What Information Do We Gather?
When you order from our web site, we collect the following information: your name, telephone number, email address, billing information, products purchased, any relevant promotion code and information and the recipient's name, address and telephone number. Information you enter is collected even if you cancel or do not complete an order.
We also collect information about your use of our website, and how you arrived at our website in the first place. This can include what links or adverts of ours you've viewed or clicked on to reach us, or any search terms you've used. We can also see which pages of our website have been viewed by you and for how long. All this information helps us tell what content is popular with our customers so we can prioritise it.
How We Use The Information We Collect?
We may use the information we collect to:
1. Operate, provide, improve and maintain the website
2. Customize and/or personalize your communications and shopping experience
3. Better respond to your customer service inquiries
4. Communicate with you about your purchase, account information or customer service needs
5. Communicate with you about our products and events, and for other promotional purposes
6. Improve our business
7. Administer contests, promotions, surveys or other website features
Will You Pass My Information On To Other Companies?
We do use other companies to process your data on our behalf, to ensure that we can fulfil all our obligations to you. We only choose those companies who prioritise the protection of personal data and who pass the strict organisational and technical security standards that we set. These companies include those who do the mail-outs of our magazines or those who help us host our websites.
We do not pass your details (email, address, telephone, IP address, cookie details etc.) to any third parties for marketing purposes.
How Long Will We Keep This Information About You?
We will only keep information about you for as long as we need to. We make sure that any companies which process your data on our behalf do the same. We have an internal retention policy where there are varying retention periods for different categories of information depending on our legal obligations and whether there is a commercial need, such as answering member account queries.
After a retention period has elapsed, the data is deleted.
How Do We Keep Your Information Secure?
Which? takes the security of our customers' data very seriously. We use multiple layers of firewalls to ensure user data is kept as secure as possible, specialist devices to detect and prevent intrusion attempts, and encryption systems to ensure data is scrambled while being transmitted from system to system. We employ equally rigorous physical security policies to prevent physical access to our data centres. We perform regular system patching, and employ an independent security company to perform penetration tests (authorised attempts to try to hack our systems to show any risks) annually and whenever we bring new systems online.
We ensure third parties employ the same rigour when handling data, ensuring they apply security far in excess of regulatory requirements.