Website Privacy Policy

Introduction

This privacy policy aims to give you information on how Whistl collects and processes your personal data through www.whistl.co.uk (“Our Site”), including any data you may provide through Our Site when you sign up to it or enquire to purchase services through it, and also any data Whistl acquires about you from other sources for marketing purposes.

Our Site is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them. By using this site you are accepting the practices described in this policy.

1.            Information About Us

1.1.         Our Site is owned and operated, on behalf of the Whistl Group of Companies, by Whistl UK Limited a limited company registered in England and Wales under company number 04417047, whose registered address is Network House, Third Avenue, Marlow, Buckinghamshire, England, SL7 1EY (“We/Us/Our”).

1.2.         Our VAT number is GB991 2657 87.

1.3.         We are regulated by OFCOM in relation to the postal services that we provide.

1.4.         We are a member of the DMA, IPM, Print Power, ELMA, RHA and the MCF.

1.5.         Our ICO Registration number Z692857X.

1.6 – For any enquiries about this privacy policy please contact gdpr@whistl.co.uk or write to us at Meridian House, Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1TB.

2.            What Does This Policy Cover?

2.1.         This Privacy Policy applies to your use of Our Site, and to our processing of your personal data otherwise.

2.2.         Please refer to our Compliance Statement for additional information about our approach to Data Protection

3.            Your Rights

3.1.         Under certain circumstances, you have rights under data protection laws in relation to your personal data, which this privacy policy and our use of personal data have been designed to uphold:

3.1.1.     Right to be informed – When we collect your data we have to tell you what we are going to do with it primarily through this Privacy Policy.

3.1.2.     Right of access – You have the right to contact us in writing to request details of the information we hold about you.

3.1.3.     Right of rectification – You have the right to ask us to rectify information that we hold about you if this is inaccurate or incomplete.

3.1.4.     Right to erasure- This is also known as the right to be forgotten and gives you the right to request your information to be removed if there is no compelling reason for its continued processing. A word of warning though, we keep a list of people who have asked not to be contacted which is used to ensure that you receive no further marketing information from Whistl or client from the result of our activity. Without this list, your data could enter our system again from another source and we would have no record of the fact that you asked us not to contact you.

3.1.5.     Right to restrict processing – this is the alternative to erasure and gives you the right to tell us to stop processing your data but allows us to keep enough information about you to ensure that your wishes are respected in the future.

3.1.6.     Right to data portability – this gives you the right to ask the holder of your information to transfer that information to another business. This right would be most commonly used if you were switching banks, insurance companies, utility companies or mobile phone companies.

3.1.7.     Right to object – you have the right to object to the processing of your data for marketing purposes and profiling for marketing purposes. Your rights and freedoms override our interests.

3.1.8.     Rights related to automated decision making including profiling – we do not use automated decision-making processes which would have a potentially damaging effect on the information we hold about you. But if we did you have the right to obtain human intervention, express your point of view and obtain an explanation of the decision and challenge it.

3.1.9.     Rights to withdraw consent at any time where relevant – you have the right to withdraw your consent to the processing of your information at any time and we must provide you with the information to need to do so at the time we collect your data and each time we contact you.

3.2.         You have the right to make a complaint at any time to the Information Commissioner Office (ICO) (the UK supervisory authority for data protection issues (www.ico.org.uk)). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance using the details provided in section [13] and we will endeavour to solve the problem for you.

3.3.         For further information about your rights please contact the Information Commissioner Office or your local Citizens Advice.

4.            What Data Do We Collect?

4.1.         Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

4.2.         We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

4.2.1.     Identity Data first name, maiden name, last name, or similar identifier.

4.2.2.     Contact Data email address and telephone numbers.

4.2.3.     Technical Data internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access Our Site.

4.2.4.     Usage Data information about how you use Our Site, products and services.

4.2.5.     Marketing and Communications your preferences in receiving marketing from us and our third parties and your communication preferences.

4.3.         We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

4.4.         We do not collect any Special Categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

4.5.         Where we need to collect personal data by law, or under the terms of a contract we have with you, and you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.

5.            How we collect your personal data

5.1.         We use different methods to collect data from and about you from your website interactions, including through:

5.1.1.     Direct interactions. You may give us your Contact Data when you:

5.1.1.1.     use any of the tools on Our Site;

5.1.1.2.     subscribe to any service/software updates;

5.1.1.3.     request marketing to be sent to you;

5.1.1.4.     give us feedback or contact us.

5.1.2.     Automated technologies or interactions. As you interact with Our Site, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy for further details.

5.1.3.     Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources such as, but not limited to, those set out below:

5.1.4.     Technical Data from analytics providers Google and Infinity both of which may transfer personal data outside the EEA. The ways that analytics providers process the personal data is set out in their respective privacy policies (please click on the highlighted names to follow links) Google and Infinity.

5.1.5.     The Whistl website uses the Osano Cookie Consent Tool, which can be utilised to customize your cookie preferences. The tool will record when you have consented to our cookie policy and will ask for consent periodically to ensure users stay up-to-date with changes to our cookie and privacy policies.  The consent tool specifically controls the marketing cookies and analytical cookies on the Whistl website. Essential cookies cannot be disabled. Please read our cookies policy for more information about the cookies we use. Alternatively, you as a user can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of Our Site may become inaccessible or not function properly

5.2.         Webinars and Training Demo

5.2.1.     Whistl holds training demos and webinars throughout the year, to aid and assist customers and prospects navigate more complex elements of services and topics relating to business support. We collect personal data, like names, postal addresses, email addresses, etc. This information is voluntarily submitted by our visitors/participants.

5.2.2.     The information provided is only used to fulfil a specific request connected to a training demo or webinar, unless you give us permission to use it in another manner, for example, to add you to one of our mailing lists. By opting into our mailing list you agree that Whistl can process your name, company name, email address and phone number and use them for communicating to you about Whistl‘s portfolio of services. Whistl will not sell or give away any lists or other data that we may retain.

6.            International Transfers

Except for transfers of personal data by analytics providers (please see 5.1.4 above), we do not transfer your personal data outside the United Kingdom.

7.            How Do We Use Your Data?

7.1.         We will only use personal data when the law allows us to. Apart from the uses mentioned in paragraphs 4 and 5 above, most commonly we will use your personal data as follows:

7.1.1.        where we need to perform the contract that we have entered into with you – the details relating to the use of personal data in relation to that contract will be set out in the contract (including any documents referred to in the contract);

7.1.2.        where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;

7.1.3.        where we need to comply with a legal obligation.

If we do collect any personal data, it will be processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the United Kingdom’s data protection laws at all times.

7.2.         If you contact Us and We obtain your personal details from your email or we retain your address in order to deliver your mail, we may use them as follows:

7.2.1.     To reply to your email;

7.2.2.     To carry out address verification.

7.3.           You have the right to withdraw your consent to us using your personal data at any time and to request that we delete it.

7.4.           We may share your data with selected associated partners in order to provide the service required. We will ensure your data is only provided to third parties with appropriate and commensurate controls in place.

7.5.         We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate:

7.6      We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

7.7       If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

7.8         Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

7.9        We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

7.10         We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required.

8.            How and Where Do We Store Your Data?

8.1.         Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure any data we hold about you.

8.2.         Whistl secures your personal information from unauthorised access, use, or disclosure. Whistl secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use, or disclosure. When personal information (such as a credit card number) is transmitted to other Web sites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.

9.           Data Sharing

9.1.   We may share your personal data with our marketing agencies in order to discuss and resolve technical issues and changes to our Site.

9.2.   Whistl may share enquiries and the personal data of those making the enquiry with other companies within the Whistl Group, if we consider that a service or solution may be appropriate from these businesses. The Whistl Group companies with which we will share data are as follows:

The Whistl Group Companies with which we will share data are as follows:

9.2.1. NNY 91 Limited (company number 11995959)

9.2.2. Whistl Group Holdings Limited (company number 09779561)

9.2.3. Whistl (Doordrop Media) Limited (company number 00613278)

9.2.4. Whistl Fulfilment (Rushden) Limited (company number 05057687)

9.2.5. Whistl Fulfilment (Farnborough) Limited (company number 04873262)

9.2.6. Whistl Fulfilment (Gateshead) Limited (company number 03732746)

9.2.7. Parcelhub Limited (company number 07187537)

9.2.8. Spark Etail Limited (company number 07551349)

9.2.9. Whistl Fulfilment (South West) Limited (company number 03783523)

9.2.10 Relish Agency Ltd. (company number 11456907)

More detail about these businesses can be found on the About Us page of this site.

10            How long will you use my personal data?

10.1         We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation with respect to our relationship with you.

10.2         To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

10.3        Details of retention periods for different aspects of personal data are set out below: ​

11            How Can You Access Your Data?

You have the right to ask for a copy of any of your personal data held by us (where such data is held under GDPR, no fee is payable and we will provide any and all information in response to your request free of charge). Please contact us for more details at GDPR@whistl.co.uk, or using the contact details below in section 12.

12.           Contacting Us

If you have any questions about Our Site or this Privacy Policy, please contact us by email at gdpr@whistl.co.uk, or by post at Meridian House, Fieldhouse Lane, Marlow, Buckinghamshire, England, SL7 1TB. Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you.

13.           Changes to Our Privacy Policy and to Your Personal Data

13.1.        We may change this Privacy Policy from time to time (for example, if the law changes). Any changes will be immediately posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up-to-date.

13.2.       It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Implementation of Policy

This Policy was last updated on 1st September 2023