Coffee club logo

Privacy Notice

Who are we?

We are Ello Group Limited, the owner of tastecard and Coffee Club (Taste Marketing Limited), Gourmet Society (Simard Limited) and hi-life (Hi-Life Diners Club Limited).

We provide services on behalf of Vue Services Limited and Vue Entertainment Limited.

We also provide products and services to our partners for use as rewards or benefits to their customers/employees.

What information do we collect about you & why?

Type of Personal Data

Purpose of processing

Contact information (Name, email address, postal address, phone number)

Provide memberships, provide products, respond to queries, send updates, verify identity, verify eligibility, only show you relevant offers

Payment information (payment details, billing address)

Process payments, and fulfil orders

Shipping Address

Send products to you

Company information

As part of provision of services on behalf of an employer, third-party benefit provider or reward provider

Unique identifiers (username, Membership Code, Redemption Code)

To verify your identity and provide access to a product or service.

Preference Information (order history, membership usage, marketing preferences)

Provide updates with regards to your use of the product, and products that may be of interest

We may also collect.

Type of information

Purpose

Communication information (comments, posts, feedback, email, chats, calls)

To enable us to improve services, and respond to your queries

Location information, Usage information

To make recommendations about services in your area

IP Addresses (including geographical location), Mobile/Web usage

For system administration, recommendations and service improvements

Date of Birth (in certain contractual circumstances)

Validate eligibility for products or services

Legal documents (in scenarios of lasting power of attorney [LPA])

Validate a person can act on your behalf

If you contact us through social media, you will have read and provided consent to their own Terms and Conditions and been provided with their Privacy Notice. We will not contact you directly through social media for customer query management, we will only respond to a message you have posted or sent to us.

Where you have provided us with a mobile number, and consent, we may market to you using SMS and Push notifications.

How do we get your information?

It could be because you provide it to us directly to get one of our products or services.

Or it is through a 3rd party, for example.

o your employer, to provide membership to you.

o a third-party benefit provider, to provide membership to you.

o a reward provider, to provide membership to you.

What can we do with your information?

The lawful bases we rely on for processing this information are either:

• we have your consent.

• we have a contractual obligation.

• we have a legitimate interest.

Who do we share your information with?

The following link provides information on data recipients who we use to provide the service we offer. The document will explain which processors work on which brand and what safeguards we have in place, Recipients of Personal Data.

We may disclose your Personal Data to any member of our group (Ello Group Limited), which means our subsidiaries, our ultimate holding company, and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

We will not disclose your information to any of the third parties (Recipients of Personal Data) for marketing purposes.

How do we keep your information secure?

All information you provide to us is stored securely. Any payment transactions are encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access our mobile app(s) or website(s), you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

The transmission of information via the internet may not be completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.

We store your information securely and take all relevant technical and organisational measures required.

What happens if I am a customer of the Vue services you provide?

We will share your Personal Data with Vue. Vue acts as a Joint Controller or Controller of your Personal Data, which is collected as part of the Vue services, we share this with them in connection with your Vue order.

Do we transfer your personal data to other countries?

Ello Group may work with third parties that require them to store, access or process Personal Data in a third country. Controls are in place to ensure that the level of protection is not undermined and that security controls are at a level commensurate with the type of information being transferred.

We also use an external IT service provider, to assist us with the management of our IT systems and ensuring that our systems are secure. We do not transfer data to this organisation however they will have access to our systems to enable them to complete maintenance and IT support.

We may also provide services using SaaS platforms, which are cloud hosted applications made available to you over the internet.

Where we transfer Personal Data to third countries, we will always ensure that we have or use the appropriate transfer mechanism. This includes Data Protection Agreements, Standard Contractual Clauses, or International Data Transfer Agreements.

How long do we keep your information for?

This is the length of time records should be kept for administrative, legal, fiscal, historical, or other purposes. We strive to maintain and retain adequate, relevant, and limited records to what is necessary in relation to the purposes we set out. As such we define maximum retention periods, and within those periods we will erase and securely dispose of information.

As an example,

Type of Record

Maximum Retention Period

Membership record (as a direct customer) – where your membership has ended

5 years after expiry and 18 months after the last interaction with us

Corporate Membership – where you’ve been provided with a membership through our client

5 years from expiry of that membership, or as defined in the contract agreed with the Client

Guest Checkout – where you have purchased a product, where you were not required to set up an account

2 years – based on the product type that was purchased

What are your rights regarding your information?

Under the GDPR (General Data Protection Regulation), you have the following data rights,

• to know how your information is used and protected.

• to obtain access to the personal data held about you.

• to ask us to correct your personal data.

• to ask us to erase your personal data.

• to ask us to stop using or restrict the use of your personal data.

• to object to certain types of processing.

Do we profile or make automated decisions using your information?

Yes, we do, for example, we collect location information and usage information, this can be used to recommend venues or experiences to you.

We also work with third parties to help us create a profile to ensure that we are sending relevant information.

Profiling covers information about how decisions are made and the significance of the consequences.

Please note that the use of profiling or automated decisions are not made without human involvement.

What you need to know about Cookies, Tracking & Marketing

To enable our systems to recognise your device and to provide features to you, we use cookies. For more information about cookies and how we use them, please read our Cookie Policy.

Mobile Applications may use tracking technologies to record how you interact with them. This is used to help improve services.

We regularly send out communication to keep you up to date with all the latest discounts and offers from the Ello Group brands, Vue, and our chosen partners. If you wish to stop receiving these emails, you can do so at any time by simply clicking unsubscribe, you will then be removed from all promotional emails. To unsubscribe from SMS marketing follow the instructions in the SMS received or contact us.

Please note that even if you decide not to subscribe to, or to unsubscribe, from promotional email messages, we will still need to contact you with important transactional information related to your account and your purchases. For example, we may still send you renewal or purchase information, or updates on new partners as part of your membership.

How we tell you about changes that could impact you?

We may change this Privacy Notice from time to time.

Changes will be posted online, and in our Mobile Applications. We may notify you through communications we send from time to time.

If you wish to view or alter your Privacy settings this can be done in the Mobile Application, or you can contact us through the online Contact form.

If you need to make a complaint about how we use your information

If you have any concerns about our use of your Personal Data, you have the right to make a complaint.

1) For UK residents please use [email protected]

2) For EU residents you can contact our EU representative, [email protected]

You can also complain to the relevant supervisory authority if you are unhappy with how we have used your data.

For UK residents:

Please come and speak to us first, if you are still unhappy you can then contact the

Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Helpline number: 0303 123 1113    ICO website: https://www.ico.org.uk

For EU residents:

You need to refer to your National Supervisory Authority for details on how and where to submit your complaint.

Last update date

This Privacy Notice was last updated on 11th September 2024.