We’ll keep this page updated to show you all the things we do with your personal data. This policy applies if you use any of our services, visit our website, use our mobile app, email, call or write to us. In certain circumstances we may also provide an extra privacy notice, which will always refer to this page.
We’ll never sell your personal data and will only share it with organisations we work with when it’s necessary and the privacy and security of your data is assured.
Who are ‘we’?
In this policy, whenever you see the words ‘we’, ‘us’, ‘our’, ICWG, it refers to International Carwash Group, Ltd. and its operating brands in various markets including IMO Car Wash, ARC, (name of all brands in Europe including names in foreign languages).
ICWG carries out a range of commercial trading activities via a network of independent operators including sales at over 200 properties, online sales, income from commercial partnerships including sponsorship, affinity marketing and product licensing, raffles, and other commercial activities that are deemed outside the charitable purposes of the business.
What personal data do we collect?
Your personal data (any information which identifies you, or which can be identified as relating to you personally for example, name, address, phone number, email address) will be collected and used by us. We’ll only collect the personal data that we need.
We collect personal data in connection with specific activities such as registration or car wash requests, placing an order, bookings, insurance claims, conducting research, ordering an image, etc.
You can give us your personal data by filling in forms on our website, by registering to use our website, participate in discussion, subscribing to take part in research on our website or other social media functions on our website, entering a competition, promotion or survey or by corresponding with us (by phone, email or by joining as a member/supporter/customer).
This personal data you give us may include name, title, address, date of birth, age, gender, employment status, demographic information, email address, telephone numbers, personal description, car registration, photographs, CCTV images, attitudes, opinions, usernames and passwords).
Personal data provided by you
This includes information you give when interacting with us, for example joining a program or placing an order or communicating with us. For example:
- Personal details (name, date of birth, email, address, telephone) when you join as a program
- Financial information (payment information such as credit or debit card or direct debit details)
- Your opinions and attitudes about IMO car wash, activities and interests, and your experiences of the car wash
If you buy a voucher as a gift, your details will be recorded.
We may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform and if you access our website via your mobile device we will collect your unique phone identifier
- Information about your visit, including, but not limited to the full Uniform Resource Locators (URL) and query string, clickstream to, through and from our website (including date and time), pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as but not limited to, scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number
- Information about your purchases including but not limited to revenue figures, the types of products purchased.
- The terms that you use to search our website
Please note that certain services on our website won’t be available to you until you’ve registered to use our website.
Personal data created by your involvement with us
Your activities and involvement with us will result in personal data being created. This could include details of how you’ve responded to a customer survey related to your experience in one of our car washes or the process to purchase vouchers on line.
Information we generate
We conduct research and analysis on the information we hold, which can in turn generate personal data. For example, by analysing your responses, we may be able to build a profile which helps us decide which of our communications are likely to interest you. The sections Research and Profiling gives more detail about how we use information for profiling and targeted advertising, including giving you more relevant digital content.
Information from third parties
We sometimes buy anonymous external data (e.g. census data, Experian MOSAIC, TGI) and combine it with your personal data at an aggregated level to build profiles which help us work out what you’re most likely to want to hear from us about and how.
Sensitive personal data
At times we’ll collect sensitive personal data for Equal Opportunities monitoring, as well as researching whether we deliver great experiences for everyone, but this is only ever analysed at an aggregate level.
Under 18’s personal data
Customers that are under 18 and drive would also have their personal data used in the same way as all the above categories.
How we use your personal data
We’ll only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (from 25 May 2018)/UK Data Protection Act and Privacy of Electronic Communication Regulation.
Personal data provided to us will be used for the purpose or purposes outlined in any fair processing notice in a transparent manner at the time of collection or registration where appropriate, in accordance with any preferences you express. If asked by the police, or any other regulatory or government authority investigating suspected illegal activities, we may need to provide your personal data.
Your personal data may be collected and used to complete your order or request. Below are the main uses of your data which depend on the nature of our relationship with you and how you interact with our various services, websites and activities.
Your privacy is important to us, so we’ll always keep your details secure. We’d like to use your details to keep in touch about things that may matter or interest you.
If you choose to hear from us we may send you information based on what is most relevant to you or things you’ve told us, you like. We may also show you relevant content online. This might be about visiting our sites, membership or events.
We’ll only send these to you if you agree to receive them and we will never share your information with companies outside ICWG for inclusion in their marketing. (We may however share cookie data with third parties to help with our own advertising targeting). If you agree to receive marketing information from us, you can change your mind later.
However, if you tell us you don’t want to receive marketing communications, then you may not hear about events or other work we do that may be of interest to you.
Personal data provided to us may also be profiled to help us with advertising targeting. For example, your membership data may be used to ensure we don’t contact you online. Or we may use your personal data to find online users with a similar profile to yourself who may be interested in our products or services.
We may sometimes use third parties to capture some of our data on our behalf, but only where we are confident that the third party will treat your data securely, in accordance with our terms and in line with the requirements set out in the GDPR.
How Can I Change My Contact Preferences?
We’d love to stay in touch, but we don’t want to out – stay our welcome. Choose how you would like us to get in touch with you by registering or signing in to http://www.imocarwash.com/gb/contact-imo and we’ll keep you updated on news relevant to you – straight into your inbox.
We’ll always act upon your choice of how you want to receive communications (for example, by email, post or phone). However, there are some communications that we need to send.
Membership including newsletters
We use the personal data you provide as a member of an unlimited club to service your membership. This includes sending renewal information to annual members by mail and email. It’s also used to verify you when you contact our Customer Services or sign up for a branded account to manage your membership online.
We scan membership codes to check entitlement to free car washes, to understand how and when our customers visit and to help us send you more relevant communications. We may contact you for feedback on your visit.
We carry out research with our supporters, customers, staff and volunteers to get feedback on their experience with us. We use this feedback to improve the experiences that we offer and ensure we know what is relevant and interesting to you.
If you choose to take part in research, we’ll tell you when you start what data we will collect, why and how we’ll use it. All the research we conduct is optional and you can choose not to take part. For some of our research we may ask you to provide sensitive personal data (e.g. ethnicity). You don’t have to provide this data and we also provide a ‘prefer not to say’ option. We only use it at an aggregate level for reporting (e.g. equal opportunities monitoring).
We may give some of your personal data (e.g. contact information) to a research agency who will carry out research on our behalf.
We know it’s important to us to use our resources in a responsible and cost-effective way. So, we use automated profiling and targeting to help us understand our customers and make sure that:
- our communications (e.g. emails) and services (e.g. our website) are relevant, personalised and interesting to you
- our services meet the needs of our customers
- we only ask for further support and help from you if it’s appropriate
- we use our resources responsibly and keep our costs down
To do this we’ll analyse how you interact with us (e.g. on our website, car washes you visit through use of data held on the database and bar code scanning, etc.) and use both geographic and demographic information to let you know what’s happening in your local area and understand your interests.
We use specific tools to profile how you interact with us online, for example, Adobe Analytics, Google Analytics and Double Click for Advertisers. We use Google Analytics to collect information on the use of the IMO website. Much of the information we collect is aggregated, however we may also collect some personal data for the use of personalising your experience, optimising our marketing campaigns, and to ensure the site is functioning as intended.
The personal information that is collect includes transactional information for Memberships, and Online Shop Purchases. We also collect data on individual user activity when they create or log into their unlimited account. This information takes the form of an encrypted string.
Updating your data and marketing preferences
We want you to remain in control of your personal data. If, at any time, you want to update or amend your personal data or marketing preferences please contact us in one of the following ways:
- Email us: firstname.lastname@example.org with your full name and address. If you have a membership number, please state this as additional information.
- Call us: +44 1494 897410
- Write to us: Customer services, IMO Car Wash, 35-37 Amersham Hill, High Wycombe, Bucks HP13 6NU
Verification, updating or amendment of personal data will take place within 5 years of receipt of your request.
Your data protection rights (DPO)
Where ICWG is using your personal data based on consent, you have the right to withdraw that consent at any time. You also have the right to ask ICWG to stop using your personal data for direct marketing purposes.
Please email, call or via the website that you no longer want us to use your personal data.
Subject access rights
If you would like further information on your rights or wish to exercise them, please write to us at The Data Protection Office, ICWG, Amersham Hill, High Wycombe HP13 6NU or email email@example.com
You will be asked to provide the following details:
- The personal information you want to access;
- Where it is likely to be held;
- The date range of the information you wish to access
We will also need you to provide information that will help us confirm your identity. If we hold personal information about you, we will give you a copy of the information in an understandable format together with an explanation of why we hold and use it.
Once we have all the information necessary to respond to your request we’ll provide your information to you within one month. This timeframe may be extended by up to two months if your request is particularly complex.
What to do if you’re not happy
In the first instance, please talk to us directly so we can resolve any problem or query. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their help line 0303 123 113 or at www.ico.org.uk.
Cookies and Links to third party
Cookies are small amounts of information that are sent to and are stored on your computer’s hard drive. They are used to identify you when you visit the site, and to make your use of the site more convenient for you. Cookies are used to remember usernames, passwords and preferences and to deliver a faster and more personalised service.
ICWG and IMO websites and services only uses first party cookies to gather analytics and usage data for our website, with the aim of improving the experience for our users.
Using “cookies” the service may automatically collect some technical information which is not personally identifiable. Examples of this may include the type of Internet browser you are using and the domain name of the web site from which you linked to our site. We may aggregate this type of information for market research purposes and to improve our website.
Many Internet browsers allow you to set them to warn you before a cookie is stored or to block cookies altogether.
How to enable and disable cookies using your browser
If you do disable our cookies you may find that certain sections of our website, do not work. For example, you may have difficulties logging in or purchasing items.
1. Google Chrome
- Click on the ‘wrench’ icon on the browser (usually found top-right corner) to open the tools menu
- From the tools menu select ‘Options’
- Click the ‘Under the Hood’ tab from the menu on the left.
- In the ‘Privacy’ section, select the ‘Content settings’ button
- To enable cookies: select ‘Allow local data to be set’ option
- To disable cookies: select ‘Block all cookies’ option
Note there are various levels of cookie enablement and disablement in Chrome. For more information on other cookie settings offered in Chrome, refer to the following page from Google: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
2. Microsoft Internet Explorer
- Click on ‘Tools’ at the top of your browser window and select ‘Internet Options’
- In the options window navigate to the ‘Privacy’ tab
- To enable cookies: Set the slider to ‘Medium’ or below
- To disable cookies: Move the slider to the top to block all cookies
Note there are various levels of cookie enablement and disablement in Explorer. For more information on other cookie settings offered in Internet Explorer, refer to the following page from Microsoft: http://windows.microsoft.com/en-GB/windows-vista/Block-or-allow-cookies
3. Mozilla Firefox
- Click on ‘Tools’ at the browser menu and select ‘Options’
- Select the Privacy panel
- To enable cookies: Check ‘Accept cookies for sites’
- To disable cookies: Uncheck at ‘Accept cookies for sites’
Note there are various levels of cookie enablement and disablement in Firefox. For more information, refer to the following page from Mozilla: http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies
- Click on ‘Setting’ at the browser menu and select ‘Settings’
- Select ‘Quick Preferences’
- To enable cookies: check “Enable Cookies”
- To disable cookies: uncheck “Enable Cookies”
Note there are various levels of cookie enablement and disablement in Opera. For more information on other cookie settings offered in Opera, refer to the following page from Opera Software: http://www.opera.com/browser/tutorials/security/privacy/
5. Safari on OSX
- Click on ‘Safari’ at the menu bar and select the ‘Preferences’ option
- Click on ‘Security’
- To enable cookies: In the ‘Accept cookies’ section select ‘Only from site you navigate to’
- To disable cookies: In the ‘Accept cookies’ section select ‘Never’
Note there are various levels of cookie enablement and disablement in Safari. For more information on other cookie settings offered in Safari, refer to the following page from Apple: http://support.apple.com/kb/PH11882
6. All other browsers
Please look for a “help” function in the browser or contact the browser provider.
Links to other websites
Keeping your information
We will only use and store your information for as long as it is required for the purposes it was collected for. How long it will be stored for depends on the information in question, what it is being used for and, sometimes, statutory legal requirements. We will however not keep your data for longer than 3 years, unless its is held for current, ongoing claims and statutory purposes.
How we secure your data
Information system and data security is imperative to us to ensure that we are keeping our customers, members, safe.
We operate a robust and thorough process for assessing, managing and protecting new and existing systems which ensures that they are up to date and secure against the ever-changing threat landscape. In addition to this, we follow a defense in depth security model, which means that your data is protected by multiple layers of security.
Our staff complete mandatory information security and data protection training on employment and annually thereafter to reinforce responsibilities and requirements set out in our information security policies.
When you trust is with your data we will always keep your information secure to maintain your confidentiality. By utilizing strong encryption when your information is stored or in transit we minimize the risk of unauthorized access or disclosure; when entering information on our website, you can check this by right clicking on the padlock icon in the address bar.
Disclosing and sharing information
When we allow third parties acting on behalf of ICWG to access to your information, we will always have complete control of what they see, how long they see it for and what they can do with it. We do not sell or share your personal information for other organisations to use.
Personal data collected and processed by us may be shared with the following groups where necessary:
- Research Bods who run the market research platform on our behalf;
- Third party cloud hosting and IT infrastructure providers who host the website and provide IT support in respect of the website;
Also, under strictly controlled conditions:
- Service Providers providing services to us
Storage of information
IMO operations which are based in the UK and store most of our data within UK. Some organisations which provide services to us may transfer data outside the European Economic Area, but we’ll only allow this if your data is adequately protected. Some of our systems are provided by US companies and whilst it is our policy that we prefer data hosting and processing to remain on EU-based solutions, it may be that using their products results in data transfer to the USA. However, we only allow this when we certain it will be adequately protected. (e.g. US Privacy Shield or Standard EU contractual clauses).
If we discover that there has been a breach of related personal data that poses a risk to the rights and freedoms of individuals, we will report it to the Information Commissioner within 72 hours of discovery. The organisation will record all data breaches regardless of their effect.
If the breach is likely to result in a high risk to the rights and freedoms of individuals, we will tell affected individuals that there has been a breach and provide them with information about its likely consequences and the mitigation measures it has taken.
Payment card Security
IMO has an active PCI-DSS compliance program in place. This is the international standard for safe card payment processes. As part of our compliance to this very stringent standard, we ensure that our IT systems do not directly collect or store payment card information; for example, the full 16-digit number on the front of the card or the security code on the back.
Our online payment solutions are carried out using a 'payment gateway' (e.g. Sage pay) which is a direct connection to a payment service provided by a bank. This means that when you input card data into the payment page, you are communicating directly with the bank and the bank passes your payment to us, this means that your payment card information is handled by the bank and not processed or held by us.
Some of our locations and properties have Closed Circuit Television (CCTV) and you may be recorded when you visit them.
CCTV is used to provide security and protect both our customers and IMO operators. CCTV will be only being viewed when necessary (e.g. to detect or prevent crime) and footage is stored for set period after which it is recorded over. IMO complies with the Information Commissioner’s Office CCTV Code of Practice and we put up notices, so you know when CCTV is used.
Some of our locations have automatic number plate recognition (ANPR) fitted. This is a technology for automatically reading vehicle number plates.
IMO use this information to understand how often a person washes their car a vehicle is washed in the year. We do not use this information with any other data in most of our car washes. The information allows us to understand the usage without knowing any other information about the customer.