Privacy Policy
This Privacy Policy covers in detail how we process your personal information. We have summarised below each area, and more information is available in each of the sections:
-
Introduction
This Privacy Policy helps you understand what personal information we collect, why we collect it, what we do with it and the choices you have, including how to access and update information.
Our Policy applies to you if you use our products or services in store, over the phone, online, through our mobile applications or if you use any of our websites or interact with us on social media (our “Services”).
If you want to opt-out of marketing please email us at [email protected]
-
Who we are
Currys Business is a trading name of Currys Group Limited, a company registered in England and Wales (Company registration number: 504877), and Currys Retail Limited, a company registered in England and Wales (Company registration number: 2142673) (referred to using “we”. “us”, “our” or the “Company”), both of which are part of the Currys group of companies (“Currys Group”). Your invoice/confirmation order/confirmation acknowledgment will set out which of these two entities is the data controller relevant to your sale. Currys Group is a leading omnichannel retailer of technology products and services, operating through online and 830 stores in 8 countries. We help everyone enjoy amazing technology, however they chose to shop with us.
-
Information We Collect
We collect personal information about you when you visit one of our stores, use our website, or if you communicate with us by phone, e-mail and social media in relation to purchasing products for your business, or utilising one of our services for businesses. We refer to our website as “Online Services” throughout this policy.
The types of personal information we collect include:
• Personal details such as your name, address, email address, phone number and other contact information.
• Transaction information, such as the product you purchased, its price, your method of payment and your payment details, which are anonymised as per Payment Card Industry Security Standards (PCI-DSS).
• Your account information, such as dates of payments owed and received, the subscription services you use or any other information related to your account.
• The phone numbers that you use to contact us over the phone, such as contacting our customer services team.
When you're using our Online Services, the information we collect include:
• Account information, like your username, password, and other identifiers or credentials you use to access our Online Services or to buy our products and services, details of your shopping preferences, such as your favourite brands and products, as well as which of our stores you prefer to shop in.
• Information that you provide in your dealings with us. This includes when you register to use our Online Services, or when you subscribe to our services or request further services and/or information from us.
• Details of your visits to the website or in-store WI-FI and the resources that you access. Examples include ads that you click, device information and location.
• IP address, type of device you are browsing from and cookie data.
More information is available in our Cookie Policy.
The situations when you provide personal information could include when you:
• Purchase products at our stores or through our contact centre.
• Register or use our Online Services.
• Request to receive marketing or other communications.
• Use our Wi-Fi networks or other in-store tech.
• Enter one of our competitions or when you complete one of our customer surveys.
• Submit information when you’re providing feedback or making an enquiry.
• Use interactive features of our Online Services. -
How we use your Information
Data protection law sets out a number of different lawful reasons for which a company may collect and process your personal information. These are:
• Where we have entered into a contract with you; • Where we have your consent; • Where we are legally obligated to; • Where we have determined a legitimate interest that does not impact your rights and freedoms; and • Where it is in your vital interests to.
The table below provided examples of when we might rely on these lawful reasons:
Contract • We use your personal information to process your orders and payments or to give you a refund. • We also enter into a contract with you when you use on of our services, such as insurance, or to facilitate an agreement between you and our lending partner when you make a credit application. Legitimate Interest • To send your business promotional materials across email, post, telephone and text messages to communicate with you about our products and services, competitions, offers, promotions or special events. For example: ⚬ To provide a free mobile phone upgrade reminder service. ⚬ To inform you when a product is back in stock. ⚬ To send you a renewal notice. ⚬ To communicate with you about our third-party partners that we believe may interest you. • If you are a sole trader, we will send promotional materials across post and telephone, as well as email and text messages if those permissions are captured during the course of a sale. • To provide customer support and to respond to, and communicate with you, about your requests. • To contact you if we need to obtain or provide additional information in relation to your order or query. • To check our records are right and to check every now and then that you’re happy and satisfied (e.g. customer surveys). • For other marketing activities (other than where we rely on your consent), such as marketing permissions captured during the course of a sale and personalising marketing messages through social media and other third party platforms; • To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request). • To send communications to you about your orders, purchases or accounts and bill you for using our products or services. • To let you post on our blogs and interact with us through social media. • To ensure a smooth experience on our Online Services, including making sure our websites word correctly (more information is available in our Cookies Policy). • To help us understand more about you as a customer, the products and services you use, the way you use them and how you shop across the company, so we can serve you better. • Improve the content and appearance of the website, and to make sure that content is presented in the most effective manner for you. • To operate, evaluate and improve our business, including the development of new products and services; to determine the effectiveness of our sales, marketing and advertising; and the analysis and improvement of our products, offers, promotions, and Online Services and other technologies. • To show you relevant ads by using information collected from your devices, if you have provided your consent for such consent, including your searches, location, ads that you have seen and personal information that you have given us, such as your age range, gender and topics of interest. Dependant on your Ads Settings, this information informs the ads that you see across your devices. So if you visit our website on your computer at work, you might see ads about our products or services on your phone later that night. • To facilitate an omnichannel journey to ensure that you can shop with us in any way that you choose. For example, we may use your information either instore or on a video call with a member of our staff, known as a shoplive call, to register you with an online account or to access your existing online account, in order to provide you with tailored product advice and support. • Where you fail to repay what you owe us or return our property, we may need to trace your whereabouts (sometimes using a tracing Agent) in order to recover payment or reclaim property. This might be carried out by a third party debt recovery agent on our behalf. • To protect against, identify and prevent fraud and other criminal activity, claims and other liabilities. • For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access. • To ensure the security and safety of our stores via CCTV. • To send you claim details as part of fulfilling promotional offers if you have made a qualifying purchase. • To help reduce the overall fraud and credit risk for our customers and ensure a duty of care for customers who apply for financial products and services. Legal obligation • To identify you when you contact us. • To verify the accuracy of data that we hold about you. • To assist HMRC and/or the Police and/or other regulatory bodies in relation to an investigation by a public authority. • To complete any requests you make regarding your Data Subjects Rights. • For financial administration. • Where necessary for health and safety purposes. • To comply with our Financial Conduct Authority (FCA) obligations. Vital interest • We may need to contact you if there are any urgent safety or product recall notices or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you. Where we process your information under Legitimate Interest, we will have assessed this processing and balanced it against your rights and freedoms.
-
More sensitive information
Under data protection law, some personal information is considered more sensitive, including information relating to a person’s racial origins, certain beliefs or health conditions. It can also include information relating to criminal activity.
We do not expect to handle any of your more sensitive information unless it becomes relevant in our dealings with you or you volunteer the information. Examples of this might be where you have a vulnerability or health condition which is relevant to our dealings with you; where you are involved in a medical emergency or accident; if the information is relevant to a legal dispute or complaint; or while addressing criminality impacting our business. On the rare occasions we handle more sensitive information, we only do so as allowed by data protection law (for example, where we have your consent, to protect someone’s vital interests or to prevent or detect crime) or as required by law.
-
How we use your information to make automated decisions
We sometimes use systems to make automated decisions based on your personal information or the information we are allowed to collect from others about you or your business (for example where we perform credit or internal fraud checks). This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the products, services or features we may offer you now or in the future, or the price that we charge you for them.
You have rights over automated decisions:
• Under certain circumstances, you can ask that we do not make our decision based on the automated score alone; and
• You can object to an automated decision, and ask that a person reviews it.If you want to know more about these rights, please contact us.
-
How we use information for analysis
We analyse customer and transactional information to understand customer attitudes and propensity to act in a certain way in the future. We use algorithms to group customers into segments based on their socio-demographics, frequency of their interaction with Currys Business, size and type of their purchases, and feedback they provide via surveys.
We analyse customer information to:
• Build new products and services or modify our services or store environment to better meet customers’ expectations.
• Design and deliver marketing campaigns, product and services recommendations that are relevant to you. This would be based on your past purchases, your online browsing behaviour or on what you have told us in surveys.
• Develop product assortments based on types of customers, their preferences and shopping behaviour.
• Develop commercial forecasts.
• If you have provided consent, personalise your experience on our website.
Our analytics activity includes looking at products and services where customers purchased from both Currys and Currys Business. For more information on how we share personal information across the Currys Group, see the ‘Who we share your personal information with’ section below.
We may also carry out analytics activities on information which has been fully anonymised.
-
Digital advertising and personalisation
We advertise across all digital platforms with both targeted and non-targeted advertising. For targeted advertising, we may use information obtained through the use of cookies or similar technologies in your web browser to display ads to you, which you may see on other websites or digital platforms. We will seek your consent to deploy these kinds of cookies and similar technologies through our Website cookies consent mechanism. More information is available in our Cookie Policy.
In order to ensure that appropriate ads are displayed, we work with partners and agencies to analyse and prepare the information, and measure the effectiveness of our advertising. See below the section on 'Who we share your personal information with'. Where applicable, we or our advertising partners will combine this information with your transaction information and other information, such as your cookie consent instruction, and information from external or publicly available sources. By building a richer picture of your preferences in this way, we can make sure you see ads most relevant to you. We also use this information to ensure you do not receive unnecessary ads.
Our digital advertising includes advertising across social media platforms. The media owners we most commonly work with are Meta (which owns Facebook and Instagram) and Google (which owns YouTube). The individual privacy policies are linked for your information.
We will also use the information we have on existing customers for modelling purposes, to help identify potential new customers who may be interested in our products.
-
Who we share your personal information with
We share personal information within the Currys group of companies. Members of the Currys group that receive this information are not authorised to use or disclose the information except as provided in this Privacy Policy.
Where we share your information with any third parties, we will undertake due diligence prior to sharing any information with them and will have in place robust contracts that cover the security of any information shared.
Our service providers
We work with partners, suppliers, insurers and agencies so they can process your personal information on our behalf and only where they meet our standards on the processing of information and security. We only share information that helps them provide their services to us or to help them provide their services to you. For example, some of our service providers place advertising for us online, about our products and services and those of our retail partners, suppliers and third parties. As a result, where you have indicated you are happy to receive online marketing from us in our cookie preference centre, you might see online advertising that we have placed on the websites you visit, or the interactive services you use.
Other third-party service providers include:
• Credit and Insurance Partners: When you apply for 30 day business credit or purchase on insurance products we will pass on your information to trusted third party partners responsible for these products, such as TreviPay, who are our 30 day business credit provider. When you are an approved 30 day business credit customer or purchase an insurance product, we will continue to exchange your information while you use the facility or have an active insurance products. Please note we are not a lender in respect of the 30 day business credit facility within our UK stores, See ‘Credit Reference Agencies and insurance’ section below for more information.
• We share information with financial institutions to improve levels of service, reduce risk and provide due duty of care to you and other customers.
• Providers that we work with to deliver our marketing and campaigns, and facilitate our competitions.
• Manufacturers of products sold to our customers for whom we carry out repairs.
• Companies that enable us to collect your reviews and comments, both online and offline, such as Reevoo.
• Companies which run our contact centres because they need your personal information to identify and contact you.
• Third party vendors who help us to manage and maintain the Group IT infrastructure.
• Companies that provide insights and analytics services for us so we can stock the right products, send the right marketing campaigns and understand our business and customers better.
• Specialist providers of digital advertising and personalising content to provide customers with adverts tailored to them.
• Partners that support our services, such as where we need to arrange a speciality engineer visit.
• Companies that work on our behalf processing and sorting information, monitoring how customers use our website, issuing our emails for us and collecting product/customer feedback from you via surveys.
Where you have asked us to deliver your purchases either to the store (‘Click & Collect) or any other place, we will also share your address and contact details with our delivery partners like DPD or Royal Mail and distributors, to ensure a successful delivery. These partners may contact you to provide periodic updates on your delivery.
Other organisations and individuals
We may transfer your personal information to other organisations in certain scenarios. For example:
• If required to by law, under any code or practice by which we are bound, or we’re asked to do so by a public or regulatory authority such as the Department for Work and Pensions.
• To prevent and detect criminality impacting our business, we may voluntarily or on request share information with the Police or other crime prevention organisations, such as the National Business Crime Solution (NBCS). NBCS is a non-profit initiative that works with the Police and the business community to help tackle business crime in the UK by gathering and sharing information.
• Information will also be shared with fraud prevention agencies to prevent fraudulent claims.
• If we need to do so in order to exercise or protect our legal rights, users, systems and services.
• With banks and insurance companies if you are a financial services (insurance or credit) customer.
• With mobile phone operators if you buy a phone contract through us.
• In response to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.
• With emergency services (if you make an emergency call), including your approximate location.
• With companies we work with who refer their customers to purchase our products and services, this enables Currys to monitor performance and for accounting purposes.
-
Credit Reference Agencies and Insurance
In order to process your application for 30 day business credit, we will share your information to credit reference agencies (“CRAs”) and they will give us information about you. This will include information from your credit application and about your business financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information, and fraud prevention information. We will use this information to:
• • Assess creditworthiness and whether you can afford to take the product.
• • Verify the accuracy of the data you have provided to us.
• • Prevent criminal activity, fraud and money laundering.
• • Trace and recover debts.
• • To make sure any offers provided to you are appropriate to your circumstances.
We will also continue to exchange information about you with CRAs on an on-going basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your information will also be linked to the data of any joint applicants or other financial associates.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at www.equifax.co.uk/crain.
-
Sharing your information with lending partners
We will share your information with our lending partners (where Currys Business is the credit broker and not the lender) when you apply for a credit account. We will do this in order to facilitate an agreement with you and administer the agreement throughout its term. Our lending partners and Currys Business will continue to exchange your information while you use the credit facility including information about your credit application, purchases and transactions history (not limited to credit purchases and including any that are not fully complete). Lending partners and Currys Business will also between themselves share the lending decision, the status of your account and your remaining balance.
We may share and use your information for assessment and analysis, including credit or behaviour scoring (or both), and other related investigations such as product analysis. We may also use this information to prepare statistical reports, although the reports themselves will not contain any personally identifiable information relating to our customers.
-
International transfers of your personal information
We are a UK-based business and so your personal information will be handled by us in the UK. From time-to-time we may transfer your personal information (for example, to our suppliers, service providers or other companies within Currys Business Group) out of the UK for the purposes described in this Privacy Policy. Unless otherwise allowed by data protection law, where we transfer information to a country not recognised as having equivalent protections for information as the UK, we will put in place appropriate safeguards to ensure your information is protected in the same way as if it was being used in the UK. This can include putting in place contractual protections (known as standard contractual clauses) and other organisational or technical measures designed to safeguard information.
-
How long we keep your personal information
We will keep your personal information for as long as you’re a customer. If you haven’t made a purchase or engaged with us for 3 years or more, then we will remove you from our marketing mailing lists. After you stop being a customer, in most cases, we will keep your information for up to 7 years after the last time you interacted with us, or if you have purchased insurance products up to 7 years from the end of the cover.
We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. We may also need to keep it in order to help support product recalls or safety notices. If we do, we will make sure that your privacy is protected and only use it for those purposes.
We do not retain personal information in an identifiable format for longer than is necessary.
-
Your Rights
The table below outlines the Data Protection Rights available to you:
Access to Information held about you You have the right to request what personal information we hold about you. This is sometimes called a 'Data Subject Access Request'. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you free of charge. Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information. Except in rare cases, we will respond to you within 30 days after we have received this information or, where no such information is required, after we have received your request. You can request a copy of your information by using the contact details below. Rectify information held about you If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it. Data Portability In certain circumstances you have the right to request a copy of your personal information from us or to have that information passed to an organisation of your choice in a format that can be easily re-used. To stop or limit our processing of your information You have the right to object to us processing your personal information if we are not entitled to use it anymore, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances. Where we rely on our legitimate interests, as set out under ‘How we use your personal information’, you may object to us using it for these purposes. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your information for those purposes. Otherwise, we will provide you with our justification as to why we need to continue using your information. You can ask us to restrict the use of your personal information if: • It isn’t accurate. • It has been used unlawfully but you don’t want us to delete it. • It is not relevant anymore, but you want us to keep it for use in legal claims. • You have already asked us to stop using your information but you are waiting for us to tell you if we’re allowed to keep on using it. Please note that we may be required by law to retain certain information. Before we are able to provide you with any information or correct any inaccuracies, we may ask you provide other details to help us respond to your request. Erasure You have the right to request erasure of your personally identifiable information (also known as the right to be forgotten). In some circumstances we may not be able to fully delete your information, for example where we have an overriding legal obligation to retain it, and where we can delete it, we will need to keep an appropriate record of the request. If you would like to exercise these rights, please contact us.
-
How can you stop the use of your personal data for direct marketing
We won't send you marketing messages if you tell us not to. You ca tell us in a number of ways:
• You can also find further information within our Direct Marketing Charter.
• We won't send you marketing messages if you tell us not to. You can tell us in a number of ways.
• You can click onto the "unsubscribe" link in any communication that we send to you by email, or send a free SMS short code to opt our of SMS marketing, both of which will automatically unsubscribe you from those channels of communication. Please also note that you will continue to receive Service communications we need to send in relation to the product and services we have sold to you.
• Alternatively, you can unsubscribe by emailing us at [email protected]. Please note that it may take up to 28 days to process your request.
• To stop online marketing through cookies please see our Cookie Policy.
• If you are seeing marketing directly from us through your social media channels you can stop these directly within the social media site.
Non-business customers may be interested to read more about customer marketing approach in our Currys Direct Marketing Customer Charter.
-
Security measures
We take our responsibility to protect your information very seriously. All companies within the Currys Group use physical, technical and organisational security measures to protect the personal information supplied by you against loss, destruction, and any unauthorised access by third parties. We do this in several ways which include, but is not limited to:
• Following the Payment Card Industry Data Security Standard (PCI DSS) when handling debit and credit card information.
• Adhering to General Data Protection Regulation (GDPR) guidelines when collecting, processing and storing information.
• Using encryption protocols and software to protect your personal information during transmission.
• Carrying out regular back-ups of our critical information.
• Regular testing and evaluation of our security measures.
-
Links to other websites and social plugins
Our website (which includes this Privacy Policy) contains links to other websites run by other organisations which we do not control. This Policy does not apply to those other websites and Apps‚ so we encourage you to read their privacy statements.
We use so-called social plugins (buttons) of social networks such as Facebook, Google+, You Tube, Instagram and Twitter. After activation of a button, the social network can retrieve information, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account. A social network cannot assign a visit to websites operated by our other group companies unless you activate the respective button there as well.
If you are a member of a social network and do not want that network to combine information retrieved from your visit to our website with information they hold on you, you must log out from the social network concerned before activating the buttons.
-
Contact us
If you would like to access any of your rights as listed above, or have any questions with regards to this Policy, please use the contact us section of our website. If you would like to exercise any of your data subject rights, please completed this form.
Alternatively, you can contact our Data Protection Office at:
• Email: [email protected]
• Post: Data Protection Office, London Campus at Waterloo, 8th Floor, 10 York Road, London, SE1 7NDYou can also contact the Information Commissioners Office (ICO) if you have any concerns or complaints with how Currys has handled your personal information: https://ico.org.uk/global/contact-us/
This Privacy Policy was last updated January 2024 and replaces all previous versions. This Policy is regularly reviewed and if updates and changes are made we may notify you either by email or with an announcement on social channels.
-
Currys Business Complaints Code
We’re here to help
At Currys Business we always want our customers to be happy with their purchase, but we also understand that from time to time, things do go wrong. This complaint code explains what we’ll do when they do. We’ll do our best to resolve your complaint as soon as you get in touch, but more complex complaints may take longer. But don’t worry, we’ll keep you updated if this is the case.
How to contact us
Calling us is the fastest way to resolve your complaint, a member of our customer service team will be happy to help. You can reach us by calling 0344 561 6789 Lines are open between 9am and 6pm (Monday – Thursday) and 9am and 5.30pm (Friday). Our offices are closed at weekends and bank holidays. If you’re unable to call us, you can speak to us on Live chat by visiting our website and clicking “chat with an expert”.
Alternatively, you can write to us at: Currys Business Merck House Seldown Way Poole Dorset BH15 1TW
What we will do
When you contact us, we will do everything we can to resolve your complaint on the call/live chat or in writing, including escalating your complaint, if needed. To help us understand your complaint, please provide the following:
• details of your concerns • how you would like us to put things right • your Company name and address • your email address (we will only use this to contact you about your complaint) • a contact telephone number and a best time to call you • any reference and/or order number
Should your complaint require escalation, the next stage would be for one of our senior members of the customer service team to review your complaint further and provide you with their findings within 5 working days. Our final stage, should you remain unhappy, is for one of our management team to review everything and provide you with their final response which we aim to provide you within 8 weeks of us receiving your complaint.
Complaints about business credit
If you have concerns relating to your 30 day business credit account then please find further details here: TP T&Cs link.
Complaints about mobile and broadband
If you’re not happy after we’ve given you our final response to your mobile or broadband complaint or 8 weeks have passed since you told us of your concerns, you may wish to ask an alternative dispute resolution (“ADR”) provider to investigate your complaint by contacting an Ombudsman If you need to contact the Ombudsman about your mobile or broadband complaint, the Communications Ombudsman can help. You’re not charged for using these services. They investigate complaints fairly by listening to both sides of the story and looking at the facts. If you’d like to know more about the way they work and what they can help with, there’s more information on their websites. You can call Communications Ombudsman on 0330 440 1614 or email at: [email protected] or write to: Alternatively, you can write to us at: Communications Ombudsman PO Box 730 Warrington WA4 6WU
You can also contact them through their website at Ombudsman service website.