Privacy Policy



WellyCard and its related bodies corporate provides an online platform for the purchase, redemption and management of digital gift cards for health services (the Service).

We are committed to protecting the personal and financial details you provide in line with our Privacy Policy and the UK's Privacy Principles under the Privacy Act 1974 (Privacy Act). When we refer to ‘personal information’ in this Privacy Policy, we are referring to that term as it is defined in the Privacy Act (explained in further detail below). The personal information that we collect through our online platform is used for providing and improving this Service. Our Privacy Policy sets out how we collect, use, store and disclose your personal information. By providing personal information to us, you consent to our collection, use and disclosure of this information in accordance with this privacy policy.

We may change this privacy policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current privacy policy.



1. The information we collect and retain


We may collect and retain a range of different information about you. This can include the following:

Personal information

‘Personal information’ is information from an individual who is reasonably identifiable. Examples of the types of personal information we may collect include:

  • Personal details – name; age or date of birth gender; and nationality.
  • Contact information – mailing or street address; email address; telephone number; your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information.
  • Financial information – bank or credit card information used to transact with us and other information that allows us to transact with the individual.
  • Statistical information – details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries.
  • Health information – the following information:
  • information or an opinion about the health, including an illness, disability or injury of an individual, or an individual’s expressed wishes about the future provision of health services to the individual, or a health service provided, or to be provided, to an individual that is also personal information;
  • all information collected in the course of providing a health service;
  • information about organ or body substance donation;
  • genetic information

Health information is 'sensitive information' under the Privacy Act, meaning that some stricter requirements apply when handling it.

Information –in addition to health information, this also includes information relating to your ethnic origin, sexual orientation, religious beliefs or political opinions will only be collected where:

  • - it is reasonably necessary for our functions or activities;
  • - you have consented to the collection of this information; or
  • - we are required or authorised under the law to do so.


Other information – any additional information relating to you that you provide to us directly through our website or indirectly through your use of our website or online presence or through other websites or accounts from which you permit us to collect information.



Party Identifiable Information

In certain circumstances, such as when a voucher or gift card is purchased by you for another individual, we may also collect the information that you provide to us on that individual such as their, name, email and postal address.

In providing us with any personal information, you are declaring to us that you are authorised to provide us with that personal information and that we can use that personal information for the purposes as set out in this privacy policy.



2. How do we collect personal information?



We may collect the following types of personal information either directly from you, or from third parties.

We may collect this information when you do any of the following:

  • Register on our website;
  • Communicate with us through correspondence, chats, email,
  • Share information with us from other social applications, services or websites;
  • Interact with our sites, services, content and advertising;
  • Enquire about our business generally; or
  • Are the recipient of a gift card, from the person who purchased the gift card for you.


3. Why do we collect, use and disclose personal information?



Our use of the personal information we collect is necessary in order for us to maintain our website and facilitate users’ use of the website and our service. We do not collect any unnecessary personal data from users.

We may collect, hold, use and disclose your personal information for the following purposes:

  • to enable you to access and use our website;
  • to provide our services;
  • to operate, protect, improve and optimise our website business and our users’ experience;
  • to liaise with service providers of the gift cards we offer;
  • to create accounts, tax invoices or receipts;
  • to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
  • to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;
  • to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
  • to comply with our legal obligations, resolve any complaints or disputes that we may have with any of our users, and enforce our agreements with third parties.

In general, we keep your data only for the period necessary for the accomplishment of the purposes for which that data was collected, or longer if necessary to fulfill legal or regulatory obligations. We will then de-identify or destroy personal data when no longer required by us.

We may create aggregate, de-identified data derived from data we hold about you (usage data). For example, we may create aggregated, de-identified data for the purpose of improving our services or sharing insights with our customers or partners. None of your usage data will be disclosed to third parties in a non-aggregated or identifiable form.

If an additional purpose for collection of your personal information arises, we will disclose this in at the time of collecting that information.

Direct marketing

We and/or our carefully selected business partners may send you direct marketing communications and information about our Service. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (e.g. an unsubscribe link).



4. To whom do we disclose your personal information?



We will not disclose any personal information other than with your permission or as otherwise outlined in this privacy policy. We may disclose personal information for the purposes described in this privacy policy to:

  • our employees and related bodies corporate who process and complete transactions on our website;
  • you if purchase a digital gift card, the service provider/s that you (or the digital gift card recipient) selects;
  • professional advisers, dealers and agents;
  • systems operators (e.g. merchants receiving card payments);
  • our existing or potential agents, business partners or partners;
  • our sponsors or promoters of any competition that we conduct via our services;
  • anyone to whom our assets or businesses (or any part of them) are transferred;
  • specific third parties authorised by you to receive information held by us; and/or
  • other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

Disclosure of personal information outside the UK

We may disclose personal information outside the UK.

You provide your personal information to us, you consent to the disclosure of your information outside of the UK. When and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with UK's Privacy Law. We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the UK Privacy Principles.



5. Using our website and cookies



May collect We personal information about you when you use and access our website.

While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

We may also use 'cookies' or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions.

We may also use cookies to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Act. We will handle any personal information collected by cookies in the same way that we handle all other personal information in accordance with this Privacy Policy.

You can disable cookies through your internet browser but our websites may not work as intended for you if you do so.



6. Security of personal information



May hold your personal information in either electronic or hard copy form. We use industry standard measures to safeguard your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure.

Should we become aware of any breach to our security systems that is likely to place your personal information at risk, we will notify you and any authority as required. If you suspect ay misuse or unauthorised access to your personal information, you should let us know immediately.

We are not liable for any claim arising out of a third party’s use of the personal information where we were authorised to provide that third party the personal information under this privacy policy.



7. Links



Our website may contain links to websites operated by third parties. Those links are provided for your convenience and may not remain current or be maintained.

Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites.

The privacy policies of these third parties may differ substantially from our privacy policy, so we encourage you to read them before using those websites.



8. on correcting your personal Accessing information



You can access the personal information we hold about you by contacting us using the contact details below. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.

If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.



9. General Data Protection Regulation (GDPR)



The GDPR is a regime of personal data protection requirements in the European Union. Any reference to personal information in our privacy policy should also be read as a reference to ‘Personal Data’ as defined under the GDPR.

If you are:

  1. a resident of the European Union accessing our website or receiving our Service in the United Kingdom; or
  2. accessing our online platforms or receiving our services from within the European Union,

then in addition to our obligations under the Privacy Act, we undertake to comply with the GDPR with respect to your personal information.



10. Making a complaint



If you wish to make a complaint about the way we have handled your personal information, you can contact us using the contact details below.

Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.



11. Contact us



For further information about our privacy policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:

Privacy Officer

[email protected]

Effective: 6th May 2023