Wilko Privacy Policy

1: Who we are

This policy covers the wilko family of businesses. For more information on our businesses please go to www.corporate.wilko.com.

This Policy together with any documents referred to in it explains how we, collect, store, use and otherwise process your data. We ask you to read this privacy policy carefully

Name of company Description Information Commissioners Office (ICO) registration number
Wilkinson Hardware Stores Limited Our original company and now our holding company. It provides key activities such as strategy and development, IT, legal and finance support to the wilko family of businesses. ZA338097
wilko digital limited wilko.com is where our customers can shop online ZA338081
wilko retail limited Our stores and the distribution centres Z563418X
wilko worldwide limited Sources our wilko brand products. n/a

Back to top ↑

2: How we collect your data

We collect data in a number of ways, including in store, via the website, by phone, post or social media:

  • Ordering and buying goods in store or from our website
  • Registering for an online account
  • Signing up to receive marketing emails
  • Competition and prize draw entry
  • Customer feedback satisfaction survey and product reviews
  • When you contact us such as via customer services or social media
  • In store Wi-Fi
  • Taking part in a live chat and other online forum
  • CCTV
  • Applying for a role as a wilko Team Member
  • Recruitment systems and agencies
  • Development of promotional material
  • Saving your card/bank details to your online account

Back to top ↑

3: What data we collect

The type of information that we collect will depend on the purpose that you contact us. These are most likely to include:

  • Name
  • Email
  • Residential address and delivery address
  • Mobile and home phone number
  • Purchase and order history
  • Age and date of birth
  • Images and recordings such as CCTV, adverts, promotional material, events etc.
  • Interests, hobbies and likes from social media such as Facebook, Twitter
  • Lifestyle and social circumstances
  • Feedback and survey responses
  • Correspondence - when you contact us either in writing or over the phone
  • Financial data (including payment card details and bank account details)
  • Information relating to offenders, suspected offenders and criminal proceedings
  • MAC address (Media Access Control address) – which you provide if you access our in store Wi-Fi Details of your visits to our website including, but not limited to: traffic data, location data, web logs and other communication data and the resources that you access
  • Information on the pages that you have visited on our website, demographics and interests (please see our Cookies Policy for more information).
  • For those applying for role as a wilko Team Member; education and qualifications, previous employment history, health information, information relating to criminal offences, health information, gender previous employment, referee contact details.

Back to top ↑

4: Who we collect data from

  • Team members, contractors, temporary and casual workers
  • Customers
  • Suppliers
  • Individuals who send enquiries/information to us
  • Visitors to our premises
  • Images captured from our CCTV
  • Credit reference agencies
  • For those applying for a role as a wilko team member
    •  Recruitment agencies
    •  Nominated referees
    •  Disclosure and Baring Service (previously called the Criminal Reference Bureau)
    •  Current or previous employers

Back to top ↑

5: How we use your data

  • To process and complete your order
  • To notify you about changes to our goods or services
  • Use your online browsing behaviour and purchases to help us better understand you, meet your needs as a customer and to provide you with marketing communications which are relevant to your interests
  • To respond to any comments enquiries or compliments and resolve any issues
  • To maintain and administer our records
  • To evaluate how our goods and services meet your needs, and to have a better understanding of how where we can make improvements through market research, customer and team member feedback
  • To send you offers we think might be of interest to you
  • To prevent, detect and investigate crime, such as fraud, theft, criminal damage etc
  • To make sure that your visit to our website provides you with the most suitable content (please refer to the cookies policy)
  • To assess your eligibility for work
  • To use what we know about you to understand you better and provide you with information that we think will be of interest to you
  • To provide goods and services to you
  • To manage our relationship with you (including registering accounts and details)
  • To manage payments, fees and charges
  • To collect and recover money owed to us

Back to top ↑

6: Our legal basis for using your data

We only use your data when we have a legal basis for doing so. The legal basis for using your data will depend on what we need to do but includes:

Contract: for us to provide the goods and services we have agreed to provide to you

Legal obligation: for us to comply with the law, this includes examples such as HMRC, Health and Safety Executive

Vital Interests: for us to be able to protect someone’s life

Legitimate Interest: where necessary for our interests or the interest of a third party, but only after carefully considering any effect this may have on you, and in particular your rights and freedoms

Consent: where you have given us your clear consent to use your data for a specific purpose. You have the right to withdraw your consent at any point and more details can found on this by logging into your account/preference centre or contacting us (link to DPO details/correspondence)

Back to top ↑

7: Who we share your data with

We do not sell, rent, trade or otherwise disclose your data, except as described in this Policy. The way that the wilko family of businesses is set up means that we may need to share your personal data so that the right business can provide the service you have requested.

We also work with trusted third party suppliers and agencies so they can process data on our behalf, but only where they meet our strict standards. We only share the minimal information that allows them to provide services to us or to facilitate providing services to you.

Learn more

The types of third parties include:

  • Couriers
  • Advertising, market research and customer feedback agencies
  • Third party agencies that analyse and provide insight into your online browsing and shopping history
  • Law enforcement and Government agencies
  • Our trusted professional advisers, such as insurance providers, legal, debt recovery and investigators, accountancy and auditors
  • Debt collection and tracing agencies
  • Research agencies
  • if wilko or substantially all of its assets are acquired by a third party
  • email service provider

Back to top ↑

8: Where we store your data

We transfer data between our family of businesses and with our suppliers and service providers. Where these providers are based outside the European Economic Area we use appropriate safeguards as set out in the law you to protect your data.

Back to top ↑

9: How long we keep your data

We retain a record of your data so as to provide you with a high quality of service across our family of businesses. We will only retain your data in accordance with the law and we will only retain it for as long as is necessary. How long we will need to keep your personal data will depend on the purpose it was collected for and our basis in law for keeping it. There a number of reasons we may need to retain it.

Learn more

Reasons we might need to keep your data include:

  • Financial reporting - to report financial information to HMRC
  • Record of payments – for us to reconcile our records with your receipt to organise product returns
  • Insurance - to show our previous contact with customers in the case of a claim, such as defective product, a personal injury in our stores

Your data will be disposed of securely once it is no longer needed.

Back to top ↑

10: Your rights regarding your data

The General Data Protection Regulation gives you a number of rights in relation to your data. These are set out briefly below:

Right to be informed - this means you have a right to be informed about the way we collect and use your data.

Right of Access - also sometimes called a Subject Access Request - this means you have a right to request a copy of the data we hold about you (link to SAR).

Right of Rectification - this means that you can request we correct your personal data if it is inaccurate.

Right of Erasure - this means you can request that all the data that we hold about you is deleted.

Right to Restrict Processing - this means that you can request the processing of your data is blocked and your data is stored separately.

Right to Data Portability - this means that if you can request a secure transfer of your data to another business.

Right to Object - This means you have a right to object to direct marketing, including profiling.

Rights Related to Automated Decision Making and Profiling – This means that where a decision is being made about you using an automated process, you can request an explanation as to why that process is used and to request human intervention if you believe a human would come to a different conclusion

Right to withdraw consent - see link

Right to complain to the Regulator - Details on how you can do this are included further down the page.

Back to top ↑

11: Obtaining a copy of my data

If you wish to see the data we hold for you then please send your request to us.

We will act upon promptly upon receiving your request. In most circumstances, your data will be provided and free of charge.

Before providing any information we will need to verify your identity and may request further information from you so we may progress your query as quickly as possible

Back to top ↑

12: Sharing your thoughts online

When you use our website or trusted providers, you may be able to share information through social media networks such as Facebook and Twitter for example through ‘likes’ or reviews. When doing this your data may be visible to providers of social network services, their users as well as the wilko family of businesses. We recommend that you consider the privacy settings on your social media accounts so as you are clear how your information may be used and shared.

Back to top ↑

13: Security of your data

Here are some of the measures we take to protect your data:

  • Information technology protection for example through firewalls, encryption, separation of our system
  • Limit who is able to get into our buildings and where people are allowed to go, for example by use of passes, card access and other technologies
  • We never ask for your password
    We never ask you to enter your password or your account details into an email or an email link. We ask if you receive any requests of this nature to contact us (link).

Back to top ↑

14: Making contact with us

If there is anything you cannot find the answer to in our Policy then we are more than happy to help you.

If you wish to make a request relating to any of the above rights please contact InfoGov@wilko.co.uk

The contact details for the Data Protection Officer for wilko are

Name: Tara Neal email address: InfoGov@wilko.co.uk

Back to top ↑

15: Your right to complain to the Regulator

You have the right to make a complaint to the regulator if you believe that we are not using your data in accordance with the law.

The supervisory authority for the United Kingdom is The Information Commissioner's Office (ICO).

  • By phone: 0303 123 1113
  • By letter:
    • The Information Commissioner's Office
    • Wycliffe House
    • Water Lane
    • Wilmslow
    • Cheshire
    • SK9 5AF

By email: casework@ico.org.ukThe ICO website is www.ico.org.uk. On this site they also have an online form for queries and a live chat facility.

We would request that you make contact with us prior to the ICO, so we can make every effort to reassure you and answer any queries you may have.

Back to top ↑

16: Policy change

This Privacy Policy was updated on 18th April 2018

Back to top ↑