We (and other organisations that we work with, such as our suppliers and service providers) may collect personal data in a variety of ways including:

 

Directly from you:

Information such as name, address, telephone number and bank details, as well as other information, such as your website registration details and preferred means of communication, may be collected when you voluntarily provide this information to us (for example when you register on the site, search for a product/service or make a purchase, leave a review or call our customer service line);

From other sources: We work closely with third parties providing services to us (including, for example, business partners, sub-contractors providing technical, payment and delivery services related to our products or services, advertising networks, social networking platforms, analytics providers, search information providers) and we may also receive information about you from them; If you connect your social media accounts via our website or any of our apps, certain personal data from your social media account will be shared with us which may include personal data that is part of your profile or your friends’ profiles; In some circumstances related to a particular transaction, we may obtain data from public databases or credit reference agencies; and We may combine information that we collect about you from other sources with the information that you give to us directly. We may use this combined information as described in this policy;

Cookies:

Our site uses cookies to recognise you when you visit and use the site. This helps us to provide you with a good experience when you browse our site and also allows us to improve our site. For more information on the cookies we use and the purposes for which we use them, please see our Cookie Policy.  If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to decline the use of cookies. To learn more about this procedure and cookies more generally please visit the page provided by the Information Commissioner’s Office (ICO); and

Through your browser or device or through our servers:

Certain information is collected by most browsers or automatically through your device, and we also collect your IP address (this enables to recognise your computer or device when you use the site) via our server log files.

How do we use personal data, and why?

 

We use your personal data for a variety of purposes related to the products and services that we provide.  From a legal perspective, there are various reasons for doing so. We have set out an explanation of this below.

For purposes related to the provision of the products and services that we may offer:

to provide you with the information, products and services that you request or purchase from us (i.e. to complete certain tasks, processes or transactions on our website or within any of our apps, to take payments online (where applicable) and to deliver your products or services), and to communicate with you regarding the products and services that we offer and to respond to your questions and comments; to measure customer satisfaction and provide improved customer service support ;to send product or service related information to you and to send you administrative information such as changes to our terms, conditions and policies.  It’s really important that we are able to send you this kind of information and so we do not give you the option to opt-out of receiving these communications (but we will keep such communications to a minimum);to allow you to participate in interactive features of our services, when you choose to do so; possible credit checking of your account with us if you have a credit limit applied to your account or do not pay immediately on order.

We use your data in this way either because we have a contract with you (for example, a contract to provide products or services to you) or because it is in our legitimate interests to do so (for example, it is in our interests to measure customer satisfaction and ‘troubleshoot’ customer issues) but we will always ensure that your rights are protected.

For advertising and marketing purposes, including to measure how effective our marketing is:

to contact you and let you know about other products and services we (or any other member of our group) may offer from time to time and which we believe you might want to hear about (i.e. to send you marketing materials that we believe will be of interest to you).  If you would prefer us not to use your data in this way please contact us in one of the ways specified at section 5 below; to measure the effectiveness of our marketing campaigns and our advertising (i.e. so that we can tell what interests our customers and what doesn’t);to make recommendations to you and other users of our site about products or services that may interest you or them; for information on how we use cookies, please see our cookie policy.

In order to contact you directly with marketing (particularly electronically), we will make sure that we have your consent.  In other scenarios (for example, serving online adverts to you or measuring the effectiveness of our marketing), we will rely on our legitimate interests as a business, always ensuring that your rights are protected.

For administrative and internal business purposes:

to ensure that content on our site is presented in the most effective and relevant manner for you and for your device and to tailor the site’s experience and content based on the way that you use the site; to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; for our internal business purposes, such as analysing and managing our businesses, audits, developing new products or services, enhancing our site, improving our services and products and identifying usage trends.  For these purposes, your personal data will be aggregated and looked at on a statistical basis; we may record calls and use this data for training and quality assurance purposes (where your call is to be recorded, you will be informed of this at the beginning of the call).

It is in our legitimate interests as a business to use your data in this way.  For example, we have a clear interest in ensuring that our site works properly and that our products and services are high quality and efficient. We will always ensure that your rights are protected.

For security and legal and compliance purposes:

as part of our efforts to keep our site safe and secure; to detect or prevent fraud or other illegal activity; as we believe to be necessary or appropriate in each case in order to comply with laws or legal process (including laws or legal process in other countries);to protect our rights or property (or the rights or property of others) and to enforce our rights and pursue available remedies.

In some cases, we will need to use your personal data to fulfill a legal obligation (for example, if we receive a legitimate request from law enforcement agencies), and in other cases (such as the detection of fraud or ensuring the security of the site) we will rely on our legitimate interests as a business to use your data in this way.

International transfer of your data:

Some of the processes involved in our use of your personal data may require your data to be stored or processed in countries outside of Europe.  For example, your data may be held in countries outside of Europe as a result of third party data hosting agreements.

Whenever we send (or permit a third party to send) your personal data outside of Europe, we will make sure that we take steps necessary to protect your data as required by applicable laws.  For example, we may implement specific contract terms or we may rely on service providers who adhere to certain compliance programmes overseas, or we may select service providers based in countries with strong local laws to protect your personal data.

How do we share your personal data?

We will never sell, rent or swap your personal data or give it to anyone else for them to use for their own purposes without making that clear to you.  There are, however, various ways in which we will share your data, as set out below:

1. Sharing with organisations providing services to us:

We engage various third parties to provide services to us for specific functions, and this will often mean that we need to share your personal data with them (it is in our legitimate interests to do so, since we may not have the capabilities to provide these services ourselves).  In each case, we will ensure that these third parties are only allowed to use your personal data in order to provide the relevant services to us.  We will always make sure that we use organisations that we trust to look after your personal data appropriately and as required by applicable laws.

Some examples of these third parties will include: coffee machine installation, removal and servicing, health and safety auditing, distribution services, credit card processing services, order fulfilment, analytics, website management, information technology and related infrastructure provision, customer service, e-mail service providers for sending transactional and marketing emails, auditing, and other similar services.

2. Sharing data with online advertising related service providers:

We may from time to time work with online advertisers, social media platforms and advertising networks to deliver, tailor and measure marketing communications and advertising to you and others, both on the site and elsewhere on the internet (including on social media platforms such as Facebook and Twitter).  We also use various Google tools to deliver, measure and tailor our online marketing communications and advertising.

The personal data that these third parties see would never include information such as your bank, credit / debit card or full address details – it relates only to online identifiers such as IP address, data from cookies or similar technologies, or other device related usage information.

Similarly, we may share certain online identifiers with analytics and search engine providers that assist us in the improvement and optimisation of our site.

You can choose not to allow your data to be used to deliver targeted advertising by changing your settings within social media platforms and via Google’s own Ads Settings.  You can also contact us in one of the ways specified at section 5 below if you would prefer us not to use your data in this way.

3. Sharing data in connection with changes to our group structure or the ownership of our business:

All customer data held by us is considered our property.  Accordingly, if we sell or propose to sell our business or part of it, we may need to disclose your personal data to prospective buyers.

Similarly, if there are changes to our group structure or if our ownership changes, we may need to disclose your personal data to the new owners or operators of this site or any of our apps as part of that process.

4. Sharing data to comply with laws:

There may be scenarios where we are subject to a legal obligation to disclose or share your personal data, such as with law enforcement agencies or public authorities in order to prevent or detect crime.

5. Sharing data with carefully selected third parties:

There may be occasions where we agree with you that your personal data can be shared with carefully selected third parties who may offer products or services which may be of interest to you.  Where we seek to do so, we will ensure that we have your specific, informed and affirmative consent to do so but please rest assured that your consent may be equally withdrawn at any time, simply follow the instructions given at the time of the marketing communication (e.g. clicking an ‘unsubscribe’ button or contact us in one of the ways specified at section 5 below).

Security and retention of your personal data

(i) Security of your personal data:

We take the security of your data very seriously.  We have implemented various strategies, controls and measures to keep your data secure and keep these measures under close review.  In addition, we ensure that any payment transactions will be encrypted using SSL technology, and that all payment card data is protected according to industry approved security controls (the Payment Card Industry Data Security Standard).

There are ways that you can help – for example, where we have given you (or where you have chosen) a password which enables you to access certain parts of our site or any of our apps, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

(ii) Retention of your personal data:

In broad terms, we will only retain your personal data for as long as is necessary for the purposes described in this privacy policy.  This means that the retention periods will vary according to the type of the data and the reason that we have the data in the first place.  For example, some transaction data will be kept for a number of years in order to comply with various finance and tax related legal obligations.  Other transaction data may be kept for a different period because it is in our legitimate interests to do so in order to provide appropriate customer service.

We have a detailed internal retention policy that sets out varying retention periods for different categories of data depending on our legal obligations and whether there is a commercial need, such as answering customer account queries. After a retention period has elapsed, the data is securely deleted.

(iii) Accuracy of your personal data:

You can help us keep our records up to date by telling us when your contact details and other personal information changes.  If you tell us of any changes (either to your personal information or how you wish us to contact you from time to time) it may take a short while for such changes to take effect but rest assured that we respect your rights and will endeavour to carry out such changes as soon as possible.

 

The law gives you a number of rights in relation to your personal data and our use of it.  You have the right:

(a)to ask us not to use your personal data for direct marketing purposes;

(b)to ask to see what personal data we hold about you and to find out about the way that we process the data (and in some circumstances, you can ask us to provide a copy to a third party);

(c)to ask us to correct or update any personal data which is inaccurate;

(d)to ask for personal data to be deleted in some (but not all) circumstances where there is no good reason for us to continue to use it;

(e)to ask us to temporarily stop using your data if you don’t believe that we have a right to use it, or to stop us from using your personal data where there is no good reason for us to continue to use it; and

(f)not to be subject to decisions made solely on the basis of ‘automated processing’ (i.e. the right not to be subject to decisions made solely by algorithms or computers without input from a human) in certain circumstances.

If, at any time, you would like to exercise any of the rights listed above, or if you have any queries or concerns about the way that we use your personal data (or any questions about this privacy policy), you can contact us by email at coffee@jacksbeans.co.uk, by clicking the unsubscribe link on the Jacks Beans website, by phone on 0845 128 8888 by writing to us at the Unit 7, 1 Ward Street, Alloa Industrial Estate, Alloa, FK10 1ET.

You also have the right to complain about our use of your personal data.  You can contact the Information Commissioner’s Office via their website: https://ico.org.uk/concerns/  or by calling 0303 123 1113.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this site.  We may also email you with any changes if we have your email address.  Please check back frequently to see any updates or changes to our privacy policy.