Your privacy is really important to us, why not watch our short video which explains exactly how we collect and use the information you supply to us.
Any questions? Contact our Data Protection Officer by emailing 'email@example.com' and a link to the email address
When someone visits www.hotter.com we use third-party analytical services, such as Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
We use a third-party provider, dotdigital, to deliver our regular e-newsletters and email offers. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our communications via this channel.
Hotter uses two third party services to help maintain the security and performance of the Hotter website (Thawte & Security Metrics). To deliver this secure service it processes the IP addresses of visitors to the Hotter website.
When you purchase something from Hotter online, we collect contact details from you in order to fulfil our contractual obligation to provide you with your goods and services. We also (upon your initial registration) ask you to confirm your marketing preferences with us. Up to and including 24/05/2018 this will have been through the use of pre-ticked boxes which you would have needed to untick in order to opt out. Any new customer account signups during checkout/order confirmation from 25/05/2018 will assume that you want Hotter to stay in touch with you using catalogues, emails, online advertising, SMS & phone calls however you will need to explicitly opt-in to have your information passed to any Third-Parties for marketing via post. You can however opt out of all of these at the time by making the appropriate selections when prompted.
In order to do this, we use the legal basis of 'Legitimate Interest' which allows collection of data where these circumstances apply:
The options you may be presented with are as follows:
When you opt into email communication we assume the permission to use your email address to contact you extends to its use within other third party advertising platforms, including but not limited to Google & Facebook. You may see banner advertisements or other forms of sponsored content and personalised search engine results as a result of this type of advertising. You are able to review the partner's privacy policies, which include details of how to opt out of advertising within each platform, by following the links below;
|Third Party Service Provider||Category of information supplied||Link to privacy notice|
|Email address||Privacy Notice|
|Email address||Privacy Notice|
One exception to this is that when you make a purchase we will continue to send you our catalogues using the reasoning of legitimate interest. This will enable us to keep you up to date with our latest collections and offers. However, you are given the option to opt out of that also. The initial registration page will state "From time to time we will contact you via post about our products, relevant offers, news and competitions by post.".
The full list of industries we currently have sight of are as follows; charities, transportation, service and professional industries, manufacturers of food and beverages, household goods, wearing apparel, furniture, health preparations, technology, electronic and optical products and motor vehicles, as well as health and care services, information and communication providers and financial and insurance industries. Third party partners we work with on this include CACI, Quantum Group, Epsilon, Abacus, Experian, Club Canvasse and Access DM Limited.
All pages which reference marketing preferences will include clear direction on how to opt out of or tailor your marketing communications. The details of this are as follows:
The security of your personal information is important to us.
Your details are recorded during your shopping experience with Hotter and communicated through our WebSphere Commerce website. They are then sent to our central system (Microsoft Navision) which stores the information you have provided to us securely.
Details recorded as part of the above processes include names, addresses, telephone numbers, email addresses, comments on cases and dates of birth. You don't have to give us your date of birth however, if you choose to, we will occasionally use this to send customised offers, usually on or around your birthday. Also, we could use this in an anonymised way to understand the demographics of our valued customers, to help us improve our offers.
We also take your payment card details during any credit/debit transactions however we do not store this information. We can, at your request, store an encrypted token that enables us to retrieve the last 4 digits of the card number and card expiry date in order to speed up any future purchases.
We use social media platforms directly, rather than using a third-party system. This is managed by specially trained advisors in our Head Office.
If you send us a private or direct message via social media, the message will be stored by the social media site itself, however you are able to sign in and change your privacy settings on these. Hotter will not actively share this information with any other organisation.
When you contact our Hotter team in Lancashire by telephone, we collect Calling Line Identification (CLI) information. This information is used to help improve efficiency and effectiveness.
Our advisors will ask you if we can record your telephone number for further use, along with your address and email details (if we don't have them already). Also, if you haven't given us your marketing preferences, we will also ask you to clarify if you wish these to be restricted from use by various channels.
Our Contact Centre application is called K3 (Navision) and this is used for recording customer details for the following purposes:
Details recorded as part of the above processes include names, addresses, telephone numbers, email addresses, comments on cases and dates of birth. You don't have to give us your date of birth however, if you choose to, we will occasionally use this to send customised offers, usually on or around your birthday. Also, we could look to use this in an anonymised way to understand the demographics of our valued customers, to help us improve our offers.
We also take your payment card details during any credit/debit transactions however we do not store all of this information. We can retain the last 4 digits and expiry date here to speed up your purchase if you ask us to. Instead we communicate the remaining digits with banking services using an encrypted token ID which protects against misuse.
Our Telephony service is called Openscape and this uses a call recording service called 'Redbox'. Approximately 30 calls can be recorded at any one time however this is purely for use in training and quality monitoring. All call recordings are deleted within a 30-day period.
We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with best practice. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
Any exchange of information over email is recorded within our Contact Centre systems (Openscape and Outlook) and used for future contact with you in relation to account management. We won't add you to any marketing database unless you ask us to.
Our web chat service is managed by our Customer Service Advisors here at our head office. We use our own solution, which sends information into our Openscape communication tool which we use to handle customer enquiries in real time.
If you use the LiveChat service we will collect your name, email address (optional) and the contents of your LiveChat session. This information will be retained for no more than 4 weeks and will not be shared with any other organisation.
You can request a transcript of your LiveChat session if you provide your email address at the start of your session or when prompted at the end.
Every Hotter store operates a CCTV system. This is purely for use by exception in conjunction with Crime and Fraud prevention investigations if necessary.
Our in-store advisors may ask you if we can record your telephone number for further use, along with your address and email details and we will also ask you to clarify if you wish these to be restricted from use by various marketing channels.
The IT system in use here is called Microsoft Navision and this is used for recording customer details in the following ways:
Details recorded as part of the above processes can include names, addresses, telephone numbers, email addresses, comments on cases and dates of birth. You don't have to give us your date of birth however, if you choose to, we will occasionally use this to send customised offers, usually on or around your birthday. Also, we could look to use this in an anonymised way to understand the demographics of our valued customers, to help us improve our offers.
We also take your payment card details during any credit/debit transactions however we do not store all of this information. We can retain the last 4 digits and expiry date online to speed up your purchase if you ask us to. Instead we communicate the remaining digits with banking services using an encrypted token ID which protects against misuse.
Generally, our special offers and marketing campaigns are put together by our internal team here in Lancashire. This team also deal with choosing the opted-in customers who would likely benefit from these offers. Sometimes though, we may ask a trusted third-party partner organisation (More2) to help us understand which categories of customers would benefit most from each of our campaigns. We will provide them with the marketing material and they will use this to guide us on how to make the most appropriate selections of customers. This ensures you don't get offers which are less appropriate to your needs, and when you do get an email, it's more likely to be of benefit to you. We then send these email offers to you from our own email address.
Very rarely we may feature special offers and marketing campaigns using this channel. Again, our internal team here in Lancashire facilitates this. This team also deals with choosing the opted in customers that we want to market to. We then send SMS' out using a secure online portal called TextLocal.
If you allow us to send your data to our partner organisations (listed below), we will only allow your data to be used for carefully selected offers and services and only using the medium of Direct Mail (not email). We have agreements and processes in place between these partners and ourselves which protects your data from misuse and ensures we continue to be responsible as the Data Controller. They, as data processors, will be managed closely by Hotter to ensure compliance with GDPR regulations.
If you allow us to use your data for catalogue and brochure postal mailings, our team here in Lancashire will compile the material and send these out to you via an appropriate and secure logistics organisation. Sometimes though, we may ask trusted third-party partner organisations to help us understand which customers would benefit most from each of our campaigns. These are as follows:
The team in Lancashire may also use your email address for retargeting purposes, and for profiling of data to create insights and lookalikes to serve more relevant advertising on third party advertising platforms, including but not limited to Google & Facebook.
We also send your name and address details to our third-party logistics partners, but that is only so they can deliver or collect your goods. This data is not stored permanently by our partners and is retained for up to 2 years.
Under the GDPR of 2018, you have rights as an individual which you can exercise in relation to the information we hold about you. You can read more about these rights here.
When we receive a complaint, we make up a file containing all the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
We usually have to disclose the complainant's identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person's record is in dispute. If a complainant doesn't want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for up to 6 years from closure. It will be retained in a secure environment and access to it will be restricted according to the 'need to know' principle.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
Hotter tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Hotter's collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
Hotter tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a 'Subject Access Request' under GDPR Legislation. If we do hold information about you we will:
To make a request to Hotter for any personal information we may hold, you need to put the request in writing, addressing it to our Data Protection Officer at the address provided below.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
If we do hold information about you, you can ask us to correct any mistakes or erase by contacting the Data Protection Officer (details below).
In many circumstances, we will not disclose personal data without consent. However, when we investigate a complaint, for example, we will need to share personal information with the organisation concerned and with other relevant bodies.
You can also get further information on:
As covered in the detail above, Hotter obtains data as the Data Controller and processing takes place securely both internally and externally via data processors. The lawful basis on which this data is handled and processed is determined as follows:
In order to do this, we use the legal basis of 'Legitimate Interest' which allows collection of data where these circumstances apply:
This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
We keep our privacy notice under regular review. This privacy notice was last updated on 18/05/2018.