Data Protection Policy Lidl Plus
Status: June 2022
Thank you very much for your interest in Lidl Plus.
Lidl Plus is a customer loyalty programme (hereinafter referred to as “Service” or “Lidl Plus”) of the Lidl Group that is operated by the Lidl Stiftung & Co. KG, Stiftsbergstraße 1, 74167 Neckarsulm, Germany (hereinafter referred to as “Lidl Stiftung”, “we”, “us”). The Lidl Stiftung processes the data required for the purposes of the service insofar as responsible entity as the data is raised, collected, analysed and forwarded to local entity Lidl Cyprus (hereinafter referred to with Lidl Stiftung as “Lidl Companies” or “Lidl”).
In the future, further organisations can be added to the list if SB Lidl KG has direct or indirect shares in the relevant organisation and they participate in the Lidl Plus offer.
Insofar as these Lidl organisations receive data through the service on the basis of your voluntary consent and inform you about current offers and specials by Lidl, they act themselves as responsible entity in relation to data protection law.
This Data Protection Policy applies to the processing activities done by Lidl Stiftung as the controller. The data protection officer of the Lidl Stiftung can be contacted at the above mentioned postal address or at: dataprotection@lidlplus.com.cy.
The service is aimed at consumers (hereinafter "users" or "you"), who wish to receive personalised information from Lidl Stiftung about offers and promotions from Lidl Plus and offers, products and services from selected partners and Lidl Companies, which correspond as closely as possible to your interests. The basis for determining the relevant interests is the purchasing and usage behaviour with regard to the products and services of the Lidl Companies, which is explained in more detail below.
With Lidl Plus you can enjoy a variety of services that are especially tailored to you. These include, among other things, offers specially tailored to your needs and desires, participation in competition games and exclusive discount and special offers. Depending on where and to what extent you are using the service, Lidl Stiftung forwards your details to certain Lidl Companies to be able to provide you with the relevant service.
- What data about your person do we collect and which communication channels do we use for this?
Registration for Lidl Plus
As part of the registration process, we request the following customer data: first name, second name, date of birth, e-mail address, mobile phone number and preferred Lidl store. It is optional to provide us: salutation, gender and your home address (street, house number, post code, city and country). To set the preferred store the geo localisation function of your mobile device can be used.
Data from My Lidl
If you have voluntarily provided certain information about your circumstances and interests in your My Lidl Account, we also collect this information within the framework of Lidl Plus.
Store Visits
When you identify yourself during your store visit at the cash register, we record the store you visited, the products purchased according to amount, type and price, the coupons used, the receipt total as well as time of payment process and payment type. With the allocation of your purchase to your customer account we pursue the purpose stated in paragraph 2, e.g. to be able to make you offers especially adapted to your preferences and interests as well as offer participation in specials.
At the till you can identify yourself with your digital customer card.
Customer Service
When you contact the customer service of Lidl Companies, we use the data that you supply in this context.
Use of the App
When using the Lidl Plus app we collect information about the store where you buy. In addition, we collect information about all contents viewed in the app such as activated coupons, your notification settings, the participation in lotteries, viewed articles and your selected main store. We also collect information about your interaction with the app such as visited sections, the screens seen during each session, the number of clicks and scrolls. Additionally, we process your customer Id (Loyalty ID), information about the operating system version you use, the device identification, the system language and the chosen country as well as the app version used by you.
Your login details are stored and used to carry out the login. So that you do not have to log in again every time you open the app, your login details are saved in the app (encrypted) until you log out of the account.
Purchase summaries can be saved to your end device or be forwarded directly by Messenger, insofar you permit the app access to your photos/ media. The camera of your mobile end device can be used for scanning QR coupons if you give the relevant permission.
As part of the app, we conduct In-App surveys and collect information about your purchasing behaviour, your app usage and personal circumstances as well as interests.
Partner Offers
Via Lidl Plus you also receive the option to avail of special offers from selected partners. To avail of some of these offers you must identify yourself as Lidl Plus customer with your digital customer card. In this case the relevant cooperation partner informs us about the utilisation of the relevant special offer including the information linked to it (e.g. time, amount, place) so that we can adapt our offers even more to your interests. In the event that a special offer shall be granted within Lidl Plus for contracting services of our cooperation partners, the latter will provide us with your contact details (email address and telephone number) so that we can correctly assign the offer to your account.
Analysis of User Behaviour / Cookies
When using the app, we create user segmentation profiles for the purposes of statistical analysis and assign these, if possible, to your person or your e-mail address or customer number. Unless this data is technically necessary to ensure the functionality of the app, we also collect and we use this data only if you have consented to our tracking technologies (see also paragraph 2 of this data protection policy). This also includes the following services or tracking service providers:
Adjust
The Lidl Plus app uses the analysis tool adjust, a product from the company adjust GmbH. When you install the Lidl Plus app, and have consented to the use of tracking technologies used by the app, adjust will analyse the following information on our behalf:
- Clicks: whenever you click on a link provided by adjust. The clicks are measured to perform attribution analysis, which means understanding the location where you learnt about Lidl Plus app and proceeded to install it, which can be a link on a website, an email campaign or on social media, amongst others.
- Installs: as soon as you grant your consent for tracking the Lidl Plus app communicates with adjust to indicate that a new install has been carried out. This install is then attributed to the click explained above, when performed by the same device.
- Sessions: the amount of times Lidl Plus app was opened on your device.
- Events: your interaction in the Lidl Plus app. Every time you register or log into the Lidl Plus app an event will be created. This is intended to measure the best performing advertising channels.
This information helps us to understand how you interact with our app. In addition, it helps us to analyse and improve our mobile advertising campaigns.
For this analysis of the above mentioned, adjust uses the following advertising identifiers: (i) IDFA (Identifier for Advertising = advertising identification for iOS devices) or (ii) the Android advertising ID or (iii) Huawei ID, the IP-/ MAC address, the HTTP header as well as a fingerprint of your end device (additionally: time of access, country, language, local settings, operating system and version as well as app version). In addition, adjust includes user device- and web activity information, as well as app and event tokens in this analysis. The processing of this data takes place exclusively on a pseudonymised basis. You can at any time deactivate or set back the IDFA, the Android advertising ID and the Huawei ID through your operating system. In the event that IDFA is not available, adjust uses SkAdNetwork, Apple's attribution API, to attribute installations of our app to an advertising campaign.
Adjust also shares this information with our service providers Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") and Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025 ("Facebook"). If Google and Facebook can use this information to identify you, they will provide adjust with information about the advertising campaign that brought you to the App Store/Google Play and how you acted on the App Store/Google Play (including whether you downloaded the app or cancelled it, for example, and similar information). Adjust uses this information to create anonymous statistics for us so that we can track the success of individual advertising campaigns.
Google Firebase
In the app A/B Testing, Analytics, Cloud Messaging, Crashlytics, Dynamic Links, In-App Messaging, Performance, Predictions and Remote Config, analytics services offered by Google ("Firebase"), which among other things are used to analyse app usage. When you install the Lidl Plus app, Firebase makes a record about when and for how long you use the app, what pages of the app are opened, what functions are clicked and what content is displayed. This helps us to understand how you interact with our app. In addition, we can continuously improve the app and offer you more relevant offers/ services based on your user behaviour. Also, we can carry out several app tests in parallel and based on data make further app developments.
For this analysis, Firebase accesses your customer number from the moment of completed registration. Further information about data protection in connection with Google Firebase can be found on the Google Firebase website.
Salesforce
Whilst using the “Help” section in our app our service provider salesforce.com Germany GmbH, Erika-Mann-Str. 31 , 80636 München („Salesforce“) will make use of cookies. Cookies are small text files that are stored on your device when you use the “Help” section. Salesforce will use two types of cookies: technically necessary cookies, without which the functionality of the referred would be limited, and analytical cookies.
Technically necessary cookies:
The following necessary cookies help to make the “Help” section in the app usable. This section cannot properly work without these cookies.
Name | Provider | Purpose | Duration | Type |
renderCtx |
Salesforce | Used to deliver requested pages and content based on a user's navigation. | Session -cookie. Will be automatically deleted after closing the section. | HTTP Cookie
|
pctrk | Salesforce | Used to count section views.
| Session -cookie. Will be automatically deleted after closing the section. | HTTP Cookie |
force-stream | Salesforce | Used to route server requests within Salesforce infrastructure for „sticky sessions“.
| 3 hours | HTTP Cookie |
sfdc-stream | Salesforce | Used to route server requests within Salesforce infrastructure for „sticky sessions“. | 3hours | HTTP Cookie |
force-proxy-stream | Salesforce | Used to ensure client requests hit the same proxy hosts. | 3hours | HTTP Cookie |
CookieConsentPolicy | Salesforce | Used to correctly apply the user's consent.
| 1 year | HTTP Cookie
|
inst | Salesforce | Used to redirect requests to an instance when bookmarks and hardcoded URLs send requests to a different instance. These types of request can happen after an org migration, a split, or after any URL update.
| Session -cookie. Will be automatically deleted after closing the section. | HTTP Cookie
|
1 | Salesforce | Used for registering the navigation source to properly display the web style | Persistent | HTTP Cookie
|
LSSIndex:LOCAL{"namespace":"c"} | Salesforce | Used for registering the navigation source to properly display the web style | Persistent | HTTP Cookie
|
LSSNextSynthtic:LOCAL | Salesforce | Used for registering the navigation source to properly display the web style | Persistent | HTTP Cookie |
source | Salesforce | Used for registering the navigation source to properly display the web style | Persistent | HTTP Cookie
|
Analytical cookies:
These analytical cookies enable our service provider statistics on the use of the “Help” section for the purpose of tailoring it to your needs. We use the following analytical cookies:
Name | Provider | Purpose | Duration | Type |
BrowserId |
Salesforce | Used to log browser sessions/visits for internal-only product analytics.
| 1 year | HTTP Cookie
|
Salesforce cookies do not store information that directly identifies an individual. However, they use a unique identification of your device (including other technical details, such as IP address, operating system, internet service provider, etc.). All the data processing whilst using the " Help” section in the app is done on Salesforce servers located in the European Union.
Opt-Out
If you would like to withdraw your tracking consent during your use of Lidl Plus, you can do so at any time with effect for the future and manage the tracking after completing registration via the opt out within the app under “More” à “Legal information” à “Share data in Lidl Plus”.
Map services
In this app you have the possibility to use the map service of the operating system of your mobile device. Thus, interactive maps can be displayed directly in the app and you have the possibility to use the map function comfortably to find e.g. Lidl stores in your area.
In order to use the functions of the map services, it is necessary to process your IP address within the framework of Internet communication. This is usually processed on a server of the respective operating systems. We have no influence on the concrete data processing by providers of the operating systems. Further information on the purpose and scope of data processing can be found in the provider's privacy policy. There you will also find further information about your rights and settings to protect your privacy.
Addresses and privacy policies of the providers:
- Google Maps: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, https://www.google.com/policies/privacy/. Additional terms of use for Google Maps / Google Earth can be found at https://maps.google.com/help/terms_maps.html.
- Apple Inc., One Apple Park Way, Cupertino, California. Apple Maps Terms of Use can be found at https://www.apple.com/legal/internet-services/maps/terms-en.html Apple’s Privacy Policy can be found at https://www.apple.com/legal/privacy/en-ww/.
- Huawei Map kit: Aspiegel SE, 1F, Simmonscourt House, Ballsbridge, Dublin D04 W9H6, Ireland. https://developer.huawei.com/consumer/en/hms/huawei-MapKit/. Huawei Privacy Policy can be found at: https://www.huawei.com/en/privacy-policy
Links to other websites and apps
Our app includes links to other websites and apps that are operated by one of the Lidl Companies, or of our selected partners described above or from other third parties. When you click on one of the in-app banners of the featured products you will be redirected to the website/app or to your respective app store. The links may also include special tracking technologies which will allow the operators of said websites/apps to understand and to measure where the user learnt about them. We encourage you to review the corresponding privacy policy of each website/app you will be redirected to in order to understand what information will be processed about you by the operator. When redirecting you to any of these website/apps, we process your personal data in order to comply with your (technical) request to visit the respective app or website (Art. 6 Par. 1 b) GDPR), as well as based on the operator’s legitimate interest in carrying out advertising (Art. 6 Par. 1 f) GDPR).
Newsletter / Push Notifications / SMS
In addition, we collect information about your user behaviour in relation to the newsletter and other information that we send you as push messages or SMS, store and if possible, assign it to you or your e-mail address or customer number. In relation to this we collect information about time of opening the message and the links or areas clicked by you, selected products, time, duration, and frequency of usage.
We also collect and use this data only if you have consented to this (see also paragraph 2 of this data protection policy).
Special categories of personal data
Not included in the analysis of your above listed personal data are special categories of personal data in the sense of Article 9 Paragraph 1 GDPR (e.g. information about your health or religion).