Consumer Privacy Policy Business Privacy Policy
Welcome
As a communications provider, using personal information is fundamental to what we do – from connecting calls to developing and promoting our services. We believe that it is very important that our customers trust us with their personal information.
This privacy notice explains what personal information we collect about you and how we use it during our relationship with you. You can also find details of what rights you have (including the right to object to some of the data handling we carry out), as well as how to exercise those rights in the "Your rights" section below.
Technology is a fast-changing area and can be complicated. We’ve included a glossary which explains the meaning of any technical terms we use.
Where we use the words “We” or “Our” we mean either British Telecommunications plc or EE Limited – both part of the BT Group.
This privacy notice explains how we use the personal information collected from or about you when you are one of our customers or when you contact us or use our services.
The company that is responsible for your personal information will be the company that is named in any terms and conditions or messages sent to you.
In some circumstances BT plc and EE Ltd are jointly responsible for deciding what personal information is collected, used and stored. This happens where we work together to give you the best customer experience and to be more efficient across our businesses to:
- Provide assistance through our customer service teams;
- Understand how people interact with us;
- Understand how people use our products and services; and
- Carry out checks for fraud and credit risk.
We will also share your personal information with other companies in the BT Group. You can find out more details about this in the "sharing your information" section below.
This notice applies to the products and services we provide you (such as mobile, TV and broadband), your use of our apps and our websites and where we pass your details on to insurance or finance providers as part of your payment for our products or services.
It also applies even if you’re not one of our customers, but you interact with us as part of us running our business, for example by:
- using one of our products or services – paid for by someone else
- acting with authorisation on behalf of one of our customers
- taking part in a survey or trial
- entering a prize promotion
- calling our helpdesk
- generally enquiring about our services
If you need to give us personal information about someone else in relation to our products and services, this privacy notice will also apply to their information. If we need the permission of the other person to use that information, we’ll ask you to check they are OK with this.
We have separate privacy notices in the BT Group that apply if you buy products or services directly with other companies in the group or if you are a business customer (which applies if you are a sole trader, partnership, or company). You can find links to our other BT Group privacy notices below:
- Plusnet plc
- Openreach
- Business customers – BT plc and EE Limited
This notice doesn’t cover other third party companies or organisations collecting and using your personal information to provide you with products and services, including those who use cookies, tags and other technologies to offer relevant online advertisements to you. You can find more details about how those third parties use your data by visiting their privacy notices on their own websites. You should review their privacy notices before giving them your information.
Your Rights
You can ask us to provide you with a copy of your personal data at any time. If you have given us your personal information because you have a contract with us or because you have consented to us handling it, you are entitled to ask us for a copy of this information in a structured, commonly used and machine readable format so that you can reuse it or share it with other organisations.
In some circumstances (including where we rely on ‘legitimate interests’), you have the right to object to our processing of your data and can ask us to restrict our use of your data and to delete it. You also have the right to ask us to correct your information if it’s inaccurate and, as described below, to object to automated decision making.
We aim to provide our products and services in a way that protects information and respects your request. Because of this, when you delete or change (or ask us to delete or change) your information from our systems, we might not do so straight away from our back-up systems or copies on our active servers. And we may need to keep some information to fulfil your request (for example, keeping your email address to make sure it’s not on our marketing list).
Where we can, we’ll confirm any changes. For example, we’ll check a change of address against the Postal Address File, or we might ask you to confirm it.
There are some exceptions to these rights, for example we might not be able to delete your data if we need it to fulfil your contract or we are required to keep it by law. We also might not be able to provide you with information if it would infringe someone else’s rights. We’ll always try to help you with your request and if we believe we are unable to fulfil your request we will always explain why.
Where you have given consent for us to handle your personal information or permission to provide a service, you can change your mind and withdraw this consent at any time. It only applies to how we use your personal information in the future, not what we’ve done in the past (for example if we’ve run a credit check at the start of your contract).
You can exercise any of your rights by using the online forms here.
Once we’ve looked at your request, we’ll let you know when you can expect to hear from us. It will normally take us up to one month to complete your request, but it could take longer (up to a further two months) if it’s a complicated request or you send us a lot of requests at once.
If you want a copy of your billing information, the quickest way to access this information is by logging into your EE or BT account or, for your mobile billing information, by calling 150 from your mobile and we’ll send it to you (you must be the account holder to ask for this information.) If you want to see what contact information we hold about you, you can also log in to your account. It’s quick and simple to access it this way. If you would like to request any other personal information you can do this by clicking the link above.
If you want us to stop using personal information we’ve collected via cookies on our website or apps, you should either change your cookie settings or change the settings for your app.
You can change your marketing preferences by following the unsubscribe link in any email or text marketing that we send you. If you are a BT customer, you can change your preferences in your BT account.
Alternatively, you can give us a call and let us know whether you’re happy to hear from us by email, text, post or telephone. Please contact us on 0330 1234 150.
You can use the same contact details to let us know whether you want us to stop using information about how you use our products and services (including your call, browser and TV records) for marketing purposes or profiling you for marketing purposes.
Children
We only enter into contracts with customers who are over the age of 18. Although the account holder will always be an adult, we recognise that some of our products and services, like mobile devices, will be purchased on behalf of children and so we cannot guarantee that every mobile number or service is held by an adult.
Where you have purchased a product or service on behalf of a child we will collect and use the child’s data as part of providing our services to the end user in line with this privacy notice. We have developed safety features for devices that belong to a child as well as educational material to help keep your child safe online. You can find more information on these features for mobile and broadband.
Information we collect about you and how we use it
The personal information we collect, store and use will depend on the products and services you have with us and how you use them. In most cases we have this information because we collect it directly from you, or because it has been derived from your use of our products and services. In some circumstances we will obtain this information from a third party.
Some of the personal information we collect, store and use is considered more sensitive (for example data about health or biometric data). We will only collect, store and use this more sensitive information to support you and your use of our products and services, and only where we put additional measures in place to protect this personal information.
Below you can find details of how and why we use your information and our permitted reason in law (known as ‘legal basis’) to use it. For some products and services, we handle additional information. You can find specific details by looking at the section for the product or service you’ve bought and see an overview in the ways in which we collect and use your personal information during our relationship.
When you create an account, we will collect details about you so we can identify you and contact you about your account. As you buy different products and services or contact us these details will be linked to your account so we have a clear record of your relationship with us.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To set up your account |
|
Legitimate interests (to keep business records and prevent fraud) |
We do not store the original copy of your password. Instead, we keep it in a form that allows us to authenticate you but does not allow us to work out what your original password is. |
To send you service messages (confirming your order and telling you about any changes that might affect your service, like when we have infrastructure work planned or we need to fix something) |
|
Contract |
If you don’t give us the correct information, we might not be able to provide you with the product or service you ordered from us. |
To update you on when we’ll deliver, connect or install your products and services |
|
Contract |
|
To filter any content you ask us to, through parental control settings (or any content our partners ask us to, such as for a wifi hotspot) |
|
Legitimate interests (to protect our users and our network) |
|
To carry out verification and Identity checks |
|
legitimate Interests (to prevent fraud)
Substantial public interests, when using your biometric data to identify you (to prevent fraud) |
|
To deal with customer service and complaints including:
|
|
Legitimate interests (to run our business)
Contract (where the issue relates to our contractual obligations) |
|
To administer your consumer credit agreement – if applicable |
|
Contract |
|
To charge you and make sure your payment reaches us |
|
Contract |
|
To manage overdue payments and recover money you owe us including instructing debt-recovery agencies to collect debts (or put in place re-payment plans) either on our behalf, or directly if we transfer your debt to them |
|
Legitimate interests (to recover debt)
Where we share details about your additional needs we do this on the basis of substantial public interests |
We will only share additional needs information if required to tailor the method in which a third-party would need to contact you. |
We want to make sure that our customers and potential customers know about the great products and services that we offer and that you receive the best offers available, which are tailored and personalised by using the information we know about you.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To send you marketing messages |
|
Legitimate Interests (to keep you up to date with our products and services, making them relevant to you and making sure you manage your spend with us)
Consent |
When you first buy a product or service from us, we add your details to our marketing lists unless you tell us not to.
We will always give you the right to opt out of marketing at any time and remind you of this in any emails or texts we send. See "Your Rights” for more information. |
To contact you in relation to a prize draw, competition, or other promotion |
|
Contract
Legitimate interests |
We use your information to enter you into the prize draw, or competition, or promotion and to notify you if you have won.
If the promotion terms require it, we will ask for date of birth and details to verify your identity.
We will also anonymise the information in order to create analytics around the success of the prize draw or competition. |
To create a profile about you to better understand you as our customer or potential customer. We use your profile to identify the products and services that might interest you, to recommend better ways to manage what you spend with us, to improve your experience when engaging with us and to show you more relevant online advertising (both on our and other parties’ apps and sites) and work with other well-known brands to make theirs more suitable too. |
|
Legitimate interests (to personalise your experiences with us, make our offers relevant to you and help you manage your spend with us) |
|
...continued |
|
Consent |
Where you have agreed to our use of cookies and tags (through our cookies consent tool or via the app) we add this information to our profile. See our cookie policy for more details.
Where you have consented to us using data about how you access our network and services, we add this information to your profile to increase the personalised offers you see and receive.
You can withdraw your consent to these types of data or opt out of personalisation at any time. See the “Your Rights” section for more information. You’ll still see offers but they won’t be so personalised for you. |
To show you and others more relevant digital advertising (on both our and other parties' apps and sites) and work with other well-known brands to make theirs more suitable too; and to measure the performance of our digital advertising campaigns, so that we can make improvements and find others who may be interested in our products and services |
We will collect information through online platforms such as:
We use these platforms for advertising and analytic purposes.
We collect:
|
Legitimate interests (to manage and improve our services, in promoting our brand) |
We use the advertising tools of online platforms to advertise our products (e.g. Facebook custom audiences). For that purpose, we may provide your email address to the online platform in hashed form for them to present sponsored adverts.
When you submit information on our website and have accepted cookies, we’ll also share your details in hashed form with our online platforms partners to match and compare sales records, optimise campaigns and target other users with similar profiles to yours. They can only match your details to help us if you already have an account with them. See our cookie policy to learn more.
When we use the advertising tools of these online platforms, we are both responsible for your information and sometimes act jointly in making decisions about your data while using these tools. You can ask these companies directly about their use of your data. See their privacy notices for more details.
Sometimes we use supplier tools to find likely matches of customers on our database (at an aggregated level) with those of our trusted publisher partners. Sharing the results from this process allows our partners to identify customers we may have in common so we can show more relevant advertising when you’re using their platforms, sites or apps. These partners may also use their own techniques to identify additional customers of theirs who share similar characteristics to any group we are targeting to help extend the reach of our personalised advertising. |
To run surveys and market research about our products and/or receive feedback on our services/products |
|
Legitimate interests to manage and improve our business |
|
We understand that some customers may need additional help and support from us. We want to ensure that we are here for you and so have in place processes to support those customers who may have additional needs.
Were you have told us that you have additional needs when you purchase a product or service from us, through your interactions with us during our relationship with you (for example if you tell an advisor of your change of circumstances), or if a family member, or carer provides this information on your behalf, we record this to tailor our services to those needs.
You can find more information about what we mean by additional needs and on how we support these customers here.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To help with managing your account and ensuring we use the best means to communicate with you |
Additional needs details |
Legitimate interests (to manage our business)
Substantial public interests
Consent |
|
To ensure we provide you with products and services that are appropriate to your needs |
Additional needs details |
Legitimate interests (to manage our business)
Substantial public interests
Consent |
|
To allow a third party to manage your account on your behalf |
|
Legitimate interests (to manage our business)
Substantial public interests
Consent |
|
Where applicable we will share your information with debt-recovery agencies |
Additional needs details |
Legitimate interests (to manage our business)
Substantial public interests
Consent |
To make sure they can communicate with you in the most appropriate way. |
Before we provide you with a product or service (including upgrades or renewals), or sometimes when you use our products and services, we’ll use the personal information you have given us together with information we have collected from credit reference agencies (such as Experian or Equifax), and fraud prevention agencies (such as TransUnion) to carry out credit and fraud checks.
If we, a credit reference or fraud prevention agency (such as TransUnion), decide that you are a credit, fraud or money laundering risk, we may refuse to provide the services or financing you have asked for, or we may stop providing existing services to you.
If you give us false or inaccurate information which we identify as fraudulent, we’ll pass that on to fraud prevention agencies. We might also share it with law enforcement agencies, as may the agencies we have shared the information with.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To check details on applications for products and services |
|
Contract |
When we carry out checks for credit and fraud prevention, we will use methods that automatically decide whether you pose a fraud or money laundering risk. If your behaviour is consistent with money laundering or known fraudulent conduct, is inconsistent with previous applications, or you appear to have deliberately hidden your true identity your application may be rejected. For more information on automated processing, please see the 'Automated Decision Making' below |
To make credit and affordability assessments to decide whether to accept your application and set credit limits |
|
Legitimate interests (to prevent fraud and protect our business) |
When we carry out checks for credit and fraud prevention, we will use methods that automatically decide whether you pose a fraud or money laundering risk. If your behaviour is consistent with money laundering or known fraudulent conduct, is inconsistent with previous applications, or you appear to have deliberately hidden your true identity your application may be rejected. For more information on automated processing, please see the 'Automated Decision Making' below |
To create ‘modelling tools’, (for example methods of assessing how likely it is that a customer will default on a payment, take a new product or help us to improve our products and services for customers |
|
Legitimate interests (to prevent fraud and protect our business) |
When we carry out checks for credit and fraud prevention, we will use methods that automatically decide whether you pose a fraud or money laundering risk. If your behaviour is consistent with money laundering or known fraudulent conduct, is inconsistent with previous applications, or you appear to have deliberately hidden your true identity your application may be rejected. For more information on automated processing, please see the 'Automated Decision Making' below |
To manage our credit risk and prevent/detect fraud including sharing data with credit reference agencies |
|
Legitimate Interests (to prevent fraud and protect our business and to enable quick and fair and efficient decisions) |
We reassess your eligibility for credit limits on a monthly basis while you are a customer to ensure this remains accurate and reflects your current financial situation. See more details below |
To check your identity |
|
Legitimate Interests (to prevent fraud and protect our business)
Substantial public interest |
Where we process details that are considered to be sensitive, we do this under the lawful basis of substantial public interest |
How credit reference and fraud prevention agencies use your information:
There are different credit reference agencies in the UK (for example, TransUnion, Equifax and Experian). Each one might hold different information about you. If you want to find out what information they have on you, they may charge you a small fee.
Whenever credit reference and fraud prevention agencies transfer your personal information outside of the UK, they place contractual responsibilities on the organisation receiving it to protect your information to the standard required in the UK. They may also make the organisation receiving the information subscribe to ‘international frameworks’ aimed at sharing information securely.
You can find more information on how they use your personal information by reading their privacy notices. Here are the links for each of the three main Credit Reference Agencies.
When credit reference agencies receive a search from us, a 'footprint' goes on your file which other organisations might see when they carry out a credit check.
The credit reference and fraud prevention agencies will keep a record of any fraud or money laundering risk and this may result in other organisations refusing to provide services, financing or employment to you. If you have any questions about this, please contact us using the details below.
Fraud prevention agencies can hold your personal information for different periods of time, and if you are considered to pose a fraud or money laundering risk, your information can be held by us and the organisations we share it with for up to six years.
Linked accounts:
If you tell us you’re associated with someone else financially (for example, by marriage or civil partnership), we’ll link your records together. You must make sure you have their agreement to share information about them. The agencies we share the information with also link your records together and these links will stay on your and their files – unless you or your partner successfully asks the agency to break that link.
If you don’t become one of our customers, we’ll still keep the result of our credits checks about you if we have a legal obligation and it’s in our legitimate interests to help prevent or detect fraud.
We might also share the information with other organisations. We do this because it’s in our, and the organisations’, legitimate interests to prevent fraud and money laundering, and to check identities, to protect our business and to keep to laws that apply to us.
We use your information to prevent and detect attacks on our network or against your equipment. This helps protect our business, our customers and the wider public.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To prevent and detect criminal activity on our network or against your equipment |
|
Legitimate interests in protecting our network and business from attacks and to prevent and detect crime and fraud.
We may also share it with other organisations (such as other communications providers and banks) who have the same legitimate interests. |
|
To monitor traffic over our network |
|
Legitimate interests in protecting our network and business from attacks and to prevent and detect crime and fraud.
We may also share it with other organisations (such as other communications providers and banks) who have the same legitimate interests. |
|
To trace nuisance and malicious calls or messages |
|
Legitimate interests in protecting our network and business from attacks and to prevent and detect crime and fraud.
We may also share it with other organisations (such as other communications providers and banks) who have the same legitimate interests. |
|
To track Malware and cyber-attacks |
|
Legitimate interests in protecting our network and business from attacks and to prevent and detect crime and fraud.
We may also share it with other organisations (such as other communications providers and banks) who have the same legitimate interests. |
|
To help detect and stop crime, prosecute offenders, and protect national security |
|
Legal obligation |
|
To make and defend claims |
|
Legitimate interest |
|
To route communications through parts of our network, equipment and systems |
|
Legal obligation |
Required by our regulator |
To assist partner organisations with fraud checks under our API service:
|
|
Legitimate interests |
We may share your personal information with other companies who you have a relationship with – like your bank – or with those companies that process information on their behalf – so that they can ensure that their customer records are up to date, and also in some cases prevent fraud – for example by checking whether a transaction, such as an online payment or a cash withdrawal, is definitely being requested by you, and not a fraudster. |
We use your information to maintain, develop and test our products and services although we’ll always try to use anonymised information for this purpose.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To train our people and suppliers to provide you with products and services and to continuously improve our customer services (but we make the information anonymous beforehand wherever possible) |
|
Legitimate interests to develop our business and build a better understanding of what you want |
We will share this information with the BT Group for reporting and administrative purposes. |
To ensure our network is working properly and to continuously improve and develop our network, products and services for our customers |
|
Legitimate interests to provide and improve your service |
We will typically anonymise and aggregate this information to carry out these uses. If we’re trying to fix a fault that you’ve reported, we may need to use identifiable data to help identify the specific problem. |
To run management and corporate reporting, research and analytics to improve our business |
|
Legitimate interests to provide and improve your service |
We will typically anonymise and aggregate this information to carry out these uses. If we’re trying to fix a fault that you’ve reported, we may need to use identifiable data to help identify the specific problem. |
To provide other organisations with aggregated and anonymous reports |
|
Legitimate interests to generate insights that help us operate our network and business or would be useful to other organisations |
We collect data about how our networks are used and about our customers. We then aggregate and anonymise this data so no individual can be identified and to provide statistical reports to other organisations to use for planning purposes (for example to show volumes of traffic on different roads). |
Specific products and services
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To facilitate your use of our app and to personalise your online or in-app experience |
|
Legitimate interests (to ensure a personalised and relevant experience and to check the app is working)
Consent (for cookies data) |
You can find details about the cookies and similar technologies we use on our app by reading our cookie policy on the app
|
To assist with network management |
|
Consent |
We use a third-party service to assist us with network management by analysing call quality and location data to identify areas with poor network quality. |
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To run our coverage checker |
|
Legitimate interests |
The coverage available to you is often dependent on the device you use. We use your device type to ensure we provide you with accurate results of our network. |
To assist with installation/set up |
|
Contract |
If you are one of our social tariffs (e.g. home essentials) we collect your national insurance number to check with the Department of Work and Pensions that you are eligible. |
To set up your smart benefits:
informing our third party partners that you have purchased their subscription through us (when it is purchased as an add-on to your mobile account) |
|
Contract |
|
To manage your smart benefits:
managing the subscription and billing – including changes to the subscription (when it is purchased as an add-on to your mobile account) |
|
Contract |
|
To compile our phone directory (when you have purchased a landline service) |
|
Legal obligation |
We are required by Ofcom to hold a directory of the numbers we have issued. When you purchase a landline service, we will ask you whether you want to be in our public phone book. If you are in our phone book, we’ll publish your details and share that information with other providers of directory services. Ex-directory numbers are not shown in the public phone book.
You can ask to be removed from the public phone book at any time If you ask to be removed, we will remove you from any future issues of the phone book but are unable to remove you from historic published issue. |
To allow you to send and receive Rich Communication Services (“RCS”) messages from a compatible Apple device |
|
Legitimate interests (in enabling the service you’ve asked for) |
We'll share your personal information with our partner, Google, who provides the service. See their privacy notice for more information about how they handle your data. You can opt out of using RCS messages at any time by going to the Messages setting in your device |
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
In order to deliver the connection and manage the network |
|
Legitimate interests (in delivering and protecting the network) |
|
To deliver Smart Hub Plus Wi-Fi controls and threat protection software within the EE app |
|
Legitimate interests
Consent (where the data is used for marketing) |
This section only applies where use is made of the Wi-Fi controls feature within the EE app (applicable to Smart Hub Plus only).
Devices (including their ‘friendly name’ and the time spent connected) will be displayed to the accountholder who uses these controls. If the accountholder has opted in to push notifications they will also be notified when a device connects for the first time and if that device is affected by threats or viruses. |
To connect you to our public Wi-Fi (including account registration) |
|
Legitimate interests (to run our business and protect our network) |
|
Wi-Fi voucher purchases |
|
Contract |
Voucher purchases are available for individuals who are not current broadband customers. |
To manage our Wi-Fi services |
|
Legitimate interests |
We provide public Wi-Fi through our business customers. If you access our network through one of these third parties (e.g. hotels/cafes/airports) They will act as a separate controller and you should check their privacy policy for more details about how they use your personal information. |
We work with YouView, who provide your Set Top Box and YouView may in some circumstances provide data to us that we process as set out in more detail below. YouView are a data controller of your data in their own right. For more information about how YouView processes your personal data see YouView’s privacy policy.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To provide personalised content and recommendations for example ‘most popular’, ‘trending’ and ‘recommendations for you’ |
|
Legitimate interests to personalise your experience or Consent (where required). |
We may recommend content to you on our TV services based on your previous viewing history.
|
To provide you with targeted ads |
|
Legitimate interests to make advertising more relevant to you or Consent (where required). |
We may provide you with targeted ads on our TV services or we may link your viewing data with other data we hold on you to provide you with targeted ads on both our and other parties’ apps and sites. |
For analytics purposes to understand how our TV Services are used and how they are performing |
|
Legitimate interests in order to improve our services and our business |
|
For operational purposes to resolve technical issues/troubleshooting on set-top boxes, to maintain and improve the platform and track successful delivery and installation and to improve customer experience |
|
Contract (for resolving technical issues) Legitimate interests in improving our services and improving customer experience |
|
To send push notifications |
|
Consent |
|
To enable us or TV partners to deliver personalised content and recommendations and targeted adverts |
|
Legitimate interests in personalising your experience or Consent (where required) |
We may share data that we hold about you including data about your viewing history and the postcode linked to your Broadband account with our TV Partners to enable those partners to provide you with personalised content and recommendations and targeted adverts. In doing so, those TV partners will be processing your data as a controller in their own right in accordance with their own privacy policies: If you wish to opt out of your personal data being shared with our TV partners for this purpose you can do so:
|
To enable you to access third party apps or content which you add to your TV service |
|
Contract |
Where you purchase add-ons such as Netflix or Now, we will share basic details with the relevant provider so that you can set up your account with them and access the purchased content. For more information about how they handle please see their privacy notices. |
In order to determine royalty payments and to ensure that licensing obligations are met |
|
Legitimate interest in order to manage our contracts and improve our services |
|
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
To arrange for delivery of your products with our courier |
|
Contract |
Our courier will use your mobile number and email to provide you with updates on the delivery of you order.
|
To send you electronic marketing specific to BT Shop/EE Store |
|
Legitimate interests |
When you first buy a product from us, we add your details to our Shop marketing lists unless you tell us not to. We will always give you the right to opt out of marketing at any time and remind you of this in any emails or texts we send. See "Your Rights" for more information.
|
Whilst you purchase the services through us, our partners deliver the service. Our cyber security product is provided by Norton and our Home security product is provided by Verisure.
Below sets out how we will use your personal information in relation to these products. When you are using the service, our partners determine what personal information they collect from you and how they use that information. You can find out more details on how they use your information by reading their privacy notice or by contacting them directly.
HOW WE USE YOUR PERSONAL INFORMATION |
WHAT PERSONAL INFORMATION WE USE |
OUR LEGAL BASIS FOR USING YOUR PERSONAL INFORMATION |
FURTHER DETAILS |
---|---|---|---|
Provide information to our partners who are providing the service |
|
Contract |
We share your personal information with other companies within the BT Group for administrative purposes. We have a group-wide arrangement, known as binding corporate rules, to make sure your personal information is protected, no matter which company in the BT Group holds that information.
We share your personal information with other organisations for the following reasons:
- With our insurance providers, for example if there is a claim made against us
- With credit reference agencies and collection companies to carry out fraud and credit checks and collect debts
- With third parties whose products and services we market to you (where you have given consent to receive such messages)
- With third parties whose products you have bought from us as an add-on to your broadband or mobile service
- With other communications companies (for example where you switch provider)
- With local authorities and alarm providers to identify vulnerable customers affected by the All-IP Programme and the switch to Digital Voice.
- With the Department of Work and Pensions to check if you’re eligible for our social tariffs
- With other organisations, such as spam detection, or operating system providers, for the purposes of fraud prevention
- If you enter into a handset and airtime agreement or consumer credit agreement with us, we may need to share details of that agreement and its administration with our third-party finance provider for reporting purposes.
We may also share your information:
- With any public authority or law enforcement agency (if they ask for it)
- To comply with law or regulations, or for possible legal proceedings
- If there's an emergency and we think you or other people are at risk (including for example with the Environment Agency for flood warnings or if you call the emergency services we’re required to give them information about where you are)
- If there’s a change in who owns us or any of our assets, we might share personal information to the new (or prospective) owner and our advisors.
When we share your information with other organisations we’ll make sure it’s protected, as far as is reasonably possible.
We use other providers to carry out services on our behalf or to help us provide services to you. We also use them to:
- provide customer-service, marketing, infrastructure and information-technology services;
- personalise our service and make it work better;
- process payment transactions;
- analyse and improve the information we hold (including about your interactions with our service);
- assist with fraud prevention and detection; and
- run surveys.
Where we use another organisation, we still control your personal information. And we have strict controls in place to make sure it’s properly protected.
BT Group is a large multinational organisation. Our binding corporate rules reflect how we operate and make sure we respect your rights and keep your information safe no matter which company in the BT Group is handling that data.
After the UK and wider EU, India and the Philippines are where most of our processing of personal information takes place. Your personal information is used for customer or IT support or operations purposes in these countries.
If we use third party service providers to assist us in handling your data, we may need to transfer your personal information to a country that doesn’t have the same protections as the UK. We make sure we have approved contracts in place with our suppliers who are operating outside the UK so that they are required to keep your data safe.
Automated decision making and profiling
We want to make sure decisions we make about you such as credit approval or which product or service to offer you are quick, fair and correct based on what we know about you. We use technology to make decisions automatically and to build profiles about you. This technology uses logic that analyses your preferences and how you use our products and services, which helps us to improve your customer experience, making it more relevant for you and allowing you to get the most out of our products and services. This means you’ll regularly receive from us personalised content whether in our marketing emails or when you browse our app or website or watch TV.
We also use technology to make decisions automatically based on your credit score analysis, which allows us to guarantee your regular payments for our products and services. This means we’ll decide your eligibility for our products and services based on your credit history.
You have the right to object to our use of automated decision making in some circumstances. Please remember that if you object to certain types of automated decision making, it may affect our ability to provide you with the optimum level of customer service and our ability to provide you with certain products, financing and services.
Please see "Your rights" section above for more information on how to object.
We have strict security measures to protect your personal information. We check your identity when you get in touch with us, and we follow our security procedures and apply suitable technical measures, such as encryption, to protect your information.
We’ll keep details about your account and the products and services you’ve bought and paid for while you’re a customer. In particular we’ll keep the following:
Data Type | How long we keep it |
---|---|
Your general account details, including information contained in your customer profile, contact details and purchase history | 6 years from the date on which your account is closed |
Authentication details for fraud checks (identity document and facial recognition) | Original details for 6 months and details extracted from ID document for 6 years, both from the date of the check |
Financial and payment information, including the information you provide us to carry out credit and affordability checks (if applicable) | Up to 6 years from the date of creation |
A summary copy of your bills | 6 years from the date of the bill |
Customer service records, including calls to our call centres and online chats | Up to 6 years from the date of the interaction, depending on the purpose of the interaction |
Marketing preferences, including contact details | 27 months from the date your account is closed or, if you’re not a customer, from the date we collected your personal details |
Details relating to any dispute | 6 years from the date on which the case was closed |
SMS content and data relating to calls | 7 days from when the SMS is sent (longer if scams or malware are identified) and up to 12 months after the call If you have itemised billing, we’ll keep a record of your outgoing calls for 2 years from the date of the call |
In other cases we’ll store personal information for the periods needed for the reason we collected it or need to use it. And sometimes we’ll keep it for longer if we need to, for example if we’re required to retain data to comply with our legal obligations such as obligations to HMRC, or if we need to retain it for the purpose of dealing with legal claims. Otherwise, we delete it. You can ask us for specific information on retention periods using the details below.
How to contact us and further details
If you are unhappy about how we have handled your personal information you can make a complaint to our data protection officer here who will investigate the matter and report back to you.
If you are still not satisfied after our response or believe we are not using your personal information in line with the law, you have the right to complain to the Information Commissioner, the regulator in the UK. You can find details of how to contact them on their website at https://ico.org.uk/.
If you’d like any more details, or you have comments or questions about our privacy notice, contact us here or write to us at:
Data Privacy Team
Pp Floor 16
1 Braham Street
London E1 8EE
We have included a description of how the technical terms we use are generally interpreted.
- Account Holder means the individual(s) we have entered into an agreement for the product or service with.
- Additional needs refers to any information in relation to an adjustment that may need to be made in order for us to appropriately support you. You can find more information about what we mean by additional needs and on how we support customers here
- Aggregated data means grouped information, for example the total number of calls made in a month or total number of minutes called.
- Anonymised data means data which has had all personally identifiable information removed.
- Apps means an application, such as one you’ve downloaded to your mobile or portable device.
- BT means British Telecommunications Plc.
- Binding corporate rules are designed to allow multinational companies to transfer personal information from the UK to their affiliates outside of the UK and to keep to data-protection legislation (there is also a version that allows transfers from the European Union).
- Browser records means the types of websites that you visit, as well as the date, time, length of your internet session, cell site and network used, device information, your data usage, your IP address, and the nature of the websites you view.
- Call records means the date, time, length and cost of your communications, device information, the location the call was made to and from, the network used and the type of communication, including when you make calls abroad.
- Cell site means the place where we keep the antennae and communications equipment we use to create a cellular network over which we transmit communications.
- Content means any part of a communication which shares the meaning of the communication. This could be the title of an email, the content of a text message or a recording of a voicemail.
- Cookies are small text files (up to 4KB) created by a website and stored in the user's connected device – either temporarily for that session only or permanently on the hard disk (called a persistent cookie). Cookies help the website recognise you and keep track of your preferences.
- Data usage means the volume of data you’ve used or what’s included under your service agreement with us. This can be a download or upload volume.
- Device information means the MAC address, MSISDN, IMEI, IMSI and advertising identifiers for your device. Device information also means the hardware manufacturer, model and operating system version for the device.
- EE means EE Limited.
- Encryption means scrambling information into an unreadable form that can only be translated back using a special key.
- IMEI (international mobile equipment identity) is a unique number given to every single mobile-phone handset.
- IMSI (international mobile subscriber identity) a unique number identifying a mobile subscriber.
- IP address is a unique string of numbers that identifies each device using the internet or a local network.
- MAC address (media access control address) is a unique identifier assigned to a network connection made to a device.
- MSISDN (mobile station international subscriber directory number) means a mobile phone number that uniquely identifies a service subscription.
- Personal information means information that identifies you as an individual, or is capable of doing so.
- MVNO means Mobile Virtual Network Operator Partners; communications providers that use our network.
- Postal Address File means the Royal Mail address database, containing over 30 million UK postal addresses.
- Power of attorney refers to the option to choose a trusted friend or relative (or more than one if you want) to act on your behalf. The person you appoint, called an 'attorney', can then use your money to pay bills, sell assets on your behalf and make gifts. In the UK an ‘attorney’ must be registered with the Office of the Public Guardian to be valid.
- Regulatory obligations means our obligations to regulators such as Ofcom and the Information Commissioner’s Office.
- TV records means details of the devices you use (including the device information such as MAC address or IMSI), the channels, programmes and adverts you watch on them, the services you access, how long you watch and what actions you take when doing so, including how you view, record and fast-forward programmes.
- Tags are an instruction inserted on a website that specifies how the site, or a part of the site, should be formatted and how it’s performing.
- We and our mean either British Telecommunications plc or EE Limited.