1. Who Are We
YesPhones.co.uk is a trading name of Evolution Marketing (UK) Ltd and is licenced by the Information Commissioners Office and Registered in the UK, number 07913173. Registered Office Address: Berkeley Square House, Berkeley Square, Mayfair, London, W1J 6BD.
YesPhones.co.uk are aware how important your privacy is, based on this we have implemented measures which will ensure any personal information that is obtained from you by visiting our website will be processed and maintained in line with accepted principles of good information handling and in accordance with the General Data Protection Regulation (GDPR). Contained within this statement and set out below are details of the type of information that we at YesPhones.co.uk may hold about you our customer, also how we obtain and process any information we may have and importantly how we protect your privacy.
We and our panel of mobile phone providers, will keep you informed with the progress of your enquiry. Unless you state otherwise you may be contacted via telephone, email and SMS. (see further section on ‘How we keep you informed’)
Lawful basis for collecting your personal data
Our use of your personal data will always have a lawful basis.
We rely upon a different lawful basis to process your personal data according to the reason for which you have provided your data to us.
When you submit your smart phone offer application with yesphones.co.uk, we process your personal data on the basis that you have provided your consent to be contacted by YesPhones.co.uk and our panel of Mobile Phone providers.
You can withdraw your consent to us processing your personal data at any time by clicking the “unsubscribe” option in any SMS, email we, or any associated third party, send to you.
Alternatively, you can withdraw your consent by contacting our Data Protection Officer at email@example.com or using the contact details stated in section 15 / 16. If you change your mind about agreeing to us processing your personal data, this will not have any effect on the lawfulness of any processing we have carried out before you changed your mind.
Your personal data will also be processed on the basis that we need this information to fulfil our obligations under the contract we have entered into with you by introducing you to a Mobile Phone provider. YesPhones.co.uk and our panel of Mobile Phone providers will contact you regarding your smart phone application.
We have a legitimate interest in processing your data (i.e. to share your smart phone application with our panel of Mobile Phone providers) to obtain your smart phone offer you have applied for.
It also includes processing your data for ID protection and tracing purposes such as Credit Reference and Fraud Prevention. This is in relation to appropriate agencies which are listed within section 9.
You can object to us processing your data in this way by contacting our Data Protection Officer at firstname.lastname@example.org or using the contact details stated in section 15 / 16.
If you are required to telephone us using the specified telephone numbers on our website under the Contact or advertising/marketing correspondence then your call may be recorded for training, quality and regulatory purposes. We pride ourselves in complete customer care and this gives us the opportunity to continuously improve and monitor our customer experience.
4. How we keep you informed
We may want to make contact with you at some point in order to keep you informed regarding offers on products or services which we think you may find of interest, this contact will be made via email and SMS.
5. Obtaining Personal Data or Information
- The information/data that we collect from you may include the following details:
- Telephone number (home, mobile)
- Post code
- Deal type (Handset or SIM-Only contract)
- Preferred Network provider (choice)
If you apply with us and have a question about our services, or alternatively choose to send an email to email@example.com may also collect the above personal information/data in this instance in order for us to respond to your enquiry.
6. Customer Communication
Unless the customer states otherwise we will contact the customer via means of telephone, SMS and email to provide information and alerts relating to our services and our associate companies. We may also receive personal information/data from third parties, which enables us to offer Identified potential customers products, and services who have expressed interest in our products and services. Any information/data obtained from third parties is checked in regards to accuracy and we will endeavour to check your information with you on occasion.
Ensuring your personal details & or preferences are kept up to date.
It is your responsibility to ensure that any information we have on record for you is kept up to date and correct. If you do require any of your information to be updated then please contact us as soon as possible so we can ensure it is corrected.
If you require your preferences to be updated then please contact our Compliance Manager as soon as possible (details set out below).
7. What personal information do we collect
We collect personal information about you when you give this to us when applying for a mobile phone product online. This might be, for example, to obtain comparative quotes for mobile phone products offer by mobile phone providers. In the course of providing the Services to you, we may also store information about how you use our Sites, for example, the pages viewed, the website from which you came to visit our Sites, changes you make to information you supply to us, details of the quotes you request and your applications, together with details of your financial information, for example, bank account or payment details.
We will store the information you provide and may use it to pre-populate fields on the Sites and to make it easier for you to use the Sites when making return visits
We may monitor or record your calls, emails, SMS or other communications but we will do so in accordance with data protection legislation and other applicable law. Monitoring or recording will always be for business purposes, such as for quality control and training (e.g. where you call our compliance or customer service department), to prevent unauthorised use of our telecommunication systems and Sites, to ensure effective systems operation, to meet any legal obligation and/or to prevent or detect crime.
We will periodically review your personal information to ensure that we do not keep it for longer than is permitted by law.
8. Who do we share your personal information with
When you complete an enquiry, you consent to us disclosing your personal information to the following parties:
Mobile Phone Providers offering mobile phone products such as smart phone contracts. Our preferred partners in this sector are:
- Telefonica UK Limited trading as O2
- Intelling Limited
- Vodafone Limited
Our Channel Operators: whilst the majority of the channels on our Sites are run by us, some of our channels are designed and maintained for us by our third party service providers. We may receive your personal information from these service providers and use it in accordance with section 4 above. We will only use the personal information we receive from third parties where the relevant third party can show that it was collected and processed with your consent;
Regulatory/governing bodies, for the purposes of compliance monitoring;
Where permitted by data protection and privacy law, we may also disclose information about you (including electronic identifiers such as IP addresses) and/or access your account:
1. if required or permitted to do so by law;
2. if required to do so by any court, the Competition and Markets Authority or any other applicable regulatory, compliance, Governmental or law enforcement agency;
3. if necessary in connection with legal proceedings or potential legal proceedings; and/or
4. in connection with the sale or potential sale of all or part of our business.
If we reasonably believe false or inaccurate information has been provided and fraud is suspected, details may be passed to fraud prevention agencies to prevent fraud and money laundering.
FRAUD PREVENTION AGENCIES (FPA’S)
If we reasonably believe false or inaccurate information has been provided, including in relation to a person’s identity, and fraud is suspected, details, including personal data may be passed to fraud prevention agencies to prevent fraud and money laundering. Your details may be passed to statutory bodies, regulators, legal bodies, credit reference agencies, fraud prevention entities and identity and address verification agencies who may record and use your details. They may also disclose your information to other organisations for credit reference, debt tracing, and fraud and money laundering prevention purposes. If you have any queries regarding these uses, please contact the relevant organisation.
By submitting an enquiry form on our site, you confirm that all of the information provided is true and accurate. You also, when applying, authorise the Alternative Solutions Provider to use both fraud prevention and credit referencing agencies to help make relevant decisions. Credit checks and credit reference agencies can also help prevent fraudulent applications.
What is a Fraud Prevention Agency?
Fraud Prevention agencies collect, maintain and share information on any known or suspected fraudulent activity.
They work in the following ways with various organisations:
- If false or inaccurate information is provided and fraud is identified, details will be passed to Fraud Prevention Agencies
- Law enforcement agencies may access and use this information.
- FPA’s along with ourselves and other organisations, may also access and use this information to prevent fraud and money laundering, for example, when:
- Checking details on applications for credit and credit-related accounts, or other, facilities;
- Managing credit and credit-related accounts or other facilities;
- Recovering debt;
- Checking details on proposals and claims for all types of insurance; and,
- Checking details of job applicants and employees.
- We, and other organisations may also access and use the information recorded by FPAs from other countries
9. How do we use your personal information
We may use your personal information:
- to enable you to access and use the Services;
- to personalise and improve aspects of our Services;
- for research, such as analysing market trends and customer demographics;
- to communicate with you, including some or all of the following:
- to process an application between you and a third party such as the mobile phone provider;
- to track applications, which may involve us sharing data with your product provider relating to the product(s) you have chosen. Your product provider may also send us information they hold relating to the product(s) you have chosen for this purpose;
- to match our data with data from other sources – we may validate and analyse your information and, in some cases, match it against information that has been collected by a third party to ensure that the information we hold about you is as accurate, consistent and as well-organised as possible.
10. What cookies do we use
Cookies and Web Beacons
We use a single first party cookie, named ‘PHPSESSID’. This cookie is vital for the operation of the website, as it allows us to track different page loads to yourself, which allows the form and application process to work.
To find out more about accepting or refusing cookies please visit www.allaboutcookies.org.
We also use Google Analytics to collect non-personally identifiable information, in aggregate form, to understand website/page visit volumes in terms of source, geography, browser, etc.
Google Analytics employs a software technology called web beacons, that help us better manage content on our site by informing us what content is effective. Web beacons are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users or responses to emails. In contrast to cookies, which are stored on a user’s computer hard drive, web beacons are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. Web beacons cannot be disabled in same manner as cookies may. We do not tie the information gathered by web beacons to our customers’ personally identifiable information.
Cookies used by Google Analytics:
Important: Read the Google Analytics privacy document for more details about the data collected by Google Analytics.
FACEBOOK (VISITOR ACTION PIXEL)
We use the “visitor action pixels” from Facebook Inc (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.
This allows user behaviour to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.
Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
On our websites functions of the service Instagram are embedded. These functions are offered by the Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged in to your Instagram account, you can link contents of our websites to your Instagram profile by clicking the Instagram button. By this ,Instagram will associate the visit of our websites with your user account. We would like to point out that we, as providers of these websites, do not obtain knowledge about the contents of transmitted data as well as their use by Instagram.
TWITTER CONVERSION TRACKING
On our website, we use the Conversion Tracking Service of Twitter Inc. (1355 Market Street #900, San Francisco, California 94103, “Twitter”). Twitter stores a cookie on the user’s computer to enable an analysis of the use of our online products and services. Twitter Conversion Tracking tracks the actions of users after they have viewed ads or interacted with ads on Twitter. Twitter’s Conversion Tracking allows you to assign conversions such as link clicks, retweets or “like” data.
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. If you wish to object to tracking, you can do so using the Digital Advertising Alliance tool at optout.aboutads.info.
Twitter is certified under the Privacy Shield Agreement and thus guarantees its compliance with European data protection legislation: (https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active)
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. Please note that by disallowing cookies some functionality on the site may be restricted.
11. How secure is our site and what steps do we take to keep you safe
Our Sites are “Let’s Encrypt Secure Websites” and keeping information about you secure is very important to us. However, no data transmission over the internet can be guaranteed to be totally secure. Sensitive information, for example, your card details, is encrypted to minimise the risk of interception during transit.
We do our best to keep the information you disclose to us secure. However, we can’t guarantee or warrant the security of any information which you send to us, and you do so at your own risk. By using our Sites you accept the inherent risks of providing information online and will not hold us responsible for any breach of security.
12. Rights of access to your personal information
You have certain rights under the General Data Protection Regulations . For example, we will always let you have a copy of the personal information we hold about you, if you request it from us in writing.
- Right to Object – because you have asked us to help you find a financial product or service, we need to process the personal information you give us to enable us to find the best product or service available amongst our panel mobile phone providers and brokers. You can object to this processing at any time by sending us an email at firstname.lastname@example.org , or by writing to the Customer Services Team at Evolution Marketing (UK) Ltd, Berkeley Square House, Berkeley Square, Mayfair, London, W1J 6BD. We will action any request you make promptly, although this will mean that we will not be able to help you find the financial product or service that you asked us to search for.
- Right of Access – you can ask us at any time to confirm whether we hold your personal information, and if so, you can access it by writing to us at: Compliance Department. Evolution Marketing (UK) Ltd, Berkeley Square House, Berkeley Square, Mayfair, London, W1J 6BD or by sending us an email at email@example.com
- Right to rectification – if we hold personal information about you that is inaccurate, you can ask us to correct it, and we will do this as quickly as possible.
- Right to erasure – if it is no longer necessary for us to hold your personal information bearing in mind the reason why you provided it to us, you can ask us to delete it. If you ask us to do this, we will delete your personal information as soon as possible although this will mean that we may not be able to help you find the financial product or service that you asked us to search for.
- Right to data portability – this gives you the right to ask a holder of your information to transfer that information to another business. This right would most commonly be used if you were switching banks, insurance companies and utility companies.
- Right to complain to the Information Commissioner’s Office (ICO) – we will try to resolve any complaint that you may have in relation to data protection issues. If you are not happy with our final response you have the right to have your complaint dealt with by the ICO. Please refer to our Complaints section How To Make a Complaint below for further information.
13. How long will we retain your personal information for
The amount of time we retain your information for will depend on the reason it was provided:
- If you request to opt out of marketing, we will still need to retain your information in order to evidence your preferences.
- We will need to retain, for a minimum period of 6 years, any information relating to applications you have entered into on our website. This period will commence once your relationship with us has ended. We need to keep your information for this length of time to assist with any potential future complaints.
You can opt out of future contact from YesPhones.co.uk at any time. All of our marketing messages provide an opt out link – please allow up to 48 hours for us to process your opt out request. Alternatively you can enter your details via www.removeme.co.uk or email firstname.lastname@example.org where your details will be removed from any future marketing campaigns.
15. Your Right to be Forgotten or Erasure Of Your Personal Information
Under the General Data Protection Regulation (GDPR), all individuals have the right to request the deletion or removal of personal data (the right to be forgotten) under the following circumstances:
- Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When the individual withdraws consent.
- When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The personal data was unlawfully processed (i.e. otherwise in breach of the GDPR).
- The personal data has to be erased in order to comply with a legal obligation.
- The personal data is processed in relation to the offer of information society services to a child.
There are some circumstances where the right “to be forgotten” does not apply i.e. where we need to comply with a legal obligation.
If you wish to request your “right to be forgotten” please email: email@example.com
Our marketing partners will also be informed of your request.
16. How to make a complaint
YesPhones.co.uk always aim to be fair and honest in everything we do, so if you have a complaint about any aspect of our service we’re keen to resolve it as quickly as possible. You can contact us in any of the following ways:
Complaints Department, YesPhones c/o Evolution Marketing (UK) Ltd, Berkeley Square House, Berkeley Square, Mayfair, London, W1J 6BD
By Email: firstname.lastname@example.org
We will acknowledge receipt of the complaint within 3 working days and we hope to provide a final response within 4 weeks. We will write to you again within 4 weeks if we are unable to provide a final response within that time period. In any event we will respond to your complaint in full within 8 weeks.
Last updated: 23rd January 2020