Terms & Conditions

1. Please read these terms and conditions carefully. By accessing and using our website and any content and features therein (our Services), you indicate your acceptance of these Terms and any other notices, guidelines and rules published by us on our Services from time to time (each of which is incorporated into the Terms by this reference).

2. If you do not accept these Terms please do not access and/or use our Services.

3. We may update these Terms at any time. Please review the Terms regularly to ensure you are aware of any changes. Your continued access to and/or use of our Services after changes have been made to the Terms indicates your agreement to be legally bound by the updated and/or amended Terms.

Use of our Services

4. You agree to use our Services for lawful purposes only and in a way that does not infringe the rights of or restrict or inhibit any person's use and enjoyment of our Services and in compliance at all times with these Terms and with all laws and regulations that apply.

5. In accessing our Services, you agree that you will only access its contents for your own personal and non-commercial use and not for any commercial or other purposes, including advertising or selling any goods or services. You also agree not to adapt, alter or create a derivative work from any content on our Services. You will need our prior written permission if you want to use any content on our Services for any other reason.

6. From time to time, we may make available some parts of our Services or all of our Services only to those users who have registered with us. If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any third party. Any personal information supplied to us as part of this registration process and/or or other interaction with our Services will be collected, stored and used only for the purposes of providing our Services to you and not for any other purposes. We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our opinion you have failed to comply with any of the provisions of these Terms.

7. We make no representation that any of the content on our Services is appropriate or available for use in your country. You are responsible for ensuring that your use of our Services is in compliance with all applicable local laws and regulations.

Intellectual Property Rights

8. All information, data, text, documents, graphics, logos, designs, images, pictures, photographs, software, interactive features, advertisements or other content, services or materials (or any part of them) accessible on our Services (Materials) are protected by copyright, trademarks, database rights and other intellectual property rights and are owned by or licensed to us or are otherwise used by us as permitted by applicable law or regulation. Nothing contained herein shall be construed as conferring by implication, estoppel or otherwise, any licence or right to use the Materials other than as permitted in these Terms.

9. Except as specifically permitted on our Services, you undertake not to copy, store in any medium (including on any other website), distribute, transmit, re-transmit, re-publish, broadcast, modify, or show in public any part of our Services without our prior written permission (and the prior written consent of the owner of the relevant intellectual property rights as and if applicable) in accordance with the Copyright, Designs and Patents Act 1988. Reliance on Information on our Services

10. Information published via our Services is intended solely for the purpose of providing general information and is not intended to amount to advice on which reliance should be placed. We do not warrant that any Materials are accurate or free from error and we disclaim all liability and responsibility arising from any reliance placed on any content on our Services by you or by anyone who may be informed of any of the contents of our Services.

11. We aim to update our Services regularly and may change the content at any time. We may suspend access to our Services, or close them indefinitely at any time at our sole discretion. The Materials may be out of date at any given time and we are under no obligation to update them. Warranties and Disclaimer

12. We do not warrant that the functions contained in any Materials on our Services will be uninterrupted or error-free, that defects will be corrected or that our Services or the servers that makes them available are free of viruses or bugs.

Limitation of Liability

13. Your use of our Services and the Materials is entirely at your own risk.

14. To the fullest extent permitted by law, we expressly exclude any liability for any direct, indirect, consequential, special or exemplary loss or damage (whether such losses were foreseen, foreseeable, known or otherwise) arising from, out of or in connection with the use of our Services, including without limitation: (a) injury and/or damage to persons or property as a result of any statement, including any actual or alleged defamatory statement; (b) losses suffered by any third party, including infringement of any intellectual property or privacy rights; (c) loss of data; (d) loss of revenue or anticipated profits; (e) loss of business or contracts; (f) loss of opportunity; (g) loss of anticipated savings; (h) wasted management or office time; or (i) loss of goodwill or injury to reputation.

15. This does not affect our liability for death or personal injury arising from our negligence, fraudulent misrepresentation or misrepresentation as to a fundamental matter, nor any other liability which cannot be excluded or limited under applicable laws or regulations.

16. We shall not be responsible for any breach of these Terms caused by circumstances beyond our control.

Reimbursement by you

17. You agree to reimburse us in full and any of our officers, directors, employees, agents, representatives, licensors, suppliers and operational service providers on demand in respect of any and all claims, actions, proceedings, demands, damages, losses, liabilities, costs and expenses suffered or reasonably incurred by us as a result of, or in connection with, your access to and use of our Services other than in accordance with these Terms or any applicable law or regulation.

Viruses, hacking and other offences

18. You must not misuse our Services by introducing, transmitting or arranging the sending of any viruses, corrupt file, cancelbot, Trojan horse, worm, time or logic bomb, keystroke logger, spyware, adware or other material designed to adversely affect the operation of any computer software, hardware or telecommunications equipment or interfere with, wrongly intercept or expropriate any data or personal information. You must not attempt to gain unauthorised access to our Services, the servers on which they are stored or any server, computer or database connected to our Services. You must not attack our Services via a denial-of-service, distributed denial-of service or other type of attack.

19. Any breach of this provision constitutes a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our Services will cease immediately.

20. We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our Services, your downloading of any Materials on our Services or on any materials on any other website linked to it.

Linking from our Services

21. We have no control over the content or availability of third party sites that you may access through our Services and such links are provided for your information only. If you visit any linked site, you do so at your own risk and it is your responsibility to take all protective measures to guard against viruses or other destructive elements.

22. We do not endorse and are not responsible or liable (directly or indirectly) for any content, advertising, products, services, views expressed or information on or available from third party websites (including without limitation payment for and delivery of any products or services) or for any damage, loss or offence caused by or in connection with your access to and use of such third party sites and any available services. Any Terms, conditions, warranties or representations associated with any dealings on any third party sites are solely between you and the relevant provider of that site and/or any relevant service.

Linking to our Services

23. You may link to the home page of any website within our Services without seeking our further written consent PROVIDED THAT you fully comply with these Terms.

24. You are not permitted to create a link to any part of our Services other than the home page unless you have our prior written consent (and for the avoidance of doubt, such consent shall be deemed given in respect of RSS feeds, widgets and embeddable media players which we may make available PROVIDED THAT you use them in accordance with these Terms and any further instructions published through our Services). We reserve the right to withdraw linking permission without notice. The website from which you are linking must comply in all respects with the content standards set out in the Code of Conduct. Our Services must not be framed on any other site.

25. Any links to our Services must be made in a way that is fair and legal and does not damage our reputation or take advantage of it. You must not establish a link in any way that suggests any form of association, representation, approval or endorsement on our part where none exists. Links to our Services do not imply that we endorse, are affiliated with or are associated with any linked site or that any linked site is authorised to use any of our trade marks, trade names, brands, logos or copyright symbols or those of any of our affiliates or licensors.

26. Links to our Services are not permitted from the following "Excluded Websites":

  • websites that incite hatred whether based on race, religion, gender, sexuality or otherwise, or promote encourage or facilitate anti-social behaviour;
  • websites that promote, encourage or facilitate violence;
  • websites that promote, encourage or facilitate terrorism or other activities that risk UK national security;
  • websites that discriminate against any specific social group or otherwise exploit vulnerable sections of society;
  • websites that promote, facilitate or encourage illegal activity;
  • websites which are misleading, pornographic, defamatory, or that contain illegal, or otherwise actionable content under UK law; or
  • websites which infringe individual privacy.

Advertising and Sponsorship

27. Parts of or all of the Services may from time to time contain advertising and sponsorship. Advertisers and sponsors are responsible for ensuring that any materials submitted for inclusion on our Services comply with relevant laws, regulations and codes and these Terms. We shall not be responsible for any error or inaccuracy in such advertising or sponsorship materials.

Software

28. From time to time certain software which is our protected work or the protected work of our suppliers may be made available to download via our Services. You are licensed to use the software on a non-exclusive basis only for the purposes for which it is indicated. You may not use the software for any other purpose and may not redistribute, sell, decompile, reverse engineer, disassemble or otherwise deal with the software.

Order of Precedence

29. If there is any conflict between these Terms and any specific terms appearing elsewhere on our Services relating to specific material (including the Code of Conduct), then the latter shall prevail.

Severability

30. If any of these Terms are determined to be illegal, invalid or otherwise unenforceable by reason of the laws of any state or country in which these Terms are intended to be effective, then to the extent and within the jurisdiction in which that term is illegal, invalid or unenforceable, it shall be severed and deleted from these Terms and the remaining Terms shall survive, remain in full force and effect and continue to be binding and enforceable.

Jurisdiction

31. The Terms are governed by and construed in accordance with the laws of England and Wales.

Disputes

32. Any disputes arising from or related to our Services shall be subject to the jurisdiction of the courts of England and Wales.

Privacy Policy

Information that we collect, store or process

As a rule, Constant Commerce does not collect and store personal information that is easily attributable to an individual user. When we handle your information, we usually do so on behalf of a business with whom you have an existing relationship, like a retailer you shop with, or a publisher you visit often. This privacy policy explains when and how we handle personal information. Starting with a simple explanation of some key concepts.

What is a cookie?

A cookie is a small data file, which may or may not include a unique identifier. Cookies are sent to your browser from a website and stored on your device. Their content can then be used by the website later in the current session or during future visits to the website (and under certain conditions, other websites too) to do things like recognise a user, recall their preferences, or record user behaviour.

What is a hash?

A hash is a long sequence of characters, usually numbers, that is generated when a formula is applied to a text string like an email address or password. It's not possible to work back from the hash to generate the original text string, so software developers use hashing to store a 'fingerprint' for a piece of information, without storing the information itself.

What is PII?

Personally Identifiable Information (PII) is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context.

Why does Constant Commerce use cookies?

Constant Commerce uses cookies and similar technologies to personalise and optimise your shopping experience by remembering your preferences (such as store preferences). This means you don’t have to reselect your preferred retailer each time you return to your favourite sites or when you browse from one page to another. Cookies also make it possible to differentiate between separate users' activities so that we can better understand how groups of users with similar or differing requirements interact with our shopping tools, and helps us to improve the shopping experience. It’s important to note that we never use cookies to collect personal information about you.

For GDPR purposes, all websites that have our tools embedded on them are data controllers, and we are a data processor on their behalf. Our privacy policy governs how we process your data in a way that conforms to privacy and data regulations, but it's the controllers' privacy policies which govern how that data, which remains under their control when we've finished processing it, is handled in the long term. Our privacy policy is often cited by the data controllers that we work with, as a component of their overall privacy policy, relating specifically to the work we do with them.

As processors, we process cookies on behalf of these data controllers, making sure to always protect the rights of the data subject (the end user). We won't engage another processor without establishing that they will also protect the rights of the data subject, or without providing prior notification to the data controllers. We will always inform those controllers of any intended changes concerning the addition or replacement of other processors, giving the controllers the opportunity to object to such changes if they are concerned that the data subjects rights might not be appropriately protected under the proposed new arrangement.

Publishers

A 1st party host site running Constant Commerce tools could be a brand website (brand.com), a publisher website (publisher.com) or a retailer website (publisher.retailer.com, if a retailer is also a content publisher). These sites are all referred to below as publishers.

A publisher is always the controller and owner of the data that relates to your journey through their site, but until you interact with our tools, our tools don't make any contribution to the data that the publisher collects, stores or processes.

Once you do interact with our tools, the publisher owns the following data that our tools can generate:

  • User/session counts
  • Site-specific information on impression:
    • Page URL
    • Widgets on a page
    • Truncated IP addresses
    • Information related to your device
    • Browser type
    • High level timestamp

A ‘session’ is a standard browser session – e.g. it terminates when the browser tab is closed. User and session identifier cookies are only ever stored on the publisher.com website, so that the publisher has complete control over this data; they can turn these identifiers off, by overwriting these cookies if they wish to, which lets them opt specific users out of data collection if they choose to. Without these identifiers, our tools can then only collect and aggregate behavioural analytics using an anonymous ‘page impression’ identifier, that is reset on every page load, meaning the only data collected is aggregated, anonymous data with no relationship to an individual end user.

Retailers

When a retailer runs Constant Commerce tools at their website, this can result in cookies written by the constant.co or foodity.com domains, or in some cases, by the retailer domain directly. The same applies when our tools are embedded in publisher pages and the end user has selected a retailer preference.

Once you interact with Constant Commerce's embedded tools to select or confirm a store preference, the retailer is the owner of the behavioural and e-commerce data that is stored by us. No cookies are persisted on constant.co or foodity.com before you select your store preference.

The retailer owns the following data that is generated by end user interactions with our tools or with pages that include our tools:

  • Retailer preferences: branded state of side-drawer, buttons, etc.
  • The retailer shopping list identifier (for anonymous/pre-logged-in shoppers) *
  • Click-information relating to the retailer branded calls to actions (usually buttons)
  • Hashed email address (and a CRM identifier in the case of some retailers)
  • End user interaction and behaviour within our retailer-specific interfaces
  • The retailer e-commerce transaction data

*Our shopping list functionality is driven by a Constant Commerce API service called ‘cloudlist’ that allows you to add ingredients and products to a shopping list. By logging into your retailer account on any website that has integrated our tools, the cloud list services let you access your shopping list to add, edit and delete the items within it. The service also allows you to see a history of any of the products you have added to your online basket via our tools. If you have never interacted with or haven't opted in to this service, no retailer shopping list identifier cookie will be stored on your browser or device, even if you use our other tools.

Safari 11 and above

On browsers that offer limited support for third party cookies, e.g. Safari, when you opt to have your store preferences remembered across the web, we will also drop store preference cookies on the first party, i.e. the publisher. This allows store preferences to be remembered for more than 24 hours on these browsers.

Constant Commerce label

As you browse the Internet, you may see or interact with our tools embedded on host websites, and these may be labelled with “Constant Commerce”. This indicates that Constant Commerce widgets are being used to optimize your shopping experience on that website. It’s important to note that Constant Commerce does not operate or control the websites where our tools are embedded, so this Privacy Policy does not apply to your usage of those websites, only to your use of our tools at those websites. Retailers can choose to write end-user CRM identifiers as a cookie when their domain loads along with our tools, and that's also outside the control of Constant Commerce, and subject to the retailer's Privacy Policy. To see relevant Privacy Policy information, please refer to the Privacy Policies found at host websites and at retailers' websites.

When do we collect information?

We make a clear distinction between publishers and retailers, who are the controllers and the owners of any data we collect. If you don't interact with any of our widgets embedded on a publisher website, the only data that is generated by our tools are anonymous cookies owned by that publisher and subject to their Privacy Policy, and which are not shared with any other party. When you interact with our tools, and have opted into the services, we then drop retailer specific cookies, which become retailer owned data.

Constant Commerce only drops 2 cookies that are not specific to retailer and publishers:

  • We make a clear distinction between publishers and retailers, who are the controllers and the owners of any data we collect. If you don't interact with any of our widgets embedded on a publisher website, the only data that is generated by our tools are anonymous cookies owned by that publisher and subject to their Privacy Policy, and which are not shared with any other party. When you interact with our tools, and have opted into the services, we then drop retailer specific cookies, which become retailer owned data.
  • Constant Commerce only drops 2 cookies that are not specific to retailer and publishers:

Where do we store data?

Constant Commerce processes all EU-specific information on remote server sites in the EU, owned and operated by industry leading cloud service providers that offer highly sophisticated measures to protect against unauthorized persons gaining access to data.

We implement suitable measures to prevent these data processing systems from being used by unauthorized persons. We do this by:

  • Ensuring that employees who are entitled to use our data processing systems are only able to access data within the scope of and to the extent covered by their respective access permission (authorization). The access rights and levels are based on employee job function and role, using the concepts of least-privilege and need-to-know to match access privileges to defined responsibilities
  • Effective and measured disciplinary action against individuals who access data without authorization
  • Industry standard encryption
  • In the event of hardware, software, or network failure, platform services and control panels are automatically and instantly shifted from one facility to another so that platform services can continue without interruption

What we do to safeguard the data (against theft and fraud)

We have implemented reasonable security measures to protect the information end users have agreed to share with us. Careful use of encryption techniques in accordance with industry best practice (e.g. when dealing with retailer CRM IDs) is one of the methods we use. Given that webservices like ours are dependent on third party platforms and infrastructure, we can never absolutely guarantee the security of the information we collect, store and process against theft or fraud, but it is a primary company objective to always use the best tools and techniques available to protect the information.

Changes to this Privacy Policy

Constant Commerce reserves the right to change this Privacy Policy.

Contact information

In case of a question, complaint, request to update, change or delete any information, contact us at privacy@constant.co. Individuals can find out if we hold any personal information by making a subject access request under the Data Protection Act 1998 or, from May 2018 onwards, the General Data Protection Regulation. It should be noted that Constant Commerce never retains data that can be easily associated with an individual, but for any other data, we will:

  • Give you a description of it;
  • Tell you why we are holding it;
  • Tell you who it could be disclosed to; and
  • Let you have a copy of the information in an intelligible form.

Last updated September 2018