Customer Privacy Notice
Data Controllers and those responsible for Data Protection
A data controller is an organisation that collects and uses personal data and has responsibility for how the personal data is used and managed.
A nominated person is the person in an organisation who has responsibility for monitoring compliance with the law and for ensuring that personal data is protected within an organisation.
Yodel Delivery Network Limited provides a delivery service to our Clients and is the data controller those personal data provided by our Clients. Yodel Delivery Network Limited is registered in England, number: 05200072. Registered Office: Second Floor, Atlantic Pavilion, Albert Dock, Liverpool, Merseyside, L3 4AE. Yodel Delivery Network Limited’s website is www.yodel.co.uk.
In the context of this privacy notice, when we use the term 'we' it means Yodel Delivery Network Limited.
The person Responsible for Data Protection for Yodel Delivery Network Limited can be contact on email@example.com
How we use your data
We use your personal data to provide our services to our Clients and you.
We will use your personal data in the following ways:
- To provide our delivery services to our Clients and to improve that service.
- To administer any prize draw or competition you may enter.
- To analyse your delivery preferences or how you interact with or use our websites and application.
- For research, analytical and statistical purposes.
- To record and monitor outbound and inbound telephone conversations with you to ensure consistent service levels, to prevent or detect fraud, to resolve queries and complaints and for performance management and training purposes.
We will collect your personal data directly from our Clients when they request our delivery services, when they change any of your details (such as your name or address) or from you directly during the delivery service if you change any of your details to arrange redelivery or similar. We require our Clients to provide your personal data in order to perform our delivery service to that Client and, if you do not provide the personal data we request, we will be unable to fulfil this service.
Why We Need Your Personal Data
We need to process your personal data for a number of different reasons and these are our legal bases for processing. We also need to keep your personal data for as long as is necessary for us to operate our business and to comply with legal and regulatory obligations.
We rely on one or more of the following legal bases for processing personal data:
- To fulfil our legitimate interests or the legitimate interests of a third party
When we process personal data to fulfil our legitimate interests we will use it in a way in which you would reasonably expect and which will have a minimal privacy impact. When we or third parties are relying on legitimate interests we will balance our interests against your interests and the privacy impact of the processing on you and we will process your personal data responsibly.
Examples of our legitimate interests are: providing our service, fraud prevention, preventing and investigating crime and indicating possible criminal acts as well as ensuring our IT security.
- To comply with legal obligations to which our business is subject
We have to comply with relevant law and regulation in order to provide our services and we will need to process your personal data in order to comply with these legal obligations.
We will keep your personal data for the purposes set out in this privacy notice and only for as long as any legal basis continues to apply. Below is a non-exhaustive list of some of the reasons we need to retain your personal data:
- Compliance with the requirements of Government Departments investigating crime or fraud.
- Ensuring we have relevant information in the event of any queries or complaints.
- Being able to identify if you have received a parcel in the event of an investigation.
- To assist with the establishment, exercise or defence of legal claims.
The length of time we need to keep the personal data will vary depending on the nature of the personal data and the reason we are obliged to hold it. We will apply appropriate risk based measures to protect your personal data which may include pseudonymising or anonymising the personal data. If personal data is pseudonymised, this means it is de-identified so you are no longer identifiable, but we can re-identify you if we have a requirement to do so. If personal data is anonymised, it is de-identified, but can never be re-identified in the future.
Who We Transfer Data To
Transferring personal data to other organisations needs to take place with appropriate safeguards and you can be assured that we will only share the personal data that is needed for these organisations to be able to provide the right service to our Clients, you or to support us in doing so.
We may transfer your personal data to the following third parties:
- The originating Company who requested your delivery
- Technology service providers – our partners who provide IT and website services.
- Customer service providers – our partners who work with us to administer your delivery and provide you with any help you may need.
- Telephony providers – our partners who provide telephone services and functionality.
- Third party delivery companies – our Third Party and/or Self Employed couriers and parcel firms who may deliver your goods or services and manage any returns on our behalf.
- Regulators and other governmental agencies or law enforcement agencies.
- Organisations who may be interested in purchasing our business or organisations who we may be interested in purchasing - we may sell parts of our business or acquire other businesses and your personal data may be shared with such third parties as part of this process.
We will only transfer your personal data to third parties who adhere to appropriate data security standards and controls. From time to time we may need to transfer your personal data to other countries. Where this is the case, we will ensure that the transfer is subject to appropriate safeguards to protect your personal data and complies with applicable law which may include having standard contractual clauses in place with the third party. For further information on how data can be transferred to other countries, please find enclosed a link to the European Commission website: https://ec.europa.eu/info/law/law-topic/data-protection_en
Right of Access
This is known as a Subject Access Request. If you want to know if we are processing personal data relating to you and to have access to any such personal data you can email our Data Protection Team on firstname.lastname@example.org
Right to Rectification
If you believe that we hold inaccurate personal data about you, then you can contact our Client who requested our delivery services or you can email our Data Protection Team on email@example.com. Depending on the type of personal data you believe is inaccurate, we may ask you for further proof to ensure that the personal data is being corrected properly. If we are satisfied that the personal data is inaccurate we will make the necessary changes. Please understand that records of deliveries may not be able to be altered given our mandate to comply with regulatory and law requirements.
Right to Erasure
You have a right to ask for your personal data to be erased in certain circumstances. However, this right does not apply where we have to comply with a legal obligation or where we need personal data for the establishment, exercise or defence of legal claims. Therefore we cannot comply with an erasure request where you have been provided services for which we must keep records.
Right to Restriction
You have a right to request that processing of personal data is restricted in certain circumstances. However, we shall still continue to process the personal data for storage purposes, for the establishment, exercise or defence of legal claims.
Right to Object
Where we are relying on legitimate interests as a legal basis to process your data, you have a right to object to such processing on grounds relating to your particular situation.
You may also object to other processing when we rely on our legitimate interests as the basis for processing, but we do not have to stop the processing if we can demonstrate compelling legitimate grounds for the processing (taking into account our processing activities, the nature of our business and our legitimate interests) and that these grounds override your interests, rights and freedoms or in the event that we need the personal data for the establishment, exercise or defence of legal claims. To enable us to consider any objection we will need to know what specific interests, rights or freedoms relating to your particular situation you believe will potentially be put at risk by our processing. If we do stop processing your personal data, this may affect our ability to deliver our service to our Clients and you.
Right to Portability
In certain circumstances, you can request that we provide to you your personal data in a commonly used format. If you wish to make such a request you can email our Data Protection Team on firstname.lastname@example.org.
Right to Complain to the Information Commissioner
You have the right to lodge a complaint with the Information Commissioner and more details can be found on their website www.ico.org.uk.
How To Contact Us
If you have any queries about how we use your information or on data protection generally please send an email to email@example.com or write us at the Data Protection Team, Second Floor, Atlantic Pavilion, Albert Dock, Liverpool, Merseyside, L3 4AE.
What are Cookies?
Cookies are small files downloaded to a device when websites are accessed. Cookies are used to store statistical information about users between sessions.
Mostly, cookies complete convenient tasks such as populating forms, keeping track of username so that users do not have to log into a website every time it is visited, and storing usage preferences.
Where used, these cookies are downloaded automatically, and stored on your computer.
Cookies are widely used to make websites work efficiently and to provide service information to the owners of the site.
Cookies & How We Use Them
We use the following cookies for the following purposes:
- Strictly necessary cookies. These are cookies that are required for the operation of our site. They include, for example, cookies that enable you to log into secure areas of our site.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our site when they are using it. This helps us to improve the way our site works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our site. This enables us to personalise our content for you and remember your preferences.
- Targeting cookies. These cookies record your visit to our site, the pages you have visited and the links you have followed to allow us to improve the page layout and navigation preferences.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
In order to optimise our service we apply Google Analytics and our own statistical analyses.
- Google Analytics is a web analysis service provided by Google, which is used for purposes of market research and ensuring that the service meets user requirements. Google Analytics uses "cookies", which are placed on your computer to make it possible to analyse how you make use of the service. The information generated by the cookies about your use of the service (including your pseudonymised IP address) is as a rule transmitted to and stored by Google on servers in the United States . Google uses this information in order to evaluate your use of the service and to create reports on activities for the operator of the service. Google may also transmit this information to third parties if this is prescribed by law, or if third parties process the data on behalf of Google. On no account will Google connect your IP address with other Google data. At https://tools.google.com/dlpage/gaoptout you can, with effect for the future, opt out of the recording and saving of your data at any time. In addition we use Google Analytics remarketing and reports on demographic features and interests in order to display to website visitors relevant advertisements on the partner websites of the Google display and search network. The saving of cookies makes it possible to analyse user behaviour and activate interest-based advertising.
- A number of websites provide detailed information on cookies, including AboutCookies.org and AllAboutCookies.org.
- The European Interactive Digital Advertising Alliance website Your Online Choices allows you to install opt-out cookies across different advertising networks.
- Google has developed a browser add-on to allow users to opt-out of Google Analytics across all websites which use it. This is also available in the Chrome web store.
- Some browsers include a feature known as ‘Do Not Track’ or DNT. This allows you to indicate a preference that websites should not track you. However, whilst DNT is available in many browsers, websites are not required to recognise its request, so it may not always work. You can get help on how to use DNT in Microsoft Edge, Internet Explorer, Firefox, Chrome, Safari and Opera.
- Internet Explorer has a feature called Tracking Protection Lists which allows you to import a list of websites you want to block.
- For more information on how private browsing works as well as its limitations, visit the support pages for your browser: Microsoft Edge, Internet Explorer, Firefox, Chrome, Safari (mobile and desktop) and Opera.
We pride ourselves on our website security and we would like to give you some tips to keep your personal details safe, visit here for some simple steps that you can take to stay protected.