Privacy and Cookie Policy

About us

Sodexo Motivation Solutions U.K. Limited (herein referred to as “Sodexo”, “We” or “Us”) is registered in England and Wales with company number 02680629, and has its head office located at Avalon House, Breckland, Linford Wood, Milton Keynes MK14 6LD.

Sodexo, unless stated otherwise, acts as independent Data Controller in providing its services, respects your personal data and abides by the relevant legislation protecting your personal data. This includes but is not limited to the U.K. Data Protection Act 2018 and the EU General Data Protection Regulation (the “GDPR”), which may be amended from time to time.

Scope and Purpose of this Policy

This Privacy and Cookie Policy (the “Policy”) provides you with the necessary details about the personal data that we may, in providing our services, collect from you, and explains both how we use this data and how long we may retain this information in our records once we are no longer providing you with our services.

The Policy will also set out the steps you should take in order to exercise your rights in virtue of GDPR in requesting, for example, what information we hold of you, if you would like us to delete or anonymise the personal data we have or if you would like to correct or update this information..

Information we collect and what we do with this information

We will only collect and process your personal data for the provision of our services and in accordance with the Data Protection legislation.

Unless otherwise provided by Sodexo, at no time will we trade, sell, or distribute your personal data to any individual, company, vendor or organisation, in ways other than that which is disclosed in this Policy.

If you have any questions or concerns regarding our data processing practices, please contact us through one of the methods provided herein below. 

We may collect your personal data in order to: (1) to provide our services, (2) authenticate your right to use our services, (3) optimise your experience, (4) conduct financial transactions, (5) track your transaction activity with our partner retailers, (6) provide you with customer service, and/or (7) provide you with data subject request support.

We will only collect information that is necessary for delivering you our services or providing access to the website. For the purposes of providing our services, we may collect the following information: 

• First and last name
• Email address
• Additional information provided by you may include:
  • Preferences and reminders
  • Home Address
  • Telephone number
  • Mobile phone number
  • Date of birth
  • Payment and bank account information
• Automatically generated login information is created while you use this website, and may include:
  • Transactional information
  • Customer service inquiries
  • Points activity
  • Clickstream information
  • Cookies
  • Shopping activity information like, e-codes, and cinema codes created as a result of using this website

How we use the information

We use the information we collect for the following purposes: 

• to enable you to access and benefit from the services
• to verify your affiliation with your organisation
• to authenticate you to your unique account
• to communicate with you and provide customer service
• Additional information obtained from you is used to facilitate additional functionality, provide relevant offers and fulfil transactions.
• Information generated while on the site is used by Us to protect you, prevent fraud, affect session management and respond to your requests including but not limited to IP addresses, ISP details, browser type and version.
• Information will be shared with participating merchants in order to fulfil transactions, including payment information, shipping address and other personal information that may be required to complete the transaction;

Information we may share

We do not sell or share your information with third parties. We may share anonymised data with your organisation (meaning no personal information is provided and no individual can be identified from said data) as described below.

• The general use of the website may be shared with your organisation to evaluate the effectiveness and value of the website;
• Information on whether eCodes have been used may be provided to your organisation;
• Other website or transactional activity may be provided to your organisation in the form of reports, for example to facilitate the operation of long service, rewards, recognition and other benefits;.
• If your organisation has contracted a third party, any of the above information we share with your organisation may also be shared with the third party;

When we might share personal data with third parties

We may disclose your personal information to third parties in a very limited number of circumstances:

• Where we engage the business services of a third party to provide services directly for us. For example, we may use a mailing house to email promotional materials such as our email newsletter. Rest assured that any third parties are strictly prohibited from using your personal data for any other purpose, other than for what we contracted them for.
• If we are acquired by a third party, and data we hold would form part of the acquisition.
• If we are under a legal duty or obligation to disclose or share your personal data or in order to enforce or apply our terms of use on this website or other agreements;
• In order to protect the rights, property or safety of our clients, our customers, our business operations or third-parties to whom we have such obligations, we will share personal data with relevant authorities and organisations in order to report criminal activity, including (but not limited to) fraud, money laundering, bribery, service abuse investigations and credit risk reduction.
• When analytics and search engine providers assist us in the improvement and optimisation of our website.

How we protect the information

We are committed to protecting the confidentiality of your information. We hold ISO27001 and ISO9001 certifications, which guidelines we adhere to, to secure your information, which includes industry standard administrative, physical and technical controls. These controls also include encryption, regular internal and third-party audits, access controls and security testing. 

Cookies
We only use cookies that are essential to providing you with the best experience whilst using this website, to manage your browser sessions and to ensure the website’s optimal functionality. Cookies are required to allow you to use all of the website's functions. Disabling cookies will limit functionality and may significantly hinder the user experience. 

Some business partners (e.g., advertisers, tracking utilities) use cookies and web beacons on their site(s). We do not have access or control over these tracking technologies, and we do not share your personal data with these advertisers. 

Please note that the above cookie policy applies only to our website(s). If you should be redirected to a third-party website, our policy will no longer apply, unless advised otherwise.

For more information about cookies, including further details as to what they are and how to refuse them, please visit www.allaboutcookies.org 

Communications
For you to successfully make use of this website, we may need to send you system-generated emails to confirm your order has been completed, or to send your eCodes/eVouchers. Other marketing type emails will contain an opt-out facility. 

Opting-out
You may opt out of correspondence relating to the use of this website by using the Contact Us facility on this website. 

Retention
GDPR requires that personal data not be processed or stored for longer than is necessary to provide our services and to adhere to retention requirements set by different legislation. Our different services may therefore be impacted by legislation that sets different retention periods.
In virtue of Voucher Shop services, we set a retention period of 6 years and 4 months from the date that your employer or organisation ceases transacting with Us.
In accordance with the applicable legislation, once the retention period has expired, we will safely delete or anonymise your personal data. 

Subject Access Requests
We welcome your right to submit a Data Subject Request (DSR). The two most popular requests we received are to request deletion/anonymisation of personal data, or to find out what information we hold on you.

For more information about these rights, please visit: https://ico.org.uk/your-data-matters/

Data Subject Requests can sent to:

The Data Protection Officer

Sodexo Motivation Solutions U.K. Limited

Avalon House

Breckland, Linford Wood,

Milton Keynes MK14 6LD 

Or email us at: Datainfo.engage.uk@Sodexo.com

Should we be unable to remove your personal data due to legal or Inland Revenue constraints, we will ensure that the data is blocked or disabled, and will advise you of this decision.

Third Party and Retailer's privacy and cookie policies
Links on our website may redirect you to a third party or participating retailer's website. At the point you enter the third-party website, the privacy and cookie policy of the third party will apply.

General

We reserve the right to disclose your personal data, as required by law and when it is legitimately believed that disclosure is necessary to protect our rights and/or comply in any legal proceeding, court order or legal process. 

Notification of changes to this policy
Our privacy and cookie policy will be reviewed and amended from time to time.

We therefore recommend that you check our website regularly to keep up to date with any changes that may have been made. This way you will be made aware of policy changes affecting the Services and your personal data.

Contact us

Should you have any questions regarding how we manage your personal data or would like to send us a Data Subject Access Request, please feel free to email us at:

Datainfo.engage.uk@Sodexo.com or call us at 01908 352 000.