Cookies Policy
Introduction
Thank you for choosing Virgin Incentives.
This page provides the opportunity to understand how we collect, store and process your data – and to put your mind at ease with regards to the information you provide us.
Here at Virgin Incentives (“we”, “us”, “our”) we are committed to protecting your privacy and security online. You have control over the information we store about you and what types of information (if any) you would like to receive from us.
Please note, we may amend this Privacy Policy from time to time, so check back if you’d like to stay up to date, all changes will be posted here.
Who we are
Virgin Incentives is a division of Virgin Experience Days Limited
Registered office address: Stamford House, Boston Drive, Bourne End, Buckinghamshire, SL8 5YS.
Our website: www.virginincentives.com
Data Protection Officer: Our Data Protection Officer is our Chief Technology Officer. If you have any queries relating to our use of your personal information, this privacy policy or any other related data protection questions, please contact us via the Subject Access Request form.
Information you give us
You may give us information about you when contacting us on our site www.virginincentives.co.uk (Our Site) or by corresponding with us by phone, email or otherwise. This includes information you provide when you use Our Site, and when you report a problem with Our Site. The information you give us may include your name, address, email address and phone number.
What we may collect
We may collect and process the following data about you:
- information you submit to us on Our Site at any time
- a record of any correspondence between us
- details of your visits to Our Site and the resources you use
- information about your computer (e.g. your IP address, browser, operating system etc.) for system administration and to report aggregate information to our advertisers
Please note that we do not share customer details with any third parties without your consent.
Cookies
What are cookies?
Cookies are tiny files which websites use in order to work properly and provide important visitor data to us. They can be placed on your computer when you visit a website and help to make your web experience quicker, easier and tailored to you.
Session cookies are those which expire upon the closing of the web browser and persistent cookies are those which remain in place after a session has ended.
Types of cookies
- Essential cookies (ecommerce checkout and basket functionality, location targeting, device targeting).
- Website information cookies (enables us to understand traffic and visitor engagement levels to improve the quality of the website).
- Setting cookies (enables an improvement is usability by adapting font size, style and page layout).
- Advertising cookies (improve the quality of advert targeting, ensuring you see what’s most relevant to you).
Disabling cookies
If you would like to disable cookies, please follow the links below which are attributed to key browsers.
Chrome
Internet Explorer
Firefox
Safari
User agreement
By continuing to use our site, you agree to the placement of cookies on your device. If you choose not to receive our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be.
Processing your personal data
We may process your personal data in a secure manner that meets European Privacy Laws. As a company we process under the concept of ‘legitimate interests’. Therefore, when you provide your personal details to us, we ensure that your data is processed for a distinct purpose whilst ensuring that your interests, rights and freedoms have been thoroughly considered. We will not use personal data for activities where our business interests are overridden by the impact on your privacy or other interests.
We will carefully process the personal information you have supplied to us to conduct and manage our business, to provide relevant marketing communications, fulfil our service commitments and provide the best possible customer service whilst delivering a secure experience.
If you are not happy about the manner in which we process your data, the ‘your rights’ section of this page provides details on how you can withdraw from processing.
We will not transfer your collected data to storage outside the European Economic Area (EEA) in compliance with requirements set by the General Data Protection Regulation.
By giving us your personal data to fulfil your order or to allow us to provide services to you, we will endeavour to keep your data secure. We pursue ongoing improvement in the methods used to transfer and store data, ensuring that we align with industry standards.
Personal data may be stored securely on third party platforms which are used for marketing or operational purposes.
Retaining data
When storing data, we aim to retain the data for no longer than is necessary for the purpose in which it was obtained, with the objective to ensure the highest level of data accuracy. Where identified as inaccurate, data is either rectified or destroyed in a secure manner.
Data retention periods may vary between operational activities, with the business providing consideration as to the length of time data is held for on a case by case basis.
Regarding storage, there are several ways in which your data may be stored:
- Within cloud servers. When utilising platforms to fulfil our operational requirements, third party solutions may be used to store the data. As a company, we aim to utilise partners who have data centres within the European Economic Area (EEA).
- Within physical servers. We maintain several physical servers which are securely located at our Head Office.
- Hard copy, where hard copies of data are retained, they are kept in a secure and clean environment.
Data sharing
We avoid sharing your personal data with third parties for marketing purposes, unless you have provided explicit consent for us to do so.
We may disclose your information in the following cases:
- To develop and create an improved customer experience. Often, this data is anonymised anyway.
- For a supplier to fulfil your experience gift operationally.
- We can disclose it if we have a legal obligation to do so, or to protect your or other people’s property, safety or rights.
- We can exchange information with specific third parties to protect against fraud or credit risks.
Where data is transferred between systems, we ensure an encrypted connection is utilised. We are PCI (The Payment Card Industry Standard) compliant when taking payments via the web, with all payment partners meeting the highest level of compliance (Level 1). All of our associated websites maintain valid SSL certificates to allow secure connections from the web server to your browser, you will notice the padlock symbol is present within your search bar when browsing.
Your rights
In line with the General Data Protection Regulation, you have the following rights:
- Subject access request – To see what information we hold on you, use our Subject Access Request form to complete the application.
- Right to be forgotten – Once you know what personal information we hold on you, you can request us to delete the relevant information, use our Subject Access Request form to complete the application.
- Right to object from us processing your data – You can object to processing from direct marketing communications using our unsubscribe form. For other types of processing, please complete our Subject Access Request form.
- Right to correct your data – Once you have completed a Subject access request, if any of your personal data we hold isn’t accurate, let us know and we’ll get it updated for you.
We aim to comply with legislation and respond within thirty days of receiving personal data requests. These requests are handled by our Business Support department.
Third parties seeking access to an individual’s data should initially contact the individual regarding such requests.
Supervisory authority
We adhere to guidance from the ICO (Information Commissioner’s Office), they are the UK’s independent body that have been set up to uphold information rights. The ICO have stated that In line with the GDPR, details we provide to you about how we process personal data must be:
- Concise, transparent, intelligible and easily accessible.
- Written in clear and plain language.
- Free of charge.
If you have a concern about information practices, you can raise your concerns with the ICO.