PRIVACY POLICY

SBE Ltd – WWW.SBE.LTD | WWW.MYMOBILEREPAIR.CO.UK

Revised 25/5/2018

Through our websites and customer support centres, we, SBE Ltd, collect and process your personal data in order to register your device for repair and submit your repair to the manufacturer’s authorised service centre (ASC). Where SBE Ltd is the ASC, we also process your data in order to carry out your repair under the terms of the warranty and provide you with information and updates about your repair. The Privacy Policy below describes how we collect, store and use your personal data in accordance with the requirements of the European Regulation on Data Protection (GDPR).

We take seriously our responsibilities to look after your data and we are committed to protecting your privacy. There are steps you can take to control what we do with your data and we have explained those steps in this Privacy Policy.

When we talk about data and personal data in this Privacy Policy, we mean personal data which identify you or which could be used to identify you such as your name and contact details, the serial numbers of your device and any repair references or job numbers. It may also include information about how you use our websites and mobile applications.

WHAT YOU NEED TO KNOW

 

1. Who is responsible for your data

SBE Ltd is responsible for the data you provide to us when registering your repair on our website or, in some cases, when calling one of our customer support centres. In these instances, we are the Data Controller of the data which we collect from you, and as such we control the ways your personal data are collected and the purposes for which your personal data are used. Our registered address is: SBE Ltd, BEAVER BUSINESS PARK, ASHFORD, KENT TN23 7SH, UK.

SBE Ltd also acts as a Data Processor when your device is received for repair at one of our Authorised Service Centre (ASC) locations. When we perform a repair, we do so on behalf of your device’s manufacturer or insurer. As such, the manufacturer or the insurer of the device is the Data Controller of your personal data because they have a legal obligation to honour the contract they have with you (the contract of warranty or insurance). In this case, SBE Ltd acts as a Data Processor on behalf of your device’s manufacturer or insurer.

 

2. Personal data we collect about you

The personal data we collect from you are:

  • Your personal information (e.g. name, address, telephone number, email)
  • Information about your product (e.g. serial number, IMEI)
  • Your proof of purchase (e.g. invoice, warranty card)
  • Your payment information (if your product is out of warranty or if your repair is chargeable)

We do not collect any sensitive data as defined in GDPR. Moreover, we will not process any repairs for a minor without obtaining parental consent.

As part of the repair process, SBE Ltd undertake not to process any data stored on your device, except for the purpose of deleting and resetting the device. As such, we ask you to perform a full backup and a full reset of your device before handing in your device. Any device received for repair will get fully wiped and reset following the device manufacturer’s procedures and guidelines.

 

3. How we collect data about you

We collect your personal data when you register a repair with us:

  • Either directly, through our website or by calling us or when you drop off or send off your device to one of our authorised service centres;
  • Or indirectly through one of our business partners (e.g. if you book your repair via a mobile phone store or through your insurance company).
 

4. How we use your personal data

According to the law, we can only use your personal data if there is a proper reason for doing so. In the table below, we have set out the different ways in which we use your personal data (purpose of processing) and the reasons we rely on for using that data (legal basis for processing).

PURPOSE OF PROCESSING LEGAL BASIS FOR PROCESSING
Registering your repair and submitting your repair to the ASC Execution of a contract  

Generating a letter of transport (if applicable) allowing you to send your faulty device to the ASC Execution of a contract  

Repairing or exchanging your product (under the terms of the warranty or contract) Execution of a contract  

Communicating with you about your repair (e.g. sending progress notifications, sending a repair quote, sending a satisfaction survey) Execution of a contract
Our legitimate interest
Improving our products or services Our legitimate interest
Communicating with you for other reasons than your repair (e.g. sending a newsletter) Your consent  

We do not perform any profiling or automated processing of your personal data.

 

5. Sharing your data

As part of the repair service, we share some of personal your data with the following categories of third-parties:

  • Your device’s manufacturer (and, if applicable, its authorised service centre). We share your information with the manufacturer of your device to enable them to honour their legal obligations as per the contract of warranty (namely, check your device’s warranty entitlement and authorise the necessary repairs). In most cases, the authorised service centre is SBE Ltd, but this may vary based on each manufacturer’s individual service policy.
  • Our logistics partners. We share some of your information with courier companies in order to enable them to deliver your device back to your address, and to contact you in case of a missed delivery. The courier companies we use may vary. Typically, we use UK Mail, DHL, UPS or TNT for UK deliveries.
  • Our web hosting partners. Our website is developed, maintained and hosted by SBE SAS who are one of SBE Ltd’s affiliated companies. The website and its associated database are hosted in a secure datacentre located within the EU.
  • Our “Digital Analytics” partners. Our website generates cookies that are used to analyse the traffic to our website and generate reports about visitors to help us improve our site and the services we offer (e.g. GOOGLE ANALYTICS, AT INTERNET).
  • Payment processing companies. If your repair is chargeable (e.g. out of warranty), your payment card data will be provided by SBE Ltd to a payment processing company (e.g. WORLDPAY).
  • Customer relationship platforms. We share some of your data with companies that collect customer reviews (e.g. TRUSTPILOT, YELL) in order to help us measure your satisfaction and improve our services. We also use certain platforms to provide you with an efficient customer service experience, such as online chat (e.g. SNAPENGAGE).

SBE Ltd commits that we, or any of our subcontractors, will never sell your personal data to any third party, and that we’ll never use your data for any other purpose than the ones outlined in this Privacy Policy.

 

6. How we protect your data

We protect your personal data against unauthorized access, unlawful use, accidental loss, corruption or destruction. We use technical measures such as encryption, password protection and access control mechanisms to protect your data and the systems they are held in. We also use operational security measures, such as limiting the number of people who have access to the databases where your personal data is stored.

We ensure that these security measures are reviewed regularly, and we rely on industry standards and best practices. We make sure that each of our subcontractors who have access to your data provide the same guarantees of security and data protection as we do, as per to the requirements of the European data protection regulation (GDPR).

 

7. How long we keep your data

We only keep your data for as long as we need it. How long we need data depends on what we are using it for, whether that is to provide services to you, for our own legitimate interests or so that we comply with the law. We will actively review the information we hold and when there is no longer a legal or business need for us to hold it, we will either delete it securely or in some cases anonymise it.

The following table shows the retention periods we have set for the data we hold in respect to mobile device repair and after-sales service provision, where SBE Ltd acts as a Data Controller:

NATURE OF DATA RETENTION PERIOD
Data related to service and repairs (e.g. repair booking information, repair history…) 36 months from the date of booking the repair
Accounting records and supporting evidence (e.g. quotes, invoices, delivery notes…) Retention period set by EU Member State law (in UK, this period is 6 years)
Data used for sending marketing communications, if applicable (e.g. newsletters…) Until you withdraw your consent

Where SBE Ltd acts as a Data Processor on behalf of a device manufacturer or insurer, the retention period of the data is determined by our contract or agreement with that Data Controller. You are advised to check the privacy policy of your device’s manufacturer or insurer for more information.

 

8. Sending data outside the European Economic Area

The personal data we collect as part of the repair process is hosted within the EU (in UK and France). When acting as a Data Controller, SBE Ltd do not store or send any data outside the EEA (European Economic Area).

When acting as a Data Processor on behalf of a Data Controller (usually, the device manufacturer or insurer), we may be asked to send data outside of the EEA. When we do, we do so only upon written instruction of the Data Controller (please check their privacy policy to learn more).

 

9. Your rights

You are entitled to see copies of all personal data held by us and to amend, correct or delete such data. You can also limit, restrict or object to the processing of your data. You can exercise those rights by contacting: dsr@sbeglobalservice.co.uk or by writing to us at:

SBE Ltd
DPO/DSR DEPT
BEAVER BUSINESS PARK
ASHFORD KENT
TN23 7SH
UNITED KINGDOM

Please note that, if the legal basis of the data processing is to execute a contract (such as the warranty), choosing to exercise certain rights (e.g. the right to restrict or object to the processing of your data) could result in us being unable to provide you with the service (i.e. to repair your device).

If you gave us your consent to use your data, e.g. so that we can send you marketing emails, you can withdraw your consent at any time. Please note that even if you withdraw your consent, we can still rely on the consent you gave as the lawful basis for processing your data before you withdrew your consent.

You can object to our use of your data where we rely on our legitimate interests to do so. We explained the legitimate interests we rely on in the table above under the heading ‘How we use your personal data’.

When you get in touch, we will come back to you as soon as possible and where possible within one month. If your request is more complicated, it may take a little longer to come back to you, but we will come back to you within a further two months maximum. There is no charge for most requests, but if you ask us to provide a significant amount of data for example, we may ask you to pay a reasonable admin fee. We may also ask you to verify your identity before we provide any information to you.

Please note that you have the right to lodge a complaint with the supervisory authority which is responsible for the protection of personal data in the country where you live or work, or in which you think a breach of data protection laws might have taken place. The supervisory authority in UK is the ICO (https://ico.org.uk/).

 

10. Contact us

You can contact our DPO (Data Protection Officer) by sending an email to: dpo@sbeglobalservice.co.uk or by writing to us at:

SBE Ltd
DPO/DSR DEPT
BEAVER BUSINESS PARK
ASHFORD KENT
TN23 7SH
UNITED KINGDOM

  • The Core SBE Business Units

    Front End Solutions

    Repair Services

    Recycling and Recovery

    Analytics and Integration