Group Privacy

Personal data we collect from

  • In relation to our colleagues and job applicants, we collect your name and contact details, including email address, employment experience and any other personal data that you provide to us as part of the job application process.

  • In relation to Company Shop members, we collect your name, address, contact details, date of birth and employer when you subscribe use to any of our services.

  • In relation to Community Shop members, in addition to the information collected for Company Shop, we also collect ethnic background, gender and information about any benefits received. We may also record any information you voluntarily disclose to us which may include personal data and special categories of personal data.

  • In relation to colleagues and gym members, we may collect information about any health conditions which may impact you during the course of your employment or whilst using the gym facilities.

  • In relation to colleagues and members at our stores, we may process images of you on our CCTV system.

  • In relation to visitors to www.companyshop.co.uk (the Website), we may collect your IP address, traffic data, location data, weblogs and other communication data, including your name, address and contact details when you make an enquiry through the Website. We also collect personal data from you if you inform us about a problem with our Website.

  • Any personal data you provide to us when completing surveys that we use for research purposes.

How we use your personal data

We use information held about you in the following ways:

  • to carry out our obligations on the basis that the processing is necessary for the performance of a contract entered into between you and us, including employment and membership contracts;

  • to consider your job application, on the basis that this is taking steps at the applicant’s request before entering into an employment contract;

  • to notify you about changes to our services on the basis that this is necessary in order for us to perform our obligations under a contract with you;

  • to provide you with information about products or services that you request from us on the basis that you have requested such information before entering into a contract with us;

  • CCTV is used to ensure the safety and security of our stores and those who work or shop in it, as well as to assist in the prevention of crime;

  • for community shop members, we collect ethnic background information on the basis that you have given your explicit consent to this processing;

  • where you voluntarily disclose information to us about your personal circumstances which includes special categories of personal data (for example information concerning your beliefs, your health, or your sex life/ sexual orientation), we process this on the basis that you have given your explicit consent to this processing by providing us with the information. Where you provide us with special categories of personal data and we consider that we need to pass on to a third party such as a local authority or the police for the safety of
    yourself or of others, we may rely on another lawful basis for this processing;

  • We may use your image, likeness, or other visual representations for marketing and promotional purposes. This includes the use of photographs, videos, and other media in our marketing materials, both online and offline. We ensure that all such use is in accordance with the permissions and agreements you have agreed to and complies with applicable data protection laws.

Where we store your personal data and transfers to third parties

All personal data you provide to us is stored on secure servers which are based at our head office in Tankersley.

Your personal data may be transferred to and stored at a destination outside of the European Economic Area (EEA). It may also be processed by our suppliers for the purposes set out in section 3 above. In order to ensure that any third party processes your personal data in a way which is consistent with the UK and European Union (EU) laws on data protection, we have put in place agreements with those third parties, which contain provisions approved by the EU for protecting personal data. Please ask us if you would like to see a copy of these agreements.

Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to the Website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access to it. We will retain your personal data for no longer than is necessary for the purposes for which they are processed. For employees, retention periods can be found in the Data Protection Policy. For job applicants, we will retain application forms, CVs and interview notes for one year. CCTV images are stored for a maximum of 90 days before being destroyed. For members, we will retain personal data for a maximum of seven (7) years from the date on which your membership comes to an end, after which time it will be deleted.

Disclosure of your information

We may disclose your personal information to third parties:

  • in the event that we sell our business or assets, in which case we may disclose your personal data to the prospective buyer of such business or assets;

  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and other agreements; or to protect the rights, property, or safety of either or both of the Companies, our customers, or others;

  • in relation to colleagues, to our pension provider and broker, to the providers of our HR, payroll and occupational health log systems and any other parties who provide services to us which are required for the purposes of us complying with our employment obligations to you; and

  • in relation to recipients of marketing from us, we use third parties for our email campaigns.

Your rights

  • Right of access – You have a right to access the personal information we hold about you and be told why we use it.

  • Right of rectification – You can ask us to correct or update your information to ensure it is accurate and complete.

  • Right to erasure and right to restrict processing – You can ask us to stop processing and to delete your data in certain circumstances (for example where it is processed with your consent, or it is no longer necessary for us to process it).

  • Right to data portability – You have a right to ask us to provide you with information in a form that suits you, and/or to provide your information to a third party.

  • Right to object – You have a right to object to our processing of your information.

  • Profiling and automated decisions – You have a right not to be subject to automated decisions which have a legal effect and to be protected by safeguards in respect of any profiling.

  • Right to object to direct marketing – Where you have consented to receive direct marketing, you can change your mind at any time by contacting us or following the directions in each message. Please allow a few days for us to action your request.

  • You are not obliged to provide your personal data to us under contract or statute. However, if you fail to provide certain data, it may impact our ability to undertake our obligations under any contract which is in place between us.

Contact & Complaints

If you wish to exercise any of your rights detailed above, would like to make a complaint or have any questions regarding this privacy policy, please email us at centralhr@companyshop.ltd.uk or write to us at Steph McGinty, Company Shop Limited, Wentworth Way, Wentworth Industrial Estate, Tankersley, Barnsley, S75 3DH.

If we are unable to resolve your complaint, you may contact the Information Commissioner’s Office at the Exchange Tower, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; telephone number: 0303 123 1113

Links from the website

The Website may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Changes to our Privacy Policy

This policy may be reviewed and amended from time to time. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.