Privacy Policy

Privacy Policy

Issued: 13 April 2023

By using Rebel services or the Rebel websites, you are agreeing to the Privacy Policy set out below, including any changes to it. We have tried to make this Privacy Policy easy to understand. If you have any questions that aren’t dealt with here, please see our Knowledge Hub.

CONTENTS

INTRODUCTION
WHO DOES THIS PRIVACY POLICY APPLY TO?
WHAT INFORMATION DO WE COLLECT?
HOW DO WE COLLECT INFORMATION?
HOW DO WE USE INFORMATION?
WHEN WILL WE SHARE YOUR DATA WITH OTHERS?
PROTECTING YOUR INFORMATION
WHY DO WE PROCESS YOUR DATA?
TRANSFERS OF DATA OUTSIDE OF THE UNITED KINGDOM
HOW LONG DO WE HOLD YOUR INFORMATION FOR?
YOUR RIGHTS
COMPLAINTS
CHANGES TO THIS PRIVACY POLICY

INTRODUCTION
1. We are Rebel Broadband UK Limited (“Rebel”, “Rebel Internet”, “Rebel Fibre”, “Rebel Wi-Fi”, “us”, or “we”). We provide Wi-Fi, broadband, and home phone services. Our address is 5 New Street Square, London, UK EC4A 3TW. The controller will be the relevant company responsible for the website this privacy policy is located on. We are responsible for your personal data as data controller.
2. We have a data protection officer who is responsible for all of our issues relating to the protection of personal data. The data protection officer can be contacted through correspondence to our company address, listed above, addressed to “The Data Protection Officer, Rebel Internet”.
WHO DOES THIS PRIVACY POLICY APPLY TO?
1. This Privacy Policy applies to:
  1. Customers;
  2. Prospective customers;
  3. Individuals that use our websites;
  4. Former customers;
  5. Nominated users or individuals acting under a power of attorney; and
  6. Shareholders.
2. Our services are not intended for children, unless we expressly state otherwise, and we do not knowingly collect or process personal data relating to children, or anyone aged under 18 years.
3. It is important that the personal data we hold about you is accurate and current. It is your responsibility to keep us up to date if you make any changes to your personal data through updating your account details in the Customer Portal.
WHAT INFORMATION DO WE COLLECT?
1. Personal data is any information that can identify a natural person. We may collect, use, store, and transfer different categories of personal data to enable us to deliver our services, as follows:
  1. Data about your identify including first name, last name, and title;
  2. Data about your contact details including service address, correspondence / billing address, email address, landline telephone number, and mobile phone number;
  3. Financial data including your bank account details for direct debit;
  4. Data relating to a transaction including details about payments to and from you and about the products and services that you have purchased from us;
  5. Technical data including IP address, your log in data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other information on the devices you use to access our services;
  6. Data about your Rebel profile including your account username and password, your interests, preferences, feedback and survey responses;
  7. Data about your usage or potential usage of our products and services including the suitability of your property for certain products, the devices, set up or configurations you have, or might have, to use the services, the amount of time you spend online, or the websites you visit; and
  8. Data relating to your marketing and communications choices including what method you would like to receive marketing and how frequently.
2. We may also collect and use non-personal data such as statistical or demographic data. This data may be derived from your personal data but is not considered personal data as this data cannot identify you.
HOW DO WE COLLECT INFORMATION?
1. The information you give us
  1. When you place an order with us for any of our services (for example over the phone, online, or through a third party affiliate), we will need certain information to process your order.
  2. When you contact us to discuss your services, we may ask for certain information to be able to confirm your identity, check our records and answer your questions quickly and accurately.
  3. If you take part in any trials, complete any survey or enter any competitions we may ask for information about you, which we will make clear to you at the time and for the purpose we will be using this information.
2. Information we automatically collect
  1. When you use our services; and
  2. When you visit our websites or use our mobile applications, we may collect process information about your usage of these by using “cookies” and other similar technologies to help us make improvements to the website and to the services we make available. Further information on our use of “cookies” can be found on our webpage under “Cookie Policy”.
  3. When you download or use mobile applications created by us and, where applicable, have requested or consented to location services, we may receive information about your location and your mobile device, including an unique identifier for your device. We may use this information to provide you with location-based services, such as search results, and other personalised content.
3. Information we receive from other sources
  1. We may receive personal data about you from third parties, other entities, and publicly available sources in the following categories;
    1. companies contracted by us to help us provide services to you;
    2. other telecommunications operators when transferring services;
    3. marketing or market research organisations; and
    4. credit reference agencies or fraud prevention agencies.
HOW DO WE USE INFORMATION?
1. The information we collect and receive helps us to better understand what you need from us and to improve the provision of our services to you.
2. We use the information collected for example to:
  1. verify your identity when you use our services or contact us;
  2. process your enquiries, orders or applications, for example when assessing an application, we may use automated decision-making systems;
  3. carry out credit checks and to manage your accounts;
  4. monitor, record, store and use any telephone, e-mail or other electronic communications with you for training purposes, so that we can check any instructions given to us and to improve the quality of our customer service, and in order to meet our legal and regulatory obligations;
  5. where you have agreed, provide you with information about other Rebel services, offers or products which you may be interested in;
  6. to tell you about changes to our websites, services or terms and conditions;
  7. carry out any personal data and / or marketing analysis, profiling or create statistical or testing information to help us personalise the services we offer you and to understand our users / customers better, understand what our users / customers want and how they use our products and services;
  8. recover any monies you may owe to us for using our services;
  9. analyse our services with the aim of improving them;
  10. prevent or detect a crime, fraud, or misuse of, or damage to our network, and to investigate where we believe any of these have occurred; and
  11. monitor network traffic from time to time for the purposes of backup and problem solving.
3. Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law.
4. We may supplement the information directly collected by us with data from third parties (for example socio-demographic data, credit reference agencies and fraud prevention agencies etc.) to further improve our data quality as well as the services or products we offer our customers.
WHEN WILL WE SHARE YOUR DATA WITH OTHERS?
1. We may need to share your information with organisations outside Rebel e.g., to help us provide our services to you.
2. The categories of non-Rebel parties that we would share your details with are:
  1. Third party suppliers who help Rebel perform our services;
  2. Professional advisors;
  3. Law enforcement agencies;
  4. Other companies as part of the process of selling one or more of our businesses or part of those businesses; and
  5. Regulators (such as Ofcom or the ICO).
3. Where we share your information with third parties, they are required to follow our express instructions in respect of the use of your personal information and they must comply with all applicable UK data protection laws to protect your information and keep it secure.
PROTECTING YOUR INFORMATION
1. We take protecting your data seriously and will do our utmost to employ appropriate organisational and technical security measures to protect you against unauthorised disclosure or processing.
2. Unfortunately, we cannot guarantee the security of transmitting information via the internet. We have tried to create a secure and reliable website and mobile application for our users in line with industry standards. However, we have no responsibility or liability for the security of personal information transmitted via the internet.
WHY DO WE PROCESS YOUR DATA?
1. We process each type of personal data for one of the following reasons:
  1. We need to process the data under our contract with you for our services;
  2. We have a legitimate interest as a business in processing your data;
  3. We have a legal obligation to process the data; or
  4. We have your consent (which you can withdraw at any time).
2. If you don’t provide us with the data we need, then we may not be able to perform our contract with you and may need to terminate the contract. If this happens, we will notify you as set out in our Terms and Conditions.
TRANSFERS OF DATA OUTSIDE OF THE UNITED KINGDOM
From time to time the third parties we share our data with may be outside of the United Kingdom in countries that do not always have the same standard of data protection laws as the UK. However, we will have a contract in place to ensure that your information is adequately protected, and we will remain bound by our obligations under applicable UK data protection laws even when your personal information is processed outside of the UK. The sorts of measures we use to protect your data in this instance are security reviews of the organisations, contractual model clauses approved for use by the European Commission or other approved transfer mechanisms.
HOW LONG DO WE HOLD YOUR INFORMATION FOR?
1. Unless there is a specific regulatory or legal requirement for us to keep your information longer, we will keep your information for as long as it is necessary for the purpose for which it was collected.
2. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
YOUR RIGHTS
1. As a data subject, you have a number of personal rights under data protection laws in relation to your personal data. These are:
  1. Subject access requests – You have a right to access personal data that we hold as a data controller.
  2. Right to be forgotten – In certain circumstances, you have a right to request that your personal data be erased from the systems within our control.
  3. Rectification – You have a right to correct your personal data that we hold as a data controller.
  4. Withdraw consent – Where we have offered you the right to consent to giving us your data, for instance with your marketing preferences, you have the right to withdraw your consent at any time.
  5. Objection and restriction of processing – In certain circumstances, you have a right to object to or request we restrict our processing of your personal data.
  6. Right to port – You have a right to receive certain information about you in a machine readable format.
COMPLAINTS
If you would like to make a complaint about our use of your personal data, you should contact our Data Protection Officer at the details above. If we have not resolved your complaint, you can contact the UK data protection regulator, the Information Commissioner’s Officer (ICO) (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
CHANGES TO THIS PRIVACY POLICY
We may update this privacy policy from time to time. The revised policy will be posted to this page.