, please visit: http://www.privacyshield.gov or contact our Data Protection Officer.

When providers or affiliates based in other countries that have not been deemed to provide an adequate level of protection for personal data by the European Commission process your data, we always use EC model clauses in contracts and agreements with them to maintain a similar level of protection as if your data was processed within the EEA.

You can contact our Data Protection Officer if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

6.3 Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

If you are a customer of one of our products/services, please refer to the Privacy and Cookies Policy, found directly on the product website for more information about retention periods.

6.4 Contact

If you have a concern about your data or a question about this Policy for our Data Protection Officer, please contact them by email at dpo@webloyalty.co.uk. If you are not happy with the response you received or believe your data has not been used in accordance with this policy and therefore not processed in line with applicable laws, you may lodge a complaint with the Information Commissioner’s Office (ICO), the UK Supervisory authority. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.