Who is the Data Controller?
The Data Controller for this programme is [CLIENT, INCLUDING ADDRESS].
The contact details for the Data Protection Officer are:
[CLIENT’S DPO NAME, CONTACT DETAILS (ADDRESS, EMAIL)]
How do we use your personal data?
Personal data is only collected on this website with your prior permission, and is used for the execution of the contract of services. Your name, email address and other relevant information will be used to create a user account and enable us to provide you with the programme services. Personal data will only be used to fulfil the specific purposes of the programme and associated activities, including but not limited to points banking account management, fulfilment of rewards and communications.
We may change this policy from time to time by updating this page. You are advised to check it from time to time in order to ensure that you are aware of any changes and that they are acceptable to you.
What do we do with your information?
We may use information about you only for any of the following purposes:
- To register you on our website and to administer the programme website and services;
- For assessment and analysis of the programme performance and reporting to NFON;
- To enable us to monitor, review and improve the products and services which we offer; and
- For internal statistical user reporting
We will never share your personal information with any other third party, unless we have informed of the need to do so.
How do we collect that information?
We collect information about you using various methods including:
- When you submit it through this website;
- From information held and supplied by NFON; and
- When you telephone us or correspond with us by means other than through this website.
We may combine information that we collect about you through this website with information that you provide to us by other means.
How long do we keep your personal information for?
We will retain your personal information for the period that you are registered with this programme. Thereafter your data will be retained for 6 months to enable an orderly close of the programme for NFON and your transactional data for a period not exceeding 2 years. Thereafter, your personal information and data will be irretrievably deleted.
We will retain personal data essential for legal or regulatory purposes for the duration of the relevant requirements.
To whom do we disclose your information?
We will not disclose to any third parties, personal information data which relates to you without your prior consent, except:
- To NFON as defined above;
- Where it is necessary to enable any of our staff, employees, agents, contractors, suppliers or commercial partners to provide a service to us or to perform a function on our behalf (including fulfilling orders for products or services, supplying products or services that we provide on behalf of NFON and as part of this programme); or
- Where we have justifiable reason to consider disclosure of your information to other businesses, financial organisations or law enforcement agencies to be necessary or desirable with a view to the prevention or detection of fraud, or if we are required to or are permitted to by law.
Should the above involve the transfer of your personal information to a country outside of the EU, or to a non-EU-approved country, we will take commercially reasonable safeguards are in place with that third-party to protect your data to a level at least commensurate with that provided under the GDPR.
What rights do you have?
From May 2018, you have the following rights:
- The right to be informed. This Privacy Statement meets those rights;
- The right of access. You have the right to access the personal data that we hold about you;
- The right of rectification. You have the right to inform us of any changes to your personal information if it is inaccurate or incomplete;
- The right of erasure. You have the right to request the deletion or removal of personal data where there is no compelling reason for its continued processing;
- The right to restrict processing. You can request that we continue to store your personal data, but not to further process it;
- The right to data portability;
- The right to object. You have the right to object to processing on legitimate interests; and
- The right to lodge a complaint with a supervisory authority. The supervisory authority for the UK is the Information Commissioners Office (ICO). www.ico.org.uk / 0303 123 1113.
To exercise any of these rights, to opt-out of this programme, or in the event of a complaint, please contact the Data Protection Officer, Corporate Rewards Limited, 20 Timothy's Bridge Road, Stratford-upon-Avon CV37 9BF, or email
We will verify your identity and will not be able to provide information until we are satisfied that you have a right to this information. Any information will be provided to you within 30 days unless in exceptional situations where we may advise you of an extension of up to 60 days.
What are cookies?
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. The website that created the cookie can then access it at a later time to recover the information, for example for use on a different page.
Cookies are used both pre- and post-log in and the cookie is given a life based on system requirements, after which it expires.
This website may contain links to other websites which are completely unrelated to the activities involved in our business and are outside of our control. Whilst we try to ensure that we link only to websites which share our privacy and security standards, once you have left this website, we cannot be responsible for the protection and privacy of any information which you provide on other websites. You should exercise caution and review the privacy statement applicable to the website in question, prior to accepting the use of.