Youatwork Limited (Registered in England with number 4234654) and Youatwork Financial Services Limited (Registered in England with number 6503351) (each a "Company") of Unit 8, Grange Park, The Broadway, Bourn, CB23 2TA are committed to ensuring that your privacy is protected.
Youatwork Limited works with multiple partners. To see who your Data Controller is please sign in to your portal.
This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we'll store and handle that data, and keep it safe.
We know that there's a lot of information here but we want you to be fully informed about your rights, and how we use your data.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
It's likely that we'll need to update this Privacy Notice from time to time. We'll notify you of any significant changes, but you're welcome to come back and check it whenever you wish.
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, the ones that we use for your data are:
In specific situations, our clients, the Data Controllers, require us to process your data to pursue their legitimate interests in a way which might reasonably be expected to offer you our services. We take great care to ensure this does not materially impact your rights, freedom or interests.
- Once you have selected your employee benefits, we will need to pass your details on to the benefit provider.
- In order for you to take up the offers on our Discounts page, we pass on your details to our discounts partner.
- If you order an item from one of our offers, we’ll collect your payment and address details for the provider to fulfil your purchase.
- To protect our business and your account from fraud and other illegal activities. This includes using your personal data to maintain, update and safeguard your account.
In specific situations, we can collect and process your data with your consent.
- In order to create an account to order a gift card.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
4.1 Processed for specified, explicit and legitimate purposes
We only process personal data for the specific purposes set out in this Policy (or for other purposes expressly permitted by the Regulation). We will only collect and process personal data for and to the extent necessary for the specified purpose(s).
When you register to use our site we will request information from you including your name and e-mail address. We may also request other limited information about you such as your date of birth or your payroll ID to verify your identity. We use these details to protect your account and ensure the details we have for you are correct. Our Customer Services team may ask you for some of these details to verify who you are when you contact us. We, our agents and subcontractors may check some of the information that you provide to us against third party databases to confirm that it is accurate.
We gather and use this information to allow us to process your registration and provide you with our services. We, our agents and subcontractors, partners and third parties that provide services to you may also use this information to communicate with you on any matter generally relating to the provision of our services. We do not capture any special category data.
Any calls that you make to our Customer Services team may be recorded and the information obtained used for the purposes of our business management, training and security. You will always be able to see and amend the registration information we hold about you by contacting us at Youatwork Limited, Unit 8, Grange Park, The Broadway, Bourn, CB23 2TA Or visiting your Profile page in 'My Account'
We may pass your personal data on to third-party service providers contracted to Youatwork. Any third parties that we may share your data with are obliged to keep your details secure, and to use them only to fulfil the service they provide you on our behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with their procedures.
5.1 Our use of information gathering technologies
We use analytics technologies to monitor usage of the website and report on website trends. The information recorded includes the address of pages that you visit, and the date and time of the visit.
We use this information for the purpose of evaluating use of the website on an aggregate basis, compiling and publishing summary reports on website activity to customers who have licensed the software provided via the website.
What is a cookie?
A cookie is a small text file that is sent to your browser and stored on your computer’s hard drive when you visit a website. Each time you use the same computer to access the website, our web servers will be notified of your visit, and in turn we may have knowledge of your visit and the pattern of your usage.
What types of cookies does the website use?
Some cookies are essential for the operation of our website. For example, when you log in, a cookie will help us recognise you as an existing user and show you the right information. If you choose to block them some aspects of the site may not work for you.
The following cookies are used on this website
|At end of session
|Used to maintain your session with the website.
|At end of session
|Used to maintain your secure session with the website.
|We use this cookie to save an optional persistent identifier so that the website can remember your user name between visits.
|1 hour since last request
|We use Zopim to provide live customer service chat. This cookie stores the Live Chat ID to identify the device during visits.
What kind of information is stored in the cookies?
Our cookies do not contain any personal information such as names, emails or credit card numbers.
How do I disable cookies?
Most web browsers allow you to refuse to accept cookies. You can also delete cookies already stored on your computer. You can find more information on how to control and remove cookies for the various versions of different browsers at https://ico.org.uk/your-data-matters/online/cookies/.
Blocking cookies will have a negative impact upon the usability of some websites.
We have implemented appropriate technical and organisational measures to secure against the loss of personal data or against any form of unlawful processing. Our web pages and emails are secured using Transport Layer Security (TLS), based on Secure Sockets Layer (SSL), a security protocol that provides communications privacy over the Internet in a way that is designed to prevent eavesdropping, tampering, or message forgery.
Only employees who need to access information about customers and their use of the system to perform their work are granted access to personal identifiable information.
We take security issues very seriously and abide by strict internal standards. We know how much data security matters to all our customers. With this in mind, we will treat your data with the utmost care and take all appropriate steps to protect it.
We secure access to all areas of our website using HTTPS technology. Access to your personal data is password-protected and secured by TLS/SSL encryption during transmission and at rest.
We regularly monitor our system for possible vulnerabilities and attacks, and we carry out regular vulnerability scanning to identify ways to further strengthen security.
You should ensure you keep your password confidential and remember to sign out when not using the site to prevent unauthorised access.
An overview of your different rights
You have the right to request:
- Access to the personal data we hold about you, free of charge in most cases.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
You can contact us to request to exercise these rights at any time as follows:
To ask for your information please email Customer Services.
To update any of your details, please log on to the site and update your personal information in the "My Account" section. Alternatively, you may let us know the correct details by sending a letter to Youatwork Limited, Unit 8, Grange Park, The Broadway, Bourn, CB23 2TA.
If we choose not to action your request, we will explain to you the reasons for our refusal.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.
We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request. To unsubscribe from our marketing emails please visit your profile page and turn off your subscriptions
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, so that it can be used in a non-identifiable way for statistical analysis and business planning.
Some examples of customer data retention periods:
When you place an order, we’ll keep the personal data you give us for five years so we can comply with our legal and contractual obligations. In the case of certain products, such as electrical and nursery items, we’ll keep the data for 10 years.
If you’re flagged as a leaver, your details will be flagged as inactive, We’ll delete or anonymise the personal data associated with it 6 months later.
Child Care Voucher accounts
Your details are kept for 7 years after you ask for the account to be closed because of HMRC reporting requirements
In the event that our business is sold or integrated with another business (such as in a joint venture arrangement) the details we have about you may be disclosed to our advisers and any prospective purchasers’ advisers, and will be passed on to the new owners of the business
The Company’s data protection registration is available to view on the ICO Data Protection Register
In the event that you wish to make a complaint about how your personal data is being processed by 'Youatwork' (or third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and your Data Controller's data protection representatives. If you do not have the contact details for your Data Controller please contact Customer Services.
This notice was last updated on 19th August 2021
Summary of updates
19th August 2021
This policy has been updated to reflect changes to our Gift Card Store Process and to update addresses and links.
10th May 2018
This policy has been updated to include changes we have made to comply with the General Data Protection Regulation which came in to force on May 25th 2018