Privacy Terms
Relax. Your personal data is in safe.
General Data Protection Regulation, or GDPR, governs how businesses process and handle customer data. Our helpful guide explains what it means for you. It won’t take long, so you’ll soon be back to shopping stuff you love.
Want to know the basics?
Don't worry, GDPR is really easy to get to grips with.
We'll keep things simple and explain to you what you should know...
All businesses in the UK who process personal data have to comply with the General Data Protection Regulation (GDPR for short). You may have heard of GDPR and we want to explain how this applies to you and your relationship with Very.
At its heart, GDPR wants to better reflect the modern world we live in and make sure our personal information is kept safe and secure by businesses that use it. It's a good thing for all of us.
What is personal data?
Personal data is any information which relates to you. From your name and address to unique account numbers, any information that can identify you can be classed as personal.
This information is used by a vast array of organisations from your employer storing your personal details at work, to how your favourite shop targets you with their promotional offers.
Under GDPR, businesses are required to take greater care over your personal information and how it's used.
What does GDPR say?
GDPR aims to put you in further control of your information. You now have additional rights & this includes the right to access the information companies hold so you can understand what companies know about you. More information can be found in our privacy notice at the bottom of this page.
Your privacy is our priority
We keep your personal data safe so there won't be any unexpected surprises.
Our commitment to keeping your information private and safe hasn't changed! Trust has always been of great importance to us and will continue to be.
We continue to review how we work and will always have your interests at heart.
Our privacy notice reflects our open and honest approach to how we collect and use your information.
Above all we want to be clear on our ongoing promise to keep your information safe.
In summary this policy explains how:
We will be open about what data we collect
We will be open about how we use it
We will demonstrate to you how we take your privacy very seriously
Why and how we use your personal data
Making our shopping experience unique to you!
We want to provide you with the best possible shopping experience and using some of your information helps us to do that. By using your information, we can carefully select products and services that we think may be of interest to you rather than just send out lots of updates.
If you are a customer or signed up to hear from us, then we may communicate things like promotions, discounts, new product launches or sale previews to you via email or text. Here's a quick example of how this works.
What?
We were able to help thousands of our customers buy a leading Xbox bundle at the cheapest price on the market.
How?
We were able to identify a group of customers who we knew were interested in buying an Xbox. Using this information we were able to contact those people with the best bundle at the best price using emails to communicate our offer.
The Outcome
Our customers secured the best product at the best price. We made it easy for our customers to find the right product and were effective in our marketing. It’s a win win.
An organisation who collects, uses and manages personal data as you shop, is known as a Data Controller. The person whose job it is to make sure we act in accordance with the law is the Data Protection Officer. It’s who you should contact if you have any concerns over the use of your data.
We collect personal data to help us provide you with the best possible shopping experience. This is so we can make the right goods and services easily accessible to you and to also keep you in the know about things that may interest you. It’s nothing to worry about and we’re always here to help.
We may also collect personal data through cookies. For further information please see our cookies policy.
Personal data is anything that identifies you or relates to you. Things like your name, home address, email address or account details. We’ll only collect and use this information where it is needed for us to be supper-efficient in providing the goods and services you want from us. Plus, we’ll only keep your data for as long as we are required to do so by law.
Transferring your personal information to trusted partners such as courier companies delivering your parcels needs to take place so we can provide the best service to you. You can be sure that all the right safeguards are in place when we transfer your personal data.
You have a number of rights under data privacy laws. You can have errors corrected, restrict how your information is used, object to the way your information is processed and control how it’s used for marketing purposes. You can also request a copy of what data we hold and make a complaint if you feel you have not been treated fairly.
Applying for credit means we’ll need to know more about you, so we can responsibly provide the right amount of credit for you. The information is collected from you or from credit reference agencies is under the same conditions as any other personal information and, as always, you’re protected by law.
When it comes to preventing fraud and money laundering we leave no stone unturned. Whether it’s our own checks or with the help of trusted third parties, you personal data will be used for fraud prevention purposes so that we can minimise any risk to you or us while you shop.
If you have any queries about data protection or would like a full list of companies who may receive your information, write to us and we’ll provide everything you need. To unsubscribe from marketing offers and updates, customers with access to My Account can change their preferences online anytime. Or, if you don’t have a registered online account, you can telephone or write to us and we’ll do everything we can to help.
Privacy Terms
Privacy Terms
This privacy notice sets out how we collect, use and manage your personal data. Where we refer to “personal data” in this privacy notice, this means data which relates to you and which personally identifies you either directly or indirectly.
Data Controllers and Data Protection Officer
A data controller is an organisation that collects, uses and manages personal data and has responsibility for how the personal data is collected, used and managed.
A data protection officer is the person in an organisation who has responsibility for monitoring compliance with data protection law and for ensuring that personal data is protected within an organisation.
Shop Direct Home Shopping Limited provides your goods and is the data controller of personal data that you provide when you order goods. Shop Direct Home Shopping Limited is registered in England, number: 4663281. Registered Office: First Floor, Skyways House, Speke Road, Speke, Liverpool L70 1AB. Shop Direct Home Shopping Limited’s websites are www.very.co.uk and www.littlewoods.com.
Shop Direct Finance Company Limited provides credit, subject to status, and arranges other financial services products and is the data controller of personal data you provide when you request a credit account or other financial services products. Shop Direct Finance Company Limited is registered in England, number: 4660974 and is authorised and regulated by the Financial Conduct Authority. Registered Office: First Floor, Skyways House, Speke Road, Speke, Liverpool, L70 1AB.
In the context of this privacy notice, when we use the term 'we' it means Shop Direct Home Shopping Limited and Shop Direct Finance Company Limited. Where you have a relationship with Shop Direct Home Shopping Limited and Shop Direct Finance Company Limited, your personal data may be shared between these two data controllers.
The Data Protection Officer for Shop Direct Home Shopping Limited and Shop Direct Finance Company Limited can be contacted at DPO@theverygroup.com
How We Use Your Personal Data
We collect, use and manage your personal data to provide goods and services to you and to enter into and administer any retail or credit accounts or financial services products you may have with us.
We will use your personal data in the following ways:
To provide goods and services and to manage your retail account including administering payments, returns and responding to queries.
To assess whether to offer you a credit facility and for ongoing administration of any credit facility. This includes accessing and sharing information with the Credit Reference Agencies.
To verify your age to prevent unlawful purchases of age restricted products. This involves sharing your information with a Credit Reference Agency.
To administer any financial services products that you have.
To administer any prize draw or competition you may enter.
To analyse your shopping preferences or how you interact with or use our websites and apps.
For research and statistical purposes.
For marketing purposes including to send you special offers or discounts and to tell you about products and services from us or third parties. This may also include levels of profiling to ensure we market to you about relevant products and services. You control your preferences in respect of how your personal data is used for marketing and you can change these preferences when you log in to My Account.
To record and monitor outbound and inbound telephone conversations with you to ensure consistent service levels, to prevent or detect fraud, to resolve queries and complaints and for performance management and training purposes.
We will collect personal data directly from you when you purchase goods or services, apply for a credit account or other financial services products, or change any of your details (such as your name or address) via My Account. We require you to provide personal data in order to assess whether to enter into a contract with you or to perform our contract with you and if you do not provide the personal data we request, we will be unable to enter into or fulfil this contract. We may also collect personal data through cookies. For further information please see our cookies policy
We obtain data from third party sources such as credit reference agencies, fraud prevention agencies and publicly available information relating to you on the internet (for example on social media websites).
We may also obtain personal data from third party companies for the purposes of sending marketing communications to you. Such marketing communication may be sent by ourselves or by the third parties. These third parties must check you have given your permission for such contacts to take place.
Why We Need Your Personal Data
We need to process your personal data for a number of different reasons and these are our legal bases for processing. We also need to keep your personal data for as long as is necessary for us to operate our business and to comply with legal and regulatory obligations.
We rely on one or more of the following legal bases for processing personal data:
To perform our contract with you or to enter into a contract with you
We need to process your personal data to fulfil our contract with you or to assess whether to enter into a contract with you, whether this is in selling and delivering goods and services to you or providing credit facilities or other financial services products to you.
To fulfil our legitimate interests or the legitimate interests of a third party
When we process personal data to fulfil our legitimate interests we will use it in a way in which you would reasonably expect and which will have a minimal privacy impact. When we or third parties are relying on legitimate interests to process your data we will balance our interests against your interests and the privacy impact of the processing on you and we will process your personal data responsibly.
Examples of our legitimate interests are: direct marketing, fraud prevention, preventing and investigating crime, assessing affordability and credit worthiness, IT security and development by us and third parties of new products and services.
To comply with legal obligations to which our business is subject.
We have to comply with relevant law and regulation in order to provide retail and financial services products and we will need to process your personal data in order to comply with these legal obligations.
Consent
If we are relying on your consent as our legal basis to process your personal data, you have the right to withdraw consent at any time.
We will keep your personal data for the purposes set out in this privacy notice and only for as long as any legal basis continues to apply. Below is a non exhaustive list of some of the reasons we need to retain your personal data:
Compliance with the requirements of the Financial Conduct Authority
Compliance with Anti Money Laundering Regulations
Reporting obligations to the Credit Reference Agencies
Ensuring we have relevant information in the event of any queries or complaints
Being able to identify if you have purchased a product which is subject to a product recall
Being able to service any product or service guarantee you have purchased
To assist with the establishment, exercise or defence of legal claims
The length of time we need to keep the personal data will vary depending on the nature of the personal data and the reason we are obliged to hold it. We will apply appropriate risk based measures to protect your personal data which may include pseudonymising or anonymising the personal data. If personal data is pseudonymised, this means it is de-identified so you are no longer identifiable, but we can re-identify you if we have a requirement to do so. If personal data is anonymised, it is de-identified, but can never be re-identified in the future.
Who We Transfer Personal Data To
Transferring personal data to other organisations needs to take place with appropriate safeguards and you can be assured that we will only share the personal data that is needed for these organisations to be able to provide the right service or support us in doing so.
We may transfer your personal data to the following third parties:
Other companies within The Very Group of companies – including for credit assessment purposes, for fraud prevention purposes or for the provision of other products and services.
Customer service providers – our partners who work with us to administer your account and provide you with any help you may need.
Telephony providers – our partners who provide telephone services and functionality.
Delivery companies – our couriers, parcel firms and mail firms who deliver your goods or services and manage any returns on our behalf.
Repair companies – our partners who provide repair services for products.
Distributors and manufacturers of goods – our partners who fulfil orders and deliver products to you and manage any returns on our behalf.
Product service providers – our partners who provide retail or financial products and services including credit facilities, payment facilities, insurance or extended warranties.
Research service providers – our partners who work with us to provide research and data analysis services.
Marketing service providers – our partners who work with us to send you information about products, services and special offers that we or they believe are of interest to you.
Data pool facilitators – we may share and pool information (on an anonymous basis or otherwise) with other third party retailers or financial service providers. This may help up to improve our products and quality of service to all customers.
Debt collectors, tracing agencies, debt purchasers or organisations providing debt support – our partners who help us to recover debts, who purchase debts or who offer debt advice and support.
Regulators and other governmental agencies or law enforcement agencies.
Organisations who may be interested in purchasing our business or organisations who we may be interested in purchasing - we may sell parts of our business or acquire other businesses and your personal data may be shared with such third parties as part of this process.
We will only transfer your personal data to third parties who adhere to appropriate data security standards and controls. This may include transferring your personal data to third parties who become joint controllers of the data, including some organisations within the following categories:
Credit reference agencies and credit providers
Distributors of goods
Marketing service providers, such as Google or Meta
Regulators and other governmental agencies or law enforcement agencies
External auditors
Debt collectors, tracing agencies, debt purchasers or organisations providing debt support
For more information about third parties with whom we have joint controller status, please contact us at DPO@theverygroup.com.
From time to time we may need to transfer your personal data to other countries. Where this is the case, we will ensure that the transfer is subject to appropriate safeguards to protect your personal data and complies with applicable law which may include having standard contractual clauses in place with the third party.
Social Media and Third Party Providers
We use your data to enhance your advertising experience on third-party sites, including Google and social media platforms like Facebook, Instagram, TikTok and Pinterest. By accepting targeting cookies, your information may be shared with social media providers and providers of third-party sites where applicable. These providers may use the data to personalise advertisements and may combine it with existing information they hold about you. Additionally, we may combine cookie data with other information we have collected, such as your online and in-store purchases to deliver relevant online advertising which may be delivered to you on social media platforms. Further information can be found within our Cookies Policy. Where data is shared which isn’t gathered by cookies and similar technology we ensure the appropriate legal basis is in place.
For certain data processing activities involving Facebook and Instagram, Meta will act as joint controller. Further information on how Meta processes personal data, including the legal basis that Meta relies on and the ways to exercise data subject rights against Meta, and contact details for Meta and its data protection officer, can be found in Meta's Privacy Policy at https://www.facebook.com/about/privacy. We have entered into an agreement with Meta to determine the respective responsibilities for compliance with the obligations under the UK GDPR with regard to the joint processing. This provides that we are responsible for providing you with the above information and that Meta is responsible for enabling your data subject rights with regards to the personal data stored by Meta after the joint processing.
World Pay
Worldpay is a merchant acquirer. The Very Group have joint controller status with Worldpay and share personal transaction data. For further information on how Worldpay process personal transaction data please see Worldpay’s Privacy Statement which can be found on Worldpay’s corporate website.
Yodel
Yodel is an independent parcel carrier that delivers parcels across the UK, with sites nationwide. The Very Group have joint controller status with Yodel and share personal data for delivery purposes. For further information on how Yodel process personal data please see Yodel’s Privacy Notice which can be found on their corporate website, here.
Arrow XL
Arrow XL is a 2-person home delivery specialist in the UK. The Very Group have joint controller status with Arrow XL and share personal data for delivery purposes. For further information on how Arrow XL process personal data please see Arrow’s Privacy Notice which can be found on their corporate website, here.
Your Rights
You have certain rights in respect of your personal data and we have processes to enable you to exercise these rights.
Right of Access
This is known as a Subject Access Request. If you want to know if we are processing personal data relating to you and to have access to any such personal data you can call our Customer Services Team, click here, for details.
Right to Rectification
If you believe that we hold inaccurate personal data about you, then you can update this information directly by logging in to My Account and updating the relevant details.
Alternatively, you can request that we carry out a review and rectify any incomplete or inaccurate personal data we hold about you by calling our Customer Services Team, click here, for details. Depending on the type of personal data you believe is inaccurate, we may ask you for further proof to ensure that the personal data is being corrected properly. If we are satisfied that the personal data is inaccurate we will make the necessary changes.
Right to Erasure
You have a right to ask for your personal data to be erased. However, we are not required to erase your data where we need your personal data to comply with a legal obligation or for the establishment, exercise or defence of legal claims. Therefore we cannot comply with an erasure request where you have a retail shopping account, owe money on a credit facility or have otherwise bought products and services for which we must keep records. In addition, if you opt out of marketing communications or have previously opted out of marketing communications, we have to keep a record or such opt out to ensure that we don’t contact you in the future.
Right to Restriction
You have a right to request that processing of personal data is restricted in certain circumstances. Where we restrict your data, we are permitted to store your data but we cannot process in any other way apart from for the establishment, exercise or defence of legal claims or with your consent.
Right to Object
Where we are relying on legitimate interests as a legal basis to process your data, you have a right to object to such processing on grounds relating to your particular situation.
If you object to our use of your personal data for direct marketing purposes, we will opt you out of direct marketing. You can do this by logging into My Account and amending your preferences or you can call our Customer Services Team, click here, for details.
You may also object to other processing when we rely on our legitimate interests as the basis for processing, but we do not have to stop the processing if we can demonstrate compelling legitimate grounds for the processing (taking into account our processing activities, the nature of our business and our legitimate interests) and that these grounds override your interests, rights and freedoms or in the event that we need the personal data for the establishment, exercise or defence of legal claims. To enable us to consider any objection we will need to know what specific interests, rights or freedoms relating to your particular situation you believe will potentially be put at risk by our processing. If we do stop processing your personal data (apart from for direct marketing purposes), this may affect our ability to trade with you.
Automated Processing/Profiling and Artificial Intelligence
From time to time, in deciding whether to enter into a contract with you, or during the ongoing performance of a contract, we take decisions based on automated processing which produces legal affects or similarly significantly affects you, for example, deciding whether to offer a credit facility or assessing a fraud risk. We use data from a variety of sources in our automated processing for credit scoring and fraud decisioning and we use statistical methods to produce the results. This logic helps us understand the risk posed by individuals by placing a weighting on certain criteria which is then calculated to give an overall score.
There are a number of consequences of such automated processing:
we may open a credit account and you can purchase goods and services using this credit account
we may increase or decrease your credit limit from time to time
we may decide to offer you other credit terms such as buy now pay later or interest free credit which will facilitate your purchase of goods and services
we may refuse your application for credit or we may decide not to offer certain credit products which may have an impact on your ability to purchase goods and services from us. This is in line with our obligations as a responsible lender as we have to assess affordability for credit purposes and to protect customers from financial distress and difficulty
we may conduct a further review or request additional information from you in relation to your request to purchase goods and services if our fraud decisioning highlights any issues
We also use automated processing in relation to the information we hold about you to make recommendations of products and services we think you would be interested in and to improve your experience when you visit our website by making it relevant and tailored to you.
If you object to our use of your data for targeting through cookies, you can opt out using Manage Cookies link on our sites.
Right to Portability
In certain circumstances, you can request that we provide to you your personal data in a commonly used format. If you wish to make such a request you can call our Customer Services Team, click here, for details.
Right to Complain to the Information Commissioner’s Office
You have the right to lodge a complaint with the Information Commissioner's Office and more details can be found on their website www.ico.org.uk.
Credit Applications
In order to process your application and during our relationship with you, we will perform credit and identity checks on you with one or more credit reference agencies ('CRAs').
To do this, we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
We will use this information to:
Assess your creditworthiness and whether you can afford to take the product
Verify the accuracy of the data you have provided to us
Prevent criminal activity, fraud and money laundering
Manage your account(s)
Trace and recover debts, and
Ensure any offers provided to you are appropriate to your circumstances.
We will continue to exchange information about you with CRAs while you have a relationship with us. We will also inform the CRAs about your settled accounts. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs.
When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. A soft search quotation will not place a search footprint on your credit file.
The identities of the CRAs, their role also as fraud prevention agencies, the data they hold, the ways in which they use and share personal information, data retention periods and your data protection rights with the CRAs are explained in more detail at:
TransUnion - www.transunion.co.uk/crain
Equifax - www.equifax.co.uk/crain
Experian - www.experian.co.uk/crain
These links will take you to the same document.
Fraud Prevention
Before we provide services, goods or financing to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you.
What We Process & Share
The personal data you have provided, we have collected from you, or we have received from third parties may include your:
name
date of birth
residential address and address history
contact details such as email address and telephone numbers
financial information
employment details
identifiers assigned to your computer or other internet connected device including your Internet Protocol (IP) address
When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also necessary to enable us to enter into and perform our contracts with you.
We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
Automated decisions
As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if:
our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct; or is inconsistent with your previous submissions; or
you appear to have deliberately hidden your true identity
You have rights in relation to automated decision making: if you want to know more please contact our Customer Services Team, click here, for details.
Consequences of Processing
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or we may stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.
Data Transfers
Fraud prevention agencies may allow the transfer of your personal data outside of the UK. This may be to a country where the UK Government has decided that your data will be protected to UK standards, but if the transfer is to another type of country, then the fraud prevention agencies will ensure your data continues to be protected by ensuring appropriate safeguards are in place.
Your Rights
Your personal data is protected by legal rights, which include your rights to:
object to our processing of your personal data
request that your personal data is erased or corrected
request access to your personal data
For more information or to exercise your data protection rights, please contact us using the contact details above.
If you are unhappy about how your personal data has been used please refer to our complaints policy.
You also have a right to complain to the Information Commissioner's Office, which regulates the processing of personal data.
More Information
If you have any queries about how we use your information or on data protection generally please call us, click here for details, or write us at the Data Protection Office, First Floor, Skyways House, Speke Road, Speke, Liverpool L70 1AB
Opting Out
From time to time we may contact you with details on special promotional offers or products that we think you would be interested in, via email, telephone, SMS, or post or from specially selected third parties. If you do not want to receive these communications you can opt out in the following ways:
Via My Account - Existing customers who have registered their account online – log into My Account, go to 'My Details' / 'Contact Preference' and tick each method of contact you wish to opt out of.
By calling us, click here for details, or writing to us at the above address if you don’t have an account or your account isn’t registered online. Please state which contact method you wish to be removed from (existing customers should provide their Account Number). Please clearly state whether you wish to be removed from our marketing communications, marketing communications from Third Parties, or both.
To opt out of marketing emails from us, click on the “unsubscribe” link contained at the end of marketing emails and follow the subsequent instructions.
To opt out of marketing texts from us, text STOP to 66645.
To opt out of app notifications, then please go into your device settings and disable notifications. Please be aware if you are accessing your account via a shared device other members of your household may see any app notifications we send when using the same device.
To unsubscribe from web notifications from us, please go to your browser settings and within ‘Site Settings/Options’, select ‘Notifications’ and ‘Block’ for our website.
Whilst we aim to make changes to your marketing preferences as soon as possible, we advise that you allow up to 1 month for any changes to take effect.