Beno Foods UK

Privacy Notice

This privacy notice explains how your data is collected, used, transferred and disclosed by www.benofoods.co.uk. It applies to data collected when you use our websites, iOS and android applications, when you interact with us through social media, email, or phone, or when you participate in our competitions or events. It covers:

  • The personal data we collect
  • How we collect your data
  • How we use your data
  • How we share your data
  • Changes to this privacy notice
  • How to contact us

1. WHO ARE BENO FOODS

www.benofoods.co.uk is a site operated by CTS Ventures Limited (“We”). We are a limited company registered in England and Wales under company number 07046196.

2. THE PERSONAL DATA WE COLLECT

The following groups of personal data are collected:

  • Identity Data includes information such as: first name, last name, title, date of birth (optional), occupation, personal description, photo and gender.
  • Contact Data includes information such as: email address, billing address, delivery address, location, country, telephone number, loyalty programme membership number, and social media id (if you log in by social media).
  • Financial Data includes information such as: payment card details and bank account.
  • Transaction Data includes information such as: details of your purchases and the fulfilment of your orders (such as basket number, order number, subtotal, title, currency, discounts, shipping, number of items, product number, single item price, category, tax etc.); payments to and from you and details of other products and services you have obtained from us, correspondence or communications with you in respect of your orders, and details of any rewards and bonuses awarded.
  • Technical Data includes information such as: details of the device(s) you use to access our services, your internet protocol (IP) address, login data, your username and password, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform.
  • Profile Data includes information such as: purchases or orders made by you, product and style interests, preferences, feedback, and survey responses.
  • Usage Data includes information such as: how and when you use our website/app, how you moved around it, what you searched for; website/app performance statistics, traffic, location, weblogs and other communication data; loyalty programme activities; and details of any other www.benofoods.co.uk products and services used by you.
  • Marketing and Communications Data includes information such as: your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

3. HOW WE COLLECT YOUR DATA

  1. Direct interactions where you give us Personal Data such as your address, identity and marketing data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes Personal Data you provide when you:
  • apply for our products or services;
  • create an account on our website;
  • subscribe to our service or publications;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • give us some feedback or raise a concern or complaint.
  • In addition, if you contact us by phone, email or otherwise, we may keep a record of that correspondence.
  • Automated technologies or interactions – as you interact with our website, we may automatically collect the following types of data (all as described above): Technical Data about your equipment, Usage Data about your browsing actions and patterns, and Contact Data where tasks carried out via our website remain uncompleted, such as incomplete orders or abandoned baskets. We collect this data by using cookies, server logs and other similar technologies. Please see our Cookies Policy for further details.
  • From third parties and publicly available sources
  • Technical Data from analytics providers such as Google;
  • contact, financial and transaction data from providers of technical, payment and delivery services;
  • identity and contact data from data brokers or aggregators; and
  • Technical Data from affiliate networks through whom you have accessed our website;
  • Identity and Contact Data from social media platforms when you log in to our website using such social media platforms;
  • identity and contact data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.

4. HOW WE USE YOUR DATA

The legal basis for processing your personal data

We will only collect and process your personal data where we have a legal basis to do so. As a data controller, the legal basis for our collection and use of your personal data varies depending on the manner and purpose for which we collected it.

Generally, we do not rely on consent as a legal basis for processing your Personal Data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us at: GDPR@ctsventures.co.uk.

4.2 USES MADE OF YOUR PERSONAL DATA

Your personal data is used to support a range of different activities. These are listed in the table below together with the types of data used and the legal bases we rely on when processing them, including where appropriate, our legitimate interests. Please be aware that we may process your personal data using more than one lawful basis, depending on the specific activity involved. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To create an account and register you as a new customer (either directly or via social media). Identity Contact Performance of a contract with you
To process and deliver your order including: recording your order details; keeping you informed about the order status; process payments and refunds, collect money owed to us; and automated decision making to assist fraud prevention and detection. Identity Contact Financial Transaction Performance of a contract with you Necessary for our legitimate interests (e.g. to recover debts due to us) For automated decision making we consider that fraud detection and prevention is in our legitimate interests to ensure that fraudulent transactors are unable to benefit from our services and in the legitimate interest of the public as a whole due to the impact of fraud on the consumer market; we also consider it a necessary element of entering into a contract with you that we are able to verify your identity and prevent fraud.
To manage our relationship with you, including: providing you with any information, products and services that you request from us; notifying you about changes to our services, terms and conditions or privacy notice; asking you to leave a review or take a survey. Identity Contact Profile Marketing and Communications Performance of a contract with you Necessary for our legitimate interests (to keep our records updated and to study how customers use our products and services)
To enable you to take part in a competition, event, survey, or receive a reward for shopping with us. Identity Contact Profile Usage Marketing and Communications Necessary for our legitimate interests (to study how customers use our products and services, to develop them and grow our business) Where you have decided to enter into a competition or event, for the performance of a contract with you
To administer, protect and improve our business and our website/app, including: troubleshooting, data analysis, testing, system maintenance, support, data analysis, reporting and hosting of data; setting default options for you, such as language and currency.  Identity Contact Profile Technical Transaction Marketing and Communications Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, and to detect and prevent fraud) Necessary to comply with a legal obligation
To deliver relevant website content, online advertisements and information for you; and measure the effectiveness of the advertising provided. Identity Contact Profile Usage Marketing and Communications Technical Necessary for our legitimate interests (to study how customers use our products and services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to: improve our website, products, services, marketing, customer relationships and experiences; and for market research, statistical and survey purposes. Technical Usage Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To recommend products, services discounts and offers that may be of interest to you, including to send you such information by email, post or SMS. Identity Contact Technical Usage Profile Marketing and Communications Necessary for our legitimate interests (to develop our products and services and grow our business) or Consent.
To inform or remind you by email of any task carried out via our website which remains uncompleted, such as incomplete orders or abandoned baskets. Identity Contact Usage Necessary for our legitimate interests (to improve the shopping experience of our customers)
To protect our customers, BenoFoods and website from fraud and theft. Identity Contact Profile Necessary for our legitimate interests (to detect and prevent fraud)

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we wish to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. We may process personal data without your consent, in compliance with the above rules, where this is required or permitted by law.

5. DATA RETENTION

We will keep your personal data for no longer than is necessary for the purpose(s) it was provided for and to meet our legal obligations. Further details of the periods for which we retain data are available on request, by contacting us at: GDPR@ctsventures.co.uk.

6. CHANGES TO THIS PRIVACY NOTICE

From time to time we may change this privacy notice.

7. SHARING YOUR DATA WITH THIRD PARTIES

We may share your data with third parties, to business partners, suppliers, sub-contractors and other third parties that we use in connection with the running of our business for the purposes set out in the table above in the section ‘How we use your data’, such as third party payment processing services (including Worldpay, Paypal) including other companies within CTS Ventures and with third-party service providers who provide services to us as further explained below.

Where we provide Personal Data to contractors and suppliers who provide services to us, including assistance with the processing activities set out in this notice, we will enter into a data processing agreement (including provisions required by GDPR) with those contractors and suppliers.

In order to fulfil our legal and other obligations and in connection with our rights including protection of our legitimate interest, we reserve the right to disclose Personal Data (or Special Category Data as appropriate) to law enforcement agencies, regulatory bodies, government agencies and other third parties as required by law or for administrative purposes (for example, HM Revenue and Customs in the UK) and to the extent that local law allows and/or requires this.

We may transfer Personal Data to other CTS Ventures companies, partners, suppliers, law enforcement agencies and to other organisations that are located outside the EEA for the purposes of:

The laws of some jurisdictions outside the EEA may not be as protective as Data Protection Laws in the EEA.  CTS Ventures will ensure that, for such jurisdictions, appropriate measures are in place for compliance with Data Protection Law in relation to transfer of Personal Data to those jurisdictions.

8. RIGHT TO LODGE A COMPLAINT

If you have any concerns or complaints regarding the way in which we process your data, please email us directly at GDPR@ctsventures.co.uk. You also have the right to make a complaint to the ICO (the data protection regulator in the UK). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do contact us in the first instance.

9. CONTACT US

If you wish to contact us in respect of our site, please contact us at GDPR@ctsventures.co.uk. Thank you for visiting our site.