Last Updated Date 23/10/18
1. About You, HuYu and dunnhumby
Get rewarded for sharing your data with HuYu. Earn points for scanning grocery receipts, completing surveys. Then turn your points into vouchers for shopping, coffee, or rides – take your pick from a whole range of major brands. It’s a fair, simple and easy way to make your data work for you.
dunnhumby is a consumer data science company, headquartered in the U.K. but with group companies all around the world. dunnhumby is the company behind the HuYu app and we're the company that's responsible if you have any issues with our HuYu app and the way we use your information. You can find out more information about dunnhumby here. If you have any questions about the way we use your information, please contact us (See Paragraph 12).
2. What is HuYu?
HuYu is a mobile app that you can download to your phone which is designed to collect information about your shopping activity and lifestyle. Through HuYu, you can share your shopping receipts with us, answer a survey, sign up and share some information about you from your Facebook or Google account, and in exchange, we will award you points which you can trade-in for rewards.
HuYu is all about the transparent exchange of data from you in exchange for rewards from us – a fair deal where we tell you what we would like to do with your information and you agree to provide your information to us.
3. What information do we collect and why?
Information that you provide voluntarily as a participant of HuYu
We will collect the following information about you when you sign up and use HuYu (but only if you choose to share it with us – with HuYu, you control the information you want to share with us):
We will never seek to collect any special category information…..this is information about you which the law says is sensitive and includes information about your physical or mental health or condition, sexuality, religion, political affiliations – you can find a full list at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/special-category-data/) but it's entirely up to you what you share with us through HuYu. If your receipts contain special category information and you don't want to share this with us, please don't scan the receipt into HuYu. If you do share this type of information with us, we will not use it to create insights about you as we're not looking to create insights about HuYu user's and this type of information.
We don't have control over what you choose to scan using HuYu, which means that you might choose to provide an image to us which contains information which directly identifies you (e.g. your name or your address might be in an online receipt you send to us). HuYu will detect this information, extract it and delete it within 24 hours. This information will not be used by us.
Information that we collect automatically
We automatically collect information and keep records of how, when and where you use our HuYu app and information about your phone. Some of this is essential (because HuYu wouldn’t work without it) and some of this is to help us improve the quality of our HuYu app. Automatically collected information includes:
The information which we learn about your phone and which is connected to you and your use of HuYu is your information and we will only use it in accordance with data protection and privacy laws.
We automatically collect and process the above information through third-party service provider tracking technology – as you download, register and interact with our HuYu app, our third-party service providers Appsflyer and Google Analytics for Firebase, will automatically collect and process the information described above using tracking technology. See paragraph 5 for more information about our third-party service providers.
4. How we use your information and the legal basis for processing it
We use your information to do the following things and, unless we say something different below, we use your information to perform our legitimate business interests as a data science company:
Your data will not be used to advertise or market third party products or services to you unless you have opted-in.
If you have questions about or need further information concerning the legal basis on which we collect and use information about you, please contact us (See paragraph 12).
5. Who does dunnhumby share my information with?
The insights we share with our dunnhumby partner brands will never contain your personally identifiable information or enable our partners to identify you because the information we share is always aggregated. The insights will be general information about trends and behaviour patterns which we have created using information about a large number of HuYu users. When we talk about dunnhumby partner brands, we mean retailers and brand-owners who we work with to provide them with better insights into their customers' preferences and trends, to help them develop products and improve the shopping experience they provide to their customers.
We may disclose your information to our group companies. For example, we have one global access management system which is provided from the UK. We also have a number of global access management and support teams.
We may disclose your information to third party services providers who help us provide HuYu, for example by hosting it, enabling certain features or functionality, or by providing ancillary services such as data analytics, data storage, support and maintenance or security technology. The main third party service providers that we use for HuYu are as follows:
These third-party service providers may automatically collect information about how you use their services. You can find out more about the ways in which they will use your information and how you can control the information they collect and uses about you here: Appsflyer (https://www.appsflyer.com/privacy-policy/); Survey Monkey (https://www.surveymonkey.com/mp/legal/privacy-policy/); Tango Card (https://www.tangocard.com/privacy-policy); and Google (https://policies.google.com/technologies/partner).
We will share your information with any competent law enforcement body, regulatory, government agency, court or other third party where we believe we need to share it (i) because the law or regulations requires us to, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
We may share your information with any other person if you consent to us sharing it with them.
6. How does dunnhumby keep my information secure?
We use appropriate technical and organisational measures to protect the information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your information. Specific measures we use include restricting access to staff on a need to know basis. ensuring our staff receive data protection training, treat your information in confidence and are required to comply with our data protection policies and procedures. When we share your information with the other organisations listed in section 6, we will put appropriate safeguards in place to protect your information including putting contracts in place and making sure that they treat your information confidentially.
7. International data transfers
The data held by HuYu is stored using Google Cloud Platform's servers in Belgium. Our group companies and third party service providers and partners operate around the world.
As a result, your information may be transferred to, and processed in, countries other than the country you are in. These countries may have data protection and privacy laws that are different to the laws of your country and, in some cases, may not be as protective.
If you would like to see our Standard Contractual Clauses, please contact us using the details in the How to Contact Us section below and we would be happy to provide a copy. We have similar safeguards in place with our third party service providers and partners, if you would like further details about these, please contact us (See Paragraph 12).
8. Data retention
The information HuYu holds on you (both the raw data taken from your receipts and the insights we create from those receipts and survey responses) will be kept for 117 weeks and then deleted. We will delete the raw data, but once information about you and other HuYu users is aggregated to create insights and trends data, your information will be anonymised and we won't be able to identify you or separate your information from other HuYu users.
We will keep information and records about you for as long as you're a HuYu user and for 117 weeks after you stop being a HuYu user (for example, to deal with any claims or complaints which you may make and to manage any requests you make to exchange your HuYu points for rewards).
9. Minimum age of HuYu users
HuYu is for people who are 18 or over. If you are under 18, please do not download or use our HuYu app.
10. Your data protection and privacy rights
We will respond to any request which you send to us and we will manage your request in accordance with applicable laws.
HuYu is all about fairness and transparency – you only share the information that you're happy to share with us and we'll provide you with rewards and perks without any nasty surprises.
12. How to contact us
If you have any questions or concerns about our use of your information, please contact our Data Protection Officer using the following details: email@example.com. The data controller of your information is dunnhumby Limited. If you have any concerns or would like to make a complaint to the Information Commissioner's Office, which is the UK regulator responsible for data protection issues, you can contact them using these details: https://ico.org.uk/make-a-complaint/..