This Privacy Notice provides details of the personal data we collect from you, what we do with it, how you might access it and who it might be shared with.
We are committed to protecting your privacy. In general, we will ask you when we need information that personally identifies you or allows us to contact you. The amount of personal information you are required to supply will normally be limited to that which is necessary to supply the service or carry out the transaction that you have requested. If other information is requested, it will be labelled as optional.
What we do With Your Personal Data
We process personal data only for the purpose for which they are collected. The purpose is dependent on whether you use only our website, or additionally, our services. If you use our services, you are required to register, and we collect your personal data. We use this personal data for the provision of the service or the performance of the contract. We may use your personal data for other similar purposes, including marketing and communications, but that will only occur in the case we have your consent or another legal justification for doing so.
From our Customers / Clients we process and retain personal data for the following purposes and periods, with the applicable legal basis.
The processing of subject data is done for contact management, sales and distribution of products and services, as well as for communication and marketing. These steps are required prior to a contract with the data subject, and retention of such data for a maximum of six years, or what is required for tax and legal purposes.
From our Contractors we process and retain personal data for the following purposes and periods, with the applicable legal basis.
Organisation’s administration and management, and these steps are required prior to a contract with the data subject. The data is retained for a maximum of six years, or what is required for tax and legal purposes.
What Personal Data do we Collect?
The personal data we collect depends on whether you just visit our website or use our services. If you visit our website, you do not need to provide us with any personal data. However, your browser transmits some data automatically, such as the date and time of retrieval of one of our web pages, your browser type and settings, your operating system, the last web page you visited, the data transmitted and the access status, and your IP address.
If you use our services, personal data is required to fulfil the requirements of a contractual or service relationship, which may exist between you and our organization.
We collect various information depending on the requirements i.e Member joining our group, supplier information, clients entering a Blue Bottle competition.
Information collected may include any of the following:
Email, Social Network
Telephone contact details
Who Might we Share Your Personal Data With?
To maintain and improve our services, your personal data may need to be shared with or disclosed to service providers, other Controllers or, in some cases, public authorities. We may be mandated to disclose your personal data in response to requests from a court, police services or other regulatory bodies. Where feasible, we will consult with you prior to making such disclosure and, to protect your privacy, we will ensure that we will disclose only the minimum amount of your information necessary for the required purpose.
How do we Look After Personal Data?
We limit the amount of personal data collected only to what is fit for the purpose, as described above. We restrict, secure and control all our information assets against unauthorised access, damage, loss or destruction; whether physical or electronic. We retain personal data only for as long as is described above, to respond to your requests, or longer if required by law. If we retain your personal data for historical or statistical purposes, we ensure that the personal data cannot be used further. While in our possession, together with your assistance, we try to maintain the accuracy of your personal data.
How Can You Access Your Personal Data?
You have the right to request access to any of your personal data we may hold. If any of that information is incorrect, you may request that we correct it. If we are improperly using your information, you may request that we stop using it or even delete it completely.
If you would like to make a request to see what personal data of yours we might hold, you may make a request from our company website.
Where you have previously given your consent to process your personal data, you also have the right to request that we port or transfer your personal data to a different service provider or to yourself, if you so wish.
Where it may have been necessary to get your consent to use your personal data, at any moment, you have the right to withdraw that consent. If you withdraw your consent, we will cease using your personal data without affecting the lawfulness of processing based on consent before your withdrawal.
The Blue Bottle Group does not make use of “cookies” except to compile aggregated statistics about web site usage. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you or your computer and can only be read by a web server in the domain that issued the cookie to you.
While they are only used for internal tracking purposes, you have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
In our regular mailings, we use technology to help track interest in our features, to help us improve our service and the content we share with our subscribers.
We are committed to maintaining the confidentiality, integrity and security of personal information and we will take all appropriate technical and organisational security measures to ensure that where any personal information is provided to us it will be protected against loss, destruction and damage, and against unauthorised or accidental access, processing, erasure, transfer, use, modification, disclosure or other misuse.
We shall not disclose to any person any personal data of a data subject that is processed or hosted by us where any such disclosure would not comply in all respects with the provisions of any applicable data protection legislation or regulations relating to the data subject concerned.
A User’s phonebook, message content and MSISDNs indicating to whom messages were sent to or received from belong exclusively to that User and will not be disclosed to any third parties without the user’s written permission or unless compelled to do so by a court of law.
Where the personal data of any EU member state subject is transferred to the Blue Bottle Group in a non-EU member state for processing, the Blue Bottle Group undertakes to ensure technical and organizational security measures that provide a level of protection appropriate to the risks represented by the processing of such data and in order to protect such data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access or any other unlawful form of processing.
Any recipient of any message has the right to know the identity of the sender, and this will be disclosed on request to the recipient.
Our Users may be required to submit limited personal information when accessing the Services including a username, email address and password for the purposes of protecting User accounts against unauthorized access. In addition, messages, files or other data contained in the Services may contain the personal information of third parties.
We may automatically record certain information about the use of our Services such as account activity (e.g. usage, log-ins, actions taken), data displayed or clicked on (e.g. GUI elements, links), and other log information (e.g. browser type, IP address, date and time of access).
We may use this information to provide authorized persons with usage reports and internally to deliver the best possible service to our clients and Users, such as improving software user interfaces and maintaining a consistent, reliable and secure user experience.
We may also detect and log a User’s location and IP address to identify the User’s geographic region or time zone for routing traffic to geographically based servers or for managing time-sensitive tasks like the sending of notifications.
Like many reputable companies, our Services, including our website, other online services, applications, email messages and advertisements, if any, may use “cookies” and other technologies such as pixel tags and web beacons to collect information. A cookie is a small data file stored on the web browser on your computer’s hard drive. Cookies and other technologies allow us to count how many Users visited certain web pages within our web site, their personal preferences and to measure the effectiveness of our website and electronic advertisements for different computing devices and regions.
We use this information to understand and analyse trends, to administer our websites and to learn about user behaviour on our websites. If a user blocks cookies from being stored on a computer, the functionality of our Services may be negatively affected.
We may carry out and perform functional, statistical, textual, semantic and other forms of analysis of non-personally identifiable data that is hosted or processed by us in relation to our Services. We do this to improve the performance of our Services, to understand the way in which our Services are being utilised, to identify usage patterns, market trends, to gain insights and to formulate new products and service offerings. We may also process, aggregate and anonymize personal data such that it does not reveal any confidential, personal or sensitive data or any features from which confidential, personal or sensitive data may be ascertained. We will never disclose confidential, personal or sensitive data without the direct or indirect consent of the party to whom we owe the duty of confidentiality and/or the data subject concerned. We may process and transfer anonymized data in our reasonable discretion including within the Licensor’s group of companies.
Third Party Processing
Where we make use of third party service providers to help us provide the Services to you, including for the purposes of retrieving or delivering information, records, notifications or other messages to you or any User’s or for hosting or providing any component of our Services, we require such third parties to maintain the confidentiality of any personal information we provide to them for these purposes. Some of these third parties may be situated outside of your country and you consent to your personal data and that of any data subjects you provide to us being transferred cross-border so that we can provide the Services to you. In this regard, we engage only with reputed third-party service providers who have security and privacy policies and procedures providing at least the same level of protection as we do ourselves. You warrant that you have all necessary permissions to give us the above consent.
We may share data, including Personal Data, collected from Users of our Services with third-party service providers or consultants who require access to that data to perform their work on our behalf for helping us deliver our Services. These third-party service providers or consultants are limited to only accessing or using this data to provide the services to us and must provide reasonable assurances that they will appropriately safeguard the data. We may also share non-personal or non-identifiable information, including website visitor information and account usage data with third party analytics service providers.
Communications with You
We may communicate with User’s and other persons by email and other messaging applications. You may opt out from promotional communications from us that are not strictly related to the provision of the Services to you.
Personal Information of Minors
We do not intentionally collect personal identifiable information from anyone who is a minor. If it is discovered that we have unintentionally collected personally identifiable information from a minor other than for a legitimate purpose associated with the Services, we will delete that information immediately.
Revisions and Termination
If the Blue Bottle Group merges with, or is acquired by, any other business, you acknowledge that your personal information may fall under the control of another person.
If you terminate your relationship with The Blue Bottle Group, portions of your personal information may be retained in back-ups and archives for as long as is reasonably necessary to assist us in meeting our legal compliance obligations.
Questions and Comments