What is the policy about?
Your personal data will be processed by TESCO-GLOBAL Áruházak Zártkörűen Működő Részvénytársaság (registered seat: 2040 Budaörs, Kinizsi út 1-3., tax number: 10307078-2-44) being the data controller (hereinafter referred to as “we”, “us”, “company” or "Tesco").
Given that the provision of our services necessarily requires the processing of personal data, we comply with the obligations under the applicable data protection legislation to provide proper information through this privacy and cookie policy ("Privacy Policy"). In the Privacy Policy, we in particular present in detail the characteristics and circumstances of our data processing activity, your rights as a data subject, as well as information on the categories of personal data we process, for what purpose and for how long in the course of providing our services.
This Privacy Policy applies to you if you render our services (the "Service"). In this Privacy Policy, the Service shall mean:
- shopping in our stores;
- using Tesco Online or making purchases using our websites (hereinafter referred to as the "Website") or mobile applications (hereinafter referred to as the "Application") where this Privacy Policy is available;
- being a member of the Clubcard loyalty program (hereinafter referred to as "Clubcard");
- signing up for electronic direct marketing communications that you may receive from us (such as newsletters);
- participating in market research, sweepstakes or events organized by us.
In addition, within the framework of our cooperation with our financial partners, we also make available certain services provided by such partners. These partners have a separate privacy policy for their own services. When using such services, we recommend that you read the privacy policy for the respective service.
Please read this Privacy Policy carefully and, should you have any questions, please contact us electronically via ce.dpo@tesco.com or by post (Data Protection Officer, Legal Department, Tesco-Global Áruházak Zrt. Kinizsi út. 1-3. Budaörs, 2040).
Contact details of the data controller
Name of the data controller |
TESCO-GLOBAL Áruházak Zártkörűen Működő Részvénytársaság |
|
Registered office and mailing address of the data controller |
2040 Budaörs, Kinizsi út 1-3. |
|
Company registration number of the data controller |
13-10-040628 |
|
Name and contact details of the Data Protection Officer |
dr. Ferenczi-Béky József |
|
mailing address |
2040 Budaörs, Kinizsi út 1-3. |
|
email address |
ce.dpo@tesco.com |
Marketing messages that you may see on the internet.
Protection and security of personal data
This part of the Privacy Policy describes the tools we use to protect personal data.
In determining the appropriate level of security, we have considered the risks arising from the data processing activity, in particular from the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. To protect your information, we use computer security tools such as firewalls and data encryption, and we also use physical access protection tools to ensure the security of your data in our buildings and records. Accordingly,
- we only give access to those employees whose work requires it;
- we also protect the security of information when it is transmitted by encrypting the data using Secure Sockets Layer (SSL);
- we use physical, electronic, and process security tools to collect, store, and share personal information. We may also occasionally ask for proof of identity before we share your personal information with you;
- we only display the last 4 numbers from the credit card number when we confirm an order,
- all payment data is encrypted and stored in a safe environment;
- we follow a strict access management policy, and we further strengthen this by controlling access to sensitive data (such as financial data) through advanced technology;
- we follow strict security and safety measures to protect personal data and prevent data leak or loss, or any security incident or data breach;
- we regularly monitor and test our security framework.
While we use the appropriate technical and organizational tools to keep your personal information secure, please note that we cannot guarantee the security of the personal data you transmit over the internet.
Your rights as a data subject
You, as a data subject, may at any time request detailed information about the processing of your personal data or have access to your personal data, request their rectification and, in cases specified in the GDPR, request their deletion or the restriction of processing, object to the processing of personal data and exercise your right to data portability. You also have the right to lodge a complaint with any supervisory authority if you consider that our company is violating the provisions of the GDPR when processing personal data concerning you. You may exercise your rights as follows:
Right to be informed and right of access (Art. 15 of the GDPR)
You have the right to obtain from the company, at your request, confirmation as to whether or not personal data concerning you are being processed and access to the personal data and information. We will provide you with information about your personal data free of charge. We will respond to your request in writing within one month.
Right to rectification (Art. 16 of the GDPR)
If the personal data we process is not accurate, we will correct it at your request without undue delay. You also have the right to request that incomplete personal data be completed by means of a statement to that effect.
Right to erasure (Art. 17 of the GDPR)
We will delete your personal data without delay if:
- processing the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the processing of personal data is unlawful;
- it is necessary to erase the data in order to comply with a legal obligation to which our company is subject;
- if the consent to the processing of data on a child under the age of 16 in connection with the offer of information society services has not been given or authorised by the holder of parental responsibility over the child;
- if the personal data has been disclosed.
Right to restrict processing (Art. 18 of the GDPR)
Processing may be restricted if:
- you dispute the accuracy of your data; in this case, we shall restrict the processing of your personal data for the period up to the time such data is established as correct;
- the processing is unlawful and you request the restriction of use instead of erasure;
- you require retaining your data for the establishment of legal claims;
- you have objected to the processing of your personal data to the extent that the consideration of the objection has been carried out.
Right to data portability (Art. 20 of the GDPR)
We will provide you with a copy of your personal data upon your request. If you have submitted the request electronically, the information will be provided in a commonly used electronic format (e.g. .doc or .pdf format), unless you request otherwise.
Right to object (Art. 21 of the GDPR)
You, as the data subject, may object to the data processing activity at any time through the contact details indicated in this Privacy Policy above, for reasons related to your own situation, if:
- you take the view that we do not process your personal data properly in connection with the purpose indicated in this Privacy Policy;
- such activity is based on a legitimate interest, in which case the processing cannot be continued unless there are compelling legitimate grounds overriding the interests, rights and freedoms of the data subject or for reasons relating to the establishment, exercise or defense of legal claims;
What remedies are available to you?
If you consider that, in the course of the processing of your personal data, our company infringes the provisions of the GDPR, you, being the data subject, have the right to lodge a complaint with a supervisory authority (i.e. a public authority established by any Member State of the EU pursuant to Article 51 of the GDPR), in particular in the Member State of your habitual residence, place of work or place of the alleged infringement. In Hungary, the supervisory body established in accordance with the criteria set out in Article 51 of the GDPR is the National Authority for Data Protection and Freedom of Information (hereinafter referred to as the "Authority"). Accordingly, in the section below we inform you of the details and the possibility of making a complaint before the Authority. Notwithstanding this, please note that you are entitled to lodge a complaint not only with the Authority, but also with any supervisory authority established in any Member State.
Notification before the Authority
Compliance with data protection legislation is supervised by the National Authority for Data Protection and Freedom of Information. If you consider that our data processing does not comply with applicable law, or if you consider that there is an imminent risk of this happening, you can report it to the Authority using the following contact details.
Name of the authority: National Authority for Data Protection and Freedom of Information
Address: 1055 Budapest,Falk Miksa utca 9-11
Postal address: 1363 Budapest, Pf.: 9.
Email address: ugyfelszolgalat@naih.hu
Phone number: +36 1 391 1400
Fax number: +36 1 391 1410
Further information on data protection issues can be found on the Authority's website: http://naih.hu/
Judicial enforcement
Further to the above, you can go to court, which will deal with the case as a matter of priority. In this case, you are free to decide whether to file your application with the competent court of your place of residence (permanent address) or residence (temporary address), as well as the seat of the Authority. You can contact the tribunal of your place of residence or residence on the http://birosag.hu/ugyfelkapcsolatiportal/birosag-kereso page.
Using Tesco Online
Scope of personal data processed
When you make a purchase online, the following data is obtained and processed:
- Identification information about you: full name, shipping address, telephone number and email address;
- Data related to your registration: login data and password, date of registration, date of birth, the fact that you, as a customer, are a Clubcard member (yes/no);
- Information about your online orders: contents of your shopping cart, time of purchase, method of payment, applied coupons and/or discounts, number of Clubcard points awarded for the purchase (if the customer is a Clubcard member), certain information about the card used for payment (in case of card payment);
- Device information (identification of the device you used to use our Services): model, operating system, IP address, browser type, and other information that we process in accordance with your cookie settings;
- payment information: card data (such as PAN, card type, and expiration date); customer name and billing address; customer’s intent to pay now or save for later.
Tesco does not process any data belonging to special category of personal data during the data processing activity.
Purpose and legal basis
We process the personal data indicated above in order to achieve the following purposes and on the following legal basis:
- The provision of the service and the delivery of the ordered goods, in which case the legal basis for data processing is Article 6 (1) b) of the GDPR (i.e. performance of the contract);
- If you have given us your consent for marketing purposes, we will use your personal data to send you marketing messages (depending on your consent by e-mail, SMS, post or online advertising), in which case the legal basis for the processing is Article 6 (1) a) of the GDPR (i.e. your consent). In this context, the purpose of data processing is to provide you with personalized offers about our products and services, including the Clubcard loyalty program and the Tesco Online service, as well as about the offers of our suppliers, Tesco Partner companies and the Tesco Group. As part of this, online advertisements are visible on the Websites operated by the Tesco Group and on the websites of other organizations, as well as through online media channels (including, for example, Google AdWords). In addition, we can also measure the effectiveness of our own marketing communications and, similarly, the effectiveness of the communications of our suppliers and Tesco Partners. You can withdraw your consent at any time using one of the above contact details and the link in the marketing message.
- In order to provide technological support during online shopping (for example, to ensure that the website is displayed correctly), in which case the legal basis for the processing of the device information is Article 6 (1) f) of the GDPR (i.e. legitimate interest of our company);
- If you have given us your consent, we will store and use your payment details for future orders and future payment, in which case the legal basis for the processing is Article 6 (1) a) of the GDPR (i.e. the operation is based on your consent).
Retention period
We process your data processed for the performance of the contract for 24 months (as the time required to achieve the aforementioned purpose). After that, the transaction data will be anonymized and stored for a period of time in accordance with the applicable law.
As regards the personal data processed on the basis of your consent, we process such data until the withdrawal of the consent. With regard to the personal data processed on the basis of our legitimate interest, we process such personal data for 36 months in order to achieve our legitimate interest.
Data processors
The personal data we collect may be shared with other companies within the Tesco Group or may be shared with us by other companies within the Tesco Group. For example, we share personal data with other companies within the Tesco Group as specified below.
The following companies help us to provide our Services to you, as these companies act on our behalf (as data processors) when they process your personal data:
- TESCO Stores CR a.s. (Czech Republic, Vršovická 1527/68b, 100 00 Prague 10; registration number: 45308314; contact details of the data protection officer: dpo@tesco.com)
- TESCO STORES SR, a.s. (Slovakia, Cesta na Senec 2, 821 04, Bratislava; registration number: 31 321 828; contact details of the data protection officer: dpo@tesco.com) which helps us to provide our Services to our customers, including in particular the Support of IT systems operating the Clubcard loyalty program, the Tesco Online Service and electronic direct marketing (e.g. Tesco newsletter).
- Dunnhumby Ireland ltd. (Ireland, Dublin; Floor 3, Building 2, Harbour Square Crofton Road, Dun Laoghaire Co): Dunnhumby processes shopping data to help us distribute coupons and discounts and to better understand our customers and make the customer experience more personal.
Transfer of data to a third country
Your personal data will not be transferred to any person or organisation outside the European Union, except in relation to data collected by third-party Cookies and in the event that you have consented to this by accepting that Cookie.
Automated decision-making and profiling
Your personal data will not be used by Tesco for automated decision-making. Profiling takes place if you have given your consent for the purpose of personalised advertisements and offers.
Clubcard
Scope of personal data processed
If you have registered for our Clubcard loyalty program, the following data will be collected and processed:
- Identification data relating to you: full name, permanent and shipping address, telephone number and email address, date of registration, date of birth, Clubcard number;
- Information about your purchases: information about whether you have made a purchase in person or online, in the case of a personal purchase: information about our stores you have purchased in, the contents of the shopping cart, the date of purchase, the method of payment, the applied coupons and/or discounts, the number of Clubcard points awarded for the purchase, certain information about the card used for payment (in the case of card payment);
- Marketing data processing: information on whether you have consented to receive tailored offers.
Tesco does not process any data belonging to a special category of personal data during the processing.
Purpose and legal basis
We process the personal data indicated above in order to achieve the following purposes and on the following legal basis:
- The provision of the Clubcard loyalty program service, in which case the legal basis for data processing is Article 6 (1) b) of the GDPR (i.e. performance of the contract);
- If you have given us your consent for marketing purposes, we will use your personal data to send you marketing messages (depending on your consent by e-mail, SMS, post or online advertising), in which case the legal basis for the processing is Article 6 (1) a) of the GDPR (i.e. your consent). In this context, the purpose of data processing is to provide you with personalized offers about our products and services, including the Clubcard loyalty program and the Tesco Online service, as well as about the offers of our suppliers, Tesco Partner companies and the Tesco Group. As part of this, online advertisements are visible on the Websites operated by the Tesco Group and on the websites of other organizations, as well as through online media channels (including, for example, Google AdWords). In addition, we can also measure the effectiveness of our own marketing communications and, similarly, the effectiveness of the communications of our suppliers and Tesco Partners. You can withdraw your consent at any time using one of the above contact details and the link in the marketing message.
- Monitoring the use of Clubcard in order to prevent abuse of the loyalty program, in which case the legal basis for data processing is Article 6 (1) f) of the GDPR (i.e. legitimate interest of our company).
Retention period
We process your data processed for the performanceof the contract for 24 months (as the time required to achieve the aforementioned purpose). After that, the transaction data will be anonymized and stored for a period of time in accordance with the applicable law.
With regard to the personal data processed on the basis of your consent, we process it until the withdrawal of your consent. With regard to the personal data processed on the basis of our legitimate interest, we process your personal data
- for a period of 36 months in relation to the monitoring of market activity, and
- until the termination of your membership of Clubcard in order to prevent abuse of the Clubcard loyalty program.
Data processors
The personal data we collect may be shared with other companies within the Tesco Group or may be shared with us by other companies within the Tesco Group. For example, we share personal data with other companies within the Tesco Group below.
Tesco companies in Central Europe
The following companies help us to provide our Services to you, as these companies act on our behalf (as data processors) when they process your personal data:
- TESCO Stores CR a.s. (Czech Republic, Vršovická 1527/68b, 100 00 Prague 10; registration number: 45308314; contact details of the data protection officer: dpo@tesco.com)
- TESCO STORES SR, a.s. (Slovakia, Cesta na Senec 2, 821 04, Bratislava; registration number: 31 321 828; contact details of the data protection officer: dpo@tesco.com) which helps us to provide our Services to our customers, including in particular the Support of IT systems operating the Clubcard loyalty program, the Tesco Online Service and electronic direct marketing (e.g. Tesco newsletter).
- Dunnhumby Ireland ltd. (Ireland, Dublin; Floor 3, Building 2, Harbour Square Crofton Road, Dun Laoghaire Co): Dunnhumby processes shopping data to help us distribute coupons and discounts and to better understand our customers and make the customer experience more personal.
Transfer of data to a third country
Your personal data will not be transferred to any person or organisation outside the European Union, except in relation to data collected by third-party Cookies and in the event that you have consented to this by accepting that Cookie.
Automated decision-making and profiling
Your personal data will not be used by Tesco for automated decision-making. Profiling takes place if you have given your consent for the purpose of personalised advertisements and offers.
Complaint handling (via the customer support)
Scope of personal data processed
During the complaint handling procedure, the following data is obtained and processed:
- Your contact information: full name, phone number and email address;
- Data related to the complaint as well as the data contained in the complaint and the following information about the complaint:
- name and address of the consumer;
- place, time and method of lodging the complaint;
- a detailed description of the consumer's complaint, a list of documents and other evidence presented by the consumer;
- a statement by the business about its position on the consumer's complaint, if it is possible to investigate the complaint immediately;
- the signature of the person drawing up the minutes and, with the exception of an oral complaint placed via telephone or by other electronic means, of the consumer;
- place and date of recording of the minutes;
- in the case of an oral complaint placed via telephone or other electronic communications service, the unique identification number of the complaint.
- A recorded audio recording of a complaint made orally through our call centre.
Tesco does not process any data belonging to a special category of personal data during the processing.
Purpose and legal basis
We process the personal data indicated above in order to achieve the following purposes and on the following legal basis:
- In connection with the complaint, we process some of your personal data for contact and information purposes, in which case the legal basis for the processing is Article 6 (1) b) of the GDPR (i.e. performance of the contract);
- If you have submitted your complaint orally through our call centre, we will record the telephone conversation with our staff, the legal basis of which is Article 6 (1) c) of the GDPR (i.e. compliance with a legal obligation to which the data controller is subject). The retention of an audio recording of a telephone conversation with our employees is required by Section 17/B (3) of Act CLV of 1997 on Consumer Protection;
- We will keep the record of the complaint and a copy of the reply, the legal basis of which is Article 6 (1) c) of the GDPR (i.e. compliance with a legal obligation to which the controller is subject). The retention of a copy of the report of the complaint and the reply is required by Section 17/A (7) of Act CLV of 1997 on Consumer Protection;
- Improving our complaint handling procedure in order to provide better support, in which case the legal basis for data processing is Article 6 (1) f) of the GDPR (i.e. legitimate interest of our company).
Time of data processing
The minutes of the complaint and a copy of the reply will be kept by our company for three years. If you have submitted your complaint orally through our call center, we will keep an audio recording of the telephone conversation with our colleagues for 5 years.
We will keep your contact details handled in connection with the complaint for 5 years. In order to improve our complaint handling procedure, we process your personal data for 3 months after the complaint has been resolved, after which the data will be anonymized.
Data processors
The personal data we collect may be shared with other companies within the Tesco Group or may be shared with us by other companies within the Tesco Group. For example, we share personal data with other companies within the Tesco Group below.
The following Tesco companies in Central Europe help us to provide our Services to you, as these companies act on our behalf (as data processors) when processing your personal data:
- TESCO Stores CR a.s. (Czech Republic, Vršovická 1527/68b, 100 00 Prague 10; registration number: 45308314; contact details of the data protection officer: dpo@tesco.com)
- TESCO STORES SR, a.s. (Slovakia, Cesta na Senec 2, 821 04, Bratislava; registration number: 31 321 828; contact details of the data protection officer: dpo@tesco.com) which helps us to provide our Services to our customers, including in particular the Support of IT systems operating the Clubcard loyalty program, the Tesco Online Service and electronic direct marketing (e.g. Tesco newsletter).
Transfer of data to a third country
Your personal data will not be transferred to any person or organisation outside the European Union.
Automated decision-making and profiling
When processing your personal data, Tesco does not carry out any data processing activities involving an automated decision-making process or profiling.
Participation in competitions, market research and events organized by Tesco
Scope of personal data processed
If you enter into a contest, market research or other event organized by Tesco (hereinafter collectively referred to as the "Promotion"), the following data will be collected and processed:
- Identification Information about you: your full name, phone number and email address and other information in accordance with the terms and conditions applicable to the relevant Promotion;
- Other information you provide to us during the Promotion.
Tesco does not process any data belonging to a special category of personal data during the processing.
Purpose and legal basis
We process the personal data indicated above on the basis of Article 6 (1) a) of the GDPR (i.e. on the basis of your consent).
Retention period
We process your personal data for the time necessary to achieve the aforementioned purpose. Due to the fact that this purpose is different during each Promotion, we will inform you about the duration of the data processing in the terms and conditions of the respective Promotion.
Data processors
The personal data we collect may be shared with other companies within the Tesco Group or may be shared with us by other companies within the Tesco Group. For example, we share personal data with other companies within the Tesco Group below.
The following Tesco companies in Central Europe help us to provide our Services to you, as they act on our behalf (as data processors) when processing your personal data:
- TESCO Stores CR a.s. (Czech Republic, Vršovická 1527/68b, 100 00 Prague 10; registration number: 45308314; contact details of the data protection officer: dpo@tesco.com)
- TESCO STORES SR, a.s. (Slovakia, Cesta na Senec 2, 821 04, Bratislava; registration number: 31 321 828; contact details of the data protection officer: dpo@tesco.com) which helps us to provide our Services to our customers, including in particular the Support of IT systems operating the Clubcard loyalty program, the Tesco Online Service and electronic direct marketing (e.g. Tesco newsletter).
Transfer of data to a third country
Your personal data will not be transferred to any person or organisation outside the European Union.
Automated decision-making and profiling
When processing your personal data, Tesco does not carry out any data processing activities involving an automated decision-making process or profiling.
Newsletter
Scope of personal data processed
If you subscribe to our newsletters, the following data will be obtained and processed:
- Identification information about you: full name, telephone number, delivery address, email address;
- Form of contact with regard to the newsletter (e-mail address and/or SMS)
Tesco does not process any data belonging to a special category of personal data during the processing.
Purpose and legal basis
We process the personal data indicated above in order to achieve the following purposes and on the following legal basis:
- If you have given us your consent for marketing purposes, we will use your personal data to send you marketing messages (depending on your consent, by e-mail, SMS, post or online advertising), in which case the legal basis for the processing is Article 6 (1) a) of the GDPR (i.e. based on your consent). In this context, the purpose of data processing is to provide you with personalized offers about our products and services, including Clubcard and Tesco Online, as well as offers from our suppliers, Tesco Partner companies and the Tesco Group. As part of this, online advertisements are visible on the Websites operated by the Tesco Group and on the websites of other organizations, as well as through online media channels (including, for example, Google AdWords). In addition, we can also measure the effectiveness of our own marketing communications and, similarly, the effectiveness of the communications of our suppliers and Tesco Partners. You can withdraw your consent at any time using one of the above contact details and the link in the marketing message.
Retention period
We process your personal data until you withdraw your consent.
Processors and recipients of data transfers
The personal data we collect may be shared with other companies within the Tesco Group or may be shared with us by other companies within the Tesco Group. For example, we share personal data with other companies within the Tesco Group below.
The following companies help us to provide our Services to you, as these companies act on our behalf (as data processors) when processing your personal data:
- TESCO Stores CR a.s. (Czech Republic, Vršovická 1527/68b, 100 00 Prague 10; registration number: 45308314; contact details of the data protection officer: ce.dpo@tesco.com)
- TESCO STORES SR, a.s. (Slovakia, Cesta na Senec 2, 821 04, Bratislava; registration number: 31 321 828; contact details of the data protection officer: ce.dpo@tesco.com) which helps us to provide our Services to our customers, including in particular the Support of IT systems operating the Clubcard loyalty program, the Tesco Online Service and electronic direct marketing (e.g. Tesco newsletter).
Transfer of data to a third country
Your personal data will not be transferred to any person or organisation outside the European Union.
Automated decision-making and profiling
When processing your personal data, Tesco does not carry out any data processing activities involving an automated decision-making process or profiling.
Personal shopping in our stores
Scope of personal data processed
When you make a personal purchase in one of our stores, the following data is obtained and processed:
- Your image generated during the operation of the camera surveillance system (CCTV)
Tesco does not process any data belonging to a special category of personal data during the processing.
In relation to the personal data processed in connection with the operation of the camera surveillance system (CCTV), we also inform the data subjects about the characteristics and circumstances of the data processing activity by means of separate privacy notices (first layer and second layer notices).
Purpose and legal basis
We process the personal data indicated above in order to achieve the following purposes and on the following legal basis:
- In our stores, for reasons of personal and property protection, we operate a camera surveillance system (CCTV). The legal basis for the data processing activity is Article 6 (1) f) of the GDPR (i.e. the legitimate interest of our company).
Time of data processing
Depending on the purpose and place of the given camera (e.g. whether or not it records a cash transferring route), your personal data will be processed for 3-30 days. In case of a request for retention, a case detected by our staff or an official request, the camera recordings will be saved. In this case, the period of retention of the data also depends on the type of procedure in question (i.e. internal or external procedure, official procedure), as well as on the length of such procedure.
Data processors
Our company uses the services of a third-party service provider in order to perform personal and property protection tasks, as well as to operate the camera surveillance system (CCTV). In doing so, the above-mentioned personal data is processed on behalf of our company by the service provider and thus qualifies as a data processor in accordance with the provisions of the GDPR. The contact details of the data processor are as follows:
Name of the data processor: Terminal-Log Kft.
Registered seat of the data processor: 1201 Budapest, Helsinki út 81.
Registered branch of the data processor: 1181 Budapest Közdűlő út 1-3.
Contact details of the data processor: Telefon / fax: 06-1 / 291–5340; mobile: 06-30/274-7372
Transfer of data to a third country
Your personal data will not be transferred to any person or organisation outside the European Union.
Automated decision-making and profiling
When processing your personal data, Tesco does not carry out any data processing activities involving an automated decision-making process or profiling.
Job seekers
Scope of personal data processed
- Information about you: name and surname, permanent address, telephone and e-mail, date of birth, photo (if you decide to include a photo in your CV);
- Information about your education and professional qualifications: the educational institutions you attended, degrees and certificates obtained;
- Information about your preferences (e.g. short- and long-term goals);
- Information obtained during the selection procedure: information obtained during the selection interviews (feedback from the persons who conducted the selection interviews and notes recorded during them) or from the correspondence with you in connection with the selection process;
- Information about you from publicly available sources (public registers, LinkedIn, Twitter, etc.);
- Any other personal data you voluntarily choose to provide to us.
Tesco does not process any data belonging to a special category of personal data during the processing.
Purpose and legal basis
We process the personal data indicated above in order to achieve the following purposes and on the following legal basis:
- In the selection of a suitable candidate for the post to be filled to the extent strictly necessary to fulfil the foregoing on the basis Article 6 (1) a) of the GDPR (i.e. based on your consent),
- If you have given us your consent to include your personal data in our candidate database, we will use your personal data to send you job vacancies which may be relevant for you based on your qualification and professional background, in which case the legal basis for the processing is Article 6 (1) a) of the GDPR (i.e. based on your consent).
Retention period
Your personal data will be processed until you withdraw your consent, but no later than 1 month after the end of the application process (i.e. filling the advertised position), or, in case of a separate consent for this purpose (i.e. for future recruitment purposes), up to 1 year after the end of the application process (i.e. filling the advertised position).
Processors and recipients of data transfers
The personal data we collect may be shared with other companies within the Tesco Group or may be shared with us by other companies within the Tesco Group. For example, we share personal data with other companies within the Tesco Group below.
The following companies help us to provide our Services to you, as these companies act on our behalf (as data processors) when processing your personal data:
- TESCO Stores CR a.s. (Czech Republic, Vršovická 1527/68b, 100 00 Prague 10; registration number: 45308314; contact details of the data protection officer: ce.dpo@tesco.com)
- TESCO STORES SR, a.s. (Slovakia, Cesta na Senec 2, 821 04, Bratislava; registration number: 31 321 828; contact details of the data protection officer: ce.dpo@tesco.com)
- TESCO-BST Üzleti és Technológiai Szolgáltatások Zártkörűen Működő Részvénytársaság (1138 Budapest, Váci út 187.registration number: 01-10-140160; contact details of the data protection officer: ComplianceOffice_TBS_CE@tesco.com)
Transfer of data to a third country
Your personal data will not be transferred to any person or organisation outside the European Union.
Automated decision-making and profiling
When processing your personal data, Tesco does not carry out any data processing activities involving an automated decision-making process or profiling.
Cookies and similar technologies
How do we use Cookies?
Cookies are small text files that contain a unique identifier that is stored on your computer or mobile device so that the device you are using can be recognized when you visit a particular website or use an application. Cookies may be used for the duration of your visit to a particular site or to measure how you use the service and content from time to time. Cookies help us to display important features and functions used on our Websites and mobile Applications, and to improve your customer experience.
What Cookies do we use?
Cookies can be distinguished by several criteria. Depending on who creates and processes a particular Cookie, we can divide these text files into two categories:
- The so-called first-party cookies are created directly by websites or scripts located on the same domain address. Most often they are used to provide the basic functions of the website.
- Third-party cookies are created by other websites. These sites have certain content on the website you visit, such as ads, images, or videos.
Cookies can also be divided according to their lifetime:
- Session cookies. Session cookies are temporary and are only stored on your device until you stop browsing on your Internet browser and are deleted after you close them. These cookies are necessary for the proper functioning of the website or related applications.
- Persistent cookies. We may use persistent cookies to make our website easier and more convenient to navigate (for example, for easier and faster navigation). These cookies remain in your browser for a longer period of time or until you delete them manually. The length of this period depends on the selected settings of your Internet browser. Persistent cookies allow information to be transmitted to an Internet server every time you visit a website.
According to the purpose of use, cookies can be divided into:
- Necessary cookies (cookies that provide basic functionality and are necessary for the operation of the website). These include, for example, cookies that allow you to log in to secure areas of our website. These cookies do not collect information about users that can be used for marketing purposes or to remember what pages users have visited on the Internet.
- Performance cookies. We use performance cookies to improve the functionality of the website. These cookies collect information about how visitors use the website, such as which pages visitors visit most often and whether they receive error messages from the website. They also allow us to record and count the number of visitors to the website, which allows us to track how visitors use the website. These cookies do not collect information that would allow the user to be personally identified. The information these cookies collect is aggregated and anonymous.
- Functional cookies. Functional cookies facilitate the operation of the website and improve the functions of the website. They are used to activate certain features of the website (e.g. video playback) and to adjust them according to your choices (e.g. language) in order to improve your experience on the website. In the same way, we use functional cookies to save your settings about the website, which may be useful the next time you visit the website. Functional cookies do not collect information that can identify you.
- Targeted advertising (profiling) cookies. The targeting cookie is used to track your preferences when you are using the website and to send you personalized advertising messages based on your preferences.
Your choices about Cookies
Web browser cookies
In your browser settings, you can accept or reject new cookies and delete existing cookies. You can also set your browser to notify you every time new cookies are placed on your computer or other device. You can find more information about managing cookies in the 'help' function of your browser.
If you turn off certain cookies, you will not be able to use all the features of our Websites. For example, in certain cases, you won’t be able to add products to your cart, log out, or use products and services that require you to log in.
You can also change your settings for advertising-related cookies used through the Service Providers listed in the table below or by visiting the “YourOnlineChoices” website. When we place personalized advertisements that link to other organizations' websites, the AdChoices icon is usually displayed. If you click on this icon, you will find a special leaflet on how to manage your online advertising preferences. For more information, visit youradchoices.
Mobile applications
Cookies work differently in mobile applications because they are embedded in the applications, using a unique identifier generated by your mobile device to render advertising activities. You can turn off or reset this advertising ID in the privacy settings of your mobile device.
We use the following Cookies to provide our services
Name of cookie |
Cookie category |
Cookie description |
Cookie validity period |
_dc_gtm_UA-25761063-8 |
Basic functionality cookie |
This cookie is associated with websites that use google tag manager to load other scripts and codes on a page. |
1 minute |
_dc_gtm_UA-51817409-1 |
Basic functionality cookie |
This cookie is associated with websites that use google tag manager to load other scripts and codes on a page. |
1 minute |
_dc_gtm_UA-74095788-1 |
Basic functionality cookie |
This cookie is associated with websites that use google tag manager to load other scripts and codes on a page. |
1 minute |
PHPSESSID |
Basic functionality cookie |
A cookie created by applications based on the PHP language. This is a general-purpose identifier that is used to maintain user session variables. |
Session |
_abck |
Basic functionality cookie |
This cookie is used to analyze traffic to determine if it is an automated traffic generated by IT systems or a human user. |
1 year |
_dc_gtm_UA-78705252-7 |
Basic functionality cookie |
This cookie is associated with websites that use google tag manager to load other scripts and codes on a page. |
1 minute |
ak_bmsc |
Performance cookie |
Used by Akamai to optimize site performance and security. |
2 hours |
ADRUM |
Performance cookie |
AppDynamics - the browser's performance management tool uses these cookies to collect web performance data and IP addresses. |
Session |
_gid |
Performance cookie |
This cookie is set by Google Analytics. It stores and updates a unique value for each page you visit and is used to count and track page views. |
1 day |
_ga |
Performance cookie |
We use this cookie to distinguish unique users by assigning a randomly generated number as the customer ID. |
2 years |
A3 |
Targeting (advertising) cookie |
Yahoo targeting cookies. |
1 year |
umeh |
Targeting (advertising) cookie |
Enable the bidding process. |
3 months |
CMRUM3 |
Targeting (advertising) cookie |
These cookies are related to the promotion and tracking of products viewed by users. |
1 year |
IDSYNC |
Targeting (advertising) cookie |
This cookie provides information about how the end user uses the website and any advertisements that the end user may have seen before visiting said website. |
1 year |
_gcl_au |
Targeting (advertising) cookie |
Google AdSense uses this cookie to experiment with ad effectiveness on sites that use their services |
3 months |
anj |
Targeting (advertising) cookie |
This cookie contains data that indicates whether the cookie ID is synchronized with an AppNexus partner. |
3 months |
_fbp |
Targeting (advertising) cookie |
Meta uses it to provide a series of advertising products, such as real-time bidding from third-party advertisers |
3 months |
YSC |
Targeting (advertising) cookie |
This cookie is set by YouTube to track the views of embedded videos. |
Session |
Goes |
Targeting (advertising) cookie |
This cookie is set by Doubleclick and stores information about how the end user uses the website and any advertisements that the end user may have seen before visiting said website |
1 year |
tuuid_lu |
Targeting (advertising) cookie |
It contains a unique visitor ID that allows Bidswitch.com to track the visitor on multiple websites. This allows Bidswitch to optimize the relevance of ads and ensure that the visitor does not see the same ads more than once. |
3 months |
tuuid |
Targeting (advertising) cookie |
This cookie is set primarily by the bidswitch.net to make advertising messages more relevant to the website visitor. |
3 months |
The United States |
Targeting (advertising) cookie |
It is used to target ads by registering the user's movement between sites. |
12 months 2 days |
CMPRO |
Targeting (advertising) cookie |
These cookies are related to the promotion and tracking of products viewed by users. |
3 months |
CMID |
Targeting (advertising) cookie |
These cookies are related to the promotion and tracking of products viewed by users. |
1 year |
test_cookie |
Targeting (advertising) cookie |
This cookie is set by DoubleClick (which is owned by Google) to determine whether the browser of the website visitor supports cookies. |
15 minutes |
uuid2 |
Targeting (advertising) cookie |
This cookie allows targeted advertising through the AppNexus platform – it collects anonymous data about the IP extension for ad views, page views, and more. |
3 months |
tuuid |
Targeting (advertising) cookie |
This cookie is set primarily by the bidswitch.net to make advertising messages more relevant to the website visitor. |
1 year |
VISITOR_INFO1_LIVE |
Targeting (advertising) cookie |
This cookie is set by Youtube to track the user preferences of Youtube videos embedded in websites; |
6 months |
uid |
Targeting (advertising) cookie |
This cookie provides a uniquely assigned, computer-generated user ID and collects data about your activity on the website. This data may be sent to a third party for analysis and reporting. |
1 year |
WE |
Targeting (advertising) cookie |
This cookie is widely used by Microsoft as a unique user ID. It can be set using embedded Microsoft scripts. It is widely believed to synchronize different Microsoft domains, allowing you to track users. |
1 year |
tuuid_lu |
Targeting (advertising) cookie |
It contains a unique visitor ID that allows Bidswitch.com to track the visitor on multiple websites. This allows Bidswitch to optimize the relevance of ads and ensure that the visitor does not see the same ads more than once. |
1 year |
at |
Targeting (advertising) cookie |
Enable the bidding process. |
3 months |
CMST |
Targeting (advertising) cookie |
It collects visitor data in connection with the user's visits to the website, such as the number of visits, the average time spent on the website and the pages loaded, for the purpose of displaying targeted advertisements. |
1 day |
CMPS |
Targeting (advertising) cookie |
These cookies are related to the promotion and tracking of products viewed by users. |
3 months |
bm_sz |
Functional cookie |
Functional cookie placed by Mailchimp to manage and control the list |
4 hours |
Name of cookie |
Cookie category |
Purpose of cookie |
Cookie validity period |
ak_bmsc |
Performance cookie |
Used by Akamai to optimize site performance and security |
2 hours |
_ga |
Performance cookie |
We use this cookie to distinguish unique users by assigning a randomly generated number as the customer ID. |
2 years |
_gid |
Performance cookie |
This cookie is set by Google Analytics. It stores and updates a unique value for each page you visit and is used to count and track page views. |
1 day |
_gat_gtag_UA_48062343_16 |
Targeting (advertising) cookie |
This cookie is part of Google Analytics and is used to limit requests (throttle request rate). |
1 minute |
Name of cookie |
Cookie category |
Purpose of cookie |
Cookie validity period |
ak_bmsc |
Performance cookie |
Used by Akamai to optimize site performance and security |
2 hours |