Introduction

This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data and keep it safe.

Who are we?

We are Applegreen Limited (referred to in this Privacy Notice as “Applegreen”). You can find out how to contact us below. For simplicity throughout this notice, ‘we’ and ‘us’ means Applegreen.

Your Privacy is important to us.

In the course of our dealings with you, we will collect and process personal information about you. Personal information includes any information allowing us to identify you as an individual, for example, your name, your email address or your telephone number.

We are committed to protecting your privacy. We will use your personal information in accordance with all applicable laws and regulations that relate to data protection and privacy, including the EU General Data Protection Regulation (GDPR).

Personal Data we may collect

• Your name, address, email address and telephone number. We’ll also keep an encrypted record of your login password. The information gathered will help Applegreen establish your account and ensure the security of your account.
• Your image may be recorded on CCTV when you visit any of our sites. Please ask for our CCTV Policy.
• Your car number plate may be recorded at some of our car parks to manage parking restrictions.
• Details of your shopping preferences
• Details of your visits to our websites or apps, and which site you came from to ours.
• Information gathered by the use of cookies in your web browser. Learn more about Cookies here.
• Personal details which help us to recommend items of interest
• Payment card information.
• To deliver the best possible web experience and for security and fraud prevention, Applegreen may collect information about your mobile device, including for example the IP address, hardware model, operating system, version, who your mobile network operator is and any other relevant network information, technical information about your internet connection and browser as well as the country and telephone code where your device is located, any web pages viewed during your visit, any advertisements you clicked on, and any search terms you may enter.
• Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.

If you dispose of or pass on your mobile device, we strongly urge you to restore it to its factory settings. If the device is lost or stolen, you must contact Applegreen so we can amend our records accordingly.

When we use your Personal Data – the Legal Basis

The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:

• Consent – In specific situations, we can collect and process your data with your consent. For example, when you tick a box to receive email newsletters.
• Contractual obligations – in certain circumstances, we need your personal data to comply with our contractual obligations.
• Legal compliance – if the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity.
• Legitimate interest – in specific situations, we may process your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

With your consent, or when you shop with us and do not choose to opt out from receiving our emails (‘soft opt in’) we will use your personal data, preferences and details of your transactions to keep you informed by email, web, and SMS about relevant products and services including tailored special offers, discounts, promotions, events, competitions and so on. This is only applicable in the UK.

We want to give you the best possible customer experience. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you. We may then use this to offer you promotions, products and services that are most likely to interest you. In the case of loyalty scheme members, we may also offer you relevant rewards.

The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.

Of course, if you wish to change how we use your data, you will find details in the ‘What are my rights?’ section below.

Here’s how we use your Personal Data
Legitimate Interest Performance of a Contract Legal Obligation Consent
1. Operation of scheme
2. Marketing communication
3. Identification of offers
4. Customer research and surveys
5. Statutory obligations – Anti Money laundering, Fraud prevention or detection
6. Business management to other entities within the Applegreen Group
7. Legal or Regulatory compliance including litigation and defence of claims
8. Drive offs – Customer drives off without paying or customer has no method of payment
9. Accidents on site
10. Fuel Cards
11. CCTV footage
12. Complaints – Site and Head-Office
13. Food Deliveries
13. To comply with our contractual or legal obligations to share data with law enforcement
14. To send you survey and feedback requests to help improve our service
15. To administer any of our prize draws or competitions which you enter
16. To develop, test and improve the systems, services and products we provide to you
17. For any Loyalty App members, to decide which information to show you, with the help of computer algorithm
18. For any Loyalty App members, to provide you with tailored offers
19. Address any claims made against us
20. Carry out security checks to prevent, detect and protect you and us against fraudulent or criminal activity

How do we protect your Personal Data?

We know how much data security matters to all our customers. Therefore, Applegreen has implemented technology and policies to ensure the protection from the unauthorised access and use of your personal data. We may use encryption for some of our services or apply authentication and verification to access our App or website. This encryption, verification and authentication are tested regularly to measure the effectiveness of our security systems.

We also regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

Who do we share your Personal Data with?

Your privacy is important to Applegreen. On occasion we may share your data with trusted third parties including subsidiaries of the Applegreen group, business partners, suppliers, and sub-contractors in the performance of any contract we enter on your behalf. Examples include IT companies who support our website, App and other business systems, direct marketing companies who help us manage our electronic communications with you, and Google/Facebook to show you products that might interest you while you’re browsing the internet (based on either your marketing consent or your acceptance of cookies on our website or App).

If we share your data with such trusted third parties, we ensure it is kept safe. Your privacy is protected by us complying with the following:

• We provide only the information they need to perform their specific services.
• They may only use your data for the exact purposes we specify in our contract with them.
• We work closely with them to ensure that your privacy is respected and protected at all times.
• If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

Applegreen may also disclose your personal data for the purposes of complying with legal and regulatory requirements, such as for the prevention or detection of fraud such as law enforcement (Court Orders) or any other regulatory body.

Applegreen uses social buttons provided by services like Twitter and Facebook. Your use of these services is entirely optional. Applegreen is not responsible for the privacy policies/ practices of these third-party services and you are wholly responsible for reading and understanding those third-party privacy policies.

How long we retain your Personal Data?

Applegreen will retain your personal data only for as long as it legally required to fulfil the purpose that it was collected.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

Transfer of Data out of the European Economic Area

Where the personal data has been transferred to companies within the Applegreen group or to other authorised third parties located outside of the EEA, Applegreen takes the appropriate organisational, contractual and legal measures to ensure your personal data is used exclusively for the purposes outlined in this document and that adequate security is implemented to ensure your personal data is secure.

Our use of Cookies

Cookies are also used for the purposes of the applications functionality and for optimising your browsing experience. In order to log into your account online or in the App, Applegreen may use cookies to store session information of our convenience. These cookies can be blocked or deleted by you at any time.

See our cookies policy here for more information.

Your Rights

You have the right to request the following:

• Access to the personal data we hold about you, free of charge in most cases.
• The correction or deletion of your personal data (as long as there is no legitimate overriding purpose or legal requirement to retain it).
• That we stop processing your personal data, in specific circumstances; for example, when you have withdrawn consent, or object for reasons related to your individual circumstances.
• That we stop any consent-based processing of your personal data after you withdraw that consent.
• Restriction of the use of your personal data, in specific circumstances, generally while we are deciding on an objection you have made.
• Your data in a digital form for transmission to another party if technically feasible.

You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.

How to contact us

For any queries regarding this Privacy Notice or how Applegreen handles your personal data, or if you would like to exercise any of the rights set out in the section “Your rights”, please contact us using one of the methods below.

Ireland and United Kingdom
Email: DPO@applegreen.ie
Post: Data Protection Officer,
Applegreen,
Unit 17, Joyce Way,
Parkwest,
D12F2V3
Ireland

Complaints

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the supervising authority for your country, as follows:

Ireland United Kingdom
Email: dpo@dataprotection.ie
Phone: +353 (0)761 104 800 or +353 (0)57 868 4800

Post: Data Protection Commission

21 Fitzwilliam Square South
Dublin 2 D02 RD28
Ireland

Website: www.dataprotection.ie

Email: casework@ico.org.uk
Phone: 0303 123 1113

Post: Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow, Cheshire SK9 5AF
United Kingdom

Website: www.ico.org.uk

If you are based outside the UK or Ireland, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

Changes to this Privacy Notice

This Privacy Notice does not apply to any third-party websites that you may access via the Applegreen website. Applegreen recommends that you read the privacy notices of any other websites you may be directed to as Applegreen is not responsible for the privacy practices of third-party websites, which could be different to that of Applegreen.

Applegreen reserve the right to update this Privacy Notice at any time. The company will notify you of any substantial changes to this Privacy Notice. Applegreen may also notify you in other ways also about how we process your Personal Data.

Last updated May 2021