What is covered by this policy?
Some Chargifi websites may contain links to websites not owned or operated by Chargifi is not responsible for the content, privacy policies, or practices of those websites. We recommend that you review the privacy policies of each site you visit.
What kinds of information do we collect?
Chargifi collects information, including Personal Information that you provide us when you visit our website. “Personal Information” that will be collected or processed by Chargifi includes:
first and last names;
credit card information;
financial information, such as that which could be used to process invoices and payments; and
Some web browsers may transmit “do not track” signals. Web browsers may incorporate or activate these features differently, making it unclear if users have consciously activated them. As a result, at this time we do not take steps to respond to such signals.
Chargifi may collect Personal Information in a variety of ways including directly from customers while online when you use any of our online tools or features, applications, when you enter one of our promotions.
How do we use your personal information?
Chargifi collects and uses your Personal Information to:
Conduct business with you
Improve your experience with us
Direct you to an online platform of a retailer to make a purchase
Create and maintain accounts for retail partners
Help you receive email and direct mail for our retail partners
Help you register for promotions, lotteries, loyalty programs and competitions through social media channels
Help you send us reviews, enquiries and complaints
Permit you to apply for a job
We process Personal Information submitted by customers for the purpose of providing the above-referenced services (collectively, the “Services”) to customers. To fulfill these purposes, we may access Personal Information to provide the Services, to prevent or address service or technical problems, to respond to customer support matters, to follow the instructions of a customer who submitted the Personal Information, or in response to contractual requirements with our customers and service providers.
Where you have entered into a contract with Chargifi, we will process your Personal Information in order to meet our obligations and exercise our rights in terms of that contract.
In other cases, Chargifi has a legitimate interest in processing Personal Information which allows us to provide you with a better customer service; and to send marketing emails to you where you have purchased goods from us and where you have not opted out from receiving those messages.
There may be some occasions where we seek your consent to process Personal Information but in those cases we will provide full details of what Chargifi is seeking consent for, so that you will be able to carefully consider whether to provide that consent.
How do we process your personal information?
When processing Personal Information Chargifi ensures that:
it is processed lawfully, fairly and in a transparent manner (‘lawfulness, fairness and transparency’);
it is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’)
it is all adequate, relevant and limited to what is necessary in relation to the purposes for which the Personal Information is processed; (‘data minimisation’)
it is all accurate and, where necessary, kept up to date and that reasonable steps will be taken to ensure that Personal Information that is inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’)
it is kept in a form which permits identification of you for no longer than is necessary for the purposes for which the Personal Information is processed; (‘storage limitation’)
it is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
Chargifi will facilitate any request from you to exercise you rights under data protection law and the General Data Protection Regulation as appropriate, always communicating in a concise, transparent, intelligible and easily accessible form and without undue delay.
Chargifi will also:
ensure that the legal basis for processing Personal Information is identified in advance and that all processing complies with the law.
not do anything with your Personal Information that you would not expect given the content of this policy.
ensure that appropriate information is provided advising how and why Personal Data is being processed, and in particular advising data subjects of their rights.
only collect and process the Personal Information that we need for the purposes we have identified in advance.
ensure that as far as possible the Personal Information we hold is accurate, or a system is in place for ensuring that it is kept up to date as far as possible.
only hold onto your Personal Information for as long as it is needed after which time we will securely erase or delete the personal data. Chargifi’s Data Retention Policy sets out the appropriate period of time.
ensure that appropriate security measures are in place to ensure that Personal Information can only be accessed by those who need to access it and that it is held and transferred securely.
Your choices and access to your personal information
Our email, website, and other interactive programs allow you to choose to receive or to stop receiving communications from us. You can choose to receive email and/or postal mail from a Chargifi brand or to receive offers from other Chargifi brands.
Chargifi honors a “once out – always out” policy. Once you opt out, you are opted out of that type of communication and that brand until we are explicitly told in writing to opt you back in. You may opt out of email programs at any time by following the opt-out instructions provided in the email you receive. You also have the following rights:
Subject access: the right to request information about how Personal Information is being processed including whether Personal Information is being processed and the right to be allowed access to that data and to be provided with a copy of that data along with the right to obtain the following information:
the purpose of the processing
the categories of personal data
the recipients to whom data has been disclosed or which will be disclosed
the retention period
the right to lodge a complaint with the ICO in the United Kingdom
the source of the information if not collected direct from the subject
the existence of any automated decision making.
Rectification: the right to allows a data subject to rectify inaccurate Personal Information concerning them.
Erasure: the right to have data erased and to have confirmation of erasure, but only where:
the data is no longer necessary in relation to the purpose for which it was collected; or
where consent is withdrawn; or
where there is no legal basis for the processing; or
there is a legal obligation to delete data.
Restriction of processing: the right to ask for certain processing to be restricted in the following circumstances:
if the accuracy of the personal data is being contested; or
if our processing is unlawful but the data subject does not want it erased; or
if the data is no longer needed the data for the purpose of the processing but it is required by the data subject for the establishment, exercise or defence of legal claims; or
if the data subject has objected to the processing, pending verification of that objection.
Data portability: the right to receive a copy of Personal Information which has been provided by the data subject and which is processed by automated means in a format which will allow the individual to transfer the data to another data controller.
Object to processing: the right to object to the processing of Personal Information relying on the legitimate interests processing condition unless Chargifi can demonstrate compelling legitimate grounds for the processing which override the interests of the data subject or for the establishment, exercise or defence of legal claims.
Personal Information is to be used for a purpose other than those for which it was originally collected or subsequently authorized by such user. We will treat as sensitive any Personal Information received from a third party where the third party identifies and treats it as sensitive.
Chargifi is committed to protecting children’s privacy on the Internet. No one under age 16 may provide any Personal Information to or on the websites. Chargifi does not knowingly collect Personal Information from children under 16. If you are under 16, do not use or provide any information on our websites, make any purchases through our websites, use any of the interactive or public comment features of our websites or provide any information about yourself or others to us, including your/others name, address, telephone number, email address, or any screen name or user name you/others may use.
If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from a child under 16, please contact us at firstname.lastname@example.org.
What Personal Information is collected online from children under 16 and how is it used?
Chargifi does not knowingly collect, use, or disclose Personal Information (including online contact information) of children under the age of 16. We may collect information about visits to our websites without a user actively submitting such information. For information about such passive data collection, please contact us at email@example.com.
Sharing Personal Information with Third Parties
We employ other companies (“Agents”) and people to perform tasks on our behalf and need to share, and may transfer within the EEA, your information with them to provide products or services to you. Other types of Agents with which we may share Personal Information include organisations providing services to support Chargifi functions, such as distributors, supply chain, social media and our Public Relations agency.
Chargifi does not release the Personal Information it collects from you to any unrelated third parties so that they may send you commercial promotions or offers for products or services.
If an individual wishes to opt out or limit the use and disclosure of their personal data to a third party or a use that is incompatible with the purpose for personal data was originally collected or authorized, the individual may send such request to firstname.lastname@example.org.
When Chargifi transfers Personal Information to countries other than the country where it was provided, we do so in compliance with applicable data protection laws. Copies of the Personal Information at the point of origin are deleted on a regular basis.
Any transfers of Personal Information from customers outside the European Economic Area (the “EEA”), will comply with GDPR requirements, as appropriate, in all respects
Personal Information Security
Chargifi maintains reasonable and appropriate security measures designed to help protect against loss, misuse, and alteration of Personal Information collected by Chargifi, which include:
physical and logical access controls, including firewall, limited access, and SSL encryption technology, that limit who can access personal data based on business/processing need;
privacy policies for personal data and for employee personal data (a copy of which may be requested at email@example.com);
annual employee training on our privacy policies;
employees who are bound by confidentiality obligations;
the appointment of a Privacy Officer to handle all personal data incidences or issues, including, without limitation, the handling of individual requests related to his/her personal data processed by Chargifi; and
Chargifi ‘s General Information Security Policy and Incident Response Policy that contain incident response plans for escalation and resolution of data breach incidents
Passive Data Collection - cookies and web beacons
Your Personal Information is protected in the United Kingdom by the Data Protection Act 2018 (the “Act”), the General Data Protection Regulation 2016/679; and all relevant EU and UK data protection legislation. Under the Act we will only process your Personal Information in a lawful and fair manner. We will secure your Personal Information to prevent unauthorized access by third parties.
Chargifi Limited are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. We cooperate with country data protection authorities if they believe that a privacy problem has occurred.
If you have questions or concerns regarding your privacy, please contact Chargifi directly.
In the United Kingdom:
180 Borough High Street
If you believe that Chargifi has not complied with your rights in relation to your personal data in relation to processing in or related to the United Kingdom, you can complain to the Information Commissioner’s Office. Their contact details are available at www.ico.org.uk