At Zéro (“Zéro”, ‘us” or “we”), we respect your privacy and are committed to maintaining your trust and protecting your personal data, which is any information that is capable of identifying you as an individual person.

This Privacy Policy describes how we handle and protect personal data in connection with all our business processes, in our capacity as data controller. 


We do not collect any information from anyone under 16 years of age. Our website, products and services are all directed to people who are at least 16 years old or older.

We reserve the right, in our sole discretion, to modify, alter or update our Privacy Policy at any time. Such modifications, alterations, and updates shall be effective immediately upon posting. Your continued use of this website following the posting of a modified, altered, or updated Privacy Policy will mean you accept those modifications, alterations or updates.



References in this policy to "data protection law" mean (as applicable) the Data Protection Act 1998, the General Data Protection Regulation (Regulation (EU) 2016/679), and all related data protection legislation having effect in the United Kingdom from time to time (including the Data Protection Act 2018). 


Personal data”means any information relating to an identified or identifiable natural person, as defined in the General Data Protection Regulation (Regulation (EU) 2016/679). 



We collect your personal data as this Privacy Policy further describes when:


2.1 you apply to join the Zéro team or contract with us directly;


2.2 when you use this site, register as a user, fill in forms on this site, subscribe to a service we provide, place an order on our site or when you report a problem with our site to us;


2.3 when we collect information from you with your consent when you are corresponding with us by phone, e-mail or otherwise. 



Purposes and legal basis of processing.


3.1 Zéro might need to keep and process information about you for normal recruitment, employment and other contractual or business-related purposes. The information we hold and process will be used for legal, administrative, management and operational purposes only, to run the business and manage our relationship with you effectively, lawfully and appropriately. Personnel: We will use it during the recruitment process, whilst you are working for/with us, at the time when your contract ends and after you have left. Customers:We will use it to fulfil our contractual obligations with you and for our legitimate business interests. More specifically: to provide you (or your organisation) with the information, products and services that you request from us; to notify you about changes to our service; to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about; to otherwise respond to your enquiry or follow up our own enquiries. Suppliers: We will use it to fulfil our contractual obligations with you and for our legitimate business interests. More specifically: this includes us obtaining price quotations from you and engaging you (or your organisation) to supply us products and services. 


3.2 Zéro processes your personal data for the purposes described above: (i) Personnel: when necessary to enter into an employment contract with you or when necessary for the performance of your employment contract. Customers and Suppliers: when contracting with you or your organisation. (ii) when necessary for us to comply with a legal obligation; (iii) when necessary for the purposes of our legitimate interests as described in 3.4 ; or (iv) when we need to protect our legal position in the event of legal proceedings.


3.3 If and in so far as (i) to (iv) do not provide a lawful basis for processing and controlling your personal data, we shall obtain your consent to do so. If you do not provide this data, we may be unable in some circumstances to comply with our obligations and we will tell you about the implications of that decision


3.4 We may sometimes need to process your data to pursue our legitimate business interests, for example for administrative and marketing purposes (including, where applicable, on the basis of the soft opt- in under the Privacy and Marketing Communications Regulations), to prevent fraud, or to report potential crimes; To establish or exercise legal rights; To bring or defend legal claims; For responsible corporate governance or as otherwise required or permitted by applicable laws and/or regulations; In circumstances in which we believe disclosure is appropriate in connection with fraud prevention and prevention of other illegal, or unlawful activity or any other activity which is or may be contrary to our legal and regulatory compliance obligations; To protect and defend the rights, property or safety of Zéro, its investors and other clients, staff, and/or service providers.


If in the future we intend to process your personal data for a purpose other than that which it was collected and it is not for other lawful reasons such as to fulfil a contract or for legitimate reasons  pursuant to GDPR,  we will provide you with information on that purpose and any other relevant information.


3.5 If you are a job applicant, we may desire to retain your personal data to consider you for future employment opportunities. In such an event, we will seek your consent, either prior to or after you formally apply for a job opportunity. Much of the information we hold will have been provided by you, but some may come from other sources, such as managers and colleagues, or in some cases, external sources, such as referees.


3.6 Website users. We may use your personal data to: Personalize your experience; Improve our website and make the website easier for you to use; to respond to your enquiries or comments submitted through our website; match Personal Data with third party data. Also, we may keep track of what portions of the website and app users are visiting and other user statistics and aggregate this information to help us create a better experience for users of our website. This is all done in order to describe our products and services to prospective partners, advertisers, and other third parties, and for other lawful purposes; create statistical reporting regarding our web activities. Our Cookie Policy applies.



4.1 The type of personal information Zéro holds includes (without limitation):

4.1.1 Personnel and prospective personnel: interview notes, CV and references (personnel); correspondence with or about you; contact details (home and business;). 

4.1.2 Customers: Zéro may collect personal information such as your name, address, e-mail address and phone number, financial and credit card information.

4.1.3 Suppliers: Zéro may collect personal information such as your name and contact information.


4.2 Personnel Only: Where we process special categories of information relating to your racial or ethnic origin, political opinions, religious and philosophical beliefs, trade union membership, biometric data or sexual orientation, we will always obtain your explicit consent to those activities unless this is not required by law or the information is required to protect your health in an emergency. Where we are processing data based on your consent, you have the right to withdraw that consent at any time. You will receive GDPR training and this Privacy Policy is an important part of that training.


We may collect information about your visit to and use of this site, including sales data, traffic data and related site information. We may also collect anonymised information during the course of services which we provide. This information helps us to evaluate and improve our site and services and may also be used for investment analysis purposes. As Non-Personal Data does not personally identify you, we may use it for any purpose.



6.1 We will not share your personal information with anyone, except where we are required to do so to comply with the law, to protect our rights, to improve and expand our products and services or to efficiently operate our business.


6.2 We may transfer information about you to other group companies for purposes connected with the administration and management of Zéro’s business. We will always ensure that these organisations are obligated by written agreement to equivalent obligations in relation to the security of data processing as are imposed on Zéro under the General Data Protection Regulation (GDPR). 


6.3 To the best of our knowledge, understanding and belief, your information will not be transferred outside of the European Economic Area or to any country which is not approved by the European Commission. If this changes then we will let you know. 


6.4 Third parties we might share your information with include: 

  1. Outsourced IT providers 

  2. Professional advisers, such as accountants and solicitors 

  3. Potential purchasers or investors

  4. Document Storage and Knowledge Base application 

  5. Accounting Software



All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted pursuant to our payment processors' protocols. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share passwords with anyone outside of the organisation to which those passwords were supplied.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security safeguards to try to prevent unauthorised access.



8.1 Zéro retains personal data, as necessary, for the duration of the relevant business relationship. We may also retain personal data for longer than the duration of the business relationship should we need to retain it to protect ourselves against legal claims, use it for analysis or historical record-keeping, or comply with our retention policies and schedules. The criteria used to determine our retention periods include:

  1. The length of time we have an ongoing relationship with you;

  2. Whether there is a legal obligation to which we are subject;

  3. Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).


For more information on where and how long your Personal Data is stored, and for more information on your rights of erasure and portability, please contact the Zéro’s data protection officer at



We do not make automated decisions about you based on your information. If this changes in the future then we will let you know.



To help protect the privacy of data and personally identifiable information processed by us, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your Personal Data to those Zéro personnel who need to know that information to provide benefits or services to you. In addition, we train our personnel about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.



11.1 Under data protection law you have the following rights:

11.1.1  the right to be informed as to what we do with your information. This includes but is not limited to the right to know what information we gather, process and store, what we do with it, who we share it with and how long we keep it for. This information is set out in this policy;

11.1.2  if we are processing your data on the basis of your consent then you have the right to withdraw that consentat any time. One way of doing so would be to notify us using the details set out below. In the case of marketing communications sent to you on the basis of your consent, each communication will clearly indicate how you can withdraw your consent. Please note that the lawfulness of our historic processing based on your consent will not be retrospectively affected by your subsequent withdrawal of consent;

11.1.3 the right to access a copy of your information which we hold. This is called a 'subject access request'.Additional details on how to exercise this right are set out below;

11.1.4  the right to prevent us processing your informationfor direct marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent

11.1.5  the right to object to decisions being made about you by automated means. We will inform you if your information is subject to automated processing;

11.1.6  the right to object to us processing your personal information in certain other situations;

11.1.7  the right, in certain circumstances, to have your information rectified, blocked, erased or destroyed if it is inaccurate;

11.1.8  the right, in certain circumstances, to claim compensation for damages caused by us breaching data protection law; and

11.1.9  in certain circumstances, the right to request the information we hold on you in a machine readable format so that you can transfer it to other services. This right is called 'data portability'. Additional details on how to exercise this right are set out below.


11.2 You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR or DPA 18 with regard to your personal data ( Please copy any such communication to us so that we can work to resolve any outstanding issues promptly. 

Zéro retains the right to use reasonable measures to authenticate the identity of any individual who requests access to their personal information or otherwise raises any questions.


11.3 For further information on your rights under data protection law and how to exercise them, you can contact Citizens Advice Bureau ( or the Information Commissioner's Office (



12.1 Bulbeck Retail Ltd (trading as “Zéro”) is the controller of data for the purposes of the DPA 18 and GDPR. 


12.2 If you have any concerns as to how your data is processed you can contact us at:



13.1 As is true of most other websites, the Zéro website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Zéro website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. The Zéro website also uses cookies and web beacons. It does not track users when they cross to third party websites, does not provide targeted advertising to them, and therefore does not respond to Do Not Track (DNT) signals.


13.2 Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information. Cookies make web-surfing easier for you by saving your preferences so that we can use the saved information to facilitate your use of our website when you return to the website. The use of cookies is an industry standard, and as such, you will find that most major websites use them.


13.3 We use cookies to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

Please see our Cookie Policy For More Detail.