UK Privacy Statement

Part 1: Business Subscribers

At GoodieBags, we are committed to protecting the privacy of our business subscribers. This section of our privacy statement outlines how we collect, use, and protect your data.

1.1 Data Collection and Use

1. We collect and store only the information necessary to provide our services, such as your business details and account information.
2. Any data you choose to publish via vouchers (e.g., business name, offer details) will be visible to voucher users.
3. We do not sell your data to third parties under any circumstances.

1.2 Data Responsibility

1. As a business subscriber, you are responsible for any data you collect from voucher users when fulfilling vouchers (e.g., client names and addresses).
2. You must comply with all applicable data protection laws and regulations when handling this data.
3. We recommend that you have your own privacy policy in place to inform voucher users about how you handle their data.

1.3 Aggregated Data

1. We may publish aggregated, anonymised data for analytical or marketing purposes. This may include, but is not limited to:
   • Voucher use by sector
   • Voucher use by geographic area
   • General trends in voucher redemption
2. This aggregated data will not identify individual businesses or users.

1.4 Data Security

1. We implement appropriate technical and organisational measures to protect your data against unauthorised or unlawful processing, accidental loss, destruction, or damage.
2. We regularly review and update our security practices to ensure the ongoing confidentiality, integrity, and availability of your data.

Part 2: Voucher Users

We value the privacy of our voucher users and are committed to protecting your personal information. This section outlines how we handle your data when you use our platform to access and redeem vouchers.

2.1 Data Collection and Use

1. We collect minimal data necessary for the functioning of our platform, such as the vouchers you've accessed and redeemed.
2. We do not sell your data to third parties, including our business subscribers.
3. We do not pass your data to our business subscribers unless you choose to redeem a voucher with them.

2.2 Data Shared with Businesses

1. When you redeem a voucher, you may need to provide certain information directly to the business offering the voucher (e.g., your name and contact details).
2. Any data you provide directly to a business when redeeming a voucher will be subject to that business's own privacy policy and data practices.
3. We recommend reviewing the privacy policy of any business with which you redeem a voucher to understand how they will handle your data.

2.3 Your Rights

1. You have the right to access, correct, or delete your personal data that we hold.
2. You can contact us at [contact email] to exercise these rights or if you have any questions about your data.

2.4 Data Security

1. We use industry-standard security measures to protect your data from unauthorised access, disclosure, alteration, or destruction.
2. However, please note that no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

General Provisions

1. We comply with all applicable UK data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. We may update this privacy statement from time to time. Any significant changes will be communicated to you via email or through our platform.
3. If you have any questions or concerns about this privacy statement or our data practices, please contact us at [contact email].

Last updated: October 2024