Privacy & Cookies PolicyUpdate your cookie preferences here.
Privacy and Cookies Policy
1. Data Controllers and those responsible for Data Protection
A data controller is an organisation that collects and uses personal data and has responsibility for how the personal data is used and managed.
A nominated person is the person in an organisation who has responsibility for monitoring compliance with the law and for ensuring that personal data is protected within an organisation.
Yodel Delivery Network Limited provides a delivery service to our Clients and is the data controller for the personal data provided by our Clients. Yodel Delivery Network Limited is registered in England, number: 05200072. Registered Office: Atlantic Pavilion, Albert Dock, Liverpool, Merseyside, L3 4AE. Yodel Delivery Network Limited’s website is www.yodel.co.uk.
In the context of this privacy notice, when we use the term 'we' it means Yodel Delivery Network Limited.
The person Responsible for Data Protection for Yodel Delivery Network Limited can be contacted on firstname.lastname@example.org
2. How we use your data
We use your personal data to provide our services to our clients and to you.
We use your personal data to provide our services to you and our clients in the following ways:
To provide our delivery services to our clients and to improve that service.
To administer any prize draw or competition you may enter.
To analyse your delivery preferences or how you interact with or use our websites and application.
For research, analytical and statistical purposes.
To record and monitor outbound and inbound telephone conversations with you to ensure consistent service levels, to prevent or detect fraud, to resolve queries and complaints and for performance management and training purposes.
Static or moving imagery is used to help maintain the safety and security of our drivers, property, deliveries and the public
We will collect your personal data directly from our Clients when they request our delivery services, when they change any of your details (such as your name or address) or from you directly during the delivery service if you change any of your details to arrange re-delivery or similar. We require our Clients to provide your personal data in order to perform our delivery service to that Client and, if you do not provide the personal data we request, we will be unable to fulfil this service.
Some of our vehicles are fitted with recording equipment as well as internal driver and forward-facing cameras.
Why we need your personal data
We need to process your personal data for a number of different reasons, and these are our legal bases for processing. We also need to keep your personal data for as long as is necessary for us to operate our business and to comply with legal and regulatory obligations.
We rely on one or more of the following legal bases for processing personal data:
To fulfil our legitimate interests or the legitimate interests of a third party
When we process personal data to fulfil our legitimate interests, we will use it in a way in which you would reasonably expect and which will have a minimal privacy impact. When we or third parties are relying on legitimate interests, we will balance our interests against your interests and the privacy impact of the processing on you and we will process your personal data responsibly.
Examples of our legitimate interests are: providing our service, fraud prevention, preventing and investigating crime and indicating possible criminal acts as well as ensuring our IT security.
To comply with legal obligations to which our business is subject
We have to comply with relevant law and regulation in order to provide our services and we will need to process your personal data in order to comply with these legal obligations.
We will keep your personal data for the purposes set out in this privacy notice and only for as long as any legal basis continues to apply. Below is a non-exhaustive list of some of the reasons we need to retain your personal data:
Compliance with the requirements of Government Departments investigating crime or fraud.
Ensuring we have relevant information in the event of any queries or complaints.
Being able to identify if you have received a parcel in the event of an investigation.
To assist with the establishment, exercise or defence of legal claims.
The length of time we need to keep the personal data will vary depending on the nature of the personal data and the reason we are obliged to hold it. We will apply appropriate risk-based measures to protect your personal data which may include pseudonymising or anonymising the personal data. If personal data is pseudonymised, this means it is de-identified so you are no longer identifiable, but we can re-identify you if we have a requirement to do so. If personal data is anonymised, it is de-identified, but can never be re-identified in the future.
3. Who we transfer data to
Transferring personal data to other organisations needs to take place with appropriate safeguards and you can be assured that we will only share the personal data that is needed for these organisations to be able to provide the right service to our Clients, you or to support us in doing so.
We may transfer your personal data to the following third parties:
The originating Company who requested your delivery
CollectPlus if you opt for this delivery service
Technology service providers – our partners who provide IT and website services.
Customer service providers – our partners who work with us to administer your delivery and provide you with any help you may need.
Telephony providers – our partners who provide telephone services and functionality.
Third party delivery companies – our Third Party and/or Self-Employed couriers and parcel firms who may deliver your goods or services and manage any returns on our behalf.
Regulators and other governmental agencies or law enforcement agencies.
Organisations who may be interested in purchasing our business or organisations who we may be interested in purchasing - we may sell parts of our business or acquire other businesses and your personal data may be shared with such third parties as part of this process.
We will only transfer your personal data to third parties who adhere to appropriate data security standards and controls. From time to time we may need to transfer your personal data to other countries. Where this is the case, we will ensure that the transfer is subject to appropriate safeguards to protect your personal data and complies with applicable law which may include having standard contractual clauses in place with the third party. For further information on how data can be transferred to other countries, please find enclosed a link to the European Commission website: https://ec.europa.eu/info/law/law-topic/data-protection_en
4. Your Rights
Right of Access
This is known as a Subject Access Request. If you want to know if we are processing personal data relating to you and to have access to any such personal data you can email our Data Protection Team on email@example.com
Right to Rectification
If you believe that we hold inaccurate personal data about you, then you can contact our Client who requested our delivery services or you can email our Data Protection Team on firstname.lastname@example.org. Depending on the type of personal data you believe is inaccurate, we may ask you for further proof to ensure that the personal data is being corrected properly. If we are satisfied that the personal data is inaccurate we will make the necessary changes. Please understand that records of deliveries may not be able to be altered given our mandate to comply with regulatory and law requirements.
Right to Erasure
You have a right to ask for your personal data to be erased in certain circumstances. However, this right does not apply where we have to comply with a legal obligation or where we need personal data for the establishment, exercise or defence of legal claims. Therefore, we cannot comply with an erasure request where you have been provided services for which we must keep records.
Right to Restriction
You have a right to request that processing of personal data is restricted in certain circumstances. However, we shall still continue to process the personal data for storage purposes, for the establishment, exercise or defence of legal claims.
Right to Object
Where we are relying on legitimate interests as a legal basis to process your data, you have a right to object to such processing on grounds relating to your particular situation.
You may also object to other processing when we rely on our legitimate interests as the basis for processing, but we do not have to stop the processing if we can demonstrate compelling legitimate grounds for the processing (taking into account our processing activities, the nature of our business and our legitimate interests) and that these grounds override your interests, rights and freedoms or in the event that we need the personal data for the establishment, exercise or defence of legal claims. To enable us to consider any objection we will need to know what specific interests, rights or freedoms relating to your particular situation you believe will potentially be put at risk by our processing. If we do stop processing your personal data, this may affect our ability to deliver our service to our Clients and you.
Right to Portability
In certain circumstances, you can request that we provide to you your personal data in a commonly used format. If you wish to make such a request you can email our Data Protection Team on email@example.com.
Right to complain to the Information Commissioner
You have the right to lodge a complaint with the Information Commissioner and more details can be found on their website www.ico.org.uk.
When you first visit the website you should be asked whether you accept cookies. You can accept or decline either all cookies, or specific cookie categories individually. The cookie categories are listed below, along with the cookies we use if you accept each category.
STRICTLY NECESSARY COOKIES
These are cookies that are required for the operation of the website. They include, for example, cookies that enable you to log into secure areas of the website and use a shopping cart.
|_yodel-collectplus_session||This is a session cookie set by web applications built using Ruby on Rails technologies. It is designed to allow a consistent experience across the website, for example to ensure any page changes or item or data selection is remembered from page to page. It is destroyed on closing the browser.||When you close your browser|
They allow us to recognise you as a visitor and how you move around the website when you are using it. This helps us to improve the way the website works, for example, to help you find what you are looking for easily. Statistic cookies help us understand how visitors interact with the website by collecting and reporting information anonymously.
|_gat_UA-nnnnnnn-nn||This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.Forgery. It holds no information about the user and is destroyed on closing the browser.||When you close your browser|
|_ga||This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years, although this is customisable by website owners.||2 years|
|_gid||This cookie name is associated with Google Universal Analytics. This appears to be a new cookie and as of Spring 2017 no information is available from Google. It appears to store and update a unique value for each page visited.||1 day|
These are used to recognise you when you return to the website. This enables us to personalise our content for you and remember your preferences.
|vuid||This domain is owned by Vimeo. The main business activity is: Video Hosting/Sharing||2 years|
|IDE||This domain is owned by Doubleclick (Google). The main business activity is: Doubleclick is Googles real time bidding advertising exchange||390 days|
|VISITOR_INFO1_LIVE||This cookie is used as a unique identifier to track viewing of videos||When you close your browser|
|GPS||YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.||When you close your browser|
|lpv106122||This domain is owned by Pardot, a marketing automation platform which provides lead generation services to businesses.||When you close your browser|
|Pardot||This domain is owned by Pardot, a marketing automation platform which provides lead generation services to businesses.||When you close your browser|
|YSC||YouTube is a Google owned platform for hosting and sharing videos. YouTube collects user data through videos embedded in websites, which is aggregated with profile data from other Google services in order to display targeted advertising to web visitors across a broad range of their own and other websites.||When you close your browser|
|test_cookie||This domain is owned by Doubleclick (Google). The main business activity is: Doubleclick is Googles real time bidding advertising exchange||When you close your browser|
6. How to contact us
If you have any queries about how we use your information or on data protection generally please send an email to firstname.lastname@example.org or write us at the Data Protection Team, Atlantic Pavilion, Albert Dock, Liverpool, Merseyside, L3 4AE.