Version control: This privacy notice was last updated in: April 2023.
Important information and who we are
Starlinks Global Limited (“Starlinks”/“we”/“us”) provides delivery solutions to retail and wholesale companies on behalf of their customers. We refer to the retail and wholesale companies as our “clients” and the customers as “consignees” in this privacy notice.
Starlinks is an aggregator which means that it brings together a variety of different logistics services and offers them to its clients as a single solution. Many of the services are carried out on our behalf by our partners. In this privacy notice we have summarised the processing of your personal data in relation to our services, whether it is by Starlinks directly or by our partners.
Starlinks respects your privacy and is committed to protecting your personal data. This privacy notice provides information on how Starlinks collects and processes your personal data. It is important that you read this privacy notice so that you are fully aware of how and why we are using your data.
Starlinks is the data controller and is responsible for your personal data. Starlinks is registered with the UK Information Commissioner’s Office and its registration number is C1331277.
If you have any questions about this privacy notice or our privacy practices, please contact us using the details below:
Email address: email@example.com
Telephone: 0203 004 7987
Postal address: JAMES HOUSE, STONECROSS BUSINESS PARK, YEW TREE WAY, WARRINGTON, CHESHIRE, WA3 3JD
How to make a complaint about the use of your personal data by us
If you have any concerns or would like to make a complaint about our processing of your personal data, you may do so via your local data protection authority directly however we would encourage you to contact us on the details above in the first instance as we aim to promptly and satisfactorily resolve any concerns or complaints you may have in relation to our processing of your personal data.
Changes to the privacy notice and your duty to inform us of changes
This privacy notice may be updated from time to time so you may wish to check this page from time to time to ensure that you understand how your personal data will be used and to see any minor updates. If material changes are made to this privacy notice, we will provide a more prominent notice. This notice is effective from 27 April 2023.
How do we collect your personal information?
We collect personal information from our clients and consignees in the following ways:
• following requests or instructions to complete deliveries;
• use of our services and website;
• contact made with us for any reason including any enquiries or complaints;
• completed Starlinks forms and receipts (including proof of delivery receipts);
• completed customer satisfaction surveys;
• reviews left on third party websites;
• information entered or submitted via the Starlinks website;
• for entrance to Starlinks’ sites.
What types of information do we collect?
We may collect, use, store and transfer different types of personal data. This includes information provided from our clients and consignees and information we create when providing the services. Our services and website are not intended for children and we do not knowingly collect data relating to children.For more details on the personal data we process, and how this data is collected or obtained, please see the table below.
How do we use your personal data?
We use the information that we collect for a number of different purposes in order to:
a) provide our logistics services to our clients and to improve that service;
b) process orders and to provide after sales services;
c) enhance or improve consignees' experience of our services via customer satisfaction surveys or reviews on third party websites;
d) analyse consignees’ delivery preferences or how they interact with or use our websites and applications;
e) record and monitor outbound and inbound telephone conversations to ensure consistent service levels, prevent or detect fraud, resolve queries and complaints and for performance management and training purposes;
f) use digital imagery to help maintain the safety and security of our drivers, property, deliveries and the public; and
g) undertake research for analytical and statistical purposes.
Subject to applicable laws, we use your personal data in the following circumstances:
• Consent: you give consent for us to process your data for a specific purpose;
• Contract: the processing is necessary for a contract or agreement with you;
• Legal Obligation: the processing is necessary to comply with the law; or
• Legitimate Interests: the processing is necessary for legitimate interests pursued by Starlinks or another party providing that your fundamental rights do not override such interests.
The purposes for which we process personal data and the legal bases for doing so in each case can be seen in the table at the bottom of this webpage.
Who do we share your personal data with?
Our employees, contractors or agents may access information:
• to provide delivery of goods to consignees, or management of a service;
• to process, deal or respond to any enquiry, complaint or other contact you have made with us;
• to contact you regarding reviews left on third party websites;
• to evaluate customer satisfaction surveys and reviews and improve service delivery; and
• for troubleshooting and maintenance purposes.
We share consignee personal data with our clients for the purposes of providing services to them, for example the provision of proof of delivery and status of delivery information for items we are delivering to consignees on their behalf.
Other Third Parties:
We use data processors who are third parties providing elements of services for us, these may be our partners who we sub-contract parts of the services to, our suppliers or other parties related to the services. We have contracts in place with our data processors. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
We may share your data with other third parties (including the police, law enforcement agencies, credit reference and fraud prevention agencies and other bodies) to protect our or another person’s rights, property, or safety, in connection with the prevention and detection of crime.
In some circumstances we are legally obliged to share information. For example, under a court order or where we cooperate with a regulator undertaking an investigation into complaints or criminal conduct. We might also share information with other regulatory bodies in order to further their, or our, objectives. In any scenario, we’ll satisfy ourselves that we have a lawful basis on which to share the information and document our decision making and satisfy ourselves we have a legal basis on which to share the information.
We may transfer your personal data to the following third parties:
• Logistics and warehousing sub-contractors – our partners who may transport or store goods on our behalf;
• Processing and export partners – our partners who facilitate customs clearance when exporting and importing goods;
• Technology service providers – our partners who provide IT, applications and website services including tracking services and parcel processing software;
• Verification service providers – our partners who provide address verification and address location data to improve the speed and accuracy of our delivery service;
• Customer service providers – our partners who work with us to administer your delivery and provide you with any help you may need;
• Telephony providers – our partners who provide telephone services and functionality;
• Regulators, lawyers, courts and or other governmental agencies or law enforcement agencies. Starlinks may be required to disclose certain personal information because it is required to by law or for the purposes of legal proceedings.
• Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
Transfer of Information
We are a UK based business with data centres in Europe.
We operate globally; our clients and consignees are based all over the world. To provide the services, we will be often be transferring the data that we collect from you to third parties and partners who are located in a different country (this may be outside the EEA and/or United Kingdom) for support, processing or maintenance of the purposes. Any such transfer of information will only be in connection with the services that Starlinks provides and for a purpose that is stated in the privacy notice.
Whenever we transfer your personal data out of the EEA and/or the United Kingdom, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
• we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission (in the case of transfers out of the EEA) or the United Kingdom Government (in the case of transfers out of the United Kingdom); and/or
• where we use certain service providers, we may use specific contracts approved by the European Commission (in the case of transfers out of the EEA) and/or the United Kingdom Government (in the case of transfers out of the United Kingdom), in both cases which give personal data the same protection it has within the EEA and/or United Kingdom as applicable.
Will you be contacted for marketing purposes?
We send commercial e-mails to individuals at our clients or other companies with whom we want to develop or maintain a business relationship in accordance with applicable laws. Individuals at our clients can opt out of receiving marketing emails at any time by using the contact details at the end of this notice.
We do not conduct any form of direct marketing targeted at consignees and we will not share personal data with any third parties for the purposes of direct marketing.
How do we keep your data safe?
Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing, including:
• the pseudonymisation and encryption of personal data;
• the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
• the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and
• a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
We ensure that those who have permanent or regular access to personal data, or that are involved in the processing of personal data, or in the development of tools used to process personal data, are trained and informed of their rights and responsibilities in when processing personal data.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority of a breach where we are legally required to do so.
How long do we keep your information for?
We will hold your personal information securely for as long as is necessary to provide our services. Once the services are completed, we will determine how long to retain the different types of information about you based on our Retention Policy and the following requirements:
• How long the information is needed for the specific purpose or purposes it is used for;
• Legal and regulatory requirements – For example, if Starlinks is required to retain client and or consignee records for an additional period of time in order to comply with a legal (including regulatory) requirement; and
• To maintain records in the event of any potential or actual claims.
In some circumstances you can ask us to delete your data: see your legal rights below for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
What are your legal rights?
Under certain circumstances, you have rights under data protection laws in relation to your personal data:
• Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, Starlinks may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
• Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
o If you want us to establish the data's accuracy.
o Where our use of the data is unlawful but you do not want us to erase it.
o Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
o You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
• Right not to be subject to automated decisions where the decision produces a legal effect or a similarly significant effect on you.
If you wish to exercise any of the rights set out above, please contact us on the contact details above.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from.
How can you exercise your legal rights?
If you wish to exercise any of your legal rights, please contact us on the details above.
Types of data
This includes your name, address, email address and telephone number(s).
If you work for one of our clients we will record your business’s name, your position in the business and the business’s address, email address and telephone number(s).
If you visit one of our sites, we will request your name, job role and vehicle registration.
This information is collected from you if you use our services directly or from our clients or other consignees when you are a recipient of services from one of our clients or another customer.
Alternatively, we may obtain personal details from third parties. For example, where we acquire third party data or information to verify delivery addresses and or delivery locations.
When we take information on a site visit this is to confirm your identity for security purposes.
Information for customs clearance
Your national ID number (where applicable).
Customs regulations in certain countries require you to provide ID for customs clearance. We safely & securely store the ID information in order to transmit the information to the carrier and Customs officials.
Data recording your preference to receive communications about delivery dates and time slots.
This information will be created when you provide contact information and preferences in the course of an interaction with us, such as when you are receiving a delivery from us.
Records of payments and payment information such as payments for loss or damage or returning of funds collected under cash on delivery
You provide this information yourself if we need to make a payment to you.
Records of services that you have used. This includes records of deliveries you have requested and details of consignee details provided.
You provide much of this information yourself when you use our services. We will also generate information in the course of providing our services.
Records of services and deliveries that have been received by you and all interactions with us.
Information will be provided from our clients you have placed orders with, yourself, interactions with you and records created by us when providing the service.
Address and Address history
We will hold records of addresses, for example, billing, delivery, previous and rearranged delivery addresses and locations used.
Information will be provided from clients, information you provide if you changed or rearranged delivery services or third party address verification services.
A building or delivery point address including latitude and longitude data may also include personal data (for example, where a delivery point/property is identified by personal data being processed).
Information provided by clients, you or third parties used to verify address details to improve delivery accuracy.
Contact history, including enquiries and complaints
These are details of any enquiry, complaint or claim you have made to us and may include copies of correspondence and call recordings.
You will provide this information to us when you contact us to make an enquiry or complaint. We will also create records relating to this contact. This will include any information you provide including any sensitive information provided.
Records of calls for training, quality purposes or to investigate complaints or for the detection, investigation and prevention of crime (including fraud).
You will be advised when calling us if a call is being recorded. We will record inbound calls for delivery bookings and enquiries. We will also create records relating to telephone calls.
Proof of delivery information
Records of delivery including the signature, name and address of people who sign for or accept delivery of items.
You provide this information if you accept delivery of an item, including when you accept delivery of an item for another person, such as a neighbour.
If a recipient is different from the consignee (for example, if a delivery has been arranged or ordered for a third party). Recipients name and address are used to collect, sort, track and deliver an item. A client or consignee may also provide us with contact information, such as your phone number or email address, so that we can provide delivery updates.
We receive this information from clients arranging deliveries or consignees requesting alternative delivery or placing orders on another person’s behalf.
Recordings of you
Images recorded on CCTV and other equipment used to protect our consignees, employees and property.
We will record images of you if you a visit a location where CCTV is in operation, such as our warehouses, receptions, transport areas or depots. Vehicles may be fitted with reversing cameras as well as forward-facing / cab cameras.
‘Safe Place’ Images
Digital images of parcels left in situ and delivery exceptions. These may contain location or other information that links the image to a consignee or otherwise identifies an individual.
We create this information when digital images are taken of parcels left in situ , images of property and delivery exceptions are taken.
Customer satisfaction survey data
Completed customer surveys used to review and improve our services.
You provide this information if you agree to complete a survey or questionnaire about the service you received.
Reviews on third party websites
Reviews on third party websites used to evaluate and improve our services.
If you include personal identifiers or order details in your review, we will use this to identify your order to evaluate and improve our services.
A cookie is a piece of information in the form of a very small text file, which is transferred to an end user’s device when a website or internet based service/application is accessed by a user.
For details of Cookies used by Starlinks, please see the Cookies section below.
How do we use your personal data?
Lawful bases for processing
Providing services to the consignee where there is a contract or agreement in place (between the consignee and the client) as a result of an order placed with one of our clients.
Contract – we need to process your data to provide our services to you in accordance with that contract.
Providing delivery services to a third party recipient, such as when someone sends you a delivery for a third party and we use your data to deliver it or provide delivery updates.
Legitimate Interests – we need to process your data to provide these delivery services and fulfil our contracts with our clients, including delivering the parcels to you and providing additional services, such as delivery updates.
Providing delivery via a third party, where a third party has agreed to accept delivery of an item on behalf of another person (such as a neighbour) and the consignee has provided details to enable us to record the delivery, including where we inform the sender and the intended recipient that the third party has taken delivery of the item.
Legitimate Interests and consent – we need to process your data to provide the sender and recipient with your details in order to complete the delivery and to allow the delivery to be properly tracked within our records and customer relationship management system.
Where we provide a service which informs both the sender and recipient of services about the delivery status and timing of that service.
Contract and Legitimate Interests – we need to monitor the delivery status of items to keep senders and recipients informed and to improve our service delivery and provide better information to our clients and consignees.
Customer services – dealing with enquiries, complaints or claims relating to our services.
Contract and Legitimate Interests – we may need to process your data so we can handle and resolve any enquiry, complaint or claim raised by you or another person related to a contract and or other issue.
Providing data services to our clients, to help them run their businesses better and fulfil their contracts with you. For example, we provide services for the delivery of items ordered from our clients and for the purposes of maintaining and updating accurate address data used for delivery, to process order status information.
Contract and Legitimate Interests – our clients may have contractual obligations with the consignee to be fulfilled and have a legitimate interest to process data in these ways, and we have a legitimate interest to process personal data to support them to do so. In each case, we need to process the consignees’ personal data to fulfil contractual obligations and or to pursue those Legitimate interests.
Enhancing our client and consignees' experience of our services and websites. For example, we use information on your visits to our websites to evaluate and understand how different people navigate our websites and how long they spend on particular pages.
Legitimate Interests – we sometimes need to process personal data to understand how you use our services so we can enhance and improve them.
Customer and market research and analysis, and the development of new services. For example, we may use customer satisfaction surveys and reviews left with third parties to evaluate and understand how our services are working, how they can be improved and for the purposes of developing new delivery services or new enhanced services. We may contact you to discuss a survey or review.
Legitimate Interests – we sometimes need to process personal data to evaluate and improve our services and to develop new service offerings.
Security, preventing fraud and money laundering, and taking action against fraudsters or people who commit an offence.
Legitimate Interests and Legal Obligation – we sometimes need to process personal data to protect rights, property and peoples’ safety.
Legal Obligation – we need to process personal data to comply with revenue and customs regulations.
Prevention and detection of crime – including the use of CCTV to protect our client, consignees, employees, the public and property.
Legitimate Interests and Legal Obligation – we sometimes need to process personal data to protect the rights, property and the safety of people.
Complying with the law, including regulatory requirements.
Legal Obligation and Legitimate Interests – to comply with our legal obligations, including regulatory conditions relevant to our services, and health and safety legislation, we sometimes have to process personal data.