Sainsbury's Business Direct logo

Privacy policy

We understand that privacy and the security of your personal information is extremely important. This policy sets out what we do with your information, where and how we collect it, as well as your rights over any personal information we hold about you.

Who are we

When we say ‘we’ or ‘us’ in this policy, we’re generally referring to Sainsbury's Supermarkets Ltd (registered office: 33 Holborn, London, EC1N 2HT).

What sort of information do we hold?

  • Information that you provide to us when you register with us;
  • Your account login details, including your user name and chosen password;
  • Information about the services that we provide to you and the products you purchase;
  • Your contact details; and
  • Information from other sources such as from specialist companies that provide customer information and information that is publicly available.

Our legal basis for processing your personal information

Whenever we process your personal information we have to have something called a “legal basis” for what we do. The different legal bases we rely on are:

  • Consent: You have told us you are happy for us to process your personal information for a specific purpose;
  • Legitimate interests: The processing is necessary for us to conduct our business, but not where our interests are overridden by your interests or rights.
  • Performance of a contract: We must process your personal information in order to be able to provide you with one of our products or services;
  • Prevention of fraud: Where we are required to process your data in order to protect  us and our customers from fraud or money laundering;
  • Vital interests: The processing of your personal information is necessary to protect you or someone else’s life;
  • Public information: Where we process personal information which you have already made public;
  • Legal claims: The processing of your personal information is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity; and
  • Legal obligation: We are required to process your personal information by law.

How do we use your information?

There are a number of ways in which we use your personal information, depending on how you interact with us. We may use your information in the following ways:

To provide our products and services - we need to use your personal information to make our products and services available to you. After that, we need to provide them to you and process your payment. And we need to use your details to do all this.

To personalise your shopping experience - we try to understand our customers so we can provide you with a great shopping experience, relevant marketing, personalised offers, shopping ideas and online advertising.

For security - we use your personal information for your protection and the protection of our businesses. This may involve validating the information you provide to us against third party databases.  In performing these checks personal data may be disclosed to a Credit Reference Agency which may keep a record of that information.  If false or inaccurate information is provided and fraud is suspected details will be retained by the Credit Reference Agency and may be passed to Fraud Prevention Agencies.

Analytics and profiling - we use your personal information for statistical analysis and to help us understand more about our customers.

Contacting you - we use your personal information to contact you: either to conduct market research or to contact you about products and services from us and other companies. We may also contact you in relation to any questions you have raised with us or to discuss the status of your account with us.

Cookies and similar technologies

We use cookies to help give you the best experience on our websites and to allow us and third parties to tailor ads you see on ours and other websites.  For more information please see our full Cookie policy.

Who we might share your information with

Our service providers

We work with partners and suppliers so that they can help us deliver our services to you. These third parties process your personal information on our behalf and are required to meet our standards of security before doing so. We only share information that allows them to provide their services to us or to facilitate them providing their services to you.

Other organisations and individuals

We may share your personal information in certain scenarios. For example:

  • If we're discussing selling or transferring part or all of a Sainsbury's Group business, we may share information about you to prospective purchasers and their advisers - but only so they can evaluate the relevant business; or
  • If we are reorganised or sold to another organisation, we may transfer information we hold about you to them so they can continue to provide the Services to you.
  • If we are required to by law, under any code of practice by which we are bound or where we are asked to do so by a public or regulatory authority such as the police or the Department for Work and Pensions;
  • If we need to do so in order to exercise or protect our legal rights, users, systems and services; or
  • In response to requests from individuals (or their representatives) seeking to protect their rights or the rights of others. We will only share your personal information in response to requests which do not override your privacy interests. For example, we will not share your personal information with individuals who are merely curious about you, but we will share your personal information to e.g. insurers, solicitors, employers etc. which have a legitimate interest in your personal information.

International transfers of your data

From time to time we may transfer your personal information to our Group companies, suppliers or service providers based outside of the EEA for the purposes described in this privacy policy (please see the “Who might we share your personal information with?” section above for further details). When we do this, your personal information will continue to be subject to one or more appropriate safeguards set out in the law. These might be the use of model contracts in a form approved by regulators, or having our suppliers sign up to an independent privacy scheme approved by regulators (like the US ‘Privacy Shield’ scheme).

Keeping you informed about our products and services

We would like to stay in contact with you about Sainsbury's Business Direct and we do this may do this through the post, by email, text message or by any other electronic means.

We won't contact you if you tell us not to, but if you receive a service from us we will still need to send you occasional service-related messages. If you wish to amend your preferences, you can do so by emailing vouchers@sainsburysbusinessdirect.co.uk.

Please note that it can take up a little while for all marketing to stop once you either withdraw your consent or tell us you’d like to opt out of marketing.  This is because some marketing may already be in transit.

Your rights

You have a number of rights under data protection legislation which, in certain circumstances, you may be able to exercise in relation to the personal information we process about you.

These include:

  • the right to access a copy of the personal information we hold about you;
  • the right to correction of inaccurate personal information we hold about you;
  • the right to restrict our use of your personal information;
  • the right to be forgotten;
  • the right of data portability; and
  • the right to object to our use of your personal information.

Where we rely on consent as the legal basis on which we process your personal information, you may also withdraw that consent at any time.

If you are seeking to exercise any of these rights, please contact us using the details in the “Contact Us” section below. Please note that we will need to verify your identity before we can fulfil any of your rights under data protection law. This helps us to protect the personal information belonging to our customer against fraudulent requests.

Automated decision making and profiling

We use automated decision making, including profiling, in certain circumstances, such as when it is in our legitimate interests to do so, or where we have a right to do so because it is necessary for us to enter into, and perform, a contract with you.

You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effects for you or affects you in any other significant way.

If you are seeking to exercise this right, please contact us using the details in the “Contact Us” section below.
How long do we keep your personal information for?

We will keep your personal information for the purposes set out in this privacy policy and in accordance with the law and relevant regulations. We will never retain your personal information for longer than is necessary. In most cases, our retention period will come to an end 7 years after the end of your relationship with us.

Security

We take protecting your personal information seriously and are continuously developing our security systems and processes. Some of the controls we have in place are:

  • We limit physical access to our buildings and user access to our systems to only those that we believe are entitled to be there;
  • We use technology controls for our information systems, such as firewalls, user verification, strong data encryption, and separation of roles, systems & data;
  • Systems are proactively monitored through a “detect and respond” information security function;
  • We utilize industry “good practice” standards to support the maintenance of a robust information security management system; and
  • We enforce a “need to know” policy, for access to any data or systems.

Contact us

If you have a question or a complaint about this policy, or the way your personal information is processed, please email privacy@sainsburys.co.uk

Policy change

This privacy policy was most recently updated in May 2018

Call us today

Phone 0870 0101 351

Email vouchers@sainsburysbusinessdirect.co.uk

Follow us

FacebookTwitterYou TubePinterestGoogle+