Last updated and Effective On: 3rd July 2017
This Transparency Statement is subject to, and should be read alongside, the Consumer Account Terms, of which it forms part. Unless otherwise defined in this Transparency Statement, any capitalised terms have the same meaning as given to them in the Consumer Account Terms.
The Harris+Hoole App is powered by Yoyo Wallet Limited. Where the words "Yoyo Wallet", "we", "us" or "our" are used in this document, they are all references to Yoyo Wallet Limited, incorporated in England and Wales under company registration number 08515940, whose registered office is at 2 nd Floor, 78 Whitfield Street, London W1T 4EZ. Yoyo Wallet Limited is authorised by the Financial Conduct Authority under the Electronic Money Regulations 2011 (Firm Ref. 900645) for the issuing of electronic money.
The Harris+Hoole App is provided for use only in relation to offers, promotions, rewards, goods or services offered by or purchased from Harris + Hoole retail outlets that accept the Harris+Hoole App. It cannot be used elsewhere or in relation to offers, promotions, rewards, goods or services offered by or purchased from other merchants. Where the word "Merchant" or "Merchants" is used in this document, it refers to Harris + Hoole Limited and its subsidiaries and affiliated entities that operate such Harris+Hoole retail outlets.
We treat your information very carefully, and we have written this document to help you understand what information we collect, who has access to it and for what purposes. We have called it a Transparency Statement to emphasise the importance we place on being clear about these points.
You should also know that we are registered as a data controller with the Information Commissioner's Office under registration number ZA019543, and as such we are required to comply with the Data Protection Act 1998.
We summarise below the types of data that you have agreed to share with various parties, including the Merchant, by your acceptance of the Consumer Account Terms. You may withdraw your consent to any data sharing listed below at any time by emailing us at email@example.com - although as some categories of data sharing are essential to the provision of the Services or certain aspects of the Services, withdrawal of your consent for certain categories will require termination of your Account or that aspect of the Services. We encourage you to read the remainder of this policy to understand more about how your data is used.
How do we collect information about you?
We collect information about you when you access our website ("Site"), log-in or register to use the Harris+Hoole App or when you contact us. This may include information you provide to us or information we obtain or learn, such as information about how you use our Site or the device(s) you use to access your Services.
We will hold or process the following categories of information on customers:
● Personal data: Information that may be used to identify a living individual - your title, full name, postcode, email address, mobile phone number, date of birth - and any other data we receive from the Merchant or from a social networking profile that you have elected to log-in to the Harris+Hoole App via as detailed under "third party sources" below.
● Third party sources: If you elect to link your Account with third party platforms or services, such as social media accounts such as Facebook, or other third party services, then additional information about you may be provided to us by the relevant third parties for the purposes of linking, for use, and/or through sign-in. These will be communicated to you when you request we make the relevant link.
● Detailed transaction data: Detailed information on transactions you carry out using the Harris+Hoole App to pay for goods or services, or redeem rewards and offers, such as the items that were obtained, the transaction ID, the price paid or discount given, the location and time of the transaction, and the outcome of that transaction.
● Anonymised Yoyo Wallet ID: A unique customer identifier.
● Anonymised customer profile: Location or demographic data and stated preferences (e.g. "Favouriting" a particular Merchant).
● Anonymised purchasing profile: Simplified data on your past purchases - category of product purchased, date of purchase and general location of purchase (e.g. post code area).
● Financial account information: Information that is used to add funds to a customer's Account for example, bank account and sort-code, debit card number and expiry date. For more information on how this information is processed, please see the Security section of our Transparency Statement below.
● Surveys: Information that you have opted to provide to us in response to customer research and satisfaction surveys.
● Detailed transaction data: Transaction data is shared with the Merchant receiving payment or providing rewards and offers on that transaction. We do this so that the Merchant can reconcile their point of sale data with data generated via use of the Harris+Hoole App, and to allow them to analyse Transactions.
● Anonymised Yoyo Wallet ID: We provide Merchant with a unique Yoyo wallet ID for each customer alongside the transaction data to allow Merchant to understand the payment, reward and offer behaviour of a particular customer or group of customers. The Yoyo wallet ID may also be sent to third parties who provide account funding services to Harris+Hoole App users to enable them and us to match incoming funds to a Harris+Hoole App user.
● Anonymised customer profile: Merchant can obtain customer data that is linked to the Yoyo wallet ID. They may use this to design promotions that are delivered to specific groups of customers and also to understand their own customer base in more detail.
● Anonymous purchasing profile: Retail brands that have products sold by Merchant can obtain reports showing results from analysis conducted using anonymised and aggregated purchasing data to enable them to get a better understanding of the purchasing patterns of their products so they can design more effective promotions and campaigns. They do not get access to the underlying transaction data.
● Financial account information: This information is only held by the funding source provider. We do not hold any sensitive financial information about customers.
● Network, hardware and web: We will not share any of this type of data with third parties other than when required in order to assist with regulatory or criminal enquiries.
● Other uses: We may share your information with third parties, including law enforcement agencies and credit reference agencies as follows:
· for the purpose of fulfilling our obligations under the Consumer Account Terms, or as required by applicable law;
· to assess financial and insurance risks;
· in relation to any breach of, or to enforce, the Consumer Account Terms;
· to recover debt or in relation to your insolvency;
· to develop our services and our systems;
· to prevent and detect fraud or crime;
· in the course of any investigation by us or any third party into any suspected criminal activity; and/or
· regarding information security, the risk of fraud, sector risk and credit risk;
● Regulatory requirements: we may make periodic searches of, and provide information about you to credit reference agencies, fraud prevention agencies to manage and take decisions about their relationship or prospective relationship with you. Such information may be used by credit providers to take decisions about you and your financial associates. We may also review you and your business activities (including without limitation by electronic means) to monitor your compliance with the Consumer Account Terms. Please be aware that a link between you and anyone with whom you have a joint account or similar financial association will be recorded at credit reference agencies, creating a "financial association". All such associated parties' information will be taken into account in future applications until you or one of them successfully files a "notice of disassociation" at the credit reference agencies.
We will use the data it holds on users in the above categories to:
● Process and manage your application for, and use of products and services via, the Harris+Hoole App including your Account and participation in any reward or offer programmes offered by the Merchant.
● Respond to your customer service inquiries.
● Create personalised Merchant promotions based on your purchasing preferences and behaviour.
● Communicate with you by email about your orders or purchases, your services, Account, participation in any reward or offer programmes, contest or sweepstakes you have entered, and any requests for information you may submit to us.
● Communicate with you by email about products, events or for other promotional purposes - except where you have expressly opted not to receive such material.
● Conduct statistical analysis.
● Manage risk by assessing payment and funding risks, identifying, preventing, detecting or tackling fraud, money laundering and other crime and carrying out regulatory checks.
● Facilitate the negotiation of any merger, sale of company assets, financing, acquisition or divestiture of all or a portion of our business.
● Comply with any applicable law, regulation or governmental request (e.g. tax authorities) and to protect our rights or property, or the security or integrity of the Services powered by Yoyo.
If you opt out of receiving promotional communications from the Merchants, or from us, we may still send you non-promotional communications such as emails about your Account or our ongoing business relationship with you.
We will retain information about you after the closure of your Account for as long as is permitted for legal, regulatory or fraud prevention purposes, and this may include our retaining your transaction data for up to 6 years.
You have the right to request a copy of the personal data we hold about you, its origin and any recipients of it as well as the purpose of any data processing carried out. Please note that, in accordance with the Data Protection Act 1998, a £10 admin fee is applicable. For further information, please contact us by emailing firstname.lastname@example.org with the subject "Data subject access request".
Also in accordance with the Data Protection Act 1998, you have the right to correct, restrict our use of or ask us to delete your personal data. Please use the above email address to ask any questions relating to your privacy rights or to request the correction, restriction or deletion of your personal data.
We take reasonable measures, including administrative, technical and physical safeguards, to protect your personal data from loss, theft, misuse and unauthorised access, disclosure, alteration and destruction. We hold personal data about you at our own premises and with the assistance of third-party service providers who may store and transmit such data outside of the European Economic Area. Whenever we share your personal data with third parties, we will take all reasonable steps to ensure that your privacy rights continue to be protected under the applicable data protection legislation. By sharing your personal data with us and interacting with the Services, you agree to the storing, processing and/or transfer described in this section.
We do not store customer card details, and apply information security practices to keep card data safe, for example whenever you enter your card information into the Harris+Hoole App, those details are encrypted and passed directly to our payment service provider ("PSP"). Upon receiving your information, our PSP sends us a token (consisting of random letters and numbers). The token (not your card details) is then used to effect payments for the products or services you purchase through the Harris+Hoole App. To add additional security the token changes at frequent intervals regardless of whether or not you are on-line. To ensure the required level of payment security, we will always use a PCI DSS-compliant payment gateway to store, process and transmit your Payment Card data. We reserve the right to change our payments gateway at our sole discretion, provided any such payment gateway meets this security compliance level.
· Performance Cookies: Our Site collects system-related information, such as the type of internet browser and operating system you use, the website from which you have come to our Site, the duration of individual page views, paths taken by visitors through the Site, and other general information and your IP address (the unique address which identifies your computer on the internet) which is automatically recognised by our web server. This information is collected for system administration and to report aggregate information to our subcontractors and partners to enable them to provide services to us. It is statistical data about our users' browsing actions and does not, of itself, contain any personal data. It is often not possible to identify a specific individual from this information, although for example we may be able to identify if it relates to a specific individual in conjunction with other information in our control.
· Functionality Cookies: Our Site also deploys functionality cookies, which are also used when registered users access private sections of our Site. These cookies are used to facilitate the log in process. In this case, we may be able to identify that your login details have been used.
You can control how cookies are placed on your device and remove existing cookies. All you have to do is change your web browser settings. Most web browsers offer users controls, to give you the option to delete or disable cookies. You can usually find out how to do so by referring to the 'Help' option on the menu bar of your browser, or by visiting the browser developer's website. This will usually tell you how to prevent your browser from accepting new cookies; notify you when you receive new cookies; and disable cookies altogether. Please note that disabling or restricting cookies may affect the functionality of the Site and may stop you accessing private areas of the Site.
You can also learn more about cookies by visiting http://www.allaboutcookies.org/ which includes additional useful information on cookies and how to block them on different types of browsers and mobile devices.
We may update this Transparency Statement from time to time. When we do so, we will post the new version on this page and change the date at the top of the policy.
We encourage you to check the date of our Transparency Statement for any updates or changes. We will notify you of any modified versions of the Transparency Statement that might materially affect the way we use or disclose your personal data.