Rest of the World Privacy Notice

Why do we have this privacy notice?

We are FXC Brands and treating individuals and their personal information with respect reflects our core values as a business.  We want you to know as much as possible about what we do with your personal information.  You and your personal information are protected by various laws and guidance and FXC Brands is committed to upholding these and respecting your privacy and keeping your information safe.  So whilst this privacy notice is quite long, we want you to be fully informed.  

In this privacy notice any reference to "us", "we", "our" or "ourselves" is a reference to is a reference to FXC Brands, (being Freixenet Copestick Limited and its subsidiaries), and any reference to "you", "your" or “yourself” is a reference to you as someone who has a relationship with us in some way, who has contacted us or interacted with us in some way or your personal information is relevant to the work we do as a business.  This privacy notice will not apply in relation to you to the extent you are a current or past staff member or worker for FXC Brands [for this please see our Staff Privacy Notice].  

However, this privacy notice will cover you if you interact with us or we process your personal information for any other reason.  For example, this privacy notice will cover someone who works at a business that we are providing services to, who uses our website(s) or who links to or follows our social media accounts, a member of the public who contacts us, individuals who are going through a recruitment process to come to work for us or anyone else who is affected by our activities to the extent not covered by our [Staff Privacy Notice].  This privacy notice provides details in accordance with data protection laws about how we collect and use personal information about you during and after your relationship with us.

As this privacy notice covers a wide range of individuals and different types of relationships and interactions with us, not all aspects of this privacy notice may apply to you depending upon the nature of your relationship, interactions with us and why we are processing your personal information.  If you have any queries regarding your personal information you can contact Harmeet Singh Matharu, who can be contacted at Harmeet.Matharu@fxcbrands.com.

The controller of your personal information

For the purposes of data protection laws and this privacy notice, we are the controller of your personal information for the processing of your personal information. Being a controller of your personal information means that we are responsible for deciding how we hold and use your personal information. Our corporate details are Freixenet Copestick Limited, a company incorporated in England and Wales with our registered office 2100 First Avenue London Road, Newbury, Berkshire, RG14 2PZ. If you have any queries regarding your personal information you can contact Harmeet Singh Matharu, who can be contacted at Harmeet.Matharu@fxcbrands.com

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during or after the period of your interactions with us.  

What if you do not provide personal information?

Generally, you are not obliged to provide us with any of your personal information and in some cases failing to provide some of it may have an adverse impact on our ability to interact with you. However, if you are applying to work for us and you fail to provide information when requested, which is necessary for us to consider your application (such as evidence of qualifications or work history), we will not be able to process your application successfully. For example, if we require a credit check or references for the role and you fail to provide us with relevant details, we will not be able to take your application further.

If you have queries or concerns just ask! 

We are not required to appoint a data protection officer to oversee our compliance with data protection laws, however we have appointed a Data Controller to do this. If you have any questions about this privacy notice or how we handle your personal information, please contact our Data Controller, who can be contacted at Harmeet.Matharu@fxcbrands.com.  

Changes to this notice

We keep our privacy notice under regular review and we may update this privacy notice from time to time. The current version of this notice is available on all Group websites and by requesting a copy from Harmeet Singh Matharu, who can be contacted at Harmeet.Matharu@fxcbrands.com. If there are any material changes to this privacy notice in the future we will let you know, usually by updating the version on our main website.  

Data protection principles

We are committed to being transparent about how we collect and use your personal information and in meeting our data protection obligations.  Data protection laws say that the personal information we hold about you must be: 

To make sure this happens we are required under data protection laws to notify you of the information contained in this privacy notice.  It is important that you read this document before you begin interacting with us or deal with us in any way so that you understand how and why we will process your personal information. 

What personal information do we collect?

In connection with your relationship or interactions with us, we may collect and process a wide range of personal information about you. This includes:

We may also in some cases collect and process more sensitive special category personal information including:

In cases where it is relevant, we may also collect criminal records information about you, for example an offence committed by you or alleged to have been committed by you that impacts on your relationship with us or your position in an organisation regulated by us or it affects your ability to work for us.

If you are providing us with details of any other individuals they have a right to know and to be aware of what personal information we hold about them, how we collect it and how we use and may share that information.  Please share this privacy notice with them. They also have the same rights as set out in this privacy notice in relation to their personal information that we collect.

We aim not to collect personal information about children

Our website, materials and other services we provide are not intended for use by anyone under the age of 18 years and we do not knowingly collect personal information relating to anyone under the age of 18 years old unless for some reason you provide it to us.

Where do we collect your personal information from?

We collect your personal information in a variety of ways and from a variety of sources as set out below: 

We store personal information relating to you in a range of different places, such as information technology systems (including our email system).

What are our bases for processing your personal information?

We will only use your personal information when the law allows us to.  This means we must have one or more legal bases to use your personal information.  Most of these will be self-explanatory.  The most common legal bases which will apply to our use of your personal information are set out below:

Where we are processing any sensitive special category personal information about you (which covers personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning your sex life or sexual orientation) then we also need to have one or more of the following legal bases for using your personal information.

We will not usually process any of these types of special category personal information about you, and in cases where we do process special category personal information about you it will generally be to comply with legal obligations, where you have given your consent or to establish, exercising or defending legal claims.  In some cases, more than one legal bases may apply to our use of your personal information.

Where we process criminal records information about you, then we will either do so either to comply with legal obligations or with your consent.

How will we use your personal information?

There are many ways we may need to use your personal information in the context of your relationship with us or our use of your personal information. We have set out the main uses below, and indicated the main applicable legal bases of processing, but there may be other specific uses which are linked to or covered by the uses below.

Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.  If we need to use your personal information for an unrelated purpose, we will notify you by updating this privacy notice on our website, so please check back regularly for any updates. 

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.  We will rarely need to rely on your consent to process any of your personal information.

Automated decision-making

Automated decision-making takes place when an electronic system uses personal information to make a decision about that person without any human intervention which produces legal effects concerning them or similarly significantly affects them. We do not currently use this type of automated decision making in our business in relation to you. 

You will not be subject to decisions that will have a significant impact on you based solely on automated decision making unless we have a lawful basis for doing so and we have notified you.

Who has internal access to your personal information?

Your personal information may be shared internally with our staff, including with our managers, our HR team for recruitment matters, our teams carrying out training, services, the technology team and senior staff in the business area involved in your relationship with us or our other staff or workers where access to your personal information is necessary for the performance of their roles.  We only provide access to your personal information to those of our staff or workers who need to have access to your personal information.

Who do we share your personal information with externally?

When using your personal information we may share it with third parties but we will only do so when it is appropriate and we have a legal basis for doing so. Third parties that we may share your personal information with include:

We do not disclose personal information to anyone else except as set out above unless we are legally entitled to do so. 

International transfers

It is sometimes necessary to share your personal information outside of the UK and the European Economic Area (the EEA).  This will typically occur when service providers to our business are located outside the EEA.  These transfers are subject to special rules under data protection laws. 

If we transfer your personal information outside of the UK and the EEA, we will ensure that the transfer will be compliant with data protection laws and all personal information will be secure.  Our standard practice is to assess the laws and practices of the destination country and relevant service provider and the security measures that are to be taken as regards the personal information in the overseas location; alternatively, we use standard data protection clauses. This means that when a transfer such as this takes place, you can expect a similar degree of protection in respect of your personal information.

Our directors and other key staff working for us may in limited circumstances access personal information from outside of the UK and EEA if they are on holiday abroad outside of the UK or EEA.  If they do so they will be using our security measures and the same legal protections will apply that would apply to accessing personal information from our premises in the UK.

In limited circumstances the people to whom we may disclose personal information may be located outside of the UK and EEA and we will not have an existing relationship with them, for example a foreign police force or a foreign regulator.  In these cases we will impose any legally required protections to the personal information as required by law before it is disclosed.  

If you would like any more details about how we protect your personal information in relation to international transfers, then please contact Harmeet Singh Matharu, who can be contacted at Harmeet.Matharu@fxcbrands.com

How do we protect your personal information?

We are committed to keeping your personal information safe and secure and so we have numerous security measures in place to protect against the loss, misuse, and alteration of information under our control.  Our security measures include: 

We take information security very seriously and will use all reasonable endeavours to protect the integrity and security of the personal information we collect about you.

For how long do we keep your personal information?

The duration for which we retain your personal information will differ depending on the type of information and the reason why we collected it from you.  We will hold your personal information for the duration of your relationship with us or the reason we were processing it, and then usually for a further period of up to 6 years after that.  This may apply where you are a contact or client or customer of an organisation that we regulate or we provide services to.  However, for some business relationships, for example those relating to land or our leases of premises, we may need to keep records for 12 years or more.  

Whichever time period normally applies, in some cases we may need to keep your personal information for longer, for example if it is still relevant to a dispute or legal case or claim or a regulatory matter.

If you applied to work with us we will retain your personal information for a period of 12 months after we have communicated to you that you application has not been successful. We retain your personal information for that period so that we can show, in the event of a legal claim, that we have not discriminated against candidates on prohibited grounds and that we have conducted the recruitment exercise in a fair and transparent way. After this period, we will securely destroy your personal information in accordance with the applicable laws and regulations unless you ask us to keep it on file. If your application has been successful and you accept an offer to work for us then please refer to our Staff and Workers privacy notice for further information.

We will not retain your personal information for longer than necessary for the purposes for which it was collected and it is being used. We do not guarantee to retain your personal information for the whole of the periods set out above; they are usually the maximum period, and in some cases we may keep your personal information for a much shorter period.

For more information please contact Harmeet Singh Matharu, Harmeet.Matharu@fxcbrands.com

Your rights

As an individual whose personal information we collect and process, you have a number of rights. You may: 

You should note that some of these rights, for example the right to require us to transfer your personal information to another service provider or the right to object to automated decision making, may not always apply as they have specific requirements and exemptions which apply to them and they may not apply to personal information recorded and stored by us.  For example, we do not use automated decision making in relation to your personal information which has legal or other significant effects for you.  However, some of your rights have no conditions attached, so your right to withdraw consent or object to processing for direct marketing are absolute rights.

If you would like to exercise any of these rights, please contact Harmeet Singh Matharu, Harmeet.Matharu@fxcbrands.com.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights).  This is another appropriate security measure to ensure that personal information is not disclosed to any person or dealt with by a person who has no right to do so.

Whilst this privacy notice sets out a general summary of your legal rights in respect of personal information, this is a complex area of law.  More information about your legal rights can be found on the ICO’s website at https://ico.org.uk/for-the-public/.

Complaints

We hope you don’t have any reason to complain, and we will always try to resolve any issues you have, but you always have the right to make a complaint at any time to the ICO about how we deal with your personal information or your rights in relation to your personal information.  

You can make a compliant in writing to the ICO, Wycliffe House, Water Lane, Wilmslow, SK9 5AF, United Kingdom or you can go to https://ico.org.uk/make-a-complaint/ 

Contacting us

If you have any queries regarding our use of your personal information or this privacy notice then please contact info@fxcbrands.com or write to us at our business address Freixenet Copestick, 2100 Newbury Business Park, London Road, Newbury, Berkshire, RG14 2PZ.