Privacy Policy
When you place an order with e2save.com, we need to collect certain information to be able to process your order.
To opt-out of receiving marketing messages please call us on 0330 678 0519. You can also unsubscribe by clicking on the "Unsubscribe" link at the bottom of your email, and can also log into your my My Account and send us a message to unsubscribe.
This Privacy Policy helps you understand what personal information we collect, why we collect it, what we do with it and the choices you have, including how to access and update information.
Our Policy applies to you if you use our products or services in over the phone, online, through our mobile applications or if you use any of our websites or interact with us on social media (our “Services”).
Summary of key information
This Privacy Policy covers in detail how we process your personal information. We have summarised below each area, and more information is available in each of the sections:
- Information we collect: We collect a range of information about you when you interact with online, over the phone, in writing (email and post) or through our social media channels. The specific types of information are listed in the section below.
- How we use your information: We use your information in line with this Privacy Policy and the lawful reasons set out in data protection legislation:
Where we have your consent to do so
Where we need to comply with a legal obligation
Where there is a contract in place
Where we have established a legitimate interest that does not override your rights and freedoms
Where there is a vital interest - More sensitive information: In limited cases, we may handle more sensitive information such as health or criminality-related information
- How we use your information to make automated decisions: We sometimes use systems to make automated decisions, but you do have rights in relation to our use of these, outlined in more detail below.
- How we protect children and customers in vulnerable circumstances: We endeavour to protect children or those who are in potentially vulnerable circumstances, as described in the section below.
- How we use information for analysis: We undertake analysis activities on our customers and products for a number of reasons, outlined in more detail below.
- Digital advertising and personalisation:We advertise across digital channels, including social media platforms and working with partners and agencies, explained in more detail in this section.
- Who we share you information with: We share your information within the Currys group of companies, with external service providers and other third parties where necessary. In every case we undertake appropriate due diligence to ensure the sharing of your information is secure and appropriate
- Credit Reference Agencies and insurance: E2Save works with Credit Reference Agencies (CRAs) and will exchange information with them. Full details of this are included in the section below.
- Sharing your information with mobile network providers: E2Save will share personal information with mobile network providers whose contracts we sell.
- International transfers of your personal information: When necessary, we may transfer your personal information out of the UK. When we need to do this, we ensure appropriate safeguards are in place.
- How long we keep your personal information: We do not keep personal information for longer than is necessary
- Your rights: You have a number of rights under data protection legislation, including the right to access your information, and the right to request erasure of your information. All your rights and how to exercise them are listed in this section.
- How can you stop the use of your personal information for marketing You can unsubscribe from our direct marketing communications at any time. More information on how to stop.
- Security measures: We have in place appropriate technical and organisational measures to ensure the security of all personal information we hold.
- Links to other websites and social plugins: We do link to other third party websites and social platforms within our websites which we do not control, and encourage you to also read those privacy policies.
- Links to other websites and social plugins: We do link to other third party websites and social platforms within our websites which we do not control, and encourage you to also read those privacy policies
- Contact us: You can contact us regarding this Policy using the details listed in this section
Who we are
E2save, a trading name under Currys Retail Limited (referred to using “we”, “us”, “our” or the “Company”) is a company registered in England and Wales (Company registration number: 2142673) and is part of the Currys group of companies (“Currys Group”). Currys Group is a leading omnichannel retailer of technology products and services, operating through online and 830 stores in 8 countries. We help everyone enjoy amazing technology, however they choose to shop with us.
Information We Collect
We collect personal information about you when you visit one of our stores, use our websites, use our mobile device application (“Mobile App”) or if you communicate with us by phone, e-mail and social media. We refer to our websites and Mobile App collectively as “Online Services”.
The types of personal information we collect includes:
- Personal details such as your name, address, date of birth, email address, phone number and other contact information.
- Transaction information, such as the product you purchased, its price, your method of payment and your payment details, which are anonymised as per Payment Card Industry Security Standards (PCI DSS).
- Information about you like your employment details, financial position and information taken from identification documents, like your passport or driving licence, when we review your application for insurance or loans offered by selected third parties and partners.
- Your account information, such as dates of payments owed and received, the subscription services you use or any other information related to your account.
When you're using our Online Services, the information we collect includes:
- Account information, like your username, password, and other identifiers or credentials you use to access our Online Services.
- Personal information you provide when you buy our products and services online, and details of your shopping preferences, such as your favourite brands and products, as well as which of our stores you prefer to shop in.
- Details of your visits to the website, in-store WIFI or App, and the resources that you access. Examples include ads that you click, device information and your location.
- IP address, type of device you are browsing from and cookie information.
- If you interacted with our Online Services from an email we sent you we will have a record of that.
More information is available in our Cookie Policy.
The situations when you provide personal information could include when you:
- Purchase products at our stores or through our contact centre.
- Register or use our Online Services.
- Request to receive marketing or other communications.
- Use our Wi-Fi networks or other in-store tech.
- Enter one of our competitions or when you complete one of our customer surveys.
- Submit information when you’re providing feedback or making an enquiry.
- Use interactive features of our Online Services.
How we use your Information
Data protection law sets out a number of different reasons for which a company may collect and process your personal information. These are:
- Where we have entered into a contract with you;
- Where we have your consent;
- Where we are legally obligated to;
- Where we have determined a legitimate interest that does not impact your rights and freedoms; and
- Where it is in your vital interests.
The table below provides examples of when we might rely on these lawful reasons:
Where we process your information under Legitimate Interest, we will have assess this processing and balanced it against your rights and freedoms.
More sensitive information
Under data protection law, some personal information is considered more sensitive, including information relating to a person’s racial origins, certain beliefs or health conditions. It can also include information relating to criminal activity.
We do not expect to handle any of your more sensitive information unless it becomes relevant in Our dealings with you or you volunteer the information. Examples of this might be where you have a vulnerability or health condition which is relevant to Our dealings with you; where you are involved in a medical emergency or accident; if the information is relevant to a legal dispute or complaint; or while addressing criminality impacting Our business. On the rare occasions we handle more sensitive information, we only do so as allowed by data protection law (for example, where we have your consent, to protect someone’s vital interests or to prevent or detect crime) or as required by law.
How we use your information to make automated decisions
We sometimes use systems to make automated decisions based on your personal information or the information we are allowed to collect from others about you or your business (for example where we perform credit or internal fraud checks). This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the products, services or features we may offer you now or in the future, or the price that we charge you for them.
You have rights over automated decisions:
- Under certain circumstances, you can ask that we do not make our decision based on the automated score alone; and
- You can object to an automated decision and ask that a person reviews it.
If you want to know more about these rights, please contact us.
How we protect children and customers in vulnerable circumstances?
We understand the importance of protecting those that may be in vulnerable circumstances or who are children, especially when signing up for one of our FCA regulated products, such as applying for credit or insurance.
Children’s information
In line with FCA guidelines we do not allow under 18s to sign up for credit or insurance products. Our Online Services are aimed at adults, and we do not knowingly collect or expect to collect or store children’s information. In the event a child visits our website we ensure the highest privacy by design, including only collecting the minimum information that is necessary.
Customers in vulnerable circumstances
Occasionally, we may need to handle more sensitive information of customers with vulnerabilities or in vulnerable circumstances. This can include, for example, information about medical conditions or symptoms they have. We do this to assist our customers who have a need for additional support. We only collect the minimal amount of information required to achieve this, and only keep it for as long as reasonably necessary.
How we use information for analysis
We analyse customer and transactional information to understand customer attitudes and propensity to act in a certain way in the future. We use algorithms to group customers into segments based on their socio-demographics, frequency of their interaction with E2Save, size and type of their purchases, and feedback they provide via surveys.
We analyse customer information to:
- Build new products and services or modify our services or store environment to better meet customers’ expectations.
- Design and deliver marketing campaigns, product and services recommendations that are relevant to you. This would be based on your past purchases, your online browsing behaviour or on what you have told us in surveys.
- Develop product assortments based on types of customers, their preferences and shopping behaviour.
- Develop commercial forecasts.
- If you have provided consent, personalise your experience on our website.
If you have provided consent, we will use Cookies and other tracking technologies to analyse how you use our website through modelling to help us understand user behaviour, to personalise your experience on our website and ensure we are developing our website in the most appropriate and optimal way. More information is available in our Cookie Policy.
We may also carry out analytics activities on information which has been fully anonymised.
Digital advertising and personalisation
We advertise across all digital platforms with both targeted and non-targeted advertising. For targeted advertising, we may use information obtained through the use of cookies or similar technologies in your web browser to display ads to you, which you may see on other websites or digital platforms. We will seek your consent to deploy these kinds of cookies and similar technologies through our website cookies consent mechanism. More information is available in our Cookie Policy.
In order to ensure that appropriate ads are displayed, we work with partners and agencies to analyse and prepare the information, and measure the effectiveness of our advertising. See below the section on ‘Who we share your personal information with’. Where applicable, we or our advertising partners will combine this information with your transaction information and other information, such as your cookie consent instruction, and information from external or publicly available sources. By building a richer picture of your preferences in this way, we can make sure you see ads most relevant to you. We also use this information to ensure you do not receive unnecessary ads.
Our digital advertising includes advertising across social media platforms. The media owners we most commonly work with are Meta (which owns Facebook and Instagram) and Google (which owns YouTube). The individual privacy policies are linked for your information.
We will also use the information we have on existing customers for modelling purposes, to help identify potential new customers who may be interested in our products.
Who we share your personal information with
We share personal information within the Currys group of companies, which includes Currys, iD Mobile, Carphone Warehouse and mobiles.co.uk. Members of the Currys Group that receive this information are not authorised to use or disclose the information except as provided in this Privacy Policy.
Our service providers
We work with partners, suppliers, insurers, mobile networks and agencies so they can process your personal information on our behalf and only where they meet our standards on the processing of data and security. We only share information that helps them provide their services to us or to help them provide their services to you. For example, some of our service providers place advertising for us online, about our products and services and those of our retail partners, suppliers and third parties. As a result, where you have indicated you are happy to receive online marketing from us in our cookie preference centre, you might see online advertising that we or our partners have placed on the websites you visit, or the interactive services you use.
Our third-party service providers include:
- Mobile networks: When you apply for a new mobile contract we will complete a credit check before completing the transaction. Mobile networks also undertake their own credit checks, and we may not always reach the same conclusion. You can query any credit outcome as a result of a mobile contract purchase at any time, contact us. Please note are not acting as a lender in respect of our credit checks. See ‘Credit Reference Agencies and insurance’ section below for more information.
- If you are upgrading with your existing network we will do an upgrade eligibility check with your network.
- Insurance partners: When you purchase an insurance product, we will pass on your information to trusted third party partners responsible for those insurance products. We will continue to exchange your information with them while you have an active insurance product.
- We share your information with financial institutions to improve levels of service, reduce risk and provide due duty of care to you and other customers.
- Providers that we work with to deliver our marketing campaigns, and facilitate our competitions.
- Manufacturers of products sold to our customers for whom we carry out repairs.
- Companies that enable us to collect your reviews and comments, both online and offline, such as Trustpilot.
- Companies which run our contact centres because they need your personal information to identify and contact you.
- Third party vendors who help us to manage and maintain the Currys Group IT infrastructure.
- Companies that provide insights and analytics services for us so we can stock the right products, send the right marketing campaigns, and understand our business and customers better.
- Specialist provides of digital advertising and personalising content to provide customers with adverts tailored to them.
- Partners that support our services, such as where we need to arrange a specialist engineer visit.
- Companies that work on our behalf processing and sorting information, monitoring how customers use our website, issuing our emails for us and collecting product/customer feedback from you via surveys.
Where you have asked us to deliver your purchases either to the store (‘Click & Collect) or any other place, we will also share your address and contact details with our delivery partners like DPD or Royal Mail, to ensure a successful delivery. These partners may contact you to provide periodic updates on your delivery.
Other organisations and individuals
We may transfer your personal information to other organisations in certain scenarios. For example:
- If required to by law, under any code of practice by which we are bound or we’re asked to do so by a public or regulatory authority such as the Police or the Department for Work and Pensions.
- To prevent and detect criminality impacting our business, we may voluntarily or on request share information with the Police or other crime organisations, such as the National Business Crime Solution (NBCS). NBCS is a non=profit initiative that works with the Police and business community to help tackle nosiness crime in the UK by gathering and sharing information.
- Information may also be shared with fraud prevention agencies to prevent fraudulent claims.
- If we need to do so in order to exercise or protect our legal rights, users, systems and services.
- With banks and insurance companies if you are a financial services (insurance or credit) customer.
- With mobile phone operators if you buy a phone contract through us.
- In response to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.
Credit Reference Agencies and insurance
In order to process your mobile contract we will supply your personal information to credit reference agencies (“CRAs”) and they will perform a credit check. Throughout your contract we will also share your payment history with them, and they will give us information about you. This will include information from your order and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information, and fraud prevention information. We will use this information to:
- Assess your creditworthiness and whether you can afford the contract.
- Verify the accuracy of the data you have provided to us.
- Prevent criminal activity, fraud and money laundering.
- Trace and recover debts.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at www.equifax.co.uk/crain
Sharing your information with mobile network providers
When you purchase a new mobile contract, and we complete our checks and complete the purchase for you, we will share your personal information with the relevant network provider, either iD Mobile or Vodafone. We will continue to share information with the mobile networks throughout the life of the contract.
International transfers of your personal information
We are a UK-based business and so your personal information will be handled by us in the UK. From time-to-time we may transfer your personal information (for example, to our suppliers, service providers or other companies within Currys Group) out of the UK for the purposes described in this Privacy Policy. Unless otherwise allowed by data protection law, where we transfer information to a country not recognised as having equivalent protections for information as the UK, we will put in place appropriate safeguards to ensure your information is protected in the same way as if it was being used in the UK. This can include putting in place contractual protections (known as standard contractual clauses) and other organisational or technical measures designed to safeguard information.
How long we keep your personal information
We will keep your personal information for as long as you’re a customer. If you haven’t made a purchase or engaged with us for 3 years or more, then we will remove you from our marketing mailing lists. After you stop being a customer, in most cases, we will keep your information for up to 7 years after the last time you interacted with us, or if you have purchased insurance products, up to 7 years from the end of the cover.
We may keep your information for longer than 7 years if we cannot delete it for legal, regulatory or technical reasons. We may also keep it in order to help support product recalls or safety notices. If we do, we will make sure that your privacy is protected and only use it for those purposes.
We do not retain personal information in an identifiable format for longer than is necessary.
Your Rights
The table below outlines the Data Protection Rights available to you:
| Access to Information held about you | You have the right to request what personal information we hold about you. This is sometimes called a 'Data Subject Access Request'. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you free of charge. Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information. Except in rare cases, we will respond to you within 30 days after we have received this information or, where no such information is required, after we have received your request. You can request a copy of your information via this form, or using the contact details below. |
| Rectify information held about you | If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it. |
| Data Portability | In certain circumstances you have the right to request a copy of your personal information from us or to have that information passed to an organisation of your choice in a format that can be easily re-used. |
| To stop or limit our processing of your information | You have the right to object to us processing your personal information if we are not entitled to use it anymore, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.
Please note that we may be required by law to retain certain information. Before we are able to provide you with any information or correct any inaccuracies, we may ask you provide other details to help us respond to your request. |
| Erasure | You have the right to request erasure of your personally identifiable information (also know as the right to be forgotten). In some circumstances we may be able to fully delete your information, for example, where we have an overriding legal obligation to retain it, and where we can delete it, we will need to eep an appropriate record of the request. |
If you would like to exercise these rights, please contact us.
How can you stop the use of your personal data for direct marketing
We won't send you marketing messages if you tell us not to. You can tell us in a number of ways:
- You can click onto the "unsubscribe" link in any communication that we send to you by email, or send a free SMS short code to opt out of SMS marketing, both of which will automatically unsubscribe you from those channels or communication. Please also note that you may continue to receive any service communications we need to send in relation to the product and services we have sold to you.
- In relation to our App, you can manage your preferences in the App.
- Alternatively, you can unsubscribe by calling us on 0330 678 0330. Please note that it may take up to 28 days to process your request.
- To stop online marketing through cookies please see our Cookie Policy.
- If you are seeing marketing from us through your social media channels you can stop these directly within the social media site.
You can also find further information within our Direct Marketing Customer Charter at the end of this Privacy Policy.
Security Measures
We take our responsibility to protect your information very seriously. All companies within Currys Group use physical, technical and organisational security measures to protect the personal information supplied by you against loss, destruction, and any unauthorised access by third parties. We do this in several ways which include, but is not limited to:
- Following the Payment Card Industry Data Security Standard (PCI DSS) when handling debit and credit card information.
- Adhering to General Data Protection Regulation (GDPR) guidelines when collecting, processing and storing information.
- Using encryption protocols and software to protect your personal information during transmission.
- Carrying out regular back-ups of our critical information.
- Regular testing and evaluation of our security measures.
Links to other websites and social plugins
Our websites (which includes this Privacy Policy) contain links to other websites run by other organisations which we do not control. This Policy does not apply to those other websites and apps‚ so we encourage you to read their privacy statements.
We use so-called social plugins (buttons) of social networks such as Facebook, Google+, You Tube and Instragram. After activation of a button, the social network can retrieve information, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account. A social network cannot assign a visit to websites operated by our other group companies unless you activate the respective button there as well.
If you’re a member of a social network and don’t want that network to combine information retrieved from your visit to our websites with data they hold on you, you must log out from the social network concerned before activating the buttons.
Contact us
If you would like to access any of your rights as listed above, or have any questions with regards to this Policy, please use the contact us section of our website.
Alternatively, you can contacts our Data Protection Office at:
Email: [email protected]
Post: Data Protection Office, London Campus at Waterloo, 8th Floor, 10 York Road, London, SE1 7ND
You can also contact the Information Commissioner’s Office (ICO) if you have any concerns or complaints with how Currys Group has handled your personal information: https://ico.org.uk/global/contact-us
This Privacy Policy was last updated 16th Novemeber 2023 and replaces all previous versions. This Policy is regularly reviewed and if updates and changes are made we may notify you either by email or with an announcement on social channels.
Direct Marketing Customer Charter
When you purchase a product or service online or in store we collect personal information about you to let you know about our latest products, services or offers. We may do this by post, email, text message, online, or by using social media.
We will only use your personal information to send you marketing messages if we have a legal right to do so. That could be either with your explicit consent or where there is ‘legitimate interest’, like when we have a business or commercial reason to use your information. We will always provide you with the opportunity to opt out of marketing when we first collect your contact details and in every subsequent message.
We may ask you to confirm or update your marketing choices, if you purchase any new products or services with us in future. We’ll also ask you to do this if there are changes in the law, regulation, or the structure of our business.
The personal information we have about you is made up of what you tell us, and the information we collect when you use our services, or from third parties we work with, like Experian. For more information on the third parties we work with and how we use your personal information, please see our Privacy Policy.
We also gather statistics about email opening and clicks, using industry standard technologies to help us monitor and improve our e-mail communications.
We won’t send unsolicited one-to-one (direct) marketing email and/or SMS communications unless they comply with the rules of General Data Protection Regulations (GDPR), Data Protection Act 2018 (DPA18) and Privacy Electronic Communication Regulations (PECR) and related guidance.
Specifically, our promise to you is that:
- We will always ask you to actively opt-in to receiving electronic direct marketing messages. That is, unless we’re contacting you about receiving marketing for our own similar products during the course of a sale or when you are setting up a Currys account, and we offered you the opportunity to opt-out when you gave us your details.
- Our store and contact centre colleagues will always inform you about any further use of your contact details for direct marketing when you make a purchase.
- We will offer you a choice of how you would like to receive marketing from us, including email or text.
- We will make sure that the products or services we are marketing are the same or similar to the ones you originally consented to receive marketing for.
- We will ask for your consent to pass details to third parties for their own marketing purposes. We will name those individual companies when we request your consent.
- We will record when and how we obtained your marketing consent, and exactly what it covers.
- We will make sure the language we use when you consent is clear and easy to understand, and that it’s clearly distinguishable from any other matters, including other Terms & Conditions.
- We won’t use confusing language in our marketing statements, including the use of double negatives, technical or legal jargon and confusing terminology or inconsistent language.
- For telephone and postal marketing communications, we’ll screen your name and contact details against the Telephone & Mail Preference Service.
- We will always offer you the option to opt out of direct marketing at the point when we capture your contact details and in every subsequent communication by clicking the unsubscribe link.
- We will make sure we promptly (and always within 28 days) opt you out of our marketing activities on your request. We will make sure there is always a simple, easy-to-access and free of charge way for you to withdraw your consent.
- We will operate and maintain an in-house suppression file listing the names and contact details of customers who have told Us they don’t want to receive marketing communications through all or particular means of communication.
- We will rely on the legitimate interests of the business (as an alternative to explicit consent) when we undertake postal marketing, when we conduct live outbound phone sales or when we are contacting our business customers. We will include information in our telephone scripts and in all postal marketing on how to opt out of receiving such marketing.
- We will screen information to remove files of deceased people so that they are not used for marketing.
- We will not send you any direct marketing if you haven’t been in touch with us or purchased from us in the past three years.
- We have procedures for dealing with inaccuracies and complaints.
- We will cooperate fully with any investigation by the Information Commissioners Office (ICO) in relation to our direct marketing activities.
- We may remove you from direct marketing if we believe that doing so could cause you financial harm or distress.
Bought in lists
We will only use bought-in lists for texts, emails or recorded calls where we have proof of opt-in consent which specifically names us.
- We will only use the information on the lists for marketing purposes.
- We will delete any irrelevant or excessive personal information.
- We will screen the names on bought-in lists against our own list of customers who say they do not want our calls, texts or emails.
- We will carry out small sampling exercises to assess the reliability of the information on the lists.
- When marketing by post or email, we will include our company name, address and telephone number in the content.
- We will always tell customers where we obtained their details.
- We will provide you with a link to our Privacy Policy.
- We will undertake adequate due diligence when we first select information suppliers and in our ongoing work with them in order to make sure it has received and used personal information fairly.
- We will make sure that adequate contractual terms are in place requiring information suppliers to make sure personal information was obtained and provided fairly and in accordance with the requirements of GDPR.
- We will take all necessary steps to satisfy ourselves that the information has been properly sourced, permissioned and cleaned. We will make sure that sufficient due diligence is undertaken and contractual arrangements are in place with suppliers of personal information