Terms & Conditions | Privacy & Cookies Policy
It is very important to us that all our customers trust us to handle their personal data responsibly. We have written this document to explain clearly how we collect, use and protect your personal data. In particular, it explains things like:
The personal data protection laws control how we use your personal data, for example, we must be transparent about how we collect and use your personal data. They also grant you rights, such as the right to access the personal data that we hold about you (see section 'Your Rights').
This Privacy Notice applies to you, anyone you nominate to act on your behalf and anyone whose device you use to login into to use your Tesco Pay+ account. Please make sure that they have seen this notice, and that you have their permission before giving us any personal data about them.
The law requires us to tell you how we process your personal data. "Processing" is a legal term but means anything we do with your personal data, such as collecting, gathering, obtaining, administering, adapting, keeping and deleting your personal data.
We collect information about you, such as name, Clubcard number, credit or debit card details and contact details, when you:
We might also collect your IP address and other unique information to identify the device you are accessing Tesco Pay+ from. This will be used for analysis purposes to help us understand how you use our website and app and to help us improve our service. We might also collect information from your device and Wi-Fi connection to assist us in making sure the app is safe to use on your device and in detecting and preventing fraud.
We may collect location data for analysis purposes, fraud prevention and to help us to improve our service. If you do not wish us to collect and use your geolocation data in these ways, you should turn off location services for the Tesco Pay+ on your device. If you choose not to allow the Tesco Pay+ app to access location services, we won't capture your location data. You'll be able to use the Tesco Pay+ app as normal. You can control access to location services at any time through your phone settings.
we monitor and record calls to and from our customer service centres to improve our service and to prevent and detect fraud.
(e.g. by email or Internet), we may collect an electronic identifier, such as your internet protocol address.
We may supplement the information we collect about you through Tesco Pay+ with information we receive through other Tesco Bank products and the wider Tesco Group, fraud and crime prevention agencies and from other sources, e.g. public registers such as the electoral roll, industry reports and publicly available information (including social media pages). This allows us to assess the accuracy of the information we hold about you, to perform checks and in order to send you relevant offers and information.
We monitor and record calls to and from our customer service centres to improve our service and to prevent and detect fraud.
This includes any personal data you give us about anyone nominated to act on your behalf.
We will ask for personal data that is essential for us to know so that we can provide our products or services to you. If we ask for personal data that is not essential, we will explain why and tell you the consequences if you do not provide us with the personal data.
To provide Tesco Pay+ to you we will need to use your personal data and anyone else whose personal data is connected with providing a particular product or service.
We will need to use this personal data at all stages of our relationship with you, including:
The way we use the personal data about you and others includes:
We need to process your personal data in this way in order to provide you with Tesco Pay+.
These are other uses allowed by law which are necessary to enable us to provide the products and services. These include:
The law allows us to use your personal data in reasonable ways to help us improve our business.
The ways we might use your personal data to improve our business are to:
When we use your personal data to improve our business, we always make sure we keep the amount of data we collect and use to an absolute minimum.
We use push notifications to send promotional and servicing messages relating to the Tesco Pay+ app. To opt-out of receiving push notifications, you can disable push notifications on your mobile device system settings.
Clubcard data includes your shopping habits and the types of purchases you or your household make.
We use Tesco Bank and Clubcard data together in different ways to tailor our communications and to try to bring you better terms, deals or offers than you would get if we didn't use the information.
We use data that you provide, such as your name and address, to find any Clubcard(s) that are linked to your address. That might be your Clubcard, the Clubcard of other family member(s), or the Clubcard of house or flat-mates.
We may use data about these Clubcard(s) to help us work out what offers we think you might like. When we do this, we will only ever use the Clubcard linked to your address which gives you the best terms, deals or offers.
We do this by looking at your Clubcard data in different ways to help us understand more about you (we call this 'profiling'). Profiling includes things such as how likely we think you are to pay back money we lend you, how often you use other Tesco products and services, and how you prefer to shop. Profiling helps us to create a number of 'Clubcard scores', which we can then use as one of the factors in our automated decision-making process.
Because Clubcard profiling allows us to tailor offers specifically for you, this means that different Clubcard customers may get different offers. As a Tesco Pay+ customer you may receive additional Clubcard benefits and this includes additional Clubcard points and offers with selected third parties.
You have rights relating to automated decision-making.
Information can be found at https://www.tescobank.com/help/contact-us/
If you take a product or service from us, we will continue to use your Clubcard data to help us maintain our relationship with you.
In order to provide Tesco Pay+ to you, it is necessary for us to share information with third parties, to manage the communications which we send to you and your marketing preferences and to best maintain the security of your account. We work with specialist fraud prevention and security providers to safeguard your Tesco Pay+ account.
We will only share your personal data:
We will only share your personal data:
We may also share your data for aggregated market research purposes where you will not be identifiable.
We may also share your information with Tesco in connection with the operations of your Clubcard account, for example to allocate points or discounts, or where you have agreed to receive marketing, but we don't share more information than we need to.
We may contact you by telephone regarding your Tesco Pay+ account. We will primarily contact you via email and where you provide us with a mobile phone number, we may send text messages or push notifications with operational messages about Tesco Pay+.
As texts and emails can be intercepted, we will keep confidential information to a minimum and you should never send us any confidential information via text or email.
We may provide copies of the personal information which we hold about you to the police and other law enforcement agencies where requested to do so to assist with an investigation and law enforcement and where required to do so by law.
Sometimes we may need to ask you for sensitive personal data. If required, to comply with data protection laws, we will ask for your explicit consent to use this data (data protection laws call this 'special category data' or 'sensitive personal data').
We handle data about any special circumstances as carefully and confidentially as any other data we hold about you. This includes data about things you tell us so that we are able to provide you with additional assistance (e.g. if you are hard of hearing) and also information that laws or regulations say we must record (for example, if any underlying medical condition has led to you appointing a Power of Attorney).
Sometimes we might send your personal data to another country if, for example, our service provider has a data centre overseas.
All countries within the EEA have broadly the same data protection laws. Before sending your personal data outside the EEA, we check that the recipient will be able to keep your personal data secure and that:
If neither of these apply, then we ask the recipient to sign the EU Commission's 'model contract'. This means they must meet EU standards of data protection.
When your personal data is in another country, it may be accessed by law enforcement agencies in those countries. They do this to detect and prevent crime, or because the law says they must.
For more information about sending your personal data overseas, you can write to: The Data Protection Officer, Tesco Bank, PO BOX 27009, Glasgow, G2 9EZ
How long we keep your personal data will depend on:
We keep your personal data once your Tesco Pay+ account has been closed for up to 10 years.
In all cases, we will retain the personal data for so long as that personal data is needed for an ongoing investigation, legal proceedings, or an outstanding audit.
If we think it's a change you would not expect, we will let you know.
If this is the case, we will always wait until you have let us know your decision before making any changes to the way that we use your personal data.
This is called your 'subject access rights'.
If you ask us for this, we will give you access or send you a copy of all the personal data we hold about you (there are a few exceptions to this, such as access to personal data about third parties).
You can telephone 0330 123 0250 or email us on firstname.lastname@example.org
This is known as the 'right to data portability'.
This means you can ask us to send your personal data in this format to you, or to another organisation.
If you think any of the personal data we hold about you is incorrect or incomplete, let us know and we will change it.
If you want us to stop using, or restrict our use of, your personal data, or you want us to erase it entirely, please let us know. There are times when we may not be able to do this - for example, if the information is related to an existing or recently expired contract between you and us, or if the law says we need to keep your personal data for a certain amount of time.
If you want to delete your Tesco Pay+ account, you can do so by visiting the Tesco Pay+ website, however we may retain certain information in accordance with this Privacy Notice, in which case you should also remove the Tesco Pay+ app from your device.
Sometimes we need your consent to process your personal data. If you have given consent, you can change your mind and withdraw it. To do this, get in touch by using the relevant contact details in the Tesco Pay+ app or on our website. You can telephone 0330 123 0250 or email us on email@example.com. An unsubscribe link is also included in each of our marketing emails.
We do not always need your consent to use your personal data. There is some information this doesn't apply to. For instance;
If you have concerns about how we handle your personal data, or just want more details, please call us on 0330 123 0250, email us on firstname.lastname@example.org or write to the address below. We will try and sort things out as quickly as we can. Our address is: The Data Protection Officer, Tesco Bank, PO BOX 27009, Glasgow, G2 9EZ.
The Information Commissioner's Office is the UK's independent authority set up to uphold information rights, and promote data privacy for individuals. Their website is https://www.ico.org.uk.
If you have a complaint or concern about how we have handled your personal data and we have not been able to sort it out to your satisfaction, you have the right to lodge a complaint with the ICO.
Cookies and similar technologies, such as tags and pixels ("Cookies"), are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device.
Cookies allow us to enhance the functionality of our website and app so that we can personalise your experience and allow you to use many of the useful features of our website and app.
Cookies can help us to understand how our website and app is being used, for example, by telling us if you encounter an error messages as you browse.
These Cookies collect data that is mostly aggregated and anonymous.
You can use your browser settings to accept or reject the placement of new Cookies and you can delete existing Cookies. You can also configure your browser settings so you will be notified each time a new Cookie is placed. You can find more detailed information about how you can manage Cookies at the All About Cookies and YourOnlineChoices websites.
If you choose to disable some or all Cookies, you may not be able to make full use of the functionalities of our website.