Privacy Policy – IHG Business Account Card Scheme

This privacy policy outlines the procedures that Worldline IT Services UK Limited (“Worldine”) and Intercontinental Hotels Group (“IHG”) have in place to protect your privacy.

It sets out how your personal data is collected and used when you apply for and use our business account service (“Services”).

Worldline and IHG are co-controllers of your data except where your data is collected and used for marketing purposes in which case IHG is the controller.

We respect your privacy and so all personal data is collected and processed to the highest standard in compliance with current data protection legislation

Where you can get more information

If you have any questions on this policy please contact us.

We may update this policy from time to time and would encourage you to revisit it regularly to check you are happy with any changes. This policy is effective from 25 May 2018.

Data that we will collect

In order to apply for and to use the Services, we will need to collect some personal data about you and about your cardholders. This personal data may include your name and contact details and other information that identifies you personally and that you provide when you apply and register for an account. We may also collect additional information if you provide us with feedback on the Services or you use our help desk.

Your cardholders are individuals authorised by you to use the Services. If you have provided us with cardholder names or other personal information, you confirm that you have obtained their consent to process this data.

Retention of your data

We will retain your data until you tell us you no longer wish to use the Services and for a period of seven years thereafter, as required by law.

How we use your data

We need to process your personal data to provide the Services you request in the form that you require. Your data will be used in the following ways:

• to provide you with the Services – which involves processing your data in order to set up, administer and maintain your business card account and all records relating to it
• to communicate with you about your account and the Services
• to enable us and third parties on our behalf to carry out technical, logistical or other functions to support the Services and the technical and management systems upon which they rely
• to carry out credit checks and to manage and enforce any debts that are due to us
• to carry out identify checks and fraud prevention checks as we describe below
• to obtain insurance in relation to the Services
• to enable us and third parties on our behalf to monitor website use and traffic patterns and carry out data analysis with regard to the Services in order to improve the Services and for our internal business purposes
• to enable IHG to conduct marketing activities if you have consented to these as described below
• if you apply for another business account card scheme that is operated by Worldline, Worldline may use the data collected for these Services to decide if it will accept your application for the other business account card scheme

Disclosures of your information

In order to provide the Services, we may need to pass on your data to other companies within the Worldline group of companies who help us perform the Services.

Data may also be provided to the following classes of suppliers for us to decide whether to accept an application and to provide the Services:

• Insurers
• Credit reference agencies
• Legal advisors and debt collection agents
• Printers and suppliers who supply account cards and welcome packs
• Payment processors
• Document storage companies

We may also share your data with fraud prevention agencies to help prevent fraud and money laundering and to verify your identity.

When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the Services you have requested.

We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime. You may be refused certain services, finance or employment as a result of this.

Fraud prevention agencies can retain your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held by them for up to six years.

Marketing and Preferences

Your personal data will be used to send you emails and marketing communications, IHGding to your current marketing preferences. You may opt out or change your marketing preferences at any time by contacting us.

Automated Decision Making

Our decision regarding eligibility for a business account card may be influenced by the credit rating given to us by our third party credit reference agency. Some of this credit rating is determined by the automated processing of your data. You can obtain more information on how credit ratings are produced by clicking on this link

Overseas transfers of data

Since IHG and Worldline operate globally, your data may be transferred to affiliates and third parties outside of the European Economic Area to countries that do not have as strong data protection laws as are in place within the EEA. This is in order that we can provide the services to you. In particular email communications that you receive may be provided via a US based supplier.

In any such cases we will ensure that strict contractual protection applies in order to ensure that adequate safeguards are in place.

If you would like more information on this then please contact us.

Other websites

Our website may contain links to other websites which are outside our control and are not covered by this Privacy Policy. If you access other sites using the links provided, the operators of these sites may collect information from you which will be used by them in IHGdance with their privacy policy, which may differ from ours.

Your rights

You may ask us to provide a copy of the personal information that we hold about you by contacting us.

If you think any information we have about you is incorrect or incomplete, please email us as soon as possible using the link above.

You are also entitled to request the erasure of your data if you wish to stop using the Services.

If you believe that your information has been mis-used in connection with the Services you have the right to lodge a complaint at with the relevant Supervising Authority for your country. For the UK this is the Information Commissioners Office, https://ico.org.uk/

Cookie Policy

We use cookies for a number of reasons to help provide the Services and to monitor the use of our website. Cookies do not identify you personally.

Cookies are small files which are automatically collected when you visit a website in order to identify you and improve your user experience. Cookies are used to collect and process anonymous information about your visit to our website such as, pages visited, browsing duration and frequency. We use this information to improve the content of our site, collate usage statistics, or to otherwise improve and personalise our services to you.

You can set your computer to refuse to accept cookies and to delete current cookies held on your computer but this will result in a degraded user experience (you may need to enter the same information multiple times), or may even be unable to use the Services.

You can get more information about cookies from www.allaboutcookies.org.

We may also use Internet tags in combination with cookies on this website, and may deploy these tags through a third-party advertising partner. We use this technology to help us analyse the effectiveness of our advertising campaigns. The third-party partner may be able to collect anonymous aggregated data about visitors to other sites, because of these Internet tags and cookies.

Details of the cookies used are set out below.

Cookie	Name	Purpose
Session	ASP.NET_SessionId	This cookie is a unique identifier for your current web session. It is removed automatically at the end of each session and does not contain any personal information.
Security	PortalFormsAuth	This is the cookie we use to ensure your Manage My Account (MMA) session is kept secure. It holds no personal information and is automatically removed when your session ends.
Customisation	tmpGrid*	These cookies are used to store a user’s preference of how many rows are displayed on specific pages.
Google Analytics	__utm*	These cookies are used help us monitor the performance of our website and do not collect any information that could identify you. All information is anonymous.