Our privacy policy

This policy explains how we use your personal information. Please read the policy carefully. It applies when you are a direct customer of ours (consumer, sole trader and partnership customers). This means it applies when you order something directly from us and browse our websites. It doesn’t apply to the information we hold about companies or organisations, or the customers of the communication providers we work on behalf of.

It also applies even if you’re not one of our customers and you interact with us, such as by:

  • using one of our products or services – paid for by someone else;
  • taking part in a survey or trial;
  • entering a prize promotion;
  • calling our helpdesk; or
  • generally enquiring about our services.

If you need to give us personal information about someone else in relation to our products and services, the privacy policy will also apply. And if we need the permission of the other person to use that information, we’ll ask you to check they are OK with this.

Technology is a fast-changing area and can be complicated. We’ve included a glossary, which explains the meaning of any technical terms we use (see below).

What’s not included?

This policy doesn’t apply to information about our employees or shareholders. It also doesn’t cover other companies or organisations (which advertise our products and services and use cookies and other technology) collecting and using your personal information to offer relevant online advertisements to you. Read our cookie policy for information about how we use cookies on our website (you can find a link to our cookie policy on the footer of the site you are browsing).

You can link to other organisations’ websites, apps, products, services and social media from our websites. This privacy policy doesn’t apply to how those other organisations use your personal information.  

You should review their privacy policies before giving them your personal information.

Who are we?

Openreach is a wholly owned subsidiary of BT Group. The other companies and parts of the BT Group have their own privacy policy. And they’ll apply if you buy your product or service directly from them are provided below. 

We review our privacy policy regularly. It was last updated on  24 May 2018.  And we’ll tell you if we change the policies, as set out here

Glossary

We have included a description of how the technical terms we use are generally interpreted.

  • Aggregated data means grouped information, for example the total number of calls made in a month or total number of minutes called.
  • Anonymised data means data which has had all personally identifiable information removed.
  • Apps means an application, such as one you’ve downloaded to your mobile or portable device.
  • BT Group companies and BT Group plc means EE Ltd, Plusnet plc, Openreach Limited, BT Communications Ireland Ltd, BT Business Direct Ltd, BT Cables Ltd, Tikit Ltd, BT Fleet Ltd, Pelipod Ltd and BT Law Ltd and the areas that make-up BT: Consumer, EE, Business and Public Sector, Global Services, Wholesale and Ventures, Technology, Service and Operations, Group Functions, BT Wifi, BT Shop and MyDonate.
  • Binding corporate rules are designed to allow multinational companies to transfer personal information from the European Economic Area (EEA) to their affiliates outside of the EEA and to keep to data protection legislation.
  • Cookies are small text files (up to 4KB) created by a website and stored in the user's connected device – either temporarily for that session only or permanently on the hard disk (called a persistent cookie). Cookies help the website recognise you and keep track of your preferences.
  • Encryption means scrambling information into an unreadable form that can only be translated back using a special key.
  • IP address is a unique string of numbers that identifies each device using the internet or a local network.
  • Model contracts are standard contractual clauses set by the European Commission. They offer enough protection of people’s privacy, fundamental rights and freedoms when their personal information is moved from within the EEA to outside of it. The contracts keep to data protection legislation.   
  • Openreach, we or our means Openreach Limited.
  • Personal information means information that identifies you as an individual, or is capable of doing so.
  • Power of attorney refers to the option to choose a trusted friend or relative (or more than one if you want) to act on your behalf. The person you appoint, called an 'attorney', can then use your money to pay bills, sell assets on your behalf and make gifts.In the UK an ‘attorney’ must be registered with the Office of the Public Guardian to be valid.
  • Regulatory obligations means our obligations to regulators such as Ofcom and the Information Commissioners Office.