You have the right to object to us processing your personal data on the basis of our
interests or for direct marketing purposes (including any related profiling we do to help ensure
our marketing is relevant to your interests). For more information about your right to object
you can exercise it, see the section Your privacy rights.
1. About us
We are H. Young (Operations) Limited, a private limited company incorporated in (and subject to the
"we", "us" or "our").
registered address is Buckingham House, West Street, Newbury, Berkshire RG14 1BD, UK.
We are the “data controller” of your personal data, which means that we determine the
and the means of use of the personal data we collect about you for the purposes of applicable data
protection law (which includes the General Data Protection Regulation 2016 or
2. What personal data we collect
Personal data is any information which identifies you personally whether directly (for example, your
indirectly (for example, information about your use of our website).
We collect the following personal data about you:
- Basic contact details: We ask you to provide us with your name, title, email
and telephone number if you sign up to receive our marketing communications. We may also collect
all of these contact details as well as your postal address if you register your products with
warranty and recall purposes, enter any of our competitions, complete a survey or send us
contact or correspond with us;
- Gender and product interests: If you sign up to receive our marketing
we ask you to confirm whether you are male or female. We might also ask you to indicate whether
an interest in any particular types of products;
- Product registration details: If you create an account on our website to
products with us for warranty and recall purposes, we ask you to provide the serial number of
products you wish to register in addition to your contact details;
- Information you provide through correspondence, feedback and competitions: We
any additional personal data that you may provide to us from time to time if you contact us by
letter or telephone, through our website or a social media platform or by any other means. In
we collect any additional personal data that you may provide to us if you send us feedback or
of our competitions; and
- Information about how you use our website and services: Each time you visit our
website, where you have consented to cookies, we or our service providers automatically collect
technical information about the device you have used to access our website (including the make,
and operating system, IP address, browser type and mobile device identifiers) and information
user preferences and browsing habits (such as items or links clicked on, web pages viewed and
page download errors). In addition, if you receive emails from us, we or our service providers
automatically collect technical information about how you have interacted with those emails,
whether you have opened them or clicked through any links within them. Please see our Cookie
Policy to find out more about what cookies and other similar technologies we use, and
decline or disable them.
We use the data described above for the purposes set out in the How we use your personal data
3. How we use your personal data
We use your personal data for the following purposes:
To register your products and communicate with you about them for warranty and recall
If you create an account on our website to register your products with us, we keep a record of your
details and the serial number of the products you wish to register with us. We use this information
manager and administer your account and communicate with you about warranty and recall
To inform you of any changes to our services
We use the contact details you have provided to us to notify you of changes to any of our services or
terms of any contracts between us or to any related information (such as changes to this Privacy
To deliver direct marketing (involving profiling to tailor our communications to your
Our marketing communications
If you have provided your consent to do so, we will use your contact details to send you marketing
communications by email and SMS text message about www.genesisbikes.co.uk products,
services, special offers, promotions, giveaways and competitions that we think may be of interest to
You can unsubscribe or opt out of receiving our marketing communications at any time by:
- getting in touch using the contact details set out in the section How you can contact us
- using the “Unsubscribe” link in our emails or “STOP” number in our SMS
- using the “Manage my preferences” feature.
Our use of profiling to send tailored marketing communications
We want to ensure that the marketing communications we send to you are relevant to your interests.
Consequently, we undertake analysis and profiling of the information you provide to us, such as your
and product interests, and other information we collect about how you interact with our
the next section on email interaction technology below). This information helps us build a profile
meaning that if you sign up to receive marketing communications from us, you are more likely to
information about products, services, special offers, promotions, giveaways and competitions that we
are more relevant to you and your interests. It also means that we don’t send the same
communications to all of our customers, so you may not be made the same offers as another
The legal ground for us using profiling to tailor our marketing communications to your interests is
is in our legitimate interests to do so, having taken into account whether your interests and
rights and freedoms are overridden by this type of processing. See Legal grounds for using your
personal datafor more information about our legitimate interests. If you don’t agree
using profiling for this purpose, you can let us know (see How you
can contact us). If you do
object, we won't be able to continue to send you tailored marketing communications, which means the
information you receive from us may not be as relevant to you.
Email interaction technology
If you receive emails from us, we or our marketing service provider may automatically collect
information about how you have interacted with those emails, including whether you have opened them
clicked through any links within them. This helps us understand how an email campaign performed,
of emails and content our customers find interesting, and what actions our customers took, so we can
our email campaigns in the future and make our emails more relevant to you. Please see our Cookie
Policy to find out more about this, including how to turn this functionality off.
Freewheel marketing communications
H. Young (Operations) Limited, the “data controller” of your personal data, operates
website called Freewheel (www.freewheel.co.uk), where you
purchase various products. We would like to use your name and email address to inform you also of
services, special offers and promotions that we think may be of interest to you on the Freewheel
will only do this where you have provided your consent to do so. You can unsubscribe or opt out of
Freewheel email marketing at any time by using the “Unsubscribe” link in Freewheel
emails or by
contacting us. See the Freewheel Privacy
Policy to find out more about our privacy practices
in relation to the Freewheel site.
To manage, administer and improve our website
We also use the information we collect about you based on your use of our website and services
- manage and administer our website and for internal operations, including for troubleshooting,
analysis, testing and statistical purposes;
- improve the services we offer you through our website;
- help ensure that you get the best from our website by making it as easy and intuitive as
you to use;
- help keep our website safe and secure; and
- make suggestions and recommendations to you and other users of our website about products or
that may interest you or them.
and other similar
technologies in this context, and how to decline or disable them.
To provide and improve customer support
We use your personal data to be able to provide and improve the customer support we provide to you
example, where you have questions about our products and services).
To run our competitions
If you choose to enter a competition that we run, we need to use your contact details and any other
data that you provide at the time of entry so that we can manage the competition and let you know if
won! If we ask for any other personal data as part of the competition, we will let you know at the
entry exactly how we will use it.
To respond to communications or enquiries from you, and address complaints and
We use the personal data we hold about you to help us respond to any enquiries or complaints you have
or address any dispute which may arise in the course of us providing our services to you.
Please note that if you contact us through a social media platform, we will only use the publicly
information about you (determined by your social media platform privacy settings) for the purposes
responding to you. Please see the privacy statements of the social media platforms you use for
how they use your personal data, who they share it with and how you can manage your privacy settings
To conduct market research
We may invite you to be involved in market research. If you accept our invitation, we will use your
to improve our website and the services available through it. If you tell us that you don't want to
contacted for this purpose, or you don't accept our invitation, we will respect this choice and it
affect your ability to access and use our website or interact with us in other ways.
To provide other services requested by you from time to time
We process your personal data to provide any other services requested by you from time to time, as
at the time we collect the data.
To maintain our records and improve data accuracy
We process personal data in the course of maintaining and administering our internal records. This
processing your personal data to ensure that the information we hold about you is kept up to date
To conduct business analytics and reporting
We may aggregate the data we hold about you on an anonymous basis with other data for analytical and
To comply with our legal obligations and to detect, prevent and investigate other actual or
violations of law or misuse of our website
In certain circumstances, we use your personal data only to the extent required in order to enable us
comply with our legal obligations, including to detect, prevent and investigate fraud or to
exercise of your consumer rights. In addition, we may need to use your personal data to detect,
investigate any other actual or suspected violations of law or misuse of our website.
4. Legal grounds for using your personal data
Applicable data protection law requires us to only process your personal data if we satisfy one or
grounds. These are set out in law and we rely on a number of different grounds for the processing we
out, depending on the purposes of the processing. These are as follows:
Necessary for the purposes of our legitimate business interests
Much of the personal data we collect about you is necessary for the purposes of our legitimate
interests as a
business, which are to:
- provide our customers with services that are as useful and beneficial as possible, including by
personalising our contact with customers;
- develop and improve our website to enhance the customer experience;
- safeguard the security and effective operation of our website;
- better understand our customer base by engaging with customers and conducting research into, and
analysis of, how customers interact with us and use our website and the services available
through it so
that we can improve those services, marketing activities and communications (all of which could
benefit you); and
- ensure effective operational management and internal administration of our business, including
relation to document retention, compliance with regulatory guidance and exercise or defence of
To help us achieve these outcomes, we profile your personal data, including by combining the data we
about how you use our website and services with other information we hold about you.
Please note that where we wish to rely on this legal ground, we are required by law to conduct
tests to determine whether our legitimate interests are overridden by your interests or your
rights and freedoms. We may continue to process your personal data on the basis of our legitimate
only if we determine that your interests, rights and freedoms are not overridden by our legitimate
We have considered these matters and where we think there is a risk that your interests or
and freedoms may be affected we will not process your personal data unless there is another legal
us to do so (either that we have obtained your consent to the processing or it is necessary for us
perform our contract with you or to comply with our legal obligations).
Please contact us if you would like further information regarding our balancing tests (see How you
can contact us).
In certain limited circumstances, we also process your personal data after obtaining your consent to
for the purposes of:
- sending you marketing communications about www.genesisbikes.co.uk products,
special offers, promotions, giveaways and competitions;
- sending you email marketing in connection with our Freewheel site (www.freewheel.co.uk);
- collecting market research data.
You don’t have to provide your consent, and can withdraw it at any time.
Necessary for the performance of a contract and to comply with our legal obligations
In some cases, it is necessary for us to process a limited amount of personal data we collect about
the performance of certain contracts between us. This includes your contact details and any other
information you provide to us if you enter any competitions that we run from time to time or if we
you with any other services that you have requested and for which terms and conditions apply. We
you know if this is the case at the relevant time.
In certain circumstances, we also use your personal data only to the extent required in order to
enable us to
comply with our legal obligations, including to detect, prevent and investigate fraud or to
exercise of your consumer rights.
5. Who we disclose your personal data to
H. Young (Operations) Limited, the “data controller” of your personal data, has a number
different business divisions. Personnel within those different divisions assist with the management
operation of www.genesisbikes.co.uk and as a result, have access to your personal
Where you have provided your consent to do so, your name and email address will be used by other
within H. Young (Operations) Limited who operate the Freewheel website (www.freewheel.co.uk) for the purposes of sending you
about products, services, special offers and promotions that we think may be of interest to you on
Freewheel site. See the Freewheel Privacy
Policy to find out more about our privacy practices
in relation to the Freewheel site.
In addition, we may from time to time need to disclose your personal data to third parties in order
provide you with our services and ensure the effective operation of our website. The providers of
services are granted access to certain personal data to the extent necessary for them to perform the
services that we request. Any personal data that is processed by third parties must be processed in
accordance with applicable data protection law and subject to contractual obligations, including
security and confidentiality. The third parties are:
- UK Fast, which provides us with a platform from which we can host and operate
- MailChimp, our marketing service provider, which assists us with our marketing
activities and sends you email marketing on our behalf. In addition, in certain circumstances,
third party may use your personal data for their own legitimate business purposes as a "data
controller" in their own right. Please see MailChimp’s privacy statement available here for details of how they use your
data as a “subscriber” of our marketing communications and how you can manage your
settings with them; and
- Falcon, which provides us with a social media and customer engagement tool to
to better manage and operate our social media presence and interact with our customers.
We may also disclose your personal data:
- if we buy or sell any businesses or assets, to the buyer or seller (or prospective buyer or
and/or their advisers; and
- if we are under a duty to disclose or share your personal data in order to comply with (and/or
believe we are under a duty to comply with) any legal obligation, or in order to protect the
property or safety of our business, our customers or others. This includes, in specific cases,
information with law enforcement or regulatory agencies, or authorised third parties, in
response to a
verified request relating to a criminal investigation or actual or suspected violation of law,
our website or breach of contract that may expose us and/or any customer or third party to legal
Additionally, where you have consented to cookies, we allow third parties such as
set Google Analytics cookies on your device to assist us with the improvement and optimisation of
website. Google Analytics cookies collect information such as items clicked on, web pages viewed and
pages where users are encountering download error messages from time to time. Please see our Cookie
further information provided by Google about their practices), and how to decline or disable them.
6. International transfers of personal data
The personal data we collect about you is stored by us on secure servers located within the European
Area (“EEA”) and processed by us in the UK.
transferred or processed outside the EEA by or to our third party service providers. The countries
not have laws which protect your personal data to the same extent as in the EEA. We are required by
data protection law to ensure that where we or our third party service providers access, transfer or
your personal data outside the EEA, it is treated securely and is protected.
We do this by ensuring that at least one of the following safeguards is implemented:
- EU-US Privacy Shield: We use MailChimp, which is based in the
States and processes your personal data in the United States. Pursuant to GDPR Article 45, your
data is transferred by MailChimp to the United States on the basis of their self-certification
Privacy Shield framework, which requires them to provide similar protection to personal data
between the European Union and United States. For further details, see European
Commission: EU-US Privacy Shield.
- Standard data protection clauses adopted by the EU Commission: Pursuant to GDPR
46(2), where required we use specific contracts approved by the European Commission, which give
data the same protection it has within the EEA. For further details, see European
Commission: Model contracts for the transfer of personal data to third
Please contact us if you would like more information about the countries to which your personal data
transferred and the specific safeguards that are used to protect your personal data when it is
outside the EEA (see How you can contact us).
7. How long we keep your personal data for
We retain your personal data for no longer than is necessary for the purpose(s) for which it was
What this means in practice will vary between different types of data. When determining the relevant
retention periods, we take into account factors including:
- legal obligation(s) under applicable law to retain data for a certain period of time;
- statute of limitations under applicable law;
- the warranty period for any products you register with us;
- potential or actual disputes; and
- guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your personal data from our systems when it is no longer needed.
8. Your privacy rights
The table in this section below explains what rights you have with regard to your personal data.
are not absolute and are subject to certain exceptions and qualifications.
For more information about your rights or if you would like to exercise any of your rights, you are
to contact us using the contact details set out below under How
you can contact us.
Please note that if you ask us to stop using your personal data in a certain way or erase your
and this type of use or personal data is required by us in order to facilitate your use of our
services in any way, you may not be able to use our website or services as you did before. This does
include your right to withdraw your consent to receiving marketing communications from us, which you
so at any time without restriction.
What does this mean?
You have the right to be provided with clear, transparent and
understandable information about how we use your personal data and your rights. This is
You have the right to receive confirmation from us that your
data is being processed, and where that is the case, obtain access to the personal data
hold about you and certain other information (similar to that provided in this Privacy
You have the right to require us to rectify any personal data
hold about you if it is inaccurate or incomplete. Please contact us if you believe that
personal data we hold about you is inaccurate or incomplete.
This is also known as ‘the right to be forgotten’
simple terms, enables you to request the erasure of the personal data that we hold about
- the personal data is no longer necessary for the purpose it was originally
- you withdraw your consent (where consent was previously provided and required for us
process the data);
- you object to the processing, as long as there are no overriding legitimate grounds
to continue the processing;
- we’ve been processing your personal data unlawfully, or
- your personal data has to be erased in order to comply with a legal obligation.
This is not a general right to erasure; there are exceptions. For example, we have the
continue using your personal data if such use is necessary for compliance with our legal
obligations or for the establishment, exercise or defence of legal claims.
- Right to restrict processing
You have the right to restrict further processing of your
- you consider the personal data we hold to be inaccurate, in which case we have to
any processing while we verify the accuracy of your personal data;
- the processing we are carrying out is unlawful and you request us to restrict
rather than erasing your personal data;
- we no longer need the personal data, but you need it to establish, exercise or
legal claim; or
- we are considering our legitimate interests for processing your personal data to
When processing is restricted, we can still store your personal data, but may not process
further without your consent (unless processing is required in connection with legal
protect another person’s rights or on important public interest grounds).
- Right to data portability
You have the right to obtain and reuse the personal data that we
about you in a structured, commonly used and machine-readable format, and (where
feasible) to have such information transmitted to another "data controller",
- this is personal data you provided to us (i.e. not any other information);
- we are processing such data on the basis of your consent or to perform a contract
- the processing is carried out by automated means.
- Right to object to processing
You have the right to object to processing in the following
- where the processing of your personal data is based on our legitimate interests.
we can show compelling legitimate grounds for processing your personal data which
your interests, rights and freedoms, or we need your personal data to establish,
defend legal claims, we can continue to process it. Processing of your personal data
restricted while we make this assessment. Otherwise, we must stop using the relevant
personal data; or
- where your personal data is processed for direct marketing purposes (including
related to such direct marketing).
- Right to withdraw consent to processing
If you have given your consent to us to process your personal
data for a
particular purpose (for example, to send you marketing communications), you have the
withdraw your consent at any time (although if you do so, it does not mean that any
of your personal data up to that point is unlawful).
- Right to make a complaint to the data protection authority
You have the right to make a complaint to the Information
Office (ICO) if you are unhappy with how we have handled your personal data or believe
processing of your personal data does not comply with applicable data protection law.
contact details of the ICO are set out below under How
you can contact us.
10. Children’s personal data
We do not knowingly collect personal data from children under the age of 16. If you become aware that
child or any child for which you have parental responsibility has provided their personal data to us
your consent, please contact us using the contact details set out above under How you can contact
11. Links to other websites
Our website may, from time to time, contain hyperlinks to third party websites or other websites
encourage you to read the privacy statements on the other websites you visit, as they will govern
the use of
any personal data you provide when visiting those websites.
where appropriate, we will notify you of the changes, for example by an email notification. We
that you check this page from time to time to ensure that you are aware of and understand any