Calcott Card Privacy Policy
Calcott Card Privacy Policy & GDPR Statement
Your personal details will be kept safe in password protected and encrypted databases on computers and servers only authorised users are allowed to access and process your information on.
The types of data we hold about you are:
- Contact Details (Name, postcode, email address and date of birth)
- Shopping history (this is connected to the card number and not your personal details)
Why do we hold this information?
This data enables us to:
- Register you on to our Calcott Reward Scheme
- Email your monthly offers to you
- Provide personalised discount vouchers
- Ensure the smooth running of the reward scheme
Where is this data stored
Your data is stored on separate systems. One is a secure remote server (Mailchimp.com) used to sign up for the card online and send emails containing discounts and offers), which is secured behind a password with 2 factor authentication. The other is our server onsite, which is used to run and administer the reward card system (Eureka 5 from Epos Bureau) and has a secure password.
Who will this data be shared with?
The following data only will be accessed by our reward card consultants Data Strategy Consulting:
- Shopping History
- Card number
How is this data processed?
This will be shared with ‘Data Strategy Consulting’ using a secure remote access program, Splashtop Business, to access the reward card system. Both the remote access program and the reward card system have different secure passwords, known only to them. We retain full control over the system at all times.
How long will we hold on to your data?
When you choose to leave the scheme (or your card is cancelled after 2 years of non use) your personal details will be immediately removed from our systems, both email and signup (MailChimp) and the reward card system Eureka 5.
Your shopping data is linked to your reward card number and not your personal details.
The anonymised shopping data will be held for the duration of the use of the scheme or until it is deemed as of no use.
Your rights to your data
The request has to be made in writing (either letter or email [email protected]) and a copy of the persons passport must be supplied to prove their identity. This is to prove that the request has been made by the person requesting the data.
The data will be supplied as you have requested, either paper (if available) or electronic.
Calcott Hall Ltd has 30 days to provide a copy of this information to you. This may be extended by up to 2 additional months should it be necessary. We must inform you within the first month that this is the case, informing you of the reasons why the extension is needed.
This will be free of charge, although additional copies of your data will carry a £10 charge.