Privacy and Cookies | The Royal Mint

Privacy Policy

The Royal Mint Limited, its group companies and its platforms (“The Royal Mint”), which this privacy policy covers, will ensure that when we collect your Personal Data it is:

•processed lawfully, fairly and in a transparent manner

•collected only for specified, explicit and legitimate purposes

•adequate, relevant and limited to what is necessary for the purposes for which it is processed

•accurate and up to date

•not kept in an identifiable form for longer than is necessary for the purposes for which you provided it

•secured by appropriate technical and organisational measures

•not transferred without adequate protection

 

It is important that we keep your information accurate and up-to-date and so in return, we ask you to:

•give us accurate information

•tell us as soon as possible if there are any changes, such as a new address

Other links within any of our platforms to other platforms are not covered by this policy.

 

This privacy policy relates to our customers and visitors. If you are signing up for a job alert or you are a candidate applying for a job with The Royal Mint, please refer to our Candidate Privacy Notice.

 

Who are we?

The Royal Mint consists of the below listed companies.

Any Personal Data provided to, or gathered by, The Royal Mint Limited  is controlled by The Royal Mint Limited incorporated and registered in England and Wales with company number 06964873 whose registered office is at Llantrisant, Pontyclun, Mid Glamorgan, South Wales, United Kingdom CF72 8YT.

The Royal Mint Limited’s platforms include, but are not limited to, our websites www.royalmint.com and www.royalmintbullion.com and our mobile applications “The Great British Coin Hunt”, and “The Royal Mint Bullion”.

Information Commissioner’s Office Registration Number: Z2075700.

VAT Registration Number: GB 256 5227 96.

 

Any Personal Data provided to, or gathered by, RM Assets Limited is controlled by RM Assets Limited incorporated and registered in England and Wales with company number 09058416 whose registered office is at Llantrisant, Pontyclun, Mid Glamorgan, South Wales, United Kingdom CF72 8YT.

Information Commissioner’s Office Registration Number: ZA320379.

 

Any Personal Data provided to, or gathered by, RM Experience Limited is controlled by RM Experience Limited incorporated and registered in England and Wales with company number 10953110 whose registered office is at Llantrisant, Pontyclun, Mid Glamorgan, South Wales, United Kingdom CF72 8YT.

Information Commissioner’s Office Registration Number: ZA324165.

 

For further information regarding this policy, please contact our Data Protection Officer at the above listed address or using the following telephone or e-mail address:

  • Telephone: 0800 032 2154
  • E-mail: customer.services@royalmint.com

 

What is Personal Data?

Personal Data is any information identifying you or information relating to you that allows us to identify you. This can be either directly or indirectly from that data alone or in combination with other identifiers we possess or can reasonably access.

Personal Data can be factual (for example, a name, email address, location or date of birth) or an opinion about that person’s actions or behaviour.

Personal Data includes Special Categories of Personal Data and pseudonymised Personal Data but excludes anonymous data or data that has had the identity of an individual permanently removed.

Special Categories of Personal Data is information revealing racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health conditions, sexual life, sexual orientation, and biometric or genetic data. Although Special Categories of Information do not include information about criminal allegations, proceedings or convictions, there are separate safeguards relating to this type of information.

Pseudonymisation or pseudonymised is the replacing of information that directly or indirectly identifies an individual with one or more artificial identifiers or pseudonyms so that the person, to whom the data relates, cannot be identified without the use of additional information which is kept separately and secure.

 

What types of Personal Data do we collect?

The types of Personal Data that we collect include:

  • Name;
  • Age/date of birth;
  • Contact information and user preference;
  • Credit and debit card information and payment details;
  • Contractual details including goods and services provided;
  • Copies of documents you provide to prove your age or identity;
  • Device / Electronic identification data (the type of device that you use and unique device identifiers such as your IP address, device’s IMEI number, the MAC address of the device’s wireless network interface, and the mobile phone number, network and operating system used by the device);
  • Content data (information stored on your device including login information, photos, videos or other digital content, and check-ins);
  • Location data (some of our platforms utilise GPS technology to determine your current location. Some of our location-enabled services require your personal data for these features to work. If you wish to use this particular feature you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by disabling Location Data in your settings.);
  • Usage data (this includes details of your use of any of our apps and your visits to any of our websites including but not limited to traffic data and other communication data, and the resources that you access.);
  • Unique application numbers (when you want to install or uninstall a service containing a unique application number or when such a service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.);
  • Information collected through cookies; and
  • Your vehicle details and registration number, your representative organisation (if applicable), and image (which may be recorded on CCTV) if your visit us.

We only routinely gather special categories of Personal Data with respect to visitors to The Royal Mint Experience booked on a VIP Tour. Visitors will be required to complete a Health Questionnaire before arriving. These questions are asked in order for us to determine if reasonable adjustments are required and if these can be made in relation to the tour. For example, visitors will be asked if they have a pace maker fitted as magnetic frequencies are in operation in some of the areas you may visit. Visitors will also be asked if they have a nut allergy as nuts are used in processes that visitors may encounter. Visitors to The Royal Mint Experience may also be asked to provide allergy information when ordering food or attending a catered event.

We do not routinely collect any information about criminal allegations, proceedings or convictions.

We do not routinely collect Personal Data about children under 16. There are a limited number of activities that we undertake which may involve the collection of children’s’ Personal Data, for example competition entries and photo/video permission forms. Where children’s’ Personal Data is processed it will be done so with the consent of whoever holds parental responsibility of the child.

For further information on the types of Personal Data that we hold on you, please contact us.

 

How and why do we collect Personal Data?

We collect Personal Data, for example, when you visit any of our platforms or locations, download or install one of our apps, create an account, place an order for products or services, make contact with us (including making a complaint), enter a competition, if you complete a survey we send or you otherwise provide a product or service review, or if you register to receive information about our competitions, products, services and offers.

We collect and process your Personal Data based on one or more of the following reasons / legal bases:

  • It is necessary for us to perform a contract that you have entered into with us, or because it is necessary before entering into a contact (for example, to provide you with the product or service that you have requested);
  • You have given us consent to process your Personal Data for a specific purpose (for example, to provide you information about our competitions, products, services, offers and news);
  • The processing is necessary for us to comply with our legal obligations (for example, to conduct know your customer checks);
  • We have a legitimate interest to do so, and have taken your rights into consideration (for example, to obtain feedback on our products and services or to better understand you as a customer, and to operate a refer-a-friend scheme in order to reward existing customers and to bring in new customers);  and/or
  • The processing is necessary to protect your vital interests (for example, to protect your life)

As referenced above, we have a legitimate business interest (and in some cases a legal obligation) to process Personal Data in order to better understand our customers.  To do this we may combine the data that we collect directly from you from your interactions with The Royal Mint, with data that we obtain from third parties.

We also have a legitimate business interest, for example, to help ensure that we provide products and services that are most relevant to the interests of our customers. Also keeping customers informed and to ensure that the information that we send them via email, post or by phone is relevant to their interests. To opt-out of profiling and personalised direct marketing, update your contact preferences to opt-out of all forms of direct marketing. Those who opted out prior to March 15th 2019 will not receive direct marketing but may still be subject to profiling. To opt out of this profiling you will have to opt-out of all forms of direct marketing again to refresh your opt-out date. You are able to update your Personal Data and adjust your contact preferences at any time, please see “How can I access or correct my Personal Data, request that it be deleted, ask for it to be transferred to another organisation or exercise any of my other rights?”.

We will not reuse your Personal Data for a new purpose other than for what it was originally collected, unless the new use is compatible with the original purpose for which the Personal Data was collected, we have notified you of the new use and given you a reasonable opportunity to object to it, or the new use is otherwise permitted or required by law.

Please note that if you do not share your Personal Data or adjust your contact preferences, we may not be able to provide you or have to stop providing you with the information, products or services that you have requested.

For further information on how and why we have collected your Personal Data, please contact us.

 

Credit Account Customers

If you apply for a credit account, we will use credit scoring to assess your application. The credit score will be provided by a credit reference agency. Your credit score will be used by us in conjunction with information that you provide as part of your application, along with information regarding your account conduct (if an existing customer), and official public records such as fraud and insolvency records. The use of credit scoring helps us make fair and responsible lending decisions. If your application for credit is declined you are able to request that this is reconsidered, based on a change of circumstances or a correction of your credit report (if an error was found). The credit scoring used is regularly tested by the professional services provider to ensure that it remains fair, effective and unbiased.

For further information on how to appeal a decision or on the credit scoring service used, please contact us.

 

How do we use cookies and similar technologies?

When you visit our platforms your device / electronic identification data is logged to track your session. This is automatically recognised by our servers and is used for system administration, to provide you with a good experience, and to provide statistics, which The Royal Mint uses to evaluate use of the platforms to help us improve them.

We collect usage data which includes details of your use of any of our apps and your visits to any of our websites. This includes, but not limited to, traffic data and other communication data, and the resources that you access.  Some of this data is gathered from the use of cookies, which are also sometimes used to distinguish you from other users.

Cookies are small text files made up of letters and numbers that are stored on your computer, tablet or mobile device when you visit particular webpages.

We use the following cookies:

Strictly necessary cookies. These are cookies that are required for the operation of our website. They include cookies that enable you to log into secure areas of our website, use a shopping cart or make use of the payment services.

Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences.

Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Your device will need to accept cookies to enable online shopping and the personalised features found on our platforms.

Your device can be used to restrict, block or delete cookies from our platforms or any other platforms, if you would prefer this. This differs from device to device, please consult your device’s ‘help’ documentation or alternatively you can visit www.aboutcookies.org for more information on how you can delete and control the cookies that are stored on your device. If you’d like to opt out of advertising cookies, please go to the Network Advertising Initiative website http://www.networkadvertising.org/, Digital Advertising Alliance website http://optout.aboutads.info/, or the European Interactive Advertising Alliance website http://www.youronlinechoices.com/ .

The data that we collect and share through the use of cookies is typically anonymous and not personally identifiable. It does not typically contain your name, address, telephone number, or e-mail address. Cookies store a generated ‘key’ which is associated with all this information.

We also use pixels, or transparent GIF files, to help manage online advertising. These GIF files are provided by our advertisement management partners. These files enable our partners to recognise a unique cookie on your device, which in turn enables us to learn which advertisements bring users to our website. The cookie was placed by us, or by another advertiser who works with our partners.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below.

 

Add This

Name of Cookie

Why we use it

Type

Expiry

Um

Ouid

Uid

Tracks content shared through the AddThis social sharing widget.

Functionality
Analytical/Performance

1 Year

For more information visit: https://www.oracle.com/legal/privacy/addthis-privacy-policy.html

AppNexus

Name of Cookie

Why we use it

Type

Expiry

Uuid2

Retargets existing website visitors with The Royal Mint online advertisements.

Targeting

3 Months

For more information visit: https://www.appnexus.com/platform-privacy-policy

Cloudflare

Name of Cookie

Why we use it

Type

Expiry

__cfduid

Identifies trusted traffic based on existing sessions passed through the Cloudflare’s firewall service.

Strictly Necessary

1 Year

For more information visit: https://www.cloudflare.com/en-gb/privacypolicy/

Disqus.com

Name of Cookie

Why we use it

Type

Expiry

Aet-dismiss

Submitted_posts_cache

Provides functional support for the blog commenting facility.

Functionality

1 Day

For more information visit: https://help.disqus.com/terms-and-policies/disqus-privacy-policy

Double Click

Name of Cookie

Why we use it

Type

Expiry

Test_cookie

Test cookie provided by check if a users browse accepts cookies.

Functionality

1 Day

For more information visit: https://policies.google.com/privacy?hl=en

Facebook

Name of Cookie

Why we use it

Type

Expiry

Tr

_fbp

fr

Facebook Tracking Pixel used for analytical tracking and retargeting advertising.

Targeting

1 Day

For more information visit: https://www.facebook.com/privacy/explanation

Flickr

Name of Cookie

Why we use it

Type

Expiry

Flrb

Flrbcr

Flrbgdrp

Flrbp

Flrbgrs

Flrbrst

Flrbrst

Flrbs

Flrtags

Tracks analytical data related to Flickr image content published across our blogs.

Analytical/Performance

1 Day

For more information visit: https://www.flickr.com/help/privacy

Google

Name of Cookie

Why we use it

Type

Maximum Expiry

_cc_aud

_cc_cc

_cc_dc

_cc_id

These cookies collect statistical data based on a user’s visit.

Analytical/Performance

1 Year

#.gif

Gmap

_ga

_gat

_gid

Cookies track browsing habits and activity when using The Royal Mint platforms.

Analytical/Performance

2 Years

ab

This cookie provides session tracking for split tests run through Google optimised.

Functionality

1 Year

_gcl_au

IDE

Targeting cookies used by Google’s Ad Networks.

Targeting

1 Year

For more information visit:

iPerceptions

Name of Cookie

Why we use it

Type

Maximum Expiry

incap_ses_#

visid_incap_#

nlbi_#

Tracking cookies used to periodically survey our website visitors.

Functionality

1 Year

For more information visit: https://www.iperceptions.com/en/legal/privacy-policy

LinkedIn

Name of Cookie

Why we use it

Type

Expiry

lang

bcookie
BizoID
bscookie
lidc
UserMatchHistory

Linkedin Tracking Pixel used for analytical tracking and retargeting advertising.

 

Targeting/

Analytical/Performance

2 Years

For more information visit: https://www.linkedin.com/legal/privacy-policy

Mention Me

Name of Cookie

Why we use it

Type

Expiry

mm id

This is our tracking ID which serves to identify any unique browser using our flow.

 

Functionality

5 Years

mm allocation

Used to keep track of which offers you are participating in order to give you a more consistent experience.

 

Functionality

5 Years

mm_offer_frequency

Used to keep track of how many times you have seen an offer so that we can limit how many times you see it.

 

Functionality

30 Days

mm_overlay_suppressed

Used to suppress a corner peel promotion if the ‘x’ is clicked.

 

Functionality

1 Hour

mm_conversion_message_suppressed

Used to suppress a conversion message if the ‘x’ is clicked.

 

Functionality

1 Hour

Mention Me helps us operate our refer-a-friend scheme and related services. They act as a service provider and a data processor. Through their technology platform, they enable our customers to refer their friends to us and enable us to reward both the referrer and referred friend when the referred friend becomes a customer. They also enable us to deliver rewards and offers to customers and to engage with customers.

To opt-out of the refer-a-friend scheme, please email customer.services@royalmint.com.

Alternatively to opt-out of the scheme via Mention Me or to obtain further information visit: https://mention-me.com/help/privacy_policy_s#referrers .

Microsoft

Name of Cookie

Why we use it

Type

Expiry

MUID

MUIDB

Tracking cookies used by the Bing Advertising Network.

Targeting

1 Year

For more information visit: https://privacy.microsoft.com/en-gb/privacystatement

Paker Software

Name of Cookie

Why we use it

Type

Expiry

whoson

poll.gif

 

This cookie is issued by the WhosOn live chat application. It’s used to link a visitor to a ‘visitor record’ which stores the IP address and UserAgent.

Functionality

Session

For more information visit: https://www.hashicorp.com/privacy

Queue-it

Name of Cookie

Why we use it

Type

Expiry

Queue-it-#

 

Distributes our website traffic across several servers when we receive high levels of visitors.

Functionality

1 Day

For more information visit: https://queue-it.com/privacy-policy/

Rakuten

Name of Cookie

Why we use it

Type

Expiry

dcv4/lqs.aspx

rmuid

rlas

rmStore

Used to present the visitor with relevant content and advertisement - The service is provided by third party advertisement hubs, which facilitate real-time bidding for ad vertisers.

 

Analytical/Performance

Functionality

1 Year

For more information visit: https://www.rakuten.com/help/article/privacy-policy-360002101688

SessionCam

Name of Cookie

Why we use it

Type

Expiry

sc.UserId

sc.OptOut

Cookies used to track anonymous data related to website visits.

 

Performance

1 Year

SessionCamTestCookie

Cookie used to test that the SessionCam tool is operational

 

Functional

Immediate

sc.Status

sc.ASP_NET_SESSIONID

Cookies used to track anonymous data related to website visits.

 

Performance

Duration of visit

SessionCam identifies visitors by unique ID and/or IP address. SessionCam collects information such as mouse movements, page scrolling and click activity of individual visitors. Data that is not personally identifiable entered into forms may also be captured. For example, when a visitor ticks a check box or chooses an answer to a multiple choice question. We use the data collected by SessionCam to identify where visitors struggle the most so that we can improve these areas of our website.

For further information, including how to opt out of SessionCam collecting data about how you use our website, please visit https://help.sessioncam.com/hc/en-gb/articles/360004422674-Opt-Out-of-SessionCam .

The Royal Mint

Name of Cookie

Why we use it

 

Expiry

Epi_NumberOfVisits

Tracks the number of pages visitied during a user session.

Analytical/Performance

 

90 Days

trmPages

 

Tracks specific page visits for campaign activity.

Analytical/Performance

 

Expires following the session

country

 

Tracks the users’ country.

Functionality

Expires following the session

ASP.NET_SessionId

 

Uniquily identifies our visitors in order to store products in their basket or provide details about recently viewed products and pages.

Functionality

Expires following the session

Skim Resources

Name of Cookie

Why we use it

Type

Expiry

skimCSP

skimGUID

 

Tracks individual users and is used to optimise advertisement relevance.

 

Targeting

1 Year

For more information visit: https://optout.skimlinks.com/

Twitter

Name of Cookie

Why we use it

Type

Expiry

__widgetsettings

 

Provides functional support for The Royal Mint twitter feeds.

 

Functionality

30 Days

For more information visit: https://help.twitter.com/en/rules-and-policies/twitter-cookies

VE Global UK Limited (VE Interactive)

Name of Cookie

Why we use it

Type

Maximum Expiry

_ngid

_ssid

Uuid

_trid

_adid

Identifies an individual and links product codes to that individual based on their basket contents.

Targeting

1 Year

When you visit our platform and don’t make a purchase, including where you add something to your basket but do not complete the transaction, VE Global UK Limited (VE Interactive) cookies support the sending of an abandonment email asking if you need any assistance. The cookies also help make ads you see after browsing our platform more relevant and interesting to you. To opt-out of the use of your personal information by VE Global UK Limited (VE Interactive), including opting out of these abandonment emails,  visit VE Global UK Limited: How to opt-out of our use of your personal information.  Please note that updating your contact preferences via The Royal Mint preference centre will not opt you out of abandonment emails, you need to opt-out of these on the VE Global UK Limited (VE Interactive) website. For more information visit: https://www.ve.com/cookies-policy .

Yahoo

Name of Cookie

Why we use it

Type

Expiry

B

 

This cookie tracks anonymous data related to website visits.

 

Analytical/Performance

 

1 Year

For more information visit: https://policies.oath.com/ie/en/oath/privacy/index.html

ZenDesk

Name of Cookie

Why we use it

 

Maximum Expiry

ZD-suid

ZD-store

ZD-buid

ZD-currentTime

 

Tracking cookies to provide more information to our customer services team when enquires are made via the ZenDesk tool.

Functionality

1 Year

For more information visit: https://www.zendesk.co.uk/company/customers-partners/cookie-policy/

Zopim

Name of Cookie

Why we use it

 

Maximum Expiry

AWSALB

zte#

Tracks the specific server cluster serving an individuals Zopim live chat.

 

Functionality

1 Year

For more information visit: https://www.zendesk.com/company/customers-partners/cookie-policy/

Third-party cookies

When you visit our platforms you may notice some cookies that aren’t related to us. If you visit a platform page that contains content which is embedded from other organisations, for example YouTube or Vimeo, you may be sent cookies from these organisations. We do not control these cookies and we would suggest that you visit these organisations’ websites to view information about their cookies and how they are used.

We do have relationships with select suppliers who may also set cookies during your visit to be used for marketing purposes, such as showing you our products depending on what you seem to be interested in.

Social Media sharing

If you share our content with friends through social networks – such as Facebook and Twitter, you may be sent cookies from these platforms. We don't control the setting of these cookies, so we suggest you check the third-party websites for more information about their cookies and how to manage them.

 

Who might we share your information with?

While most of our work is done by our employees who access your Personal Data directly from our systems which are under our direct control, we do use third-party service providers to perform certain functions on our behalf.

We have listed below examples of the kind of third- party service providers that we work with. We have also listed examples of the types of information that they may have access to and reasons that we may need to share your Personal Data with them.

Order Fulfilment would have access to your personal data including contact information and the goods and services requested. The purpose for this type of transfer being to prepare and deliver the products and/or services that you have requested. This includes where we arrange for delivery of the goods and/or services ordered by you to be made directly from our third party suppliers (also known as a ‘dropshipping’ arrangement).

Payment Processing would have access to your personal data including contact information, credit/debit card information, and payment details. The purpose for this type of transfer being to process your payment for the products or services provided.

Professional Services would have access to your personal data including contact information. The purpose for this type of transfer being to ensure our compliance with our legal obligations (including anti-money laundering and counter-terrorist financing verification), to assess your suitability for credit (if you have applied for an interest free account), and debt recovery.

Communications and Marketing would have access to your personal data including contact information. The purpose for this type of transfer being to send you information regarding our products and services, analysing data (including removing repetitive or out of date information from customer lists) and providing marketing assistance.

IT Support would have access to the personal data in our custody with which we require support. The purpose for this type of transfer being to resolve IT issues in order to provide the products and services that you have requested.

Data Storage would have access to all the personal data in our custody. The purpose for this type of transfer being to provide us with secure data storage and back-up.

Historical Archiving (The Royal Mint Museum) would have access to your personal data, for example, your name and contact information where you have entered a coin design competition. The purpose for this type of transfer being to keep an historical archive of the work of The Royal Mint.

 

Such companies and individuals will only have access to the personal data needed to perform these functions, they may not use it for any other purposes and are required to process the data in accordance with data protection laws and regulations applicable in the United Kingdom.

For further information on which service providers may have access to your personal data, please contact us.

We will only share your Personal Data with third parties for their own purposes in very limited and specific circumstances.

This will predominately be where you have given your consent at the time of supplying your personal data. For example, we may pass that data to a third party with whom we are collaborating with where you have registered your interest in the product or service. This would be to allow them to send you updates on the product or service and advise you on availability.

Please note that if we are requested by the police, government, regulatory, or other body investigating suspected illegal activities to provide your personal data and/or user details, we are entitled to do so.

 

Do we transfer information between countries?

www.royalmint.com

It may sometimes be necessary to transfer your personal data overseas. When this is needed your personal data may be transferred to countries or territories outside of the EEA. Any transfers made will be in full compliance with all aspects of the data protection laws and regulations applicable in the United Kingdom.

We may only transfer your personal data outside the EEA if one of the following conditions applies:

  • The European Commission has issued a decision confirming that the country to which we transfer personal data ensures an adequate level of protection for the data subject’s rights and freedoms: http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm ;
  • Appropriate safeguards are in place such as binding corporate rules (BCR), model contractual clauses, an approved code of conduct or a certification mechanism;
  • You have provided your explicit consent to the transfer after being informed of any potential risks; or
  • The transfer is necessary for one of the other reasons set out in the GDPR including the performance of a contract between us and you, reasons of public interest, to establish, exercise or defend legal claims, to fulfil our legal or regulatory obligations, or to protect your vital interests where you’re physically or legally incapable of giving consent and, in some limited cases, for our legitimate interests.

For further information on which countries your personal data may be transferred to and the specific safeguards that are in place, contact us.

 

www.royalmintbullion.com

Same details as for www.royalmint.com.

We envisage that we will transfer your personal data to the United States of American and Serbia. This is because we utilise an IT support and data storage provider that is based in the United States of America and this information can also be accessed by a support team based in Serbia. Any transfers are made in full compliance with all aspects of the data protection laws and regulations applicable in the United Kingdom. Model contractual clauses are utilised in this instance to safeguard your Personal Data.

 

How long do we keep hold of your information?

We keep your Personal Data for as long as we need it to satisfy our business and legal requirements; if you hold a customer account normally this is no longer than 6 years after your cease holding an account. Once Personal Data is no longer required, it is either deleted or anonymised.

It is important to note that all employees at The Royal Mint follow an organisation-wide security policy. Only employees authorised are provided access to Personal Data and these employees will have agreed to ensure confidentiality of this information.

Also specifically with respect to debit and credit card information submitted through our websites, we use secure socket layer technology to protect that information.

 

What rights do I have in relation to the Personal Data you hold about me?

Unless subject to an exemption, you have the following rights with respect to your Personal Data:

  • The right to request a copy of your Personal Data which The Royal Mint holds about you;
  • The right to request that we correct any Personal Data if it is found to be inaccurate or out of date;
  • The right to request your Personal Data is erased where it is no longer necessary for us to retain such data;
  • The right to withdraw your consent to the processing at any time where we are relying on your consent as the legal basis for processing your Personal Data;
  • Where applicable, the right to request that we transfer your Personal Data directly to another data controller, (known as the right to data portability);
  • The right, where there is a dispute in relation to the accuracy or processing of your Personal Data, to request a restriction is placed on further processing;
  • The right to object to the processing of Personal Data where processing is based on legitimate interests, the performance of a task in the public interest/exercise of official authority, direct marketing and processing for the purposes of scientific/historical research and statistics;
  • The right to lodge a complaint with the Information Commissioner’s Office.

 

How can I access or correct my Personal Data, request that it be deleted, ask for it to be transferred to another organisation or exercise any of my other rights?  

The majority of the Personal Data that we collect is collected directly from you, in which case you are responsible for its accuracy. We encourage you to tell us as soon as possible if there are any changes to your Personal Data, such as a new address. When information is found to be inaccurate, either through our own checks or following a communication from you, it is updated.

You can update your Personal Data at any time by logging into your account and choosing contact and delivery details.

To update your contact preferences you should select ‘My Account’, ‘Personal Details’, ‘Online Preference Centre’, and ‘Edit’ and amend your marketing preferences accordingly.

Alternatively, contact customer services using the following information:

  • Telephone: 0800 032 2154
  • E-mail: customer.services@royalmint.com
  • Mail: The Royal Mint, Llantrisant, Pontyclun, CF72 8YT

Please note that it may take up to 48 hours (during working days) to update your details.

For further information regarding this policy, to access your Personal Data, request that it be deleted, or ask for it to be transferred to another organisation, please contact the Data Protection Officer by using the above mentioned contact details.

 

How can I make a complaint about how you have handled my Personal Data or responded to a request to exercise my data subject rights?

If you are dissatisfied with the handling of your Personal Data or how we have responded to a request to exercise your data subject rights, you have the right to ask for an internal review.  An internal review will consider whether or not your Personal Data and/or request were handled appropriately, in line with applicable data protection laws and regulations.

Internal review requests should be submitted to the Data Protection Officer by using the contact information above. Internal reviews will be carried out by the Finance Director. We aim to respond within 20 working days of the receipt of the request for an internal review.

If you are dissatisfied with the outcome of the review, then you may seek a review by the Information Commissioner’s Office, which has the powers to uphold or overturn the decision. Please see ICO contact information below.  The Royal Mint will abide by the decisions of the ICO, unless it considers itself to have grounds for an appeal to the First-Tier Tribunal (Information Rights).

  • Website: https://ico.org.uk/
  • E-mail: casework@ico.org.uk
  • Telephone: 03031231113
  • Mail: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Last updated on 27th September 2019.

back to top