Memorandum submitted by the Loyalty Management
BACKGROUND SUMMARY OF NECTAR
1. The Home Affairs Select Committee has
invited Loyalty Management Group (LMG), the company that owns
and operates the Nectar Card, to provide oral evidence to its
inquiry into "A Surveillance Society?" on 7 June 2007.
To assist the Committee in terms of background information and
what we understand the Committee may be interested in; this written
summary provides a detailed overview of how Nectar collects, uses
and protects data on the individuals that participate in the Nectar
2. Nectar is a coalition loyalty programme.
It consists of retailers and service companies that sign up to
Nectar and offer Nectar Points to consumers. Currently there are
15 Nectar partners, each with sector exclusivity in the area in
which they operate. This means, for example, that there is only
one grocery supermarket, one petrol retailer, one department store,
or one car-hire company in each sector participating in Nectar
at any one time.
3. Nectar is an entirely voluntary scheme
which consumers actively decide to join. These consumers are called
"Collectors". Collectors earn Nectar points from the
retailers and service companies. Collectors normally earn two
Nectar Points for every £1 spent, although this differs in
a limited number of cases (eg the rate is one Nectar Point for
every one litre of fuel from the petrol retailer). At the lowest
level, 500 points is equivalent to a reward worth £2.50 to
collectors. This equates to 1% of the money spent by Collectors
on collecting their points. This benefit level can rise to 5%
depending on where Collectors redeem their points. Collectors
have a variety of options when they want to redeem points, which
range from money-off shopping through to booking flights, days
out at theme parks and free cinema tickets.
4. Since the launch of Nectar in September
2002 to May 2007, Collectors have redeemed over £800 million
worth of rewards.
5. Nectar collects information for two basic
(i) Operational ie to have Collectors'
contact details and to operate their Nectar account by adding
and deducting Nectar Points from Collectors' accounts as they
collect and redeem their points.
(ii) Marketing ie to identify the
shopping behaviour of Collectors so that Nectar and the partners
in the programme can send Collectors offers that will be of interest
to them. Information may also be analysed for internal purposes
eg to validate the benefits a partner has gained from participating
6. Basic registration information for all
Collectors collecting points on the account (name, address, phone
number, e-mail address) and security information (date of birth
and mother's maiden name or other memorable word); and basic lifestyle
information (how many people live in the household, how many are
under 18, number of cars in the household).
7. Shopping transaction information: where
the Collector has shopped, on what date, total value of goods
purchased. Nectar does not know the individual details of goods
which are purchased. (For example: the data collected only tells
Nectar Joe Bloggs shopped in the Westminster branch of Sainsbury's
at 10 am on 4 June 2007, spent a total of £50 and is to be
issued 100 points).
8. LMG would like Collectors to be engaged
fully with Nectar by collecting and redeeming points and, if they
choose to, by benefiting from the rewards and offers provided
by Nectar. In order for Nectar to achieve this aim, it is paramount
that it develops and maintains a high level of trust with Collectors,
and a fundamental element of that relationship is that Nectar
is openly transparent with how that data is used.
9. Partners in Nectar are only able to access
data on their own customers and Nectar will carry out analysis
on those customers for partners who wish to carry out marketing
targeted at a particular set of their own customers eg BP may
wish to make a particular offer to its customers who live within
a certain radius of a petrol station. Nectar undertakes regular
direct marketing communications with Collectors (eg its quarterly
points update mailing) and partners can indirectly access Collectors
who are not their customers by including an offer in those communications;
if a Collector takes up that offer, he or she will then, of course,
become a customer of that retailer or service company.
10. Nectar has established an internal code
that applies for the benefit of the Nectar "coalition"what
we call our "database principles". These are included
in all Nectar's contracts with companies which issue Nectar Points
and set out the access that they are permitted to Nectar's data
and also include some important safeguards for Collectors (eg
Nectar has the right to refuse access to stop excessive communications).
Nectar's success depends on gaining and maintaining the trust
of Collectors and these principles are an important element of
11. Nectar also carries out specific marketing
campaigns e.g. one that is very popular with Collectors is the
offer sent when a collector has moved house, including a map of
their new neighbourhood showing the nearest places they can collect
Nectar Points and with bonus Points offers that can be used there.
12. It is a requirement of the Data Protection
Act that everyone from whom data is collected is made aware of
the information on them that is collected, what it will be used
for, and to whom it will be disclosed. This must be done at the
time the data is first collected. Nectar's "Policy on Privacy
and Data Protection" appears prominently wherever Nectar
collects data eg from registration forms and the website.
13. Safeguarding Collectors' data is essential
to Nectar's business and to Nectar partners. Unless Collectors
have the confidence of knowing that their data is secure with
Nectar, they will stop engaging with the programme or "de-register".
Even if there were no legal requirements, this is the most powerful
underlying reason for Nectar to ensure that its data is kept as
secure as possible.
14. However, there is another important
element, which is a requirement of Nectar's partners. It is equally
integral to their customer service, business model and wholesale
reputation that any personal data is kept secure. In short, if
they did not have confidence that Nectar could protect this information,
they would not participate in the Nectar scheme.
15. Nectar's primary business asset is data.
It therefore has a fundamental business need to ensure that its
data is collected, held, used and disclosed in a way that complies
not only with legal requirements but meets and exceeds best practice.
Nectar relies on the continuing trust of Collectors and an important
element of this is that they are confident that their data is
secure with Nectar and that Nectar will handle their data properly.
16. The underlying aim for Nectar and its
partners is to understand the needs and wishes of Collectors when
they go shopping. Through the collection of data Nectar is able
to provide a more detailed offering to suit the tastes of individual
Collectors. The Collectors and their interests are at the heart
of our business model.
17. In summary, it is Nectar's number one
priority to safeguard any data that Collectors voluntarily choose
to share with us. To fall short of providing a high level of security
would damage the reputation of Nectar and would result in Collectors
signalling their disapproval of Nectar through ceasing to participate
in the Programme. To avoid this, we ensure, and will continue
to ensure, that Nectar data is safeguarded by stringent security.