DPDgroup UK Ltd ('DPDgroup UK') respects your privacy and is committed to protecting your personal information. This Privacy Notice will inform you as to how we look after your personal information when you contact us, visit our websites (regardless of where you visit it from) and/or use the YourDPD or MyDPD.
Please read this Privacy Notice carefully to understand our views and practices and your rights regarding your personal information and how the law protects you. By using the YourDPD app, MyDPD or visiting our websites you are accepting the practices described in this Privacy Notice.
For the purposes of this Privacy Notice a ?Customer' is a person or organisation who has a contract with DPDgroup UK to deliver parcels to a recipient known as a 'Consignee'.
Where DPDgroup UK processes a Consignee's data for its Customers, DPDgroup UK acts as a Data Processor of this information. (Please refer to the Customers Privacy Notice for further information regarding how they process your personal information).
Where DPDgroup UK processes your personal data for all other circumstances set out in this Privacy Notice, DPDgroup UK acts as a Data Controller of this information.
Both processing activities are dealt with under the provisions of the Data Protection Laws (Data Protection Act 2018 and the EU General Data Protection Regulation).
DPDgroup UK must have a lawful basis to process your personal information whether a Customer or Consignee, and this Privacy Notice explains what our lawful basis is in respect of each purpose for which we keep and use information about you. Generally, we are allowed to process your personal information where you have either provided consent, it is necessary in connection with a contract between us (such as a contract to supply our services to you as a Customer), where it is necessary in order for us to comply with our legal obligations, or where we have a legitimate interest to do so (but we will always consider whether your right to privacy overrides our interest).
Details of how to contact us if you have any questions about privacy or data protection can be found in the Contact Us section, below.
What information do we collect from you?
We will only require you to provide personal information to us where it is necessary for us to provide you with a service at your request.
We will collect and process the following personal information about you:
- Information you give us. This is information about you that you give us by providing information through our websites, interactive services (such as Predict, Follow My Parcel, MyDPD or Your DPD app) or by corresponding with us by phone, email or otherwise. The information you give us may include individual and business contact information (such as name, company name, physical address, email address, and telephone number); Consignee information such as your name, address, contact details, safe place (location), location details within the YourDPD App (if approved by the data subject (YOU)), payment details and if you choose the option ?More Time Needed', personal information categories such as Disabled, Visually Impaired, Elderly, Hard of Hearing and Pregnant which you are able to select to enable our driver to give you more time to get to the door. If you are a Consignee (recipient of a parcel) some of the above are used in conjunction with data we collect from our Customers to provide the services to you. If you are an employee of one of our Customers, the data is used in conjunction with any services you have requested from us, i.e. complaints, queries, sales support,etc.
- Information we collect from your use of our websites. With regard to each of your visits to our websites we will automatically collect the following information:
- technical information, such as the Internet protocol (IP) address used to connect your device to the Internet, whereabouts you connected to our service, your internet service provider (ISP), and what type of device you are using to access our service;
- Please note that our websites are not intended for children and we do not knowingly collect personal information relating to children.
- Information about your use of our services such as details of your visits to our websites and the resources that you access, including, but not limited to, website pages, links, traffic data, location data, weblogs and other communication data;
- Information we collect when you call us. If you call us we will automatically collect the following information:
the phone number used to call us
a recording of all inbound and outbound calls.
How do we use this information?
We use this information in the following ways:
- Information you give to us. We use this information:
- in order to take steps necessary to assess whether we can enter into a contract with you and in order to perform our contract with you. This includes carrying out our obligations to you and providing you with our products and services;
- for the purpose of improving our services to you, to ensure that content from our websites and Apps are presented in the most effective manner for you and for your device;
- to review and improve the performance of our systems, processes and staff (including training);
- to deal with any legal queries relating to your use of our services;
- to verify your identity - where it is necessary for us to do so in order to meet our legal obligations or to detect and prevent fraud, money-laundering and other crimes;
- to provide you with service communications so that you receive a full and functional service and so we can perform our obligations to you in order to deliver your parcel. These may be sent by email, SMS, Push Notification [or post or, if the circumstances require it, we may contact you by phone]. These will include notifications about changes to our services;
- to contact you in order to respond to your complaints, queries and questions or let you know about important changes. We will only use your information in this respect where it is necessary so that we can:
- interact and respond to any communications you send us, including where you use the Contact Us section below, and any social media posts that you tag us in;
- to provide Customers with marketing communications including information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- based on a legitimate interest, to provide marketing communications to:
- new Customers with information about services we may offer;
- Rate your delivery;
- customers with information about third party products or services which the recipient has explicitly consented to.
- Information we collect from your use of our websites. We will use this information in order for the following purposes:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your device;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to Customers, and to deliver relevant advertising to you.
- Information we receive from other sources. See the "Who might we share your information with?' section below for details of how we use your information in conjunction with our associated third parties.
- Protecting you and others from harm - We may use your information where it is necessary to protect your interests, or the interests of others. This may include in the event of criminality such as identity theft or fraud.
We need all the categories of information listed above to allow us:
1. to enter into and perform our contract with you;
2. to enable us to comply with legal obligations; and
3. to pursue legitimate interests of our own or those of third parties (provided your interests and fundamental rights do not override those interests).
Change of purpose
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
How long do we keep hold of your information?
- We will keep information for the period of time that is necessary to fulfil the original purpose for which we collected the information, up to a maximum of 7 years after the end of our relationship with you unless applicable law requires retention for a longer period of time.
- Telephone records. We will keep these for a maximum of 3 years from the time the recording was made.
- Your DPD App Profile Personal Information. We will retain this personal information to preserve your shipping profile as a consignee to aid further deliveries. Your personal information will be held indefinitely but can be removed through the Your DPD App by opting to delete your profile at any time from the 'Settings' menu or by contacting DPDgroup UK customer services.
Who might we share your information with?
We share the information that you provide to us with our staff so that we can provide our services to you.
We may share your personal information with selected third parties, some of whom we appoint to provide services, including:
- business partners, subsidiaries, suppliers and sub-contractors for the performance of any contract we enter into with you;
- analytics and search engine providers that assist us in the improvement and optimisation of our websites and Apps;
- customer survey providers in order to receive feedback and improve our services.
- cyber security services as part of our efforts to keep our site safe and secure.
- Any member of our group, including parent companies and any subsidiaries of us and such parent companies, for the purposes for which the personal information was collected.
- to send notifications or account update information (including when new offers for existing or new services have been made available by us) by email, SMS text or app push notifications;
- any other organisation who you have directed DPD to share your information with.
There are certain exceptional circumstances in which we may disclose your information to third parties. This would be where we believe that the disclosure is:
- Required by law, or in order to comply with judicial proceedings, court orders or legal or regulatory proceedings
- Necessary for the prevention or detection of crime, including exchanging information with other companies or organisations for the purposes of fraud protection and credit risk reduction.
- Proportionate as part of a merger, business or asset sale, in the event that this happens we will share your information with the prospective seller or buyer involved.
How do we protect your personal information?
DPDgroup UK is committed to protecting your personal information and ensuring that we have adequate organisational and technical measures in place to do so.
We try to ensure that all information you provide to us is transferred securely via the websites. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We may transfer your personal information outside the European Economic Area ("EEA") and will only do so if adequate protection measures are in place in compliance with data protection laws. We use the following protection measures:
- transferring to European Commission approved ?adequate' countries;
- using European Commission approved model contractual clauses;
- requiring companies we transfer personal information to in the US to be signed up to the Privacy Shield certification.
All information you provide to us is stored on secure servers.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. By agreeing to this Privacy Notice and using our websites, YourDPD app, MyDPD or other interactive services, you acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of personal information sent over the internet.
Once we have received your information, we will use strict procedures and security measures to try to prevent unauthorised access.
How you can help keep your personal information secure
We will take all reasonable measures to ensure that the personal information you provide through our websites is held and managed securely. DPDgroup UK is PCI Compliant, runs on a https platform, and uses sophisticated security devices to protect your personal information. However, you can help keep your personal information safe - not just on our website, but whenever you provide information online.
Here are some simple ways you can improve the security of your information:
- Use a modern, secure browser and operating system
- Ensure that your browser and operating system have the latest security updates
- Use strong passwords and do not reuse them across multiple websites
- Keep your passwords private
- Learn about how email scams operate and exercise caution when using email
- Understand the risks of using public WiFi services
What rights do you have in respect of your personal information?
The Data Protection Laws provide more provisions for you to exercise your rights when an organisation is processing your personal information.
Where processing of your personal information is based on consent, you can withdraw that consent at any time.
You have the right to be informed
DPDgroup has a legal obligation to provide you with concise, transparent, intelligible and easily accessible information about your personal information and our use of it. We have written this Privacy Notice to do just that, but if you have any questions or require more specific information, you can get in touch using the Contact Us section below.
You have the right to access your personal information
You have the right to ask DPDgroup UK to confirm whether or not we hold any of your personal information. If we do, you have the right to have a copy of your information and to be informed of the following:
- Why we have been using your information
- What categories of information we were using
- Who we have shared the information with
- How long we envisage holding your information
In order to maintain the security of your information, we will have to verify your identity before we provide you with a copy of the information we hold.
You have the right to correct any inaccurate or incomplete personal information
Where you have requested a copy of the information we hold about you, you may notice that there are inaccuracies in the records, or that certain parts are incomplete. If this is the case you can contact us so that we can correct our records.
You have the right to be forgotten
There may be times where it is no longer necessary for us to hold personal information about you. This could be if:
- The information is no longer needed for the original purpose that we collected it for
- You withdraw your consent for us to use the information (and we have no other legal reason to keep using it)
- You object to us using your information and we have no overriding reason to keep using it
- We have used your information unlawfully
- We are subject to a legal requirement to delete your information
In those situations you have the right to have your personal information deleted. If you believe one of these situations applies to you, please get in touch using the Contact Us section below.
You have the right to have a copy of your personal information transferred to you or a third party in a compatible format
Also known as data portability, you have the right to obtain a copy of your personal information for your own purposes. This right allows you to move, copy or transfer your personal information more easily from one IT system to another, in a safe and secure way.
If you would like us to transfer a copy of your personal information to you or another organisation in a structured, commonly used and machine-readable format, please contact us using the Contact Us section below. There is no charge for you to exercise this right.
You have the right to object to direct marketing
You can tell us at any time that you would prefer that we do not use your information for direct marketing purposes. If you would not like to receive any direct marketing from us, please contact us via the Contact Us section below or use the links provided in any of our marketing communications, and we will stop sending direct marketing immediately.
You have the right to object to us using your information for our own legitimate interests
Sometimes, we use your personal information to achieve goals that will help us as well as you. This includes:
- When we tell you about products or services that are similar to ones that you have already bought
- When we use you information to help us make our business better
- When we contact you to interact, communicate or let you know about changes we are making
We aim to always ensure that your rights and information are properly protected. If you believe that the way we are using your personal information is not justified due to its impact on you or your rights, you have the right to object. Unless we have a compelling reason to continue, we must stop using your personal information for these purposes.
In order to exercise your right to object to our use of your personal information for the purposes above, please use the Contact Us section below.
You have the right to restrict how we use your personal information
You have the right to ask us to stop using your personal information in any way other than simply keeping a copy of it. This right is available where:
- You have informed us that the information we hold about you is inaccurate, and we have not yet been able to verify this
- You have objected to us using your information for our own legitimate interests and we are in the process of considering your objection
- We have used your information in an unlawful way, but you do not want us to delete your personal information
- We no longer need to use the information, but you need it for a legal claim
If you believe any of these situations apply, please contact us using the Contact Us section below.
You have rights related to automated-decision making and profiling
Any automated decision-making or profiling we undertake is solely for the purpose of tailoring the information which we provide to you. We will not use automated decision-making or profiling to make any decisions which will have a legal effect upon you or otherwise significantly affect you, and you have the right not to be subject to such decisions.
You can exercise any of your rights at any time by contacting our Data Protection Officer - using the Contact Us section below.
We use the following cookies for the following purposes:
- Strictly necessary cookies. These are cookies that are required for the operation of our websites. They include, for example, cookies that enable you to log into secure areas of our websites.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our websites when they are using it. This helps us to improve the way our websites work, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our websites. This enables us to personalise our content for you and remember your preferences.
- Targeting cookies. These cookies record your visit to our websites, the pages you have visited and the links you have followed to allow us to improve the page layout and navigation preferences.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our websites.
In order to optimise our service we apply Google Analytics and our own statistical analyses.
- Google Analytics is a web analysis service provided by Google, which is used for purposes of market research and ensuring that the service meets user requirements. Google Analytics uses "cookies", which are placed on your computer to make it possible to analyse how you make use of the service. The information generated by the cookies about your use of the service (including your pseudonymised IP address) is as a rule transmitted to and stored by Google on servers in the United States . Google uses this information in order to evaluate your use of the service and to create reports on activities for the operator of the service. Google may also transmit this information to third parties if this is prescribed by law, or if third parties process the data on behalf of Google. On no account will Google connect your IP address with other Google data. At https://tools.google.com/dlpage/gaoptout?hl=en-GB you can, with effect for the future, opt out of the recording and saving of your data at any time. In addition we use Google Analytics remarketing and reports on demographic features and interests in order to display to website visitors relevant advertisements on the partner websites of the Google display and search network. The saving of cookies makes it possible to analyse user behaviour and activate interest-based advertising.
DPDgroup UK uses third-party software to improve service, monitor website performance and ensure a reliable service.
- Sentry.IO / Crashlytics (https://sentry.io/) - Allows our developers and technical teams to measure and monitor the health of applications
- New Relic (https://newrelic.com/about)- Allows our developers and technical teams to measure and monitor the performance of applications and infrastructure
- GCP Stackdriver (https://https://cloud.google.com/stackdriver) - Allows developers and technical team to measure and monitor the performance of applications and infrastructure.
Third Party Links - You may find links to third party websites on our websites. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
Changes to our Privacy Notice
This Privacy Notice may be updated from time to time. Please check back frequently to see any updates or changes to our Privacy Notice. This Privacy Notice was last updated on 31 March 2020.
If you wish to make a complaint about our collection or use of your personal information, please contact us in the first instance so that we may seek to resolve your complaint.
In the event that you are not satisfied with our processing of your personal information, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner's Office (ICO) in the UK, at any time. The ICO's contact details are available here: https://ico.org.uk/concerns/ or write to them at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow SK9 5AF.
If you have any queries, complaints or requests relating to any data protection matters, please contact our DPO at firstname.lastname@example.org.
You may also write to us at:
Data Protection Officer - DPDgroup UK Ltd, Roebuck Lane, Smethwick, B66 1BY