We, Blackhawk, are committed to protecting your privacy and developing technology that gives you the most powerful and safe online experience. This privacy notice (“Notice”) applies to this website and governs data collection and usage. This Notice is drafted to ensure compliance with your rights under the General Data Protection Regulation and the rights detailed in the UK Data Protection Act 2018. By using this website, you consent to the data practices described in this Notice.

This document explains:

  1. Who we are
  2. Blackhawk Service Users: The information we collect
  3. How we use your information
  4. Who we share your information with
  5. How we store your information
  6. How long we will keep your personal information for
  7. Granting & withdrawing contact consent
  8. Accessing your information
  9. Correcting your information
  10. Restricting use of your information
  11. Porting your information
  12. Changes to our Privacy Notice
  13. Information about the ‘Cookies’ used on this website
  14. Contacting Blackhawk

Please read the following information carefully to understand our approach to your personal information.


We are Blackhawk Network (Europe) Limited & Subsidiaries , an English company whose registered office address is at: Westside, London Road, Hemel Hempstead, Hertfordshire, HP3 9TD. Our administrative offices are located at the same address and our contact details are:


We may collect from you and use many different kinds of personal information, and group them together like this.

Categories of personal information Description
Socio-Demographic This includes details about your work or profession, nationality, education and where you fit into general social or income groupings.
Transactional Details about activity with us.
Contractual Details about the products or services we provide to you.
Locational Data we get about where you are, such as may come from your mobile phone, the address where you connect a computer to the internet, or a shop where you buy something with your card.
Behavioural Details about how you use our products and services.
Technical Details on the devices and technology you use.
Communications What we learn about you from letters, emails and conversations between us.
Social Relationships Your family, friends and other relationships.
Open Data and Public Records Details about you that are in public records, such as the Electoral Register, and information about you that is openly available on the internet.
Usage Data Other data about how you use our products and services.
Financial Your financial position, status and history.
Documentary Data Details about you that are stored in documents in different formats, or copies of them. This could include things like your passport, drivers licence or birth certificate.
Consents Any permissions, consents or preferences that you give us. This includes things like how you want us to contact you and what optional communications you wish to receive.
National Identifier A number or code given to you by a government to identify who you are, such as a National Insurance number.


In addition to our privacy commitment, your privacy is protected by law. This section explains how that works.

Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. This includes sharing it with third parties. The law says we must have one or more of these reasons:

  • To fulfil a contract we have with you, or
  • When it is our legal duty, or
  • When it is in our legitimate interest, or
  • When you consent to it.

A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. If we rely on our legitimate interest, we will tell you what that is.

Here is a list of all the ways that we may use your personal information, and which of the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.

What we use your personal information for Our legitimate interests To manage our relationship with you or your business

To develop new ways to meet our customers’ needs and to grow our business.

To develop and carry out marketing activities.

To study how our customers use products and services from us and other organisations.

To provide advice or guidance about our products and services.

Your consent. Fulfilling contracts.

Our legitimate interests

Our legal duty

Keeping our records up to date, working out which of our products and services may interest you and telling you about them.

Developing products and services, and what we charge for them.

Defining types of customers for new products or services.

Seeking your consent when we need it to contact you.

Being efficient about how we fulfil our legal duties.

To develop and manage our brands, products and services.

To test new products.

To manage how we work with other companies that provide services to us and our customers.

Fulfilling contracts.

Our legitimate interests.

Our legal duty.

Developing products and services, and what we charge for them.

Defining types of customers for new products or services. Being efficient about how we fulfil our legal and contractual duties.

To deliver of our products and services.

To manage relevant fees and charges on customer accounts.

To collect and recover money that is owed to us.

To manage and provide treasury and investment products and services.

Fulfilling contracts.

Our legitimate interests.

Our legal duty.

Being efficient about how we fulfil our legal and contractual duties

Complying with regulations that apply to us.

To detect, investigate, report, and seek to prevent financial crime.

To manage risk for us and our customers.

To obey laws and regulations that apply to us.

To respond to complaints and seek to resolve them.

Fulfilling contracts.

Our legitimate interests.

Our legal duty

Developing and improving how we deal with financial crime, as well as doing our legal duties in this respect . Complying with regulations that apply to us. Being efficient about how we fulfil our legal and contractual duties.

To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance, and audit

Our legitimate interests.

Our legal duty.

Complying with regulations that apply to us.

Being efficient about how we fulfil our legal and contractual duties.

To exercise our rights set out in agreements or contracts.

Fulfilling contracts.


In addition to the above; If this product is operated through your employer then we will generally use your information to process the scheme in accordance with your employer’s requirements and, on occasion, may be required to control the information to deal with you directly regarding elements of the scheme. We obtain the information from you to allow us provide the scheme using the methods stated above and our use of the information is governed by the Data Protection Act 1998 and the General Data Protection Regulation (GDPR).


We may share your personal information with companies within the Blackhawk Network Group and these other organisations:

  • Agents and advisers who we use to help run your accounts and services and explore new ways of doing business
  • HM Revenue & Customs, regulators and other authorities
  • Credit reference agencies
  • Fraud prevention agencies
  • Any party linked with you or your business’ product or service
  • Companies we have a joint venture or agreement to co-operate with
  • Organisations that introduce you to us
  • Companies that we introduce you to
  • Market researchers
  • Companies you ask us to share your data with.

We may need to share your personal information with other organisations to provide you with the product or service you have chosen:

  • Our network of affiliated retailers to fulfil the product or service including delivery companies.
  • If you have a product with incentive, loyalty or other rewards, we will share your data with companies who fulfill those rewards including delivery companies.
  • If you have a debit, credit or charge card with us, we will share transaction details with companies which help us to provide this service (such as Visa and Mastercard).
  • If you use direct debits, we will share your data with the Direct Debit scheme.

We may also share your personal information if the makeup of our company changes in the future:

  • We may choose to sell, transfer, or merge parts of our business, or our assets. Or we may seek to acquire other businesses or merge with them.
  • During any such process, we may share your data with other parties. We’ll only do this if they agree to keep your data safe and private.
  • If the change to our Group happens, then other parties may use your data in the same way as set out in this notice.


Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.

All information you provide to us is stored on secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

The information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), in which case we will make sure that your privacy rights are protected as required by the General Data Protection Regulation.


We will keep your personal information for as long as you are our customer.

After you stop being a customer, we may keep your data for up to 7 years for one of these reasons:

  • To respond to any questions or complaints.
  • To show that we treated you fairly.
  • To maintain records according to rules that apply to us.

We may keep your data for longer than 7 years if we cannot delete it for legal or regulatory reasons.


As long as you give us your explicit consent to do so, we shall tell you about our products and services and those of the Blackhawk Network that we think may be of interest. We may do this by email or post. If you don’t want us to send you any marketing materials you can tell us in one of the following ways:

  • By visiting your online profile page on the relevant Blackhawk service website and changing your contact preferences;
  • by clicking once on the unsubscribe link contained in our Newsletters and non-essential email communications. You will be directed to a Marketing Preference Centre where you can unsubscribe from all marketing communications or, if you so choose, tailor the communications you receive from us according to your needs;
  • by contacting us at
  • by writing to us at Westside, London Road, Hemel Hempstead, Hertfordshire, HP3 9TD;

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy notices and that we do not accept any responsibility or liability for these notices. Please check these notices before you submit any personal information to these websites.


If you want to know what information we hold about you, please contact us at the email address below. We may have to contact you to verify the authenticity of any communications received by us that indicate they have been sent by you.


If any information you have provided to us needs correcting or amending, please contact us by writing to us by email using the contact details below.

If you do, we will take reasonable steps to check its accuracy and correct it.


You have the right to object to our use of your personal information, or to ask us to delete, remove, or stop using your personal information if there is no need for us to keep it. This is known as the ‘right to object’ and ‘right to erasure’, or the ‘right to be forgotten’.

There may be legal or other official reasons why we need to keep or use your data. But please tell us if you think that we should not be using it.

We may sometimes be able to restrict the use of your data. This means that it can only be used for certain things, such as legal claims or to exercise legal rights. In this situation, we would not use or share your information in other ways while it is restricted.

If you want to object to how we use your data, or ask us to delete it or restrict how we use it, please contact us at the address below.


From 25 May 2018 you will have the right to get your personal information from us in a format that can be easily reused. You can also ask us to pass on your personal information in this format to other organisations.

This is called the ‘right to portability’.

If you wish to obtain a reusable copy of the personal information held about you for the purposes of any of the services we provide to you please contact us on the email address below.


Any changes we may make to this Notice in the future will be posted on this page and, where appropriate, notified to you by email or highlighted to you when you visit one of our service websites. We recommend that you periodically review this Notice to make sure that you are aware of its content.


Blackhawk uses cookies (small text files placed on your device) and similar technologies to provide our websites and online services and to help collect data. Cookies allow us, among other things, to store your preferences and settings; enable you to sign-in; combat fraud; and analyse how our websites and online services are performing.

You have a variety of tools to control cookies, including browser controls to block and delete cookies, controls from some third-party analytics service providers to opt out of data collection and in application settings to control which cookies we will use. Your browser and other choices may impact your experiences with our products.


Questions, comments and requests regarding this Notice are welcomed and should be addressed to

If you have any further queries or complaints that we are not able to answer you should contact the Data Privacy Supervisory Authority for the country in which you reside:

United Kingdom: Information Commissioner’s Office

Republic of Ireland: Data Protection Commissioner

Germany: Federal Commissioner for Data Protection and Freedom of Information

Netherlands: Dutch Data Protection Authority