1.0 About Us
YouFibre Limited (“YouFibre”, “we” or “us”) is a full fibre internet service provider (“ISP”). We are a limited company registered in England and Wales under company number 12359292 and our registered office and main trading address is at YouFibre Limited, Unit H The Courtyard, Tewkesbury Business Park, Tewkesbury, UK, GL20 8GD. We are regulated in the UK by Ofcom. We are also a member of the Ombudsman Services (an independent alternative dispute resolution service) of which there are further details in our Complaints Code of Practice. YouFibre is the controller and responsible for your personal data.
YouFibre is committed to protecting and respecting your privacy.
2.0 Information we collect about you
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, last name, username or similar identifier, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address, social media username (if given) and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details of payments made by you, any equipment we will supply, and services you have subscribed to.
- Usage Data includes information about how you use our services, our network and our Website.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website and our network.
- Profile Data includes your username and password (if made available to us), orders made by you, your interests, preferences, feedback and survey responses.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use, and share “Aggregated Data” (this means statistical or demographic data derived from your personal data). Aggregated Data is not considered personal data in law as this data does not directly or indirectly reveal your identity.
3.0 How we collect your personal data
(i) Identity Data, Contact Data and Financial Data
You may give us your Identity, Contact and Financial Data by corresponding with us by via our Website, systems or communicating with our Customer Support online, by email, on the telephone or by post. This includes personal data you provide when you:
- fill in paper forms or online forms on our Website
- register to use our Website
- record your registered interest in becoming our customer in the future
- give us your details for us to contact you in relation to our services
- post any material on our Website
- place an order for our services by telephone
- request any additional services or upgrades
- ask for help or advice or report a problem with our services
- request marketing communications to be sent to you
- enter a competition, promotion or survey
- give us feedback
This also includes information you enter even when you only partially fill out an online form, and exit before completing it.
When you contact us (by phone, email or via our Website), we may keep a record of it and what you say to us.
We may also hold your Identity, Contact and Financial Data, if you have agreed for us to have this, in connection with you (as a third party) consenting to manage a YouFibre customer’s billing arrangements (at that customer’s request).
(ii) Transaction Data
We will collect and hold details of orders you make through our Website, by telephone or on paper forms and details of any payments you have made and any products/equipment supplied – e.g. routers.
(iii) Usage and Technical Data
When you use our services, we will automatically collect your Usage Data. When you (or someone using your YouFibre broadband or telephone service) use YouFibre’s network to make a telephone call or connect to the internet, we keep a record of that call (including the number called) so we can charge for it. We also receive information from other operators about calls made over our network, where we need that information for connecting and billing purposes. We will also collect information about your use of our services (such as the amount of time you spend online), which we will use to manage our network and for billing.
If someone abuses or damages the YouFibre telephone network, for example by making offensive or nuisance calls, we may keep information relating to that abuse.
If a customer abuses our internet service or any other services we provide, for example by not following any part of our Acceptable Usage Policy, we may keep any information relating to that abuse.
(iv) Profile Data
We will also collect information on which devices have accessed your YouFibre router (e.g. type of device, brand, model, operating system and browser) in order to monitor and better understand how our services are used.
We may collect information about your computer, including your IP address, operating system and browser type, to help keep our network running smoothly. Unless this information is needed for a service enquiry specific to your service, this is used as aggregated statistical information about our users’ browsing actions and patterns, and does not identify any individual.
We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. We may ask you questions, from time to time, about how you use the services we provide, other services you would like us to provide in the future and about other things, such as information about your lifestyle.
(v) Marketing and Communications Data
We will keep a record of whether you have opted out of receiving marketing from us. We will also keep a record of your communication preferences.
4.0 How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform a contract we are about to enter into or have entered into with you
- Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
Performance of Contract means using your data as necessary for us to provide a quote to you or fulfil a contract to provide our services to you.
Legitimate Interest means using your data as necessary for the commercial interests of our business, allowing us to conduct and manage our business to give you the best possible service and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.
Comply with a legal or regulatory obligation means using your personal data to the extent necessary for us to comply with a legal or regulatory obligation that we are subject to.
We have set out below a description of the ways we use your personal data. Note that we may use your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data.
|Purpose/Activity||Type of data||Lawful ground for processing|
|To register you as a new customer||Identity Contact Usage||Perform our contract with you|
|To process your order and provide our services including: Making the services available to you and performing any necessary installation work; Managing payments and charges; Providing billing information to you; and Collecting and recovering money owed to us||Identity Contact Financial Transaction Usage Marketing and Communications||Perform our contract with you; and Necessary for our legitimate interests (to recover debts due to us)|
|To monitor your usage of our services and maintain records of your usage (including provide billing information to you)||Identity Contact Usage Technical||Perform our contract with you; Necessary to comply with our legal obligations; Necessary for our legitimate interests (to understand how customers use our service, maintain and develop our service provision and protection of the network and service)|
|To monitor and record our communications with you||Identity Contact Usage Technical||Perform our contract with you; and Necessary for our legitimate interests (for training and quality purposes)|
|To administer and protect our business, network and Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||Identity Contact Technical||Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise); and Necessary to comply with our legal obligations|
|To deliver relevant Website content and advertisements in the most effective manner to you and measure or understand the effectiveness of the advertising we serve to you.||Identity Contact Profile Usage Marketing and Communications and Technical||Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)|
|To use data analytics to improve our Website, services, marketing, customer relationships and experiences||Technical Usage||Necessary for our legitimate interests (to define types of customers for our services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy)|
|To enable you to manage (as a third party) the billing arrangements of a YouFibre customer who has requested that you be permitted to do this.||Identity Contact Financial||To perform our contract with the customer on whose behalf you are acting; May be necessary to comply with our regulatory obligations to allow a third party to manage the billing arrangements for a customer with special accessibility requirements|
|To register you as a new customer||Identity Contact Usage||Perform our contract with you|
|To process your order and provide our services including: Making the services available to you and performing any necessary installation work Managing payments and charges Providing billing information to you Collecting and recovering money owed to us||Identity Contact Financial Transaction Usage Marketing and Communications||Perform our contract with you; Necessary for our legitimate interests (to recover debts due to us)|
|To monitor your usage of our services and maintain records of your usage (including provide billing information to you)||Identity Contact Usage Technical||Perform our contract with you; Necessary to comply with our legal obligations; and Necessary for our legitimate interests (to understand how customers use our service, maintain and develop our service provision and protection of the network and service)|
5.0 Marketing Communications
If you are a customer, we may also use your Identity, Contact, Technical, Usage, Profile, and Marketing and Communications Data to form a view on what services and offers may be relevant for you and to send you recommendations about services that we think may be of interest or to invite you to participate in prize draws or competitions (“marketing communications”).
If you have given us your details to record your registered interest in becoming our customer in the future or for us to contact you in relation to our services or business development (including to receive our newsletter), we may use your Identity Data to keep you up to date about our services and coverage.
You will only receive marketing communications from us if you have registered an interest in receiving our services (whether current services or in the future when your building or location is connected to our network), requested information from us in relation to our services or purchased services from us and, in each case, you have not opted out of receiving that marketing.
You can ask us to stop sending you marketing communications at any time by logging into My Account via our Website and checking or unchecking relevant boxes to adjust your marketing preferences, by following the opt-out links on any marketing message sent to you or by contacting us at any time.
If you opt out of receiving marketing communications, we will still send you service-related communications as necessary.
6.0 Disclosures of your personal data
We may sometimes need to share your personal data with the types of third party listed below:
- Our partner organisations, our group companies and our subcontractors who provide some of the services on our behalf
- Credit reference agencies (to carry out credit checks) and debt recovery agencies (if you do not pay your bills)
- Analytics and search engine providers that assist us in the improvement and optimisation of our Website
- IT and system administration services service providers
- Professional advisers including lawyers, auditors and insurers
- Third parties to whom we may choose to sell, transfer or merge parts of our business with
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
If, as a YouFibre customer, you have requested and/or consented to a third party managing your YouFibre billing arrangements, you agree that this may involve that third party (i) having online access to your YouFibre account details insofar as they relate to your bills and/or (ii) being given details of your billing arrangements when calling Customer Support or writing to us in connection with managing these arrangements and/or (iii) arranging for any of your bills to be paid. You have informed us which of these options you have chosen and given your consent accordingly. We accept no responsibility in relation to you choosing that third party to manage your billing arrangements or in relation to their use or misuse of such of your personal information to which they have access under these arrangements.
7.0 International Transfers
We share your personal data to YouFibre’s group companies which may involve transferring your data outside the European Economic Area (EEA). We will ensure your personal data is protected by requiring all our divisions to follow the same rules when processing your personal data to ensure its security. These rules are called "model clauses".
In addition, some of our third party suppliers are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- The third party country has been deemed to provide an adequate level of protection for personal data by the European Commission; or
The service provider has provided adequate safeguards to ensure that individuals rights are enforceable and legal remedies are available.
8.0 Data Security
We have in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We also have in place procedures to deal with any suspected personal data breach and will notify you and the ICO (the UK supervisory authority) of a breach where we are legally required to do so.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or you have chosen) a customer ID, password(s) or log-ins to allow you to can access certain parts of our Website, you are responsible for keeping these confidential. You are responsible for how our services are used from your account and for keeping your account information secret. Please keep this information safe, and do not share it with others.
Unfortunately, sending information using the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of the data you send to our Website; you take the risk for this. Once we have received your information, we will try our best to keep it secure. This includes using strict procedures and security features to try to prevent unauthorised access.
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and others associated with us. If you follow a link to any of these websites, please note that these websites have their own privacy and cookie policies. YouFibre accepts no responsibility or liability for these policies. Please check these policies before you send any personal data to these websites.
9.0 Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for at least 7 years after they cease being customers for tax purposes.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
10.0 Your Legal Rights
You have various rights in relation to your personal data – these are set out in detail below. If you wish to exercise any of these rights, please email us: firstname.lastname@example.org
Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete your personal data when we no longer need it. You may also ask us to delete your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with a legal obligation. However, we may not be able to comply with your request of erasure, for example, if we are required to retain your personal data for legal reasons. We will let you know if this is the case.
Object to processing of your personal data where we are processing your personal data for direct marketing purposes. You also have the right to object where we are relying on a legitimate interest but you feel the processing impacts on your fundamental rights and freedoms.
Request restriction of processing of your personal data. You may ask us to suspend the processing of your personal data in the following scenarios: (a) if you do not think the data we hold is accurate, whilst we verify its accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where we no longer need to process it but you require us to store it in relation to a legal claim; or (d) if you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will if feasible practically provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to information which we process by automated means and use to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data (for example, for marketing purposes). However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
You will not have to pay a fee to access your personal data or to exercise any of your other rights. However, if we feel that your request is unfounded, repetitive or excessive, we may charge a reasonable fee or we may let you know that we are refusing to comply with your request. If we refuse your request, we will explain why and you will be entitled to raise the issue with the ICO.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We will respond to all legitimate requests within 30 days of receipt and, if possible, achieve a satisfactory resolution within that time period. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Post: YouFibre Limited, Unit H The Courtyard, Tewkesbury Business Park, Tewkesbury, UK, GL20 8GD
We use these types of cookies:
- Essential (Necessary) cookies: These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to log into secure areas of our Website.
- Preferences cookies: These are cookies we use to recognise you when you return to our Website. They enable us to personalise our content for you and save your preferences in a cookie on your device (for example, your choice of language or region or, if you select the ‘Remember me on this computer’ box, your username and password). This means that the next time you log on to our Website using that device you won’t need to re-enter those details. We suggest you don’t select the ‘Remember me’ box if you use a shared device or publicly available computer. The cookie file itself won’t store your personal information.
13.2. Which cookies we use:
|Cookie name and description||Party and Type||More information|
|__cfruid||Third party, Necessary||This cookie is a part of the services provided by Cloudflare - Including load-balancing, deliverance of website content and serving DNS connection for website operators.|
|__zlcstore||Third party, Necessary||This cookie is necessary for the chat box function on the website to function .|
|AWSALBCORS||Third party, Necessary||Registers which server-cluster is serving the visitor. This is used in context with load balancing, in order to optimize user experience.|
|ZD-suid||Third party, Necessary||Unique id that identifies the user's session.|
|ZD-store||Third party, Preferences||Registers whether the self-service-assistant Zen desk Answer Bot has been displayed to the website user.|
|youFibreCokkieConsent||First party, Preferences||Cookie consent cookie. Allows the system to know if the user is not first-time visitor in order not to repeat cookie consent.|
|_ga||Third party, Statistics||Google analytics cookie. Registers a unique ID that is used to generate statistical data on how the visitor uses the website|
|_gid||Third party, Statistics||Google analytics cookie. Registers a unique ID that is used to generate statistical data on how the visitor uses the website|
|_gat||Third party, Statistics||Google Analytics cookie. Used to throttle request rate.|
|_hjAbsoluteSessionInProgress||Third party, Statistics||This cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice.|
|_hjFirstSeen||Third party, Statistics||This cookie is used to determine if the visitor has visited the website before, or if it is a new visitor on the website.|
|_hjIncludedInPageviewSample||Third party, Statistics||Determines if the user's navigation should be registered in a certain statistical placeholder.|
|_hjTLDTest||Third party, Statistics||Registers statistical data on users' behavior on the website. Used for internal analytics by the website operator.|
|_hjid||Third party, Statistics||Sets a unique ID for the session . This allows the website to obtain data on visitor behavior for statistical purposes.|
|zabUserId||Third party, Statistics||Collects data on the user’s navigation and behavior on the website. Th is is used to compile statistical reports and heatmaps for the website owner.|
|ZD-buid||Third party, Statistics||Unique id that identifies the user on recurring visits.|
|zabVisitId||Third party, Statistics||Collects data on the user’s navigation and behavior on the website. Th is is used to compile statistical reports and heatmaps for the website owner.|
|_fbp||Third party, Marketing||This cookie is used to provide you with more relevant advertising across Facebook.|
|__zlcmid||Third party, Marketing||Preserves users states across page requests.|
|fr||Third party, Marketing||Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.|
|ads/ga-audiences||Third party, Marketing||Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behavior across websites.|
|tr||Third party, Marketing||Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers.|
|zte#||Third party, Marketing||Saves a Zopim Live Chat ID that recognises a device between visits during a chat session .|
Force24 Cookies & Tracking
Our organisation utilises Force24’s marketing automation platform.
Force24 cookies are first party cookies and are enabled at the point of cookie acceptance on this website. The cookies are named below:
They allow us to understand our audience engagement thus allowing better optimisation of marketing activity.
f24_autoId – This is a temporary identifier on a local machine or phone browser that helps us track anonymous information to be later married up with f24_personid. If this is left anonymous it will be deleted after 6 months . Non-essential, first party, 10 years, persistent.
f24_personId – This is an ID generated per individual contact in the Force24 system to be able to track behaviour and form submissions into the Force24 system from outside sources per user. This is used for personalisation and ability to segment decisions for further communications. Non-essential, first party, 10 years, persistent.
The information stored by Force24 cookies remains anonymous until:
Our website is visited via clicking from an email or SMS message, sent via the Force24 platform and cookies are accepted on the website.
A user of the website completes a form containing email address from either our website or our Force24 landing pages.
The Force24 cookies will remain on a device for 10 years unless they are deleted.
We also use similar technologies including tracking pixels and link tracking to monitor your viewing activities
Device & browser type and open statistics
All emails have a tracking pixel ( a tiny invisible image ) with a query string in the URL. Within the URL we have user details to identify who opened an email for statistical purposes.
All links within emails and SMS messages sent from the Force24 platform contain a unique tracking reference, this reference help us identify who clicked an email for statistical purposes.
Except for essential cookies, all cookies will expire after 24 months.
13.3 How to block cookies
If you want to delete any cookies that are already on your computer, you should check the instructions for your file management software to locate the file or directory that stores cookies.
You can learn about and opt out of a number of commercial third-party cookies (including some used by us) at www.networkadvertising.org. Some of the opt-outs used by our commercial service providers require a cookie to be placed on your computer. This “opt-out” cookie is only used to tell the relevant cookie servers not to send you any more cookies. If you keep deleting cookies (including “opt-out” cookies) from your temporary internet files, you might need to repeat the opt-out process, the next time you visit our Website.
For more information about deleting and controlling cookies visit www.youronlinechoices.com or www.aboutcookies.org.
These Terms are effective from 6 June 2021.