Introduction
Who we are
Your Security
Information We Collect
How we use your Information
Who we share your personal information with
International transfers of your personal information
How we use your information to make automated decisions
How long we keep your personal information
Your Rights
How can you stop the use of your personal data for direct marketing
Website Cookies
Security Measures
Links other websites
Social Plugins
Contact us
Complaining to the Data Protection Regulator
Changes to this Policy

Introduction

This Privacy Policy helps you understand what Personal data we collect, why we collect it, what we do with it and the choices you have, including how to access and update information.

Our policy applies to you if you use our products or services in store, over the phone, online, through our mobile applications or if you use any of our websites or interact with us on social media (our “Services”).

Who we are

Currys is a trading name of Currys Group Limited (referred to using “We”, “Us”, “Our” or the “Company”) is a company registered in England and Wales (Company registration number: 504877) Currys is Europe's leading specialist electrical and telecommunications retailer and services company, employing over 42,000 people in eight countries. We pride ourselves on giving our customers simple and independent advice on which electronic and technology products are right for them.

Your Security

When you shop with us or use our services, you trust us with your data. We’re a company that puts you, our customer, first, respecting you as an individual but also as a member of our community. We listen to our customers to understand your expectations and make sure these are reflected in our business decisions. We’re committed to maintaining your trust and confidence. In this Privacy Policy, we’ve provided details on when and why we collect your personal information, how we use it, the very limited conditions under which we may disclose it to others (where direct marketing is concerned only with your explicit permission) and how we keep it secure.

Information We Collect

We collect personal information about you when you visit one of our stores, use our Websites (“Websites”), or use our web or mobile device applications (“Mobile Apps”) or if you communicate with us by phone, e-mail and social media. We refer to our Websites and Apps collectively as “Online Services”.

The types of personal information we collect includes:

Personal details such as your name, address, date of birth, email address, phone number and other contact information Transaction information, such as the product you purchased, its price, your method of payment and your payment details.
Information about you like your employment details, financial position and information taken from identification documents like your passport or driving licence when we review your application for insurance or loans offered by selected third parties partners
Your account information – such as dates of payments owed and received, the subscription services you use or any other information related to your account
The phone numbers that you call/send messages to or the phone numbers that you receive calls/messages from.
The date and time of the calls and messages you send or receive through our network, and your location at the time these communications take place.

When you’re online the information we collect includes:

Account information, like your username, password, and other identifiers or credentials you use to access our online services or to buy our products and services, details of your shopping preferences, such as your favourite brands and products, as well as which of our stores you prefer to shop in
Details of your visits to the Website, in-store WIFI or App and the resources that you access. Examples include ads that you click, device information and your location
IP address and cookie data
Information that you provide in your dealings with us. This includes when you register to use our online services, or when you subscribe to our services or request further services and/or information from us.

The situations when you provide personal information could include when you:

Purchase products at our stores or through our contact centre
Register or use our Online Services
Request to receive marketing or other communications
Use our Wi-Fi networks or other in-store tech
Enter one of our competitions or when you complete one of our customer surveys
Submit information when you’re providing feedback
Use interactive features of our Online Services.

How we use your Information

The law on data protection sets out a number of different reasons for which a company may collect and process your personal data. These are set out below.

When we’re required to enter into a contract with you

We use your personal information to process your orders and payments or to give you a refund.

Where you have provided consent

We use email and text messages to communicate with you about our products and services, competitions, offers, promotions or special events where you tick a box.

For example

To provide a free mobile phone upgrade reminder service to inform you when a product is back in stock
To send you a renewal notice
If you give us permission, to communicate with you about our third party partners that we believe may interest you

Where there is a Legitimate Interest

As a Company we are often required to process your personal data in order to carry out certain tasks relating to our business activities. In such cases, processing of personal data can be justified on grounds of legitimate interest.

Communications

To provide customer support and to respond to, and communicate with you about your requests
To contact you if we need to obtain or provide additional information
To check our records are right and to check every now and then that you’re happy and satisfied (e.g. customer surveys).
For marketing activities (other than where we rely on your consent) e.g. marketing permissions captured during the course of a sale, personalising marketing messages through social media and other third party platforms;
To send promotional material (e.g. renewals) to you in the post or inform you of our offers by telephone
To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request)
To send communications to you about your orders, purchases or accounts and bill you for using our products or services
To let you post on our blogs and interact with us through social media.

Personalise & Improve our Service

To personalise your experience on our online services. This could include providing you with interesting, relevant content, or making navigation to our Sites and Mobile Apps easier

To help us understand more about you as a customer, the products and services you use, the way you use them and how you shop across the company, so we can serve you better
Improve the content and appearance of the Website(s) or App(s), and to make sure that content is presented in the most effective manner for you
To operate, evaluate and improve our business, including the development of new products and services; to determine the effectiveness of our sales, marketing and advertising; and the analysis and improvement of our products, offers, promotions, and Online Services and other technologies
To show you relevant ads by using data collected from your devices, including your searches, location, ads that you have seen and personal information that you have given us, such as your age range, gender and topics of interest. Dependant on your Ads Settings, this data informs the ads that you see across your devices. So if you visit our website on your computer at work, you might see ads about our products or services on your phone later that night.

Company Interest

Where you fail to repay what you owe Us or return our property, we may need to trace your whereabouts (sometimes using a tracing Agent) in order to recover payment or reclaim property. This might be carried out by a third Party debt recovery agent on our behalf
To protect against, identify and prevent fraud and other criminal activity, claims and other liabilities
For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access.

When we’re required to comply with our Legal Obligation

We’ll use your personal information to comply with our legal obligations including:

To identify you when you contact us
To verify the accuracy of data that we hold about you
To assist HMRC and/or the Police and/or other regulatory bodies in relation to an investigation by a public authority.

Where it is in your Vital Interest

In certain circumstances it is in your vital interests for us to process your personal information. We may need to contact you if there are any urgent safety or product recall notices or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you.

Who we share your personal information with

We share personal information within the Currys PLC Group. Members of the Currys Group that receive this information are not authorised to use or disclose the information except as provided in this privacy policy.

Our service providers

We work with partners, suppliers, insurers and agencies so they can process your personal information on our behalf and only where they meet our standards on the processing of data and security. We only share information that helps them provide their services to us or to help them provide their services to you. For example, some of our service providers place advertising for us online, about our products and services and those of our retail partners, suppliers and third parties. As a result, where you have indicated you are happy to receive marketing from us, you might see online advertising that we have placed on the web sites you visit, or the interactive services you use.

Other organisations and individuals

We may transfer your personal information to other organisations in certain scenarios. For example:

When you apply for credit or purchase an insurance product we’ll pass on your information to trusted third party partners responsible for these products. Please note we act as a credit broker and not as a lender in respect of our insurance products credit facility within our UK and Republic of Ireland stores
Companies that enable us to collect your reviews and comments, both online and offline; and
We may use trusted third parties to carry out certain activities on our behalf and may share your personal data with them for the purposes of: processing and sorting data, monitoring how customers use our site, issuing our emails for us and collecting product/customer feedback from you via surveys. The third parties include Reevo, Maru/EDR (previously eDigital), ABA Research, this is by no means an exhaustive list but it gives an indication of the many third parties we work with.
Companies which run our contact centres because they need your personal information to identify and contact you
Third party vendors who help us to manage and maintain the Group IT infrastructure.
Companies that provide insights and analytics services for us so we can stock the right products, send the right marketing campaigns and understand our business and customers better
If required to by law, under any code of practice by which we are bound or we’re asked to do so by a public or regulatory authority such as the Police or the Department for Work and Pensions
Information may also be shared with fraud prevention agencies to prevent fraudulent claims
If we need to do so in order to exercise or protect our legal rights, users, systems and services
In response to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.
With emergency services (if you make an emergency call), including your approximate location
Companies that enable us to collect your reviews and comments, both online and offline
We may use trusted third parties to carry out certain activities on our behalf and may share your personal data with them for the purposes of: processing and sorting data, monitoring how customers use our site, issuing our emails for us and collecting product/customer feedback from you via surveys. The third parties include Reevo, Maru/EDR (previously eDigital), ABA Research, this is by no means an exhaustive list but it gives an indication of the many third parties we work with
Companies which run our contact centres because they need your personal information to identify and contact you
Third party vendors who help us to manage and maintain the Group IT infrastructure
Companies that provide insights and analytics services for us so we can stock the right products, send the right marketing campaigns and understand our business and customers better

Credit Reference Agencies

In order to process your application we’ll supply your personal information to credit reference agencies (CRAs) and they will give us information about you.

This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information. We will use this information to:

Assess your creditworthiness and whether you can afford to take the product
Verify the accuracy of the data you have provided to us
Prevent criminal activity, fraud and money laundering
Trace and recover debts
To make sure any offers provided to you are appropriate to your circumstances.

We’ll also continue to exchange information about you with CRAs on an on-going basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates.

The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at www.equifax.co.uk/crain

International transfers of your personal information

From time to time we may transfer your personal information to our suppliers, service providers and other company offices based outside of the European Economic Area (EEA) for the purposes described in this privacy policy. If we do this your personal information will continue to be subject to one or more appropriate safeguards set out in the law.

If we do transfer information to our agents or advisers outside of the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA. We’ll use one of these safeguards:

We’ll transfer it to a non-EEA country with privacy laws that give the same protection as the EEA. Learn more on the European Commission Justice website .
We’ll put in place a contract with the recipient that means they must protect it to the same standards as the EEA. Read more about this here on the European Commission Justice website

How we use your information to make automated decisions

We sometimes use systems to make automated decisions based on your personal information or the information we are allowed to collect from others about you or your business (for example where we perform credit checks). This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the products, services or features we may offer you now or in the future, or the price that we charge you for them.

Your rights

You have rights over automated decisions.

Under certain circumstances, you can ask that we do not make our decision based on the automated score alone
You can object to an automated decision, and ask that a person reviews it.

If you want to know more about these rights, please contact us.

How long we keep your personal information

We will keep your personal information for as long as you’re a customer. If you haven’t made a purchase or engaged with us for 3 years or more, then we’ll remove you from our marketing mailing lists. After you stop being a customer, we may keep your data for up to 7 years after the last time you interacted with us. This could include one of the ways specified in ‘How we use your personal information’ and for one of these reasons:

To respond to any questions or complaints
To show that we treated you fairly
To maintain records according to rules that applies to us
To establish, bring or defend legal claims.

We may keep your data for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it in order to help support product recalls or safety notices. If we do, we will make sure that your privacy is protected and only use it for those purposes.

We do not retain personal information in an identifiable format for longer than is necessary.

Your Rights

Access to Information held about you

You have the right to request what personal information we hold about you. This is sometimes called a 'Data Subject Access Request'. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we’ll provide it to you free of charge. Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information. Except in rare cases, we’ll respond to you within 30 days after we’ve received this information or, where no such information is required, after we’ve received your request.

If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.

In certain circumstances you have the right to request a copy of your personal information from us or to have that information passed to an organisation of your choice in a format that can be easily re-used.

Right to stop or limit our processing of your data

You have the right to object to us processing your personal information if we’re not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

Where we rely on our legitimate interests, as set out under ‘How we use your personal information’, you may object to us using it for these purposes. If we agree that your objection is justified in accordance with your rights under data protection laws, we’ll permanently stop using your data for those purposes. Otherwise we’ll provide you with our justification as to why we need to continue using your data.

You can ask us to restrict the use of your personal information if:

It isn’t accurate.
It has been used unlawfully but you don’t want us to delete it.
It’s not relevant any more, but you want us to keep it for use in legal claims.
You’ve already asked us to stop using your data but you’re waiting for us to tell you if we’re allowed to keep on using it.

Please note that we may be required by law to retain certain information. Before we are able to provide you with any information or correct any inaccuracies, we may ask you provide other details to help us respond to your request.

If you would like to exercise these rights, please contact us

Please make sure you provide one proof of identity (we suggest either a utility bill in your name or your driver's licence, but other similar formal documents may be accepted, please note the documents cannot be older than 6 months) as part of your request.

How can you stop the use of your personal data for direct marketing

We won't send you marketing messages if you tell us not to.

You can click onto the "unsubscribe" link in any communication that we send to you by email which will automatically unsubscribe you from that type of communication. Each "unsubscribe" link only relates to that specific type of communication. Please also note that you may continue to receive Service communications in relation to the product and services we have sold to you
In relation to our App(s), you can manage your preferences in the App(s)

Please note that it may take up to 28 days to process your request.

You can also find further information within our Direct Marketing Charter.

Website Cookies

The purpose of our Cookies Policy is to help explain what they are, why you are collecting them, and what information cookies store.

Please refer to our Cookies Policy

Security Measures

All companies within the Currys Group use technical and organisational security measures to protect the personal information supplied by you against loss, destruction, and any unauthorised access by third parties.

Links to other websites

Our websites (which includes this Privacy Policy) contain links to other websites run by other organisations which we do not control. This policy does not apply to those other websites and Apps‚ so we encourage you to read their privacy statements.

Social Plugins

We use so-called social plugins (buttons) of social networks such as Facebook, Google+, You Tube, Instragram and Twitter.

After activation of a button, the social network can retrieve data, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account. A social network cannot assign a visit to websites operated by our other group companies unless you activate the respective button there as well.

If you’re a member of a social network and don’t want that network to combine data retrieved from your visit to our websites with data they hold on you, you must log out from the social network concerned before activating the buttons.

Contact us

If you have a question or a complaint about this policy, the way your personal information is handled, please contact us by one of the following means:

By web form: complete this web form

By post:

Currys SAR
PO Box 689
SALFORD
M5 0PD

Complaining to the Data Protection Regulator

You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details at: https://ico.org.uk/. Alternatively our Data Protection Officer can be contacted via dpo@currys.co.uk.

Changes to this Policy

We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website and/or by contacting you by email.