12 February 2020

At Asda we recognize the value of our colleagues. Therefore, we place great importance in managing your information in accordance with our basic belief of respect for the individual.

This notice applies to all users of WalmartOne and describes the collection, use, and sharing of information on WalmartOne as well as the choices you have with respect to your information. Read this notice in conjunction with Asda’s Colleague Privacy Notice and Collaboration Tools Notice available on WalmartOne.  

What is Personal Information?

Personal Information (also known as personal data) is any information that identifies someone and any information that relates to that identified person. For example, if you are an Asda Colleague, your name and email address are information that identifies you, and your length or service is information that relates to you

Who is the Controller of your Personal Information?

The Controller of your Personal Information is Asda Stores Limited (with registered address at Asda House, Great Wilson Street, Leeds, LS11 5AD) unless we tell you otherwise. Contact Us for details on how to contact our Data Protection Officer if you have any questions or concerns about our handling of your Personal Information, or if you wish to make a complaint

What Personal Information do we collect about you and how do we use it?

WalmartOne also gives you access to a secure online portal where you can manage the information held by Asda on your colleague record – for more information on the ways Asda uses your information to manage your employment please see the colleague Privacy Notices on WalmartOne

Where do we collect your Personal Information from?

We collect nearly all the Personal Information on WalmartOne directly from you, based on information held on your colleague record (such as your name), from your application to work with us, or from updates to your colleague record which you have made. 

Who do we share it with?

We have controls to limit access to your Personal Information to:

a)       Individual colleagues who need it to do their job, such as managing your WalmartOne account.

b)      Business partners and our parent company Walmart Inc., who need it to provide services to us, such as maintaining our computer systems, website & tools, or who deliver this process on our behalf.  

Information you post to WalmartOne will be visible to all WalmartOne users, including Walmart employees and contractors. Please see our Policy on Collaboration Tools, the WalmartOne Terms of Use and Community Guidelines for guidance on the type of information you may choose to post.  

If requested, and where it is required or permitted by law, we may provide Information to:

a)       Official bodies, such as government agencies, local authorities, regulators and the police, who are authorised to request Information where it is necessary for their lawful purposes;

b)      Asda’s advisers, including lawyers, insurers, accountants and auditors;

c)       Other organisations such as law firms or insurance companies acting on behalf of individuals, who may request evidence containing Personal Information, to support a claim.

Where is your Personal Information kept, processed and accessed from?

Some of our computer systems, including our websites, are operated by our parent company Walmart Inc. in the United States or by other companies contracted to provide services to Asda that operate in countries outside the UK or EU. So some of your Personal Information is stored and processed overseas, in the following countries: United States of America (USA), India and Turkey.

Because the law in some of these countries does not provide the same level of protection as UK and EU law, we put in place data transfer agreements (which are considered appropriate safeguards) with Walmart and each company that processes Personal Information outside of the UK.

These agreements require that, wherever your Personal Information is held, it is protected to the same high standard as required by law in the UK. You can request a copy of a data transfer agreement from our Data Protection Officer by emailing us at dataprotection@asda.co.uk

How long will we keep your Personal Information for?

Information on WalmartOne is regularly refreshed and information which is no longer relevant or required is regularly deleted. Your personal information relating to your employment will be kept for no longer than 7 years beyond the end of your employment with us unless otherwise stated. 

How do we protect and secure your Personal Information?

We use security measures, including physical, administrative, and technical safeguards to protect the confidentiality of your Personal Information. These measures include encryption, security certificates, access controls, information security technologies, policies, procedures and other information security measures to help protect your Information.

When designing or implementing new computer systems and processes we look at ways to identify and mitigate potential security risks and then monitor and test our security systems to help protect your Personal Information.

How can I exercise my Privacy Rights?

This Privacy Notice tells you all about how we collect and process your Personal Information, and why we are allowed to do so. If you want to know more about your Privacy Rights and how to make a Rights Request, get in touch with the Privacy Team at dataprotection@asda.co.uk