Privacy and Cookies | The Royal Mint

Privacy Policy

The Royal Mint Limited, its group companies and its platforms (“The Royal Mint”), which this privacy policy covers, will ensure that when we collect your Personal Data it is:

•processed lawfully, fairly and in a transparent manner

•collected only for specified, explicit and legitimate purposes

•adequate, relevant and limited to what is necessary for the purposes for which it is processed

•accurate and up to date

•not kept in an identifiable form for longer than is necessary for the purposes for which you provided it

•secured by appropriate technical and organisational measures

•not transferred without adequate protection

 

It is important that we keep your information accurate and up-to-date and so in return, we ask you to:

•give us accurate information

•tell us as soon as possible if there are any changes, such as a new address

Other links within any of our platforms to other platforms are not covered by this policy.

 

If you are signing up for a job alert or you are a candidate applying for a job with The Royal Mint, please refer to our Candidate Privacy Notice.

 

Who are we?

The Royal Mint consists of the below listed companies.

Any Personal Data provided to, or gathered by, The Royal Mint Limited  is controlled by The Royal Mint Limited incorporated and registered in England and Wales with company number 06964873 whose registered office is at Llantrisant, Pontyclun, Mid Glamorgan, South Wales, United Kingdom CF72 8YT.

The Royal Mint Limited’s platforms include, but are not limited to, our websites www.royalmint.com and www.royalmintbullion.com and our mobile applications “The Great British Coin Hunt”, and “The Royal Mint Bullion”.

Information Commissioner’s Office Registration Number: Z2075700.

VAT Registration Number: GB 256 5227 96.

 

Any Personal Data provided to, or gathered by, RM Assets Limited is controlled by RM Assets Limited incorporated and registered in England and Wales with company number 09058416 whose registered office is at Llantrisant, Pontyclun, Mid Glamorgan, South Wales, United Kingdom CF72 8YT.

Information Commissioner’s Office Registration Number: ZA320379.

 

Any Personal Data provided to, or gathered by, RM Experience Limited is controlled by RM Experience Limited incorporated and registered in England and Wales with company number 10953110 whose registered office is at Llantrisant, Pontyclun, Mid Glamorgan, South Wales, United Kingdom CF72 8YT.

Information Commissioner’s Office Registration Number: ZA324165.

 

For further information regarding this policy, please contact our Data Protection Officer at the above listed address or using the following telephone or e-mail address:

  • Telephone: 0800 032 2154
  • E-mail: customer.services@royalmint.com

 

What is Personal Data?

Personal Data is any information identifying you or information relating to you that allows us to identify you. This can be either directly or indirectly from that data alone or in combination with other identifiers we possess or can reasonably access.

Personal Data can be factual (for example, a name, email address, location or date of birth) or an opinion about that person’s actions or behaviour.

Personal Data includes special categories of Personal Data and pseudonymised Personal Data but excludes anonymous data or data that has had the identity of an individual permanently removed.

Special categories of Personal Data is information revealing racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, sexual life, sexual orientation, biometric or genetic data, and Personal Data relating to criminal offences and convictions.

Pseudonymisation or pseudonymised is the replacing of information that directly or indirectly identifies an individual with one or more artificial identifiers or pseudonyms so that the person, to whom the data relates, cannot be identified without the use of additional information which is kept separately and secure.

 

What types of Personal Data do we collect?

The types of Personal Data that we collect include:

  • Name;
  • Age/date of birth;
  • Contact information and user preference;
  • Credit and debit card information and payment details;
  • Contractual details including goods and services provided;
  • Copies of documents you provide to prove your age or identity;
  • Device / Electronic identification data (the type of device that you use and unique device identifiers such as your IP address, device’s IMEI number, the MAC address of the device’s wireless network interface, and the mobile phone number, network and operating system used by the device);
  • Content data (information stored on your device including login information, photos, videos or other digital content, and check-ins);
  • Location data (some of our platforms utilise GPS technology to determine your current location. Some of our location-enabled services require your personal data for these features to work. If you wish to use this particular feature you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by disabling Location Data in your settings.);
  • Usage data (this includes details of your use of any of our apps and your visits to any of our websites including but not limited to traffic data and other communication data, and the resources that you access.);
  • Unique application numbers (when you want to install or uninstall a service containing a unique application number or when such a service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.);
  • Information collected through cookies; and
  • Your image which may be recorded on CCTV if your visit us.

We only gather special categories of Personal Data with respect to our secure storage customers. These customers have finger/thumb prints (biometric data) taken in order to control access to the secure storage facility. Access to this biometric data is strictly limited to security staff in the exercise of their duties.

We do not routinely collect Personal Data about children under 16. There are a limited number of activities that we undertake which may involve the collection of children’s’ Personal Data, for example competition entries and photo/video permission forms. Where children’s’ Personal Data is processed it will be done so with the consent of whoever holds parental responsibility of the child.

For further information on the types of Personal Data that we hold on you, please contact us.

 

How and why do we collect Personal Data?

We collect Personal Data, for example, when you visit any of our platforms or locations, download or install one of our apps, create an account, place an order for products or services, make contact with us (including making a complaint), enter a competition, if you complete a survey we send or you otherwise provide a product or service review, or if you register to receive information about our competitions, products, services and offers.

We collect and process your Personal Data based on one or more of the following reasons / legal bases:

  • It is necessary for us to perform a contract that you have entered into with us, or because it is necessary before entering into a contact (for example, to provide you with the product or service that you have requested);
  • You have given us consent to process your Personal Data for a specific purpose (for example, to provide you information about our competitions, products, services and offers);
  • The processing is necessary for us to comply with our legal obligations (for example, to conduct know your customer checks);
  • We have a legitimate interest to do so, and have taken your rights into consideration (for example, to obtain feedback on our products and services or to better understand you as a customer); and/or
  • The processing is necessary to protect your vital interests (for example, to protect your life)

As referenced above, we have a legitimate business interest (and in some cases a legal obligation) to process Personal Data in order to better understand our customers.  To do this we may combine the data that we collect directly from you from your interactions with The Royal Mint, with data that we obtain from third parties.

We also have a legitimate business interest, for example, to help ensure that we provide products and services that are most relevant to the interests of our customers. Also keeping customers informed and to ensure that the information that we send them via email, post or by phone is relevant to their interests.   You are able to update your Personal Data and adjust your contact preferences at any time, please see “How can I access or correct my Personal Data, request that it be deleted, ask for it to be transferred to another organisation or exercise any of my other rights?”

We will not reuse your Personal Data for a new purpose other than for what it was originally collected, unless the new use is compatible with the original purpose for which the Personal Data was collected, we have notified you of the new use and given you a reasonable opportunity to object to it, or the new use is otherwise permitted or required by law.

Please note that if you do not share your Personal Data or adjust your contact preferences, we may not be able to provide you or have to stop providing you with the information, products or services that you have requested.

For further information on how and why we have collected your Personal Data, please contact us.

 

Credit Account Customers

If you apply for a credit account, we will use credit scoring to assess your application. The credit score will be provided by a credit reference agency. Your credit score will be used by us in conjunction with information that you provide as part of your application, along with information regarding your account conduct (if an existing customer), and official public records such as fraud and insolvency records. The use of credit scoring helps us make fair and responsible lending decisions. If your application for credit is declined you are able to request that this is reconsidered, based on a change of circumstances or a correction of your credit report (if an error was found). The credit scoring used is regularly tested by the professional services provider to ensure that it remains fair, effective and unbiased.

For further information on how to appeal a decision or on the credit scoring service used, please contact us.

 

How do we use cookies and similar technologies?

When you visit our platforms your device / electronic identification data is logged to track your session. This is automatically recognised by our servers and is used for system administration, to provide you with a good experience, and to provide statistics, which The Royal Mint uses to evaluate use of the platforms to help us improve them.

We collect usage data which includes details of your use of any of our apps and your visits to any of our websites. This includes, but not limited to, traffic data and other communication data, and the resources that you access.  Some of this data is gathered from the use of cookies, which are also sometimes used to distinguish you from other users.

Cookies are small text files made up of letters and numbers that are stored on your computer, tablet or mobile device when you visit particular webpages.

We use the following cookies:

Strictly necessary cookies. These are cookies that are required for the operation of our website. They include cookies that enable you to log into secure areas of our website, use a shopping cart or make use of the payment services.

Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences.

Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Your device will need to accept cookies to enable online shopping and the personalised features found on our platforms.

Your device can be used to restrict, block or delete cookies from our platforms or any other platforms, if you would prefer this. This differs from device to device, please consult your web device’s ‘help’ documentation or alternatively you can visit www.aboutcookies.org for more information on how you can delete and control the cookies that are stored on your device.

The data that we collect and share through the use of cookies is typically anonymous and not personally identifiable. It does not typically contain your name, address, telephone number, or e-mail address. Cookies store a generated ‘key’ which is associated with all this information.

We also use pixels, or transparent GIF files, to help manage online advertising. These GIF files are provided by our advertisement management partners. These files enable our partners to recognise a unique cookie on your device, which in turn enables us to learn which advertisements bring users to our website. The cookie was placed by us, or by another advertiser who works with our partners.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below.

Website Tool

Description

BingAds

BingAds is a service that provides Pay Per Click advertising on both Bing and Yahoo! Search engines.
For more information visit: https://secure.bingads.microsoft.com/

Crazy Egg

Crazy Egg is an online application that provides eye tracking tools such as a heat map, scroll map, overlay, and confetti to track a website's operation. For more information visit: https://www.crazyegg.com/

DC StormIQ

Formally known as DC Storm, Rakuten Attribution arms digital businesses with performance
measurement tools, analysis and reporting to power great decision making and drive success. For more information visit: https://dc-storm.com/en-uk/about-us/

DoubleClick

DoubleClick is a business owned by Google which develops and provides internet ad serving services. DoubleClick allows us to traffic, target, deliver and report on our interactive advertising campaigns.
For more information visit: https://www.doubleclickbygoogle.com/

Ethnio

Ethnio is a research recruiting tool for intercepting people that use our interface from your website or app, and then conducting research with them - moderated or automated. For more information visit: https://ethn.io/

Facebook Pixel

Facebook pixel is an analytics tool that helps measure the effectiveness of Facebook advertising. For more information visit: https://www.facebook.com/business/help/742478679120153

GA Audience

Google Analytics audience reports provide insight into characteristics of a company's website or mobile app users. For more information visit: https://support.google.com/analytics/answer/1012034?hl=en

Google Adwords conversion pixel

AdWords conversion tracking shows what happens after a customer clicks on an ad – whether they purchased a product, signed up for your newsletter, called your business, or downloaded your app.
For more information visit: https://support.google.com/tagmanager/answer/6105160?hl=en

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports on website or mobile app traffic.
For more information visit: https://www.google.co.uk/analytics/#?modal_active=none

Google Dynamic re-marketing

Dynamic re-marketing allows us to show previous visitors ads based on products or services that they viewed. For more information visit: https://support.google.com/adwords/answer/3124536?hl=en&ref_topic=3180758

Google Tag Manager

Google Tag Manager is a tag management system that allows you to quickly and easily update tags and code snippets on a website or mobile app, such as those intended for traffic analysis and marketing optimisation. For more information visit: https://www.google.co.uk/analytics/tag-manager/

Hotjar

Hotjar is a powerful tool that reveals the online behaviour and voice of website users using heatmaps, surveys, polls and visitor recordings. Hotjar can be used to improve a site's user experience and performance/conversion rates. For more information visit: https://www.hotjar.com/

iPerceptions

iPerceptions is a tool that makes it easy for businesses to collect client feedback and measure them
to access customer satisfaction. For more information visit: https://www.iperceptions.com/

Linkshare

Rakutan Linkshare is an affiliate marketing service provider that connects advertisers to publishers to reach new audiences and influence repeat purchases. For more information visit: https://rakutenmarketing.com/en-uk/affiliate

Monetate

Monetate is an optimisation and personalisation platform that can be used to improve the customer
journey and experience. For more information visit: https://www.monetate.com/about

Qualaroo

Qualaroo is a real time feedback platform that enables us to gain valuable insights from prospects and customers through customer decision analysis.  For more information visit: https://qualaroo.com/features/

SessionCam

These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. For more information visit: https://sessioncam.com/

The Royal Mint Competition Tracker

The Collected Clues cookie is used by The Royal Mint to track the collection of clues as part of the Great British Coin Hunt Treasure Hunt competition.

Urban Airship

Urban Airship is a norification engine that we use to send you push notifications via The Royal Mint Bullion app.

These notification can be controlled from within the ‘More’ Menu of the app or without the setting of your device. For more information visit: https://www.urbanairship.com/company

Veinteractive

These cookies are used to link product codes in a product database to a user to suggest products that will be of interest to them, to identify and collect information of users of Ve services, to fix broken online sessions, and to track a post-click cookie window of up to 30 days. For further information visit: https://www.ve.com/

WhosOn

This cookie is issued by the WhosOn live chat application. It is used to link a visitor to a “visitor record” which stores the IP address and User Agent. For more information visit: https://www.whoson.com

Yahoo Analytics

Yahoo Analytics is a web analytics service offered by Yahoo that tracks and reports website or mobile app traffic to
 inform decision making and strategy. For more information visit:https://policies.yahoo.com/us/en/yahoo/privacy/topics/analytics/index.htm

Yahoo DOT tag

Dot Tags are Yahoo's universal tracking tag. DOT tags are used to track performance and optimise
search, native and display campaigns. For more information visit: https://developer.yahoo.com/gemini/guide/v1-api/dottags/

Zendesk

The Zendesk live chap application is used on www.royalmintbullion.com and The Royal Mint Bullion app. This allows customers to talk to our customer services team via a live messenger service. For more information visit: https://www.zendesk.co.uk/chat/

CollectedClues

Used for the Great British Coin Hunt digital coin hunt

 

Third-party cookies

When you visit our platforms you may notice some cookies that aren’t related to us. If you visit a platform page that contains content which is embedded from other organisations, for example YouTube or Vimeo, you may be sent cookies from these organisations. We do not control these cookies and we would suggest that you visit these organisations’ websites to view information about their cookies and how they are used.

We do have relationships with select suppliers who may also set cookies during your visit to be used for marketing purposes, such as showing you our products depending on what you seem to be interested in.

Social Media sharing

If you share our content with friends through social networks – such as Facebook and Twitter, you may be sent cookies from these platforms. We don't control the setting of these cookies, so we suggest you check the third-party websites for more information about their cookies and how to manage them.

 

Who might we share your information with?

We do not sell, rent or otherwise trade your Personal Data with others. While most of our work is done by our employees who access your Personal Data directly from our systems which are under our direct control, we do use third-party service providers to perform certain functions on our behalf.

We have listed below examples of the kind of third- party service providers that we work with. We have also listed examples of the types of information that they may have access to and reasons that we may need to share your Personal Data with them.

Order Fulfilment would have access to your personal data including contact information and the goods and services requested. The purpose for this type of transfer being to prepare and deliver the products and/or services that you have requested.

Payment Processing would have access to your personal data including contact information, credit/debit card information, and payment details. The purpose for this type of transfer being to process your payment for the products or services provided.

Professional Services would have access to your personal data including contact information. The purpose for this type of transfer being to ensure our compliance with our legal obligations (including anti-money laundering and counter-terrorist financing verification), to assess your suitability for credit (if you have applied for an interest free account), and debt recovery.

Communications and Marketing would have access to your personal data including contact information. The purpose for this type of transfer being to send you information regarding our products and services, analysing data (including removing repetitive or out of date information from customer lists) and providing marketing assistance.

IT Support would have access to the personal data in our custody with which we require support. The purpose for this type of transfer being to resolve IT issues in order to provide the products and services that you have requested.

Data Storage would have access to all the personal data in our custody. The purpose for this type of transfer being to provide us with secure data storage and back-up.

Historical Archiving (The Royal Mint Museum) would have access to your personal data, for example, your name and contact information where you have entered a coin design competition. The purpose for this type of transfer being to keep an historical archive of the work of The Royal Mint.

 

Such companies and individuals will only have access to the personal data needed to perform these functions, they may not use it for any other purposes and are required to process the data in accordance with data protection laws and regulations applicable in the United Kingdom.

For further information on which service providers may have access to your personal data, please contact us.

Please note that if we are requested by the police, government, regulatory, or other body investigating suspected illegal activities to provide your personal data and/or user details, we are entitled to do so.

 

Do we transfer information between countries?

www.royalmint.com

It may sometimes be necessary to transfer your personal data overseas. When this is needed your personal data may be transferred to countries or territories outside of the EEA. Any transfers made will be in full compliance with all aspects of the data protection laws and regulations applicable in the United Kingdom.

We may only transfer your personal data outside the EEA if one of the following conditions applies:

  • The European Commission has issued a decision confirming that the country to which we transfer personal data ensures an adequate level of protection for the data subject’s rights and freedoms: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm ;
  • Appropriate safeguards are in place such as binding corporate rules (BCR), model contractual clauses, an approved code of conduct or a certification mechanism;
  • You have provided your explicit consent to the transfer after being informed of any potential risks; or
  • The transfer is necessary for one of the other reasons set out in the GDPR including the performance of a contract between us and you, reasons of public interest, to establish, exercise or defend legal claims, to fulfil our legal or regulatory obligations, or to protect your vital interests where you’re physically or legally incapable of giving consent and, in some limited cases, for our legitimate interests.

For further information on which countries your personal data may be transferred to and the specific safeguards that are in place, contact us.

 

www.royalmintbullion.com

Same details as for www.royalmint.com.

We envisage that we will transfer your personal data to the United States of American and Serbia. This is because we utilise an IT support and data storage provider that is based in the United States of America and this information can also be accessed by a support team based in Serbia. Any transfers are made in full compliance with all aspects of the data protection laws and regulations applicable in the United Kingdom. Model contractual clauses are utilised in this instance to safeguard your Personal Data.

 

How long do we keep hold of your information?

We keep your Personal Data for as long as we need it to satisfy our business and legal requirements; normally this is no longer than 12 months after you cease holding a customer account. Once the Personal Data is no longer required, it is either deleted or anonymised.

It is important to note that all employees at The Royal Mint follow an organisation-wide security policy. Only employees authorised are provided access to Personal Data and these employees will have agreed to ensure confidentiality of this information.

Also specifically with respect to debit and credit card information submitted through our websites, we use secure socket layer technology to protect that information.

 

What rights do I have in relation to the Personal Data you hold about me?

Unless subject to an exemption, you have the following rights with respect to your Personal Data:

  • The right to request a copy of your Personal Data which The Royal Mint holds about you;
  • The right to request that we correct any Personal Data if it is found to be inaccurate or out of date;
  • The right to request your Personal Data is erased where it is no longer necessary for us to retain such data;
  • The right to withdraw your consent to the processing at any time where we are relying on your consent as the legal basis for processing your Personal Data;
  • Where applicable, the right to request that we transfer your Personal Data directly to another data controller, (known as the right to data portability);
  • The right, where there is a dispute in relation to the accuracy or processing of your Personal Data, to request a restriction is placed on further processing;
  • The right to object to the processing of Personal Data where processing is based on legitimate interests, the performance of a task in the public interest/exercise of official authority, direct marketing and processing for the purposes of scientific/historical research and statistics;
  • The right to lodge a complaint with the Information Commissioner’s Office.

 

How can I access or correct my Personal Data, request that it be deleted, ask for it to be transferred to another organisation or exercise any of my other rights?  

The majority of the Personal Data that we collect is collected directly from you, in which case you are responsible for its accuracy. We encourage you to tell us as soon as possible if there are any changes to your Personal Data, such as a new address. When information is found to be inaccurate, either through our own checks or following a communication from you, it is updated.

You can update your Personal Data at any time by logging into your account and choosing contact and delivery details.

To update your contact preferences you should select ‘My Account’, ‘Personal Details’, ‘Online Preference Centre’, and ‘Edit’ and amend your marketing preferences accordingly.

Alternatively, contact customer services using the following information:

  • Telephone: 0800 032 2154
  • E-mail: customer.services@royalmint.com
  • Mail: The Royal Mint, Llantrisant, Pontyclun, CF72 8YT

Please note that it may take up to 48 hours (during working days) to update your details.

For further information regarding this policy, to access your Personal Data, request that it be deleted, or ask for it to be transferred to another organisation, please contact the Data Protection Officer by using the above mentioned contact details.

 

How can I make a complaint about how you have handled my Personal Data or responded to a request to exercise my data subject rights?

If you are dissatisfied with the handling of your Personal Data or how we have responded to a request to exercise your data subject rights, you have the right to ask for an internal review.  An internal review will consider whether or not your Personal Data and/or request were handled appropriately, in line with applicable data protection laws and regulations.

Internal review requests should be submitted to the Data Protection Officer by using the contact information above. Internal reviews will be carried out by the Finance Director. We aim to respond within 20 working days of the receipt of the request for an internal review.

If you are dissatisfied with the outcome of the review, then you may seek a review by the Information Commissioner’s Office, which has the powers to uphold or overturn the decision. Please see ICO contact information below.  The Royal Mint will abide by the decisions of the ICO, unless it considers itself to have grounds for an appeal to the First-Tier Tribunal (Information Rights).

  • Website: https://ico.org.uk/
  • E-mail: casework@ico.org.uk
  • Telephone: 03031231113
  • Mail: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Last updated on 22nd October 2018.

back to top