Privacy Policy

Privacy Policy

This privacy notice was last updated: June 2025

This privacy notice tells you what to expect when Heathrow Airport Limited (“Heathrow”) collects personal information about you when you use any Commercial Service offered by Heathrow, these include (but are not limited to):

  • The Reserve & Collect Service; 

  • The Personal Shopper Service; 

  • The Collect on Return Service; 

  • The Returns Promise Service; 

  • The Terminal Shopping Transfer Service; 

  • The Home Delivery Service; 

(collectively known as the “Retail Services”)

  • Official Heathrow Parking; 

  • Heathrow Fast Track; 

  • Heathrow Meet & Assist; 

  • Heathrow Porters and Airport Lounges; 

  • Heathrow VIP; 

  • Heathrow Rewards Loyalty Programme; 

  • Heathrow Terminal Drop-Off Charge; 

  • Heathrow Customer Service Centre (if you wish to make an enquiry to our Customer Service Team, click and follow this link:  https://www.heathrow.com/contact-us/send-usyour-feedback);  

  • Heathrow Wi-Fi service; and 

  • Heathrow Photo and Video Asset Library

  • The Heathrow app

  • My Heathrow Account

Heathrow is committed to protecting your personal information when you use the Commercial Services. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws concerning the protection of personal data, including the UK General Data Protection Regulation (“UK GDPR”). Your information will be kept in a secure environment and access to it will be restricted according to the “need to know” principle.

What information will we collect about you?

Depending on the Commercial Service you use, we may collect the following information about you:

  • Title and salutation; 

  • Name (and the name of your guests, if applicable for VIP services); 

  • Guardian full name, email address and phone numbers (if applicable); 

  • Status (diplomatic status or organisation status and category if applicable for VIP services); 

  • Address and postcode; 

  • Email address; 

  • Gender; 

  • Nationality; 

  • Country; 

  • Preferred language; 

  • Date of birth (note that you must be over 18 years of age to participate in the Heathrow Rewards Loyalty Programme); 

  • Phone number (in respect of the Heathrow Rewards service, we will only contact you by phone if we have a query with your account); 

  • Date of travel and reason for travel; 

  • Flight number, flight time, travel class and destination; 

  • Special assistance requirements (for example, if you state that you require a wheelchair for the Personal Shopper and Terminal Transfer Shopping Services); 

  • Payment Details, including a billing address when you use our VIP service (payment details are only stored if you request it on your account and this is via Mastercard Payment Gateway/Hosted Checkout); 

  • Staff ID number (if you are a Heathrow staff member); 

  • Employer (if you are a Heathrow staff member); 

  • Information of products purchased or reserved; 

  • Heathrow Rewards customer loyalty number; 

  • Heathrow Marketing preference; 

  • Proof of Purchase when using the Returns Promise service; 

  • Passport and ID (including the expiry date of your passport); when you use our VIP service); 

  • We may process your prescription and or doctors’ letters when you chose to provide to us in order to fulfil the VIP service. We rely on your consent to do this.

  • Transaction data; 

  • Heathrow Rewards login credentials (if you are a Heathrow Rewards member); 

  • Any additional details you provide in relation to a customer service enquiry, this could include (but not limited to) vehicle registration number, flight details, proof of ID, booking references, card details, redacted bank statement (where relevant) or other account details. Please note, this differs depending on your enquiry.

  • Vehicle registration number when you use the Heathrow Terminal Drop-Off Charge service. Please note, Heathrow will only collect the first name, last name, and email address of users who consent to their details being used for marketing purposes. This information will be collected by APCOA on our behalf and transferred to our marketing agents (see details below)

  • Details of the order such as product information, quantity, and status of the order

  • Details of your Blue Badge when you use this for the Terminal Drop off Service

  • Payment information which is processed by Stripe, for more information on how Stripe process your data please see the privacy policy: https://stripe.com/gb/privacy  

Heathrow collects information about how you use the Website and the Commercial Services via the Website and the device(s) you use to access the Commercial Services. This includes collecting unique online identifiers such as IP addresses, which are numbers that uniquely identify a specific computer or other network device on the internet. For more information, see our section on ‘cookies’ below.

How will Heathrow use the information it collects about me?

Heathrow will use your personal data for a number of purposes including the following:

Use of data

Purpose

Justification

To provide the Retail Services to you

Contract

We collect information to provide the Reserve & Collect Service to enable you to reserve products listed on the Website and to enable the delivery of the reserved products to you at either a retailer’s store at Heathrow Airport or to a Heathrow operated collection desk at Heathrow Airport for purchase from third party retailers and collection. For each third-party retailer who concludes a sale of a reserved product at a Heathrow operated collection desk only (and has no physical retail store at Heathrow Airport), more information on each such retailer’s privacy policy can be found here: https://boutique.heathrow.com/en/retailer-privacy-policy.html.

We collect information to provide you with the Reserve and Collect (payment in advance) service. This is to enable you to reserve and pay for products online and collect at the airport. While we handle the fulfilment and service, your purchases with the Retailer will be processed by the relevant retailer.

For more information on how the retailers and Stripe process your data as controllers please see the following privacy notices:

  • https://boutique.heathrow.com/en/retailer-privacy-policy.html.

  • https://stripe.com/gb/privacy

    We collect information to provide the Personal Shopper Service to enable you to pre-book this service on the Website and to enable you to use this service in person in the designated lounges at Heathrow Airport to reserve products and services for purchase from third party retailers. For more information: 

    https://boutique.heathrow.com/en/personal-shopper

    We collect information to provide the Collect on Return service to enable you to store your purchases with us and collect on your return journey back to Heathrow. For more information:https://www.heathrow.com/at-theairport/shopping/collect-on-return

    We collect information to provide the Returns Promise service to enable you to return faulty or unwanted good on behalf of Heathrow retailers within 60 days of purchase and subject to the terms and conditions. The Heathrow Returns Promise operates in parallel with the Retailers’ own existing returns policy. For more information: 

    https://www.heathrow.com/at-the-airport/shopping/returnspromise/returns-policy

    We collect information to provide the Terminal Shopping Transfer service to enable you to book and shop at brands located in terminals which are not in your departing terminal accompanied by Operator personnel for the express purpose of shopping. For more information: https://www.heathrow.com/at-theairport/shopping/terminal-shopping-transfer

    We collect information to provide the Home Delivery service to enable you to shop in Heathrow’s retailers and request for your purchases to be delivered to your UK home address.

    For more information: 

    https://www.heathrow.com/at-the-airport/shopping/home-delivery

    		•

    To provide the Heathrow Rewards Loyalty Programme to you

    Contract/ Consent 

    This includes providing updates and information as well as logging your activities within Heathrow Rewards. Approved third parties may process the data in certain circumstances, for example, refunds of Heathrow Rewards points when a purchase has been returned.  As the refund process is managed separately from the till/transaction location, in order to process the deduction of points after a refund has been made, Heathrow uses the third party to manage the process on our behalf. The lawful justification for collecting and using your personal data for implementation of the rewards scheme is that it is necessary for providing the Heathrow Rewards loyalty programme which you contractually enter into. 

    We collect your data from the information you voluntarily provide us with when you enter a prize draw or competition via our Heathrow Rewards scheme. This will only be used for the purposes of administering and managing the prize draw or competition, including contacting the prize draw or competition winners. The lawful justification for collecting this data is consent for the purposes of facilitating the prize draw or competition.

    To provide you with the Heathrow Wi-Fi service

    Contract

    We will be unable to form a contract and provide you with Heathrow’s Wi-Fi Services without collecting and using your personal data.

    To follow up your enquiry or request via our Customer Service Team, to keep a record of any actions and engagement of our responses.

    Legitimate
    Interest/
    Consent

    Heathrow has a legitimate interest for processing your personal data in order to respond to any customer service enquiries.  

    Where you give us your consent, we will use sensitive data to investigate any concerns in relation to assistance or safety enquiries.

    Where you have provided us with a Customer Service Survey (CSAT) response we will process your results accordingly.

    We may utilise Einstein GPT to aid customer service agents in addressing your enquires, for more information: https://www.salesforce.com/company/legal/privacy/

    We use a variety of contact channels such as webforms, telephone, letters, live chat, WhatsApp and social media platforms such as Twitter, Facebook and Instagram. We may use these channels to respond to your enquiry, depending on how you have chosen to interact with us.

    To provide the Terminal Drop-Off Charge service

    Contract/
    Legitimate
    Interest/
    Consent

    To provide the Terminal Drop-Off Charge service, Heathrow will collect your VRM via Automatic Number Plate Recognition (“ANPR”) and CCTV. This information will then be passed on to APCOA, who manage the process of forecourt access including the enforcement of the program. 

    Heathrow will only collect first name, last name, and email address of users who consent to their details being used for marketing purposes, this information will be collected by APCOA on our behalf and transferred to our marketing agents. 

    The lawful basis for our processing of your vehicle registration data is based on it being necessary to perform our contract with you permitting the use of a vehicle at Heathrow Airport for use of the forecourt. Heathrow also relies upon legitimate interests in connection with data processed in connection with TDOC. The terms and conditions are set out on the signage located around site and online: 

    https://www.heathrow.com/terms-and-conditions/terminal-drop-offcharge-terms-and-conditions

    To provide the Heathrow Parking, Fast Track, Meet & Assist, Porters and Airport Lounges Services.
    Contract
    		 We will be unable to form a contract and provide you with Heathrow Services without collecting and using your personal data. This information is also required to provide you with service information and to respond adequately to potential enquiries in relation to your booking.
    Heathrow collects information on your usage of the Heathrow Photo
    Contract and Legitimate

    The lawful justification for collecting and using your personal data is that it is necessary for the performance of the Heathrow Photo and Video Asset Library which you contractually enter into.
    To provide the Heathrow VIP Service to you
    Contract

    Heathrow has a legitimate interest to ensure that the content is being used correctly.

    We collect your personal information when you use our VIP service. The lawful basis we rely on is contract to ensure we are able to fulfil the service, provide you with service information and to respond adequately to potential enquiries in relation to your booking.
    To send you marketing communications about the Website, the Commercial Services, and any other Heathrow products and services, as well as information.
    Consent

    When you purchase a Heathrow or Heathrow Express product use one of our services or engage with our retail partners, we may send you marketing communications where we have your consent to do so. These communications aim to inform you about latest updates, promotions and exclusive offers, or simply to inform you of the range of services available to enhance your experience when visiting Heathrow or using our online platforms.

    We may combine the data we collect with other information we hold about you if you have used our products and services before, or if you have provided your Heathrow Rewards account number when purchasing from our retail partners. This processing is conducted where we have a legitimate business interest.

    We may also analyse our marketing communications, including how they are received, to evaluate campaign effectiveness and to learn from customer engagement. This helps us better understand our customers’ preferences when interacting with Heathrow and our partners’ products and services. As a result, we can continue to provide ever more relevant content and services, with the aim that our communications are meaningful and that your journey experience is improved.

    You have full control over how we use your data for marketing purposes. If you no longer wish to receive marketing communications, you can update your marketing preferences at any time by:

  • Contacting us at privacy@heathrow.com

    • or

  • clicking ‘unsubscribe’ on the footer of any emails you receive from us or logging into your ‘My Heathrow’ account to update your Marketing Preferences, where you will be offered the opportunity to unsubscribe from marketing emails from:
  • Heathrow Express
  • Heathrow Airport
  • Unsubscribe from all
    		•
    We may share your name and email address with selected partners at Heathrow Airport, including World Duty Free, who will use personal data to send marketing communications to you. We will only do this where you give us clear consent to do so.
    Consent

    You are always in control of how we use your personal data. If you don't want to receive marketing communications from us, you can change your marketing preferences at any time by contacting privacy@heathrow.com, by clicking  'Unsubscribe' on the footer of a Heathrow Commercial Services marketing email or by logging in to your account and updating your preferences.

    We may share your name and email address with selected partners at Heathrow Airport, including World Duty Free, who will use personal data to send marketing communications to you. We will only do this where you give us clear consent to do so. For more information please see their privacy notice here

    To provide you with the Heathrow App.
    Consent and/or
    Legitimate
    Interest

    Where you input your flight details/scan your boarding pass, we have a legitimate interest to process this information and provide you with up-to-date flight and operational information. Where you sign into your reward account on the app, we would process your email alongside your first and last name. To provide you with the opportunity to book and use our Heathrow Commercial Services we would process your personal data in relation to the bespoke service. For more information, please see the commercial services outlined above. To provide you with navigation via our wayfinding feature. Where we have your consent to do so we would process your location and Bluetooth to navigate you to your destination. Where you have provided us with your consent to use your location, to send push notifications and to send you marketing communications we will send you push notifications by capturing your IP address, Device ID and other similar online identifiers to send you personalised content based on your location. This includes promotional material and will only be sent if we have your consent to do so. Other push notification communications include service messaging to make you aware of any disruption to our services. We use affiliate tracking links to ensure you are referred to the right place by analysing referral traffic from our third parties that provide the commercial services. We only do this where we have your consent, if you would prefer not to be part of this you can opt out at any time on the Heathrow App via settings. You are always in control of how we use your personal data. If you don't want to receive marketing communications from us, you can change your marketing preferences at any time by contacting privacy@heathrow.com. Alternatively, you can manage or update your consent via the settings on the app at any time.
    To provide the My Heathrow platform
    Contract

    My Heathrow online account provides seamless access to all Heathrow services. We process your data to enable a single sign-on with multi-factor authentication and security, ensuring access to your My Heathrow account dashboard which displays your orders/bookings, account history and other account details.

    You are always in control of how we use your personal data and can opt out of marketing communications during and after the booking process. You can change your marketing preferences at any time or unsubscribe from Heathrow marketing communications by visiting ‘My Account’ or by clicking ‘Unsubscribe’ on the footer of a Heathrow Commercial Services marketing email. You have the right to object to this processing which you can exercise by contacting privacy@heathrow.com. Please note that if you object, this may affect our ability to send personalised marketing communications to you.

    Your information may be stored, handled, managed and/or used by the following recipients in order to deliver the Commercial Services:

    • Our shopping fulfilment partner who:  

    • (i) provide customer service agents who work on behalf of Heathrow to provide fulfilment and customer assistance services with respect to the Commercial 

    • Services;  

    • (ii) provide payment administration services on behalf of individual retailers to take payments from customers either pursuant to the Reserve and Collect Service and Reserve and Collect Payment in Advance service where the collection is from a Heathrow operated collection desk or for purchase of reserved products and services by customers using the Personal Shopper 

    • Service; 

    • (iii) assist in providing the Returns Promise service working with the retailers and their payment partners in order to facilitate the Returns Promise; 

    • (iv) process refunds of Heathrow Reward points when a purchase has been returned; 

    • (v) fulfil Heathrow Meet & Assist and Porter Services; and 

    • (vi) deliver the Heathrow VIP Personal Shopper Service; 

    • Our loyalty scheme partner who administer the Heathrow Loyalty Programme platform;  

    • Heathrow agents, who provide a service for our marketing requirements such as loyalty program administrators, agents who process our marketing database, loyalty partners (including airline frequent flyer programs) and agents who print personalised stationary for our loyalty scheme. 

    • Our media management partner, who assist with delivering the Heathrow Photo and Video Asset Library Service;  

    • Our trusted data partner(s), who deal with marketing support for our Customer Relationship Management (“CRM”) Platform 

    • APCOA, who manage (a) the CCTV coverage in Heathrow car parks and forecourts, and (b) parking and Terminal Drop-Off Charge services on Heathrow’s behalf (for more information on how APCOA processes data, please see the following link: https://heathrowdropoff.apcoa.com/privacy);   

    • Payment Gateway Partner, who administer the Heathrow VIP hosted checkout payment; 

    • Passenger support suppliers who deliver the Heathrow VIP client chauffeur and gate security service; 

    • Hospitality service partners who deliver the Heathrow VIP hospitality function; 

    • Our trusted lounge partners who assist when a lounge booking has been made;  

    • Airlines to co-ordinate the boarding and/or dis-embarkment of the aircraft for Heathrow VIP service users: 

    • Embassies to verify exemption status and fulfil special passenger requests for Heathrow VIP service users; 

    • Our trusted customer service agents, who work on behalf of Heathrow; 

    • Suppliers of payment processing services who take payment on behalf of individual retailers offering products and services for sale using the Commercial Services;

    • Retailers from whom you purchase reserved products using the Commercial Services; 

    • Heathrow Staff delivering the Heathrow App Service

    • Our trusted third parties who provide the My Heathrow platform

    • Suppliers of technical services delivering the technical administration of the Commercial Services, including (a) third-party IT systems that manage our IT platforms, and (b) IT providers who supply Heathrow with CCTV/APNR technology c) our trusted Wi-fi providers who deliver the Heathrow Wi-Fi service.

    We will not transfer or disclose your personal information, other than as identified in this privacy notice or otherwise except to our trusted third-party partners, to the police, tribunals, courts, regulators, or other authorities to assist them with their investigations or requests or for us to report security incidents or suspected or actual unlawful acts and/or as may be otherwise required by law.

    All information identified in this privacy notice is processed in the UK and the EEA in exception to your information relating to the Heathrow Wi-Fi service which is processed in the United States of America. In addition, some of our trusted partners (i.e. airline frequent flyer programmes) may transfer your information overseas to fulfil your Heathrow Rewards points conversion to the corresponding currency. Where we are responsible for your personal data, we always ensure that your information remains protected and secure when being transferred. 

    How long will Heathrow keep my information?

    Your account information in respect of all Commercial services other than the listed below will be retained for a period of three years from the date of your last interaction after which your personal data will be anonymised.

    Your Heathrow Wi-Fi account information will be retained for a period of 15 days from the date of your last Wi-Fi login at which point all of your personal details are removed from our systems.

    Blue badge details provided for the Terminal Drop off Service will be retained for a period of 14 days after this your data will be deleted.

    Heathrow will retain information in relation to CCTV/ANPR data for a period of 31 days from the date of your drop off after which point it will be deleted.

    What rights do I have over my personal data?

    Under the UK General Data Protection Regulation, you have the right to:

    • Be informed as to how your data is being processed; 

    • Access your personal data by making a subject access request; 

    • Rectification, erasure or restriction of your information where this is justified; 

    • Object to the processing of your information where this is justified; 

    • Where applicable, you have rights in relation to data portability; and 

    • Where applicable, you have rights in relation to automated decision making.

    To exercise your rights, please contact the Heathrow data protection officer using the following contact details:

    Data Protection Officer

    Heathrow Airport Limited

    The Compass Centre

    Nelson Road

    Hounslow

    Middlesex

    TW6 2GW

    Email:privacy@heathrow.com

    Heathrow will retain information in relation to CCTV/ANPR data for a period of 31 days from the date of your drop off after which point it will be deleted.

    What if I find your response unsatisfactory?

    Should you find our response unsatisfactory, you have the right to lodge a complaint with the supervisory authority – the Information Commissioner’s Office (“ICO”). You can find more information on the ICO website at https://ico.org.uk/concerns/ regarding the complaints process.

    EU Representative Contact Details

    A new era has begun for the UK and EU now that the Brexit transition period is over. From time to time, we may process personal data from EU residents. Whenever applicable, we have appointed an EU Representative to ensure that we continuously process your personal data in compliance with applicable laws and without undermining your statutory rights. You can contact our EU Representative at HeathrowEURepresentative@eversheds-sutherland.com and write EU Representative as subject matter. You may also contact our EU Representative per post mail at:

    Eversheds Sutherland Netherlands B.V.

    Attn. EU Representative Heathrow Airport

    Fascinatio Boulevard 212

    Floor 2A

    3065 WB Rotterdam 

    Privacy & Cookies

    Cookies are small text files which are stored on your computer when you visit certain web pages. At Heathrow we use cookies to understand how our sites are used which helps us to improve your overall online experience. Some of the cookies we use are necessary for some of our sites to work whilst other cookies are used to provide tailored advertising by trusted third parties. To find out more about cookies, visit www.aboutcookies.org.

    Heathrow uses the following types of cookies on our websites:

    Strictly necessary - These cookies are essential for our websites to work and without these cookies some services you have asked for cannot be provided. 

    Performance - These cookies are used to collect anonymous information about how you use our websites. This information is used to help us continually improve our websites and understand how effective our adverts are. You can opt out of these cookies by managing your preferences above.  

    Functionality - These cookies are used to provide services or remember settings to enhance your visit for example text size or other preferences. You can opt out of these cookies by managing your preferences above.  

    Targeting and Advertising - These cookies are used by trusted third parties to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of the advertising campaign. You can opt out of these cookies by managing your preferences above.  

    Personalisation - These cookies help us to show you the most relevant content based on your interaction with our website. You can opt out of these cookies by managing your preferences above.  

    Managing cookies:

    You can manage your cookies preferences and opt out of non-essential cookies on our website:

    Strictly Necessary

    Cookie

    Operator

    Durtation

    Purpose

    __cf_bm

    Cloudflare

    1 Day

    Used to maximize network resources, manage traffic, and protect our customers' sites from malicious traffic and Bot detection.

    __cq_dnt
    dw_dnt
    dwsid
    sid

    Salesforce Commerce Cloud

    Session

    Essential in order to provide a good shopping experience, enabling customers to place orders and manage Salesforce Cookie consent.

    dwanonymous_*

    Salesforce Commerce Cloud

    180 Days

    Used to identify repeat customers and save settings and repeat information.

    utag_main
    CONSENTMGR

    Tealium

    365 Days

    Required for cookie and tag consent management

    AWSALB
    AWSALBCORS
    AWSALBTG
    AWSALBTGCORS

    Adobe AEM and Amazon Web services

    1 Week

    These are used for Load balancing to ensure our hosting can cope with website demand.

    1st Party Performance

    Cookie

    Operator

    Durtation

    Purpose

    AMCV_*
    AMCVS_*
    gpv_pn
    gpv_url
    s_cc
    s_vi

    Adobe Analytics

    13M
    Session
    Session
    Session
    Session

    These first party cookies are used to measure the performance of our websites and enable us to improve content and functionality. They are not used for any targeting or identification purposes and will not result in you seeing adverts.

    at_check
    mbox

    Adobe Target

    Session
    13M

    These first party cookies are used for a/b testing on our website to find the best content and layout. They are not used for any targeting or identification purposes.

    3rd Party Performance

    Cookie

    Operator

    Durtation

    Purpose

    _cs_c
    _cs_id
    _cs_cvars
    _cs_s
    _cs_mk

    Content Square

    Session
    13M
    13M
    13M

    These cookies are used to provide our users with a better experience, identify technical issues and monitor and improve the overall performance of our site. They are not used for any targeting or identification.

    Targeting & Advertising

    Cookie

    Operator

    Durtation

    Purpose

    _fbp

    Facebook

    13M

    Used to measure performance of Facebook advertising. This will result in Facebook showing personalized ads through retargeting.

    _gcl_au
    _gcl_aw
    _gcl_dc
    _gcl_gs
    GCL_AW_P
    GCL_DC_P
    __Secure-1PSID
    __Secure-3PSIDCC
    __Secure-3PSIDTS

    Google

    1 Day to 13 Months

    Used to measure performance of Google advertising. This will result in Google knowing you visited Heathrow sites and potentially show relevant and personalized ads through retargeting.

    ar_debug

    DoubleClick

    1 Day to 13 Months

    This cookie is used by Google Ad Services/DoubleClick to resolve issues with advertisement

    _uetsid
    _uetvid
    MSPTC
    MUID

    Microsoft Bing Ads

    From 1 Day to 1 Year

    Used by Bing Ads to track visits across websites, measure advertising performance and retarget relevant and personalised ads.

    d
    Mc
    _qca

    Quantserve

    Used to measure display advertising performance and advertising measurement as well as retargeting.

    ORA_FPC
    oinfo
    oid

    Oracle

    730 Days

    Used for Advertising measurement and retargeting.

    Functionality

    Cookie

    Operator

    Durtation

    Purpose

    __stripe_mid
    __stripe_

    Stripe

    13M

    Stripe sets these cookies as a unique session identifier to recognize users and provide payment functionality across sessions.

    Personalisation

    Cookie

    Operator

    Durtation

    Purpose

    _evga_*
    _sfid_

    Salesforce Personalisation

    13M

    Used to deliver tailored content, product recommendations and offers on our websites. They will recognise repeat visits and show more relevant content.

    Alternatively, you can set your browser to restrict, block or delete cookies from Heathrow and our third-party advertisers, or any other website. Each browser is different, so check the 'Help' menu of your particular browser to learn how to change your cookie preferences. If you choose to disable all cookies, we cannot guarantee the performance of our websites and some features may not work as expected.

    Links to other websites - This privacy notice does not cover the links within this site to third-party websites. We encourage you to read the privacy statements on the other websites you visit.

    Changes to this privacy notice - We will keep this privacy notice under regular review, and we will place any updates here.

    At the start of this privacy notice, we will tell you when it was last updated.