Privacy Policy

DATA PROTECTION AND PRIVACY POLICY

INTRODUCTION

The Data Protection Act 2018 (“DPA”) and UK GDPR require that we provide you with information about how and why we use personal data. Rocket UK Ltd, trading as The Rocket Marketing Group ("we/us/our") own and operate Coffee and are committed to protecting the integrity and security of your data and personal information, which is outlined in this policy. 

This privacy information relates to personal data being processed or intended to be processed by Rocket UK Ltd, Mocatta House, Trafalgar Place, Brighton, BN1 4DU United Kingdom which is collected and/or created and used as set out in this privacy notice. We are committed to protecting and respecting your privacy and complying with the principles of the Data Protection Act.  If you are unsure how we are handling information about you or you think we could improve our privacy information, please let us know. 

We have appointed a Data Protection Officer (DPO) to oversee our processing of personal information whose contact details are: dataprotectionofficer@rocketmarketinggroup.com. Alternatively, you could write to: The Data Protection Officer, The Rocket Marketing Group, Mocatta House, Trafalgar Place, Brighton, BN1 4DU.  

We aim to process information about you fairly, lawfully, and in a transparent manner and the aim of this document is to provide you with enough information for you to be able to understand what we are doing with your data.  

CONDITIONS OF USE

Unless stated otherwise, this is our current Data Protection & Privacy Policy and applies to all information that we gather, store and use. 

INFORMATION WE COLLECT ABOUT YOU

We collect information in the following ways:  

  • Information you provide to us directly, for example when you contact our Customer Support Team. We will collect personal data when you register with us as a member. This may include your name, address, email details, telephone number.
  • Information we collect about you indirectly
     
    When you use our website we will collect personal information about you using cookies of which are contained in our Cookies Policy in order to deliver a functional site on your device.
     
  • Social Media
     
    Depending on your settings or the privacy policies of the social media platforms and messaging services you use (e.g. Facebook, YouTube, Twitter, Instagram, WhatsApp etc.) you may allow us to access information from those services for example if you publicly “like” or “follow” us we may be able to collect information from your social media profile.  We strongly advise you to check the privacy settings on your social media accounts to ensure that you know what information is shared with us and others. While this information is available where your profile is made public, this will not be used by Coffee.
     
  • Location
     
    With your permission we use your location to calculate your distance from nearby restaurants and to allow you to find restaurants within a set radius of a chosen location. We will also see your location when you are using your Digital Coffee Card to determine if you are close to the restaurant. You may stop sharing your location data with us at any time, however this could potentially impact the offers which appear available in your area.
     
    We may also be able to see location through our Email Marketing and Automation Service, detailed in this policy below.    

HOW WE USE THE PERSONAL DATA WE COLLECT

We collect and process personal data for the following reasons: 

  • Research 
  • Analysis
  • Client Reporting
  • Provision of Discounts
  • Savings or other scheme Benefits
  • Accounting and Advisory Services. 

The main uses of personal data we collect, create and hold are set out in the table below along with information about the lawful grounds for processing.

Purposes for processing personal data

Lawful basis

Processing payment

Contractual obligations between us and our customers. This processing activity is necessary to fulfil the wishes of the customer.

Responding to queries

Legitimate interests of us and those making the requests.

Creating and maintaining a database of our customers

Legitimate interests of us and our customers. We process information to ensure customer memberships function correctly, ie registered email address, etc.

Developing new services and ideas

Legitimate interests of us and our customers. The information we collect, including the optional information, may be used for internal research purposes to aid improvement of the product and the customer experience.

Contact

Consent. From time to time we may wish to contact the customer by either email or phone, to find out opinions of our services and with offers that might be of interest and service updates.

We may email you service updates which are defined as the following:

• New offers and partners available 

• Offers

• Changes to Terms and Conditions

• Specific discounts in your area, should you choose to provide us with your postcode

We will also send you emails about our competitions. You may at any time update your preferences for receiving this via the My Account section of the website or by writing to compliance@rocketmarketinggroup.com and we will amend our records accordingly.

Creation of a Coffee membership 

Consent. In order to register with us, customers actively decide to provide information in order to utilise the service. 

The collection of your data is necessary to create any of your memberships with us. All personal data which is used to create these memberships would have been initially supplied by you. 

From time to time, our site may contain links to and from the websites of our partners, affiliates and advertisers. Please be aware that if you follow a link to or from these websites, they have their own privacy policies. We do not accept any responsibility or liability for these policies. 

SHARING PERSONAL DATA

We will never sell, rent or trade your personal information to third parties. However, in order to operate the website or app, or provide some of the services, discounts, savings or benefits that you require, we may need to supply selected third parties e.g. a restaurant, with your Personal Information, but it will only be for the stated purpose and no other. These organisations are listed in the table below. 

Please be aware that with some providers of offers on the website or app, you may need to provide them with your Personal Information for redemption of the offer. For example, if we promote an offer for a discounted product, the user may be directed to the supplier’s own website in order to claim and input your information. The data inputted on that website will be subject to the Privacy Policies of said website.

We will share personal data that we hold with the following categories of organisations/people as necessary in order to undertake our processing activities. This list is not exhaustive and may change from time to time.  We will regularly maintain the accuracy of this list. 

In order to meet our regulatory requirements, Coffee maintain contractual agreements and undertake the necessary compliance due-diligence.  

Name of Organisation

Purpose

Adido

Specialist company used to host our website and app and its database. 

Chase

Payment processing supplier

Campaign Monitor

Email Marketing and Automation Service used to send and monitor emails. In doing this, we obtain information such as but not limited to: 

1) Time of receipt

2) Time of opening

3) Location it was opened in

4) Device used to open

Batch

Specialist communication platform which enables Coffee to provide instant and relevant messages via push notifications relevant to you, should you consent to these. 

INTERNATIONAL TRANSFERS OF PERSONAL DATA

Campaign Monitor is located outside of the EEA in the US. They are our data processor and governed by legal obligations set out in the UK, GDPR. Controls are in place to keep sufficient protection, such as using an ISO27001 certified cloud service, and the appropriate contractual arrangements. If you require further information on this, please email our DPO whose contact information can be found in the introduction of this policy.

COOKIES

Please see our Cookie Policy to find out which ones our website uses.

YOUR INFORMATION AND RIGHTS

You have the right to request a copy of the personal data that we hold about you, known as a Data Subject Access Request. You may also add, amend or delete information as appropriate. You may make a Data Subject Access Request verbally by calling 01273 668822, by writing to The Rocket Marketing Group, P.O. Box 5141, Brighton, BN50 9SZ with two forms of ID, or emailing our DPO whose contact information is available in the Introduction to this Data Protection and Privacy Policy, 

You can object to the processing of your personal information, request the restriction of processing of your personal information or request portability of your personal information. You may also withdraw your consent at any time without affecting the lawfulness of processing based on the consent before its withdrawal. You may also opt out of processing activities which rely on legitimate interest by calling 01273 668822 or by emailing our DPO whose contact information is available in the Introduction to this Policy. You have the right to complain to the Information Commissioner’s Office (ICO) about our collection and use of your personal information.

SECURITY

The security of your data is very important to us and we seek to protect it from wrongful loss, misuse, alteration or destruction. Our security controls and processes are reviewed regularly to ensure that they are in line with changes in the law and technology.

CHANGES TO OUR PRIVACY POLICY

We may make changes to our privacy policy occasionally. Significant changes and any changes to the way we treat your personal information will be communicated to you on our website or by email giving you the opportunity to review them.