A Sample Customer Data Protection Policy

As an ethical company that operates in accordance with data protection and privacy laws and best practises, it is important to us that you feel secure that your personal and sensitive data is in safe hands. Our data collection and retention policies for customer information are fully compliant with national data protection laws and all retained financial information is compliant with payment card industry (PCI) security standards.

What Data Do We Collect?

We collect the minimum personal data necessary to serve you effectively and to provide the best possible shopping-experience and only retain data with your permission. To this end, in addition to information we need to provide you with service, we retain records of which media you have previously rented, the better to be able to recommend only the content that is likely to interest you. The table below summarises our customer types and the data types we need to retain to enable us to provide you with our services.

Customer Data All Customers
First and Last Name Required
Postal Address Required
Email Address Required
Telephone Number Required
Username Required
Password Required
Payment Information (retained with permission for re-ordering and subscriptions) Optional
Date of birth Required
Customer generated content (reviews and ratings) Optional
Customer Account Details & Status Required
Preferences (such as genre and/or based on historic activity) Optional

In addition to the data types described above, we will retain for service purposes technical information that is captured automatically by our systems in the normal course of our operations. Such data may comprise IP addressing, traffic routing, web page visiting statistics for our sites or traffic volumes ‘up and down’ to our sites from your IP address. We also deploy ‘cookies’ to assist in your use of our sites. Such cookies will always have a short ‘time to live’ (e.g. 7 days by default), and are used for no other purpose than improving your shopping experience by recommending titles based on what you have recently viewed.

How Do We Use The Data We Collect?

We use the information you provide to us and the information we collect about you, solely and exclusively to provide or improve our service to you. We will not share, rent or sell information about you to any third party unless it directly relates to you receiving the quality service you expect.

To this end, we:

  • use addressing information to deliver services to you;
  • use finance information to maintain your account in good standing;
  • publish your reviews and ratings on our websites, thereby assisting other customers in making their own selections;
  • retain records of transactions for accounting purposes, but also to ensure that you do not receive recommendations for items you have previously purchased;
  • use technical information to monitor quality of service and to plan for service improvement.

Protecting Collected Data

Despite no internet communication or technological system guaranteed as being 100% secure. We take information security very seriously and will take every reasonable precaution to ensure that your information is as secure as possible.

We use industry-standard security measures to protect your transmissions to and from our web site(s) via 256-bit SSL encryption with a certificate from Thawte.

The data that we retain is stored in our dedicated database facility and safeguarded by backup in a separate secure location. Personnel at our facilities must have security clearance and we have separate audited access to our distributed databases so that our database administrators cannot individually access all of your information.

You are responsible for maintaining the security of your account information and restricting access to your log-in information. You should always ensure that you log-out of your account after using a public or shared computers.

We will, however make every possible attempt to contact you if we discover that your information has been compromised.

Sharing Collected Data

In order to deliver a quality service to you, we utilise the services of external providers. We therefore share only the part of your information that these providers need to carry out their function in our processes. All other information remains completely confidential:

  • Third-party service providers: These service providers will have access to only the customer information they need to perform their functions, but are bound by contract not to use it for other purposes. Besides the sharing of information with credit card companies to process payments, we also co-operate with PayPal. PayPal has its own privacy policy which is out of our control and can be found at https://cms.paypal.com/us/cgi-bin/?&cmd=_render-content&content_ID=ua/Privacy_full. Only if a customer chooses himself to use the PayPal payment method instead of credit card payment we need to share data with PayPal, so if you don’t agree with the PayPal privacy rules please do choose another payment method for our services.
  • Third-party service providers (debt collection): Please note that should your account fall into arrears, we reserve the right to pass on your details to a collection agency for retrieval of the outstanding debt.
  • Reviews: To minimize the risk of unconstructive flaming on our website and in our review area, each published post and review will be marked and published with the on screen name of its author, as well the time and date of the posting. Therefore it is necessary for a user to be registered before he can post. In addition to that a sign will mark whether this user has ever bought the product he is posting a review for at our company. This identification information, however, will not allow another user to personally identify the review poster to protect their privacy. It must be remembered that we do not operate a moderation policy on reviews and you will have the ability to report reviews that are offensive or disagreeable. In such cases we will decide if the review in question should remain or be removed and the review submitter’s account be limited or terminated.
  • Promotional offers: Within your customer profile each customer can see a list of partners that cooperate with us and which we think might be of interest for our customer. Due to our basic privacy rules this is an opt-in service: if a customer is interested in getting promotions from one of these companies, he can mark it within his customer profile. Only it that case information is transferred to that company to allow them to contact the customer. We highly appreciate if customers use this option, because it will increase our business contacts.
  • Business transfers: We always continue to develop our business, and we might buy business units from other companies. Because after such takeover customer information is one of the business assets and will be transferred to that new part of our company, but remains subject to the privacy rules defined here. In the situation where our company or any of its assets are acquired by another company, customer information will be a major part of the transferred assets. In the event that we merge with another company this bounds of our information security will continue to be honoured as is until your account is cancelled. If you choose to renew with the new merged company, please review the new company’s information security policies.
  • Legal necessities and business protection: We are allowed to release customer data in case of enforcing or applying our Terms and Conditions and other agreements, or in cases necessary to protect the rights, property, or safety of our company, our users, the content copyright holders or others. We only release customer information when we believe that this is complying with current law.
  • Other sharing of data: Besides the above mentioned cases of sharing, no customer information will be shared or published. In cases this might be necessary the customer will be informed in advance, and data is only transmitted with consent.

We reserve the right to disclose personal information as required by law if this distinct action is supported by an existing law or legally obtained and issued warrant.

As our company grows and technology changes it may be necessary to revise and update these policies. In case any of these changes may seriously lower the level of privacy as outlined, we will contact you for your consent to the updated terms.

You Control Your Data

Although we attempt to minimise the amount of customer data we collect, some data is collected for improving the shopping experience of our customers. This includes especially the shopping history of each customer, as well as the products a customer viewed while visiting our website and browsing our catalogue. Our system uses several algorithms that try to calculate recommendations or preferences for certain products, as well as consuming habits. For example, like which type of viewing the user prefers (streaming or renting). The algorithms will attempt to identify other movies that might be of interest for that certain customer, because other users with similar preferences also chose those movies, and recommends that movies to a customer. We call this system our recommendation system – it uses data from many customers, but only the customer itself can see the recommendations the algorithms compute for them, strongly improving customer satisfaction by more easy finding interesting products.

After this short excursion and explanation of our recommendation system the user can decide for themselves whether we are allowed to collect such customer and usage data for the sole purpose of improving his shopping experience.

Each customer can always use their login and personal page to perform the following tasks:

  • add or update personal data (like addresses, mail addresses, paying details), keeping in mind that these changes will only take effect if they are not needed for current transactions.
  • add or update the list of companies we are allowed to share information with that is not necessary. This is an opt-in feature, and all listed companies are disabled by default.
  • choose to provide us with the permission to collect the information necessary to run our algorithms to perform our recommendation system. It should be kept in mind that enabling this feature is recommended for customer experience, and so it is enabled by default (opt-out). If a customer disables this feature, we will not be able to deliver any recommendations to him, and will only keep and store the information necessary for payment and order processing. If a customer re-enables the recommendation system, it will take some time until meaningful recommendations can be issued, because the system works on historical data of a customer which is not available in case the customer opted out before.
  • some data is collected in a completely anonymous manner (so not traceable to a single customer) for statistical and business purposes. A customer cannot opt-out for this data collection as it is vital for our company success.
  • a customer can always choose to delete his account at our company. This request will be acknowledged by email after it is checked that no payments are outstanding as well as the customer does not has rented DVDs in his property. After the deletion is acknowledged, all customer data deleted and all accounts as well as streaming access permissions are void. The previous username (that appears in the review sections of our website) is stored and will be blocked for one year, so that no 3rd person may uses the same login-name to impersonate the previous customer. Some data (like invoices) remains within our data storage as long as it is necessary by business purposes (for warranty and payment) or is required by current law.

Data Related Terms & Conditions (Key Points)

  • All our customers must accept our terms and conditions before they use our services in order to standardise the terms on which we operate.
  • We reserve the right to alter our terms and conditions and charges from time to time as our own expenses change and to take account of any legal or system usage changes and we will inform all customers by email of such changes.
  • You must be 18 or over in order to form a legal contract.
  • You must be resident in the United Kingdom, our operating base.
  • You must provide us with the data we require and keep it up to date online.
  • Should your payment be returned after the service has been received we will continue to request payment and may pass your details onto a debt collection agency.
  • You will not hold us responsible for any matters outside our control which affect our services.
  • You agree that you will not infringe any copyrights regarding to the copyright holders of the media you receive.
  • We reserve the right to cancel your membership if we deem that you are in breach of our terms and conditions or that we are unable to provide our service to your location.
  • All content remains our property at all times.
  • You are responsible for having suitable hardware and software for viewing purchased material.
  • We are not responsible for the content of customer reviews.