Privacy Policy
PRIVACY AND COOKIE POLICY
This notice describes how Young & Co.’s Brewery, P.L.C., and its group of companies, (we, us or our) use cookies and collect (and then process) personal data obtained from you when you visit our websites or use our mobile application, On Tap (together our Digital Applications).
You acknowledge and agree that your personal data may be processed in accordance with this policy. Without this, we will be unable to provide you with certain marketing communications.
1. INTRODUCTION
We are the data controller in respect of any personal data we collect about you.
We have appointed a data protection officer who is responsible for monitoring our data protection compliance.
2. COLLECTION OF YOUR PERSONAL DATA
We collect and process the following information about you; this is for the purposes explained in section 3.
Information you give us
Name, email address (personal and/or work), postal address, encrypted password(s), telephone number(s), date of birth, gender, interests, preferences, and competition entry details and answers
Information automatically collected from you
When you visit or use any of our Digital Applications, we automatically collect certain information from you (the majority of which is from a server log), including:
geo-location data
operating system and browser type
domain name requested
server log details
browser language
access times
application version, platform and settings
URL of the website you visited before browsing to our websites
time you spent on each page visited
URLs of the pages you visited on our websites
IP address used to connect your computer or mobile device to the internet
other information about your use of and actions on our websites
We may record or monitor calls, emails, text messages and other correspondence for training purposes to improve the quality of our offering and to prevent and detect fraud.
Information collected from third parties
Google analytics – collects information about how visitors use our Digital Applications.Doubleclick (Data collection for Google Adwords) – collects information about how visitors use our Digital Applications.Authentication information – see section 10
3. USE OF YOUR PERSONAL DATA
We may use your personal data for any or all of the following purposes:
to provide a high level of customer service (including assisting with any of your enquiries and bookings) and to notify you of any security and data breach alerts, and technical notices (including services messages and updates to our Digital Applications and terms);
to help operate, maintain and improve our offering and our Digital Applications;
to communicate with you about our offers, promotions, upcoming events, reviews and other news or those of our selected partners – this may be via email, telephone, text message and/or push notification – you can change your marketing preferences (including the way in which we contact you) by visiting our preference centre – see section 12*;
to facilitate profiling, segmentation and personalisation – these may be based on location, preferences, interests and past actions (including in-pub purchases, hotel stays and restaurant bookings);
to meet our legal obligations and for establishing, exercising or defending our legal rights;
to compile reports and to help us understand and improve our Digital Applications; and
to enable us to carry out targeted online advertising more likely to be relevant to you.
For more information about our use of cookies and other similar technologies, see section 11.
4. SHARING OF YOUR PERSONAL DATA
We sometimes need to share the personal information we process with other organisations and, where necessary or required, we may share your personal data with the following categories of third parties:
service providers and suppliers assisting with our business activities, business associates, customers, payment services providers, hosting providers, providers of IT support, advertising platforms, providers of booking systems, providers of cloud-based software or services used by us, accounting firms and law firms;
ombudsman, regulators, public authorities and security organisations, such as the police, HM Revenue & Customs and the Information Commissioner’s Office, to the extent required by law, regulation, court order or if necessary to establish, exercise or defend our legal rights, including if we suspect fraud or attempted fraud;
companies in the same group as us;
current, past and prospective employers, recruitment and employment agencies, trade and employer associations and professional bodies and educators and examining bodies;
financial organisations and advisors, credit reference agencies, debt collection and tracing agencies, and tenants;
staff including volunteers, agents and temporary and casual workers;
family, associates and representatives of the person whose personal data we are processing;
Furthermore, if this data is collected as part of an application process via
https://www.youngs.co.uk/work-with-us or
https://youngsrecruitment.co.uk/
we may also share this data with the following:
current, past and prospective employers, recruitment and employment agencies, trade and employer associations and professional bodies and educators and examining bodies;
5. TRANSFER OF YOUR PERSONAL DATA OUTSIDE OF THE UK OR THE EUROPEAN ECONOMIC AREA (EEA)
Some third parties to whom we may transfer your personal data may be located outside of the UK or the EEA. In the event of a transfer, we will seek to ensure that appropriate safeguards to protect your data are in place which could include entering into a data transfer agreement with such third parties to ensure adequate protection for your information. Examples of the types of contractual clauses we may use can be found at the following link: http://ec.europa.eu/justice/data-protection/internationaltransfers/transfer/index_en.htm.
6. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
We will process your personal data where it is necessary:
for the performance or entering into of a contract with you, including in order to provide our offering, process your payment and to respond to enquiries and bookings made by you;
for compliance with our legal obligations;
for the purpose of furthering our legitimate interests including to:
improve our offering and Digital Applications;
operate our Digital Applications efficiently and effectively;
carry out behavioural advertising; and
prevent, detect and investigate fraud or illegal activity.
We may also process your personal data on the basis of any consent given by you. This consent may be updated by visiting our preference centre – see section 12*.
7. PROTECTION OF YOUR PERSONAL DATA
We are committed to protecting your personal data and to keeping it safe and confidential. We will therefore ensure that appropriate technical and organisational physical, electronic and procedural safeguards are implemented to protect it. Access to your personal data will also be limited to our employees and certain third parties who process it on our behalf.
8. STORAGE OF YOUR PERSONAL DATA
Your personal data will generally be stored for up to 5 years.
We may, however, keep your personal data for longer than 5 years if we need it to fulfil our contractual obligations to you, the law requires us to maintain it for a longer period or you have not withdrawn your consent.
9. YOUR RIGHTS
You have the following rights, albeit some of them only apply under certain circumstances:
to have a copy of the personal data we have collected about you and to send a copy of it to another data controller;
to update or amend the personal data we have collected about you if it is inaccurate or incomplete;
to erase, or restrict the processing of, the personal data we have collected about you;
to object to the processing of the personal data we have collected about you, including in respect of any data processed for direct marketing purposes;
to withdraw any consents you have provided in respect of our processing of your personal data; and
to lodge a complaint with the Information Commissioner’s Office (www.ico.org).
To exercise any of these rights, please contact us – see section 12.
If you want to amend your personal data or preferences, please visit our preference centre – see section 12*.
10. CONNECTING TO THIRD PARTY SERVICES INCLUDING SOCIAL NETWORKS
Our offering may contain links to third-party apps, services, tools and websites that are not affiliated with, controlled or managed by us (including Facebook, Instagram, LinkedIn and Twitter®) and these services and links may also include social networking features (such as the Facebook® “Like” button and widgets, “Share” buttons, and other interactive mini-programs). Additionally, you may choose to use your own social networking logins from, for example, Facebook or LinkedIn® to log into some of our services. If you choose to connect using a social networking or similar service, we may receive and store authentication information from that service to enable you to log in and other information that you may choose to share when you connect with these services. These services may collect information, such as the web pages you visited and IP addresses, and may set cookies to enable features to function properly. We are not responsible for the security or privacy of any information collected by these third parties. You should review the privacy statements or policies applicable to the third-party services you connect to, use or access as the privacy practices of these third parties will be governed by their own privacy statements. If you do not want your personal information shared with your social media account provider or other users of the social media service, please do not connect your social media account with your account for the services we provide and do not participate in social sharing.
11. COOKIES
We collect data about how you interact with our Digital Applications through the use of cookies and other similar technology.
What is a cookie?
Cookies are small text files containing small amounts of information which are downloaded to your computer or mobile device when you access our Digital Applications. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie.
Why do we use cookies?
Cookies are useful because they allow our Digital Applications to recognise your device. We use them to make our Digital Applications work, or work more efficiently, as well as to store information about your preferences or past actions. You can find out more information about cookies at www.allaboutcookies.org.
We also use cookies to enhance and improve your online experience (for example, by remembering your language and/or preferences) and to understand better how our Digital Applications are used. Cookies may tell us, for example, whether you have visited our Digital Applications before or whether you are a new visitor. They can also help to ensure that adverts seen online are more relevant to you and your interests. They cannot be used to identify you personally.
What types of cookies do we use and how?
We use the following types of cookies:
‘session cookies’: these are allocated to your device only for the duration of your visit to our Digital Applications – they are deleted automatically once you close your browser; and
‘permanent cookies’: these survive after your browser is closed and can remain on your device for a period of time – they can be used by our Digital Applications to recognise your computer or mobile device when you open your browser and browse the internet again.
These cookies may be served directly by us to your computer or mobile device (so-called ‘first-party cookies’) or by one of our service providers (so-called ‘third-party cookies’). A first-party cookie is only used by us to recognise your computer or mobile device when you revisit, or access content via, our Digital Applications. Third-party cookies can be used to recognise your computer or mobile device across different websites (and are most often used for analytical and advertising purposes).
What purposes do we use cookies for?
We use cookies for the purposes stated below:
essential cookies: these are essential to provide you with services available through our Digital Applications and to use some of their features, such as access to secure areas – without these, providing core functionality, such as transactional pages and secure login accounts, would not be possible;
analytics cookies: these are used to collect information about how you and others use our Digital Applications – the information gathered does not identify you and is aggregated – this includes the number of visitors to our Digital Applications, the websites or other applications that referred them to our Digital Applications and the pages that they visited on our Digital Applications – we use this information to help operate our Digital Applications more efficiently, to gather broad demographic information and to monitor the level of activity on our Digital Applications;
functionality cookies: these allow our Digital Applications to remember choices you make (such as your user name or the region you are in) and provide enhanced, more personal features – they can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize – they may also be used to provide services you have asked for, such as watching a video or commenting on a blog – the information these cookies collect may be anonymised and they cannot track your browsing activity on other websites;
performance cookies: these collect information about how you and others use our Digital Applications, for example, which pages are most visited, if error messages come up and how effective our online promotions are – they are only used to help us improve how our Digital Applications work and to ensure ease and speed of use;
marketing cookies: these facilitate online advertising – our Digital Applications, for instance, use remarketing with Google – third-party vendors, including Google, use these cookies to tailor adverts based on someone’s past visits to our Digital Applications and serve these across the web – you can set preferences for how Google advertises to you using the Google Ads Settings; and
social media cookies: these are used when you share information using a social media sharing button or “like” button on our Digital Applications or you link your account or engage with our content on or through a social networking site such as Facebook, Instagram, Twitter or Google+ – the social network will then record that you have done this and the information may be linked to advertising activities such as targeted banners.
What particular cookies do we use?
The following are our own cookies; they are controlled by us and used to provide information about usage of our Digital Applications. These are all session cookies and automatically expire when you close down your browser:
ci_session / ASPSESSIONIDQABRARAD / fueldid / PHPSESSID: these are unique identifiers for your session;
TextSize: this sets the text size;
TextType: this sets the graphic version;
js-cookie-notice: this remembers the status of your cookie banner; and
landing_auth: this remembers the status of your popups.
We use a number of suppliers who may also set cookies on their websites on their behalf. We do not control the use of these cookies, so you should check the third party websites for more information about them.
Provider
Name
Purpose
More Info
Google Analytics
_utma
_utmb
_utmc
_utmt
_utmz
_ga
_gat
_gat_0
_gat_1
_gid
_gcl_au
_ga_DL74BLG88L
SIDCC
FPID
FPLC
These cookies are used to collect information about how you use our Digital Applications. We use the information to compile reports and to help us improve the Digital Applications. The cookies collect information in an anonymous form, including the number of visitors to the Digital Applications, where visitors have come to the Digital Applications from and the pages they visited.
Google Privacy Policy
Share This
_uset
_stid
Tracks what is being shared and by whom.
Share This Privacy
YouTube
VISITOR_INF
O1_LIVE
APISID
HSID
LOGIN_INFO
PREF
SAPISID
enabledapps.
uploader
Google uses these cookies to measure the number and behaviour of Youtube users, including information that links your visits to our websites with your Google account if you are signed in to one.
Google Privacy policy
Facebook
datr
lu
_fbp,
fr
Facebook Social Plugin – embedding Facebook content.
Facebook Privacy policy
Twitter
_twq
Tracking information and advertising
Twitter Privacy policy
Google Maps
NNID
PREF
APISID
HSID
Google uses these cookies to measure the number and behaviour of Google Maps users.
Google Privacy Policy
New Relic
JSESSIONID
NREUM
NRAGENT
Used to store a session identifier so that New Relic can monitor session counts for an application.
New Relic Cookies
Double Click
test_cookie
Id
ide
_drt_
The advertisements that drive traffic to our Digital Applications (when shown) are served by a third-party ad serving provider called DoubleClick. The cookies accompanying the ads allow monitoring of the effectiveness of the ads (for example by using statistical analysis cookies) and make the ads more relevant to you.
Google Advertising Info
Crazy Egg
ceg
adxs
cean
These cookies are placed by Crazy Egg, a platform that produces heatmaps that allow us to analyse how users engage with our websites.
More Info
LinkedIn
UserMatchHistory
Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor’s preferences
More Info
Acteol (an Access Company)
AtreemoUniqueID_cookie
AtreemoCookiesToken_cookie
To identify the page(s) that a customer visits, to allow us to tailor our marketing message to provide more relevant content
More Info
HotJar
_hjid
Tracks website useage and behaviour
More Info
Google Ads
1P_JAR AID
FPAU
Google advertising cookie used for user tracking and ad targeting purposes.
More Info
Triptease
triptease-anonymous-id
triptease-user-id
Used to understand behaviour of a user across hotel websites
More Info
Triptease
triptease-session-id
Used to understand behaviour of a user across hotel websites during a single session
More Info
Triptease
tt-domain-user-id
Used to understand behaviour of a user across a single hotel website
More Info
Triptease
triptease.integration.previous-pages
Used to automatically detect filtered searches displayed. Contains no user data and is never sent off device
More Info
Triptease
triptease.integration.previous-urls
Used to record URL history. Contains no user data.
More Info
Triptease
tt_message_engine_message_reveals
Used to record which on-site Messages a user has previously seen.
More Info
Triptease
tt_message_engine_message_dismisses
Used to record which on-site Messages a user has previously dismissed by clicking the Close button.
More Info
Triptease
tt_message_engine_latest_search
Used to record the user’s search for use in the display of on-site Messages.
More Info
Triptease
tt_message_engine_opt_out_of_experiments
Used to opt the user out of any experiments that are being run for the on-site Messages product
More Info
Triptease
tt_message_engine_latest_visit_info
Used to record statistics about the user’s visits to hotels, for use in the display of on-site Messages.
More Info
Triptease
tt-bee-apiKey
This cookie is used for re-targeting, optimisation, reporting and attribution of online adverts. The apiKey relates to the apiKey of the hotel integration with Triptease
More Info
Triptease
tt-bee-beeswax-id
This cookie is used for re-targeting, optimisation, reporting and attribution of online adverts.
More Info
Beeswax
bito
checkForPermission
bitoIsSecure
This cookie is used for re-targeting, optimisation, reporting and attribution of online adverts.
More Info
Wihp
__wihptics2
__wihptics3
For identifying users across multiple sessions
More Info
Relating to the user
Cookie name Description
_hjSessionUser_site_id
Set when a user first lands on a page.
Persists the Hotjar User ID which is unique to that site.
Ensures data from subsequent visits to the same site are attributed to the same user ID.
365 days duration.
JSON data type.
_hjid
Set when a user first lands on a page.
Persists the Hotjar User ID which is unique to that site.
Ensures data from subsequent visits to the same site are attributed to the same user ID.
365 days duration.
UUID data type.
_hjFirstSeen
Identifies a new user’s first session.
Used by Recording filters to identify new user sessions.
Session duration.
Boolean true/false data type.
_hjUserAttributesHash
User Attributes sent through the Hotjar Identify API are cached for the duration of the session.
Enables us to know when an attribute has changed and needs to be updated.
Session duration.
Hash data type.
_hjCachedUserAttributes
Stores User Attributes sent through the Hotjar Identify API, whenever the user is not in the sample.
Collected attributes will only be saved to Hotjar servers if the user interacts with a Hotjar Feedback tool.
Cookie used regardless of whether a Feedback tool is present.
Session duration.
JSON data type.
_hjViewportId
Stores user viewport details such as size and dimensions.
Session duration.
UUID data type.
Relating to the session
Cookie name Description
_hjSession_site_id
Holds current session data.
Ensures subsequent requests in the session window are attributed to the same session.
30 minutes duration.
JSON data type.
_hjSessionTooLarge
Causes Hotjar to stop collecting data if a session becomes too large.
Determined automatically by a signal from the WebSocket server if the session size exceeds the limit.
Session duration.
Boolean true/false data type.
_hjSessionRejected
If present, set to ‘1’ for the duration of a user’s session, when Hotjar has rejected the session from connecting to our WebSocket due to server overload.
Applied in extremely rare situations to prevent severe performance issues.
Session duration.
Boolean true/false data type.
_hjSessionResumed
Set when a session/recording is reconnected to Hotjar servers after a break in connection.
Session duration.
Boolean true/false data type.
_hjLocalStorageTest
Checks if the Hotjar Tracking Code can use local storage.
If it can, a value of 1 is set.
Data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created.
Under 100ms duration.
Boolean true/false data type.
_hjIncludedInPageviewSample
Set to determine if a user is included in the data sampling defined by your site’s pageview limit.
30 minutes duration.
Boolean true/false data type.
_hjIncludedInSessionSample
Set to determine if a user is included in the data sampling defined by your site’s daily session limit.
30 minutes duration.
Boolean true/false data type.
_hjAbsoluteSessionInProgress
Used to detect the first pageview session of a user.
30 minutes duration.
Boolean true/false data type.
_hjTLDTest
We try to store the _hjTLDTest cookie for different URL substring alternatives until it fails.
Enables us to try to determine the most generic cookie path to use, instead of page hostname.
It means that cookies can be shared across subdomains (where applicable).
After this check, the cookie is removed.
Session duration.
Boolean true/false data type.
Relating to Recordings
Cookie name Description
_hjRecordingEnabled
Set when a Recording starts.
Read when the Recording module is initialized to see if the user is already in a recording in a particular session.
Session duration.
Boolean true/false data type.
_hjRecordingLastActivity
Set in Session storage as opposed to cookies.
Updated when a user recording starts and when data is sent through the WebSocket (the user performs an action that Hotjar records).
Session duration.
Numerical Value (Timestamp) data type.
How to manage cookies?
You have the right to choose whether or not to accept cookies. However, if you do not accept our cookies, you may not be able to use the full functionality of our Digital Applications.
You can find more information about how to manage and remove cookies at allaboutcookies.org/manage-cookies/ or by visiting the websites relevant to the browser you are using. Below we have provided links to some of the most popular browser websites:
Google Chrome
Mozilla Firefox
Microsoft Internet Explorer
Apple Safari
Opera
12. CONTACT INFORMATION AND UPDATING YOUR PREFERENCES
If you have any comments or questions, please contact us at Copper House, 5 Garratt Lane, Wandsworth, London, SW18 4AQ (marked for the attention of our Data Protection Officer), via phone (020 8875 7000) or via email (privacy@youngs.co.uk).
If at any time you wish to change how we communicate with you (including the pubs or hotels you’d like to hear from) or what we communicate with you about, please visit our preference centre which is accessible from any of the emails that we send you.
To unsubscribe from any of our marketing-related activities, please follow the link at the bottom of any of our e-communications. Alternatively, please contact us at enquiries@youngs.co.uk and we will process your request.
If you wish to make changes personal data collected within the On Tap App, or to delete your account, please email ontap@youngs.co.uk
From time to time we may tailor email marketing activities based on any preferences you have informed us of, for example specific Young’s pubs or hotels or personal interests. These can be updated via the preference centre, which is accessible from any of the emails that we send you.
13. CHANGES TO THIS POLICY
Any changes we make to our privacy notice in the future will result in publication of an updated notice on this page and, where appropriate, notified to subscribers via email.