Privacy

Updated 24th May 2018.

Introduction

We are Prisons Org UK Ltd (also known below as POUK) – we publish Converse. This privacy notice is to let you know how we promise to look after your personal data. This notice explains how we do this and tells you about your privacy rights and how the law protects you.

POUK: Prisons Org UK, PO Box 679, Bury BL8 9RU, Registered in England and Wales No. 05949117 – Incorporated on 27 September 2006 – 19 North Street, Ashford, Kent, TN24 8LF

You can find out more about us at www.prisons.org.uk

If you have any questions or want more details about how we use your personal data, please let us know. Email customer.services@prisons.org.uk or call 0845 474 0013.

What personal information do we collect?

Technical

  • Details on the devices and technology you use

Communications

  • What we learn about you from letters, email, and conversations between us

Usage of data

  • Other data about how you use our products and services

Documentary data

  • Details about you that are stored in documents in different formats, or copies of them

Special types of data

The law and other regulations treat some types of personal data as special. We will only collect and use these types of data if the law allows us to do so:

  • Health data and gender – for refund purposes.
  • Criminal convictions and offences – for fraud prevention and criminal proceedings.

Consents

  • Any permissions, consents or preferences that you give us

What types of personal data do we use?

We use many kinds of personal data, and group them together like this.

Data we collect when you use our products, services and facilities:

  • Payment and transaction data
  • Profile and usage data (this includes your settings, marketing choices and data from the devices you use (such as a mobile phone or laptop) to use our online services (such as our website and mobile app). We also use Cookies and other internet tracking software to collect data while you are using our websites or mobile apps.
  • When you purchase or use our products and services
  • When you apply for a refund
  • When you talk to us on the phone or online
  • When you use our websites, mobile device apps or web chat services
  • In emails and letters
  • In customer surveys
  • If you take part in our competitions or promotions
  • Information you provide to us by filling in forms on our site
  • For loyalty scheme purposes
  • Through the recruitment process

Data from third parties we work with:

  • Card associations
  • Retailers
  • Social networks
  • Fraud prevention agencies
  • Market researchers
  • Government and law enforcement agencies

Who do we share your data with?

We may share your personal data with these organisations:

  • Regulators and other competent authorities
  • Fraud prevention agencies
  • Companies we have a joint venture or agreement to co-operate with
  • Market researchers
  • Companies you ask us to share your data with

How do we use your data?

Data Protection law says that we can use personal data only if we have a proper reason to do so. This includes sharing it outside POUK. The law says we must have one or more of these reasons:
  • To fulfil a contract we have with you
  • When it’s our legal duty
  • When it’s in our legitimate interest
  • When you consent to it.

A legitimate interest is when we have a legitimate business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.

Below is a list of all the ways that we may use your personal data, and which of the reasons we rely on to do so. Our legitimate interests are also below.

Serving our customers

What we use your personal data for:

  • To deliver our products and services
  • To manage our relationship with you or your business
  • To develop new ways to meet our customers’ needs and to grow our business
  • To develop and carry out marketing activities
  • To study how our customers use our products and services
  • To market our products and services

Our reasons:

  • Your consent
  • Fulfilling contracts
  • Our legitimate interests
  • Our legal duty

Our legitimate interests:

  • Keeping our records up to date
  • Working out which of our products and services may interest you and telling you about them
  • Developing products and services, and what we charge for them
  • Defining types of customers for new products and services
  • Seeking your consent when we need it to contact you
  • As an active customer to keep you informed about our latest offers, deals and competitions
  • Being efficient about how we fulfil our legal and contractual duties

Reducing crime and operating in a safe and lawful manner

What we use your personal data for:

  • To detect, investigate, report, and seek to prevent fraud
  • To manage risk for us and our customers
  • To obey laws and regulations that apply to us
  • To respond to complaints and seek to resolve them

Our reasons:

  • Fulfilling contracts
  • Our legitimate interests
  • Our legal duty

Our legitimate interests:

  • Developing and improving how we deal with fraud, as well as doing our legal duties in this respect
  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties

Operating our business effectively

What we use your personal data for:

  • To run our business in an efficient and proper way. This includes managing our business capability, financial position, communications, corporate governance, planning, and audit.

Our reasons:

  • Our legitimate interests
  • Our legal duty

Our legitimate interests:

  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties

Developing our products and services

What we use your personal data for:

  • To develop and manage our brand, products, and services
  • To manage how we work with other companies that provide products and services to us and our customers
  • To find people who might benefit from using our products and services

Our reasons:

  • Fulfilling contracts
  • Our legitimate interests
  • Our legal duty

Our legitimate interests:

  • Developing products and services, and what we charge for them
  • Defining types of customers for new products and services
  • Being efficient about how we fulfil our legal and contractual duties
  • Complying with regulations that apply to us

What happens if we send your data outside of the EEA?

We will only send your data outside of the European Economic Area (‘EEA’) to:

  • Comply with a legal duty
  • Provide our products and services

If we do transfer information outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. To do this, we will use one or more of these safeguards:

  • Only transfer it to a non-EEA country with privacy laws that give the same protection as the EEA, as deemed by the European Commission
  • Ensure that a contract with the recipient is in place that means they must protect it to the same standards as the EEA
  • Transfer it to organisations that are part of Privacy Shield. This is a framework that sets privacy standards for data sent between the US and EU countries.

You can find out more about these safeguards on the European Commission Justice and Information Commissioner’s Office (ICO) websites.

Here is a list of the services we currently use which are located outside of the EEA:

Service Provider

  • POUK

Purpose

  • Contact Centre
  • Telephone orders

Safeguards

  • Binding Corporate Rules
  • EU Model Clauses

Location

  • world-wide

What happens if you choose not to give us your personal data?

We may need to collect personal data by law, or under the terms of a contract we have with you.

If you choose not to give us this personal data, it may delay or prevent us providing our products or services to you. For example, not providing an email address would prevent us from providing you with any of our products.

Sometimes we might ask for information that is useful for us to know but is not required by law or a contract. When this is the case, we will make this clear by marking it as optional. You do not have to provide these extra bits of information, and your choice will not prevent us providing you with our products or services.

How do we use your data for marketing?

We may use your personal data to tell you about our relevant products, competitions and offers. This is what we mean when we talk about ‘marketing’. We may also use your data to help create a profile to find potential customers like you.

We will send you marketing based on what you tell us about yourself, data we collect when you use our services, and using information from third parties we work with. We use this information to get a view on what we think would interest you the most.

We will only send you marketing messages if we have either your consent or a legitimate interest. This is when we have a legitimate business or commercial reason to use your information that does not unfairly go against what is right and best for you.

You can ask us to stop sending you marketing messages by contacting us at any time by clicking unsubscribe at the bottom of any marketing email.

Whatever you choose for marketing, you’ll still receive service messages, such as when books are sent out to you or price or publication date changes.

How long will we keep your personal data?

We will keep your personal data for as long as you are a customer of POUK. The table below shows how long we keep which information, and our reasons why.

What data:

  • Personal data including transaction history and complaints

For how long:

  • Up to six Years after last contact

Our reasons:

  • Keeping our records up to date, working out which of our products and services may interest you and telling you about them
  • To respond to any questions, claims or complaints
  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties

What data:

  • Call Recordings

For how long:

  • 12 Weeks after recording

Our reasons:

  • Developing and improving how we deal with fraud, as well as doing our legal duties in this respect
  • Complying with regulations that apply to us
  • Being efficient about how we fulfil our legal and contractual duties

Do you want us to share what personal data we have about you, with you?

If you want us to share what information we have about you, please let us know.

If you do want to contact us, it would be helpful for us to complete your query if you provide us with your address, contact details and what you would like to have a copy of.

Sometimes you may be asked to provide proof of identity before we show you your personal data – this helps us prevent unauthorised access.

Is the personal data we have about you incorrect?

You have the right to question any information we have about you that you think is wrong or incomplete.

If you do, we will take reasonable steps to check its accuracy and correct it.

Do you want us to stop using your personal data?

You have the right to object to certain ways that we use your personal data, or to ask us to delete, remove, or stop using your personal data if there is no need for us to keep it. This is known as the ‘right to object’ and ‘right to erasure’, or the ‘right to be forgotten’.

In some cases, there will be legitimate, legal, or other official reasons for us to keep your data. But please tell us if you think that we should not be using it.

It may be possible for us to restrict the use of your data. This means that it would only be used for certain activities, such as legal claims or to exercise legal rights. If this was to happen, we would not use or share your information in other ways while it is restricted.

You can ask us to restrict the use of your personal data if:

  • It is not accurate
  • It has been used unlawfully but you don’t want us to delete it
  • It’s not relevant any more, but you want us to keep it for use in legal claims
  • You have already asked us to stop using your data but you are waiting for us to tell you if we can keep on using it

If you want to object to how we use your data, ask us to delete it or restrict how we use it, please contact us.

Do you want to withdraw your consent or object to when we use our legitimate interest for marketing?

You can withdraw your consent or object to marketing at any time. If this is the case, you can do this by:

  • Unsubscribing from an email you receive from us that contains the ‘unsubscribe’ link
  • Contacting us and informing us by phone or email

If you withdraw your consent, we may not be able to provide certain products or services to you. If this is so, we will tell you.

How to contact us

If you have any questions or want more details about how we use your personal data, please let us know. We’ve provided a few different ways for you to do this, so please pick the one you would prefer to use:

Email: Privacy Matters

Telephone: Customer Services 0845 474 0013

Address: Customer Services, POUK, PO Box 679, Bury BL8 9RU

You also have the right to complain to the Information Commissioner’s Office. You can use the relevant section of the Information Commissioner’s Office website to do this.

Cookies

So, what are Cookies exactly? Simply put, they’re tiny files automatically downloaded to any device you use when you visit our website (could be on your computer, tablet, mobile phone or more). They’re designed to make your visit quicker, easier, and better. They can also let us know how well our site is working, and tailor your experience on our website.

css.php