Who are we?
We're The Bike Club Limited (‘we’, ‘us’, ‘ours’), and operate under the Bike Club. We are a UK registered company number 10098146, and are authorised and regulated by the Financial Conduct Authority under registration number 747044.
This notice explains how and why we use your personal information when you become a member, create a Bike Club account or use our services for Bike Club members on www.thebikeclub.co
Got a question about something in this notice, or want to contact our Data Protection Officer (DPO)?
- Chat with us through Live Chat or send us an email at firstname.lastname@example.org 🤙
- Write to us at the Bike Club, 1 Long Lane, London, SE1 4PG, UK ✍️
The information we hold, and why
Information you share with us
- When you use our website; such as your IP address, operating system browser and the pages you visit
- When you apply; such as your home address, DOB, name, email and phone number
- When you order; such as your delivery address, order details and payment data
- When you talk to us; such as the photos, reviews and survey responses you share with us, the information you give us (phone calls are recorded, email attachments are stored)
- When you connect with us; public details from your social media profiles (like Facebook, Instagram or Twitter) if you reach out to us via these platforms, and the contents of your messages or posts to us
- As a member; the bikes you hold, payments you make and account standing information.
Information we get from external sources
When you sign up, we search your record at credit reference agencies to check if we can accept you as a member to manage our business risk. This is a 'soft search' and won’t impact your credit score. You can read more about our credit checks here.
Why we collect your data
We use your information to make sure your membership with us is the best it can be. This includes things like:
Improving our products and services for you and other members, making sure everyone gets the best experience, performing market research to understand our members views and personalising our experiences to make our service more intuitive & engaging;
Keeping you up-to-date and informed and responding to your enquiries promptly and efficiently
Legal, regulatory or business reasons such as assisting with crime and fraud prevention, assessing credit risk and service provision
Why we use your data
How we process your data under GDPR falls under four main categories: contractual, consent, legal requirement and legitimate interest. You'll always receive information relating to your account, but you can also opt in to receive our newsletter or other offers. We will not sell your information, and we will never give your information to a third party for marketing unless you have expressly given us your permission. However, we may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Where we have to, legally. We use your data to:
- Prevent crime and criminal activity
- Comply with any legal or regulatory requirements
- Respond to requests from police or governing body
When you want to join. We use your data to:
- Evaluate your application
- Perform a soft credit check
- Deliver the services and products you order
- Responding to your contact and resolving your issues
- Send you information about new products, promotions and club activities related to your membership
- Collecting money owed by you
When it’s legitimate. We use your data:
- To find other customers like you via anonymised, look-alike targeting
- To provide the bike subscription service you ordered including shipping, payment, customer service etc
- To serve you ads or record path to purchase outside our platform via cookies & tracking pixels
- To improve our services and suggest new & partner services you might like based on your purchase behaviour or customer profile
When you tell us we can. We’ll ask for your consent to:
- Tell you about partner products and services
- Tell you about other products we stock that you might like
- Receive our newsletter
You can ask to be removed from our database at any time by contacting the DPO at email@example.com but if you exercise your right to be forgotten, we may not be able to provide you with any services.
Who we share your data with
Companies that give services to us. Here we mean companies that help us provide services you use, and need to process details about you for this reason.
We share your information in the following situations:
- With partners, suppliers, agents, subcontractors and software companies who help us deliver the products and member services you've chosen to use;
- When you have provided your consent;
- When we have legal or regulatory requirements.
- Companies that help us with marketing (but we won’t share identifiable personal data with third parties for their own direct marketing)
Law enforcement and other external parties. We may share your details with:
- the police, courts or dispute resolution bodies if we have to
- debt collection agencies if you are in arrears and we are unable to come to a resolution with you directly
- any other third parties where necessary to meet our legal obligations
Making automated decisions
We sometimes use computers to make decisions. We do this when you apply to become a member of the Bike Club, request additional bikes, and sometimes when you exchange. To make a decision, we will use the information we hold on you alongside information we receive from credit reference agencies. This will include details on whether you've kept up to date with payments, and if your financial situation has recently changed. You can review our full policy on applications here. We never reject an application unless a member of staff has reviewed it first.
How long do we keep your data?
We keep most of your data for as long as you’re a member, and for 6 years after that to comply with the law and if we face a legal challenge. In some circumstances, like cases of fraud, we may keep data longer if we need to and/or the law says we have to.
In each case, the length of time that we need to keep the information may be different, but we will only keep the information for as long as we need it.
You have the following rights:
- access the personal data we hold about you, or to get a copy of it
- ask for a copy of your personal data in a portable (machine-readable) format or make us send it to someone else
- make us correct inaccurate data
- ask us to delete, 'block' or suppress your data, though for legal reasons we might not always be able to do it
- say no to us using your data for direct marketing and in certain other ‘legitimate interest’ circumstances
- withdraw any consent you’ve given us
- ask a member of staff to review a computer-made (automated) decision
To do any of these things, please contact us through Live Chat or by emailing firstname.lastname@example.org. EU data protection laws, like the GDPR, give us one month to respond.
How to make a complaint
If you have a complaint about how we use your personal information, please contact us through Live Chat or send an email to email@example.com and we’ll do our best to fix the problem. You can also reach our Data Protection Officer in these ways.
If you’re still not happy, you can refer your complaint with the UK’s supervisory authority which is the Information Commissioner’s Office (ICO). For more details, you can visit their website at ico.org.uk.
Changes to this notice 📝
We’ll post any changes we make to our privacy notice on this page and if they’re significant changes we’ll let you know by email.