Groupon’s Commitment to Data Protection and Privacy in Compliance with the General Data Protection Regulation (GDPR)

Introduction


Groupon takes data protection and privacy very seriously, and we are committed to continuing to comply with data protection laws. This page gives you a summary regarding how Groupon complies with privacy laws. To see the full details about how we use data about you, please see our Privacy Statement.

The General Data Protection Regulation (GDPR), which is effective May 25, 2018, creates consistent data protection rules across the EU. The GDPR applies to companies based in the EU, as well as global companies who provide or offer goods or services to people in the EU and companies who process data from or about people in the EU. While many of the principles of the GDPR build on existing EU data protection rules, the GDPR has a wider scope and more detailed standards.

Groupon has worked and is continuing to work to ensure that our data protection and privacy practices comply with the GDPR, and we are committed to the GDPR principles, including the principles of transparency, control, and accountability.

Transparency: Our Privacy Statement remains the single consolidated place that explains how we process customer personal data. We also provide additional information about how we use customer personal data at specific times, for example if we are collecting new data for a specific purpose.


Customer Control: Groupon will continue to provide customers with control over how their personal data is processed by, among other things, allowing customers to unsubscribe from our communications, to update their account and payment information, and to deactivate their account. In addition, we have put a process in place through which customers can exercise their individual rights under the GDPR with respect to their personal data (otherwise referred to as “individual rights requests”). Specifically, customers can go the Groupon data privacy portal (the “Portal”) and submit a request for: (1) access to their personal data; (2) restriction of processing of their personal data; (3) objection of processing of their personal data; (4) correction of their personal data; (5) deletion of their personal data; and (6) portability of their personal data (i.e. having certain personal data transmitted to a third party in an electronic format).  


Accountability: We are held accountable for our privacy practices. To make sure we use your personal data in accordance with the GDPR principles, we have updated our existing policies and practices, documented how we comply with the GDPR, and have hired a Data Protection Officer (DPO) who will assist with our ongoing compliance efforts.


Frequently Asked Questions (FAQs)


Self-Service


  1. How can I update my account information? Once you sign into Groupon.com, you can hover over your name on the top right side of the screen and click on “Account.” You may then update your account information, including your payment information. All account changes should be made through the website.

  2. How can I unsubscribe from Groupon emails? Once you sign into Groupon.com, you can hover over your name on the top right side of the screen and click on “Subscriptions.” You may then update your subscription preferences. You can also unsubscribe from Groupon emails by clicking the “Unsubscribe” link in any Groupon email you receive.

  3. How can I deactivate my Groupon account? If you wish to deactivate your Groupon account, please contact groupon.ie/customer_support with this request.

  4. How can I stop Groupon from collecting profiling information about me? If you do not want Groupon to collect profiling information about you, you can opt out of some or all cookies, including essential, performance, and advertising and social media cookies, by following the instructions in Groupon’s Cookie Policy.


GDPR/Individual Rights


  1. What is personal data? Under the GDPR, the term “personal data” includes any information that relates to an identified or identifiable person. Names or email addresses by themselves qualify as personal data, as would all pieces of information about an individual user contained within their profile, even if those pieces of information are not explicitly associated with a name.

  2. For verification purposes, once a request has been submitted through the Portal, you will receive a verification email requesting that you confirm your email by simply clicking “Confirm Email”. Please note that you will have five (5) days to confirm your email from the date the verification email is sent.

  3. How long do I have to wait to get a response to my individual rights request? In most cases, we will provide you with a response to your request within 30 calendar days of receipt of the request and receipt of identity verification information. If these are provided separately, then the deadline for our response will be 30 calendar days from the date of receipt of the identity verification information. If the request is particularly complex, or if you make multiple requests, we may not be able to respond within this time frame. In this case, we will notify you within 30 calendar days that the response will be delayed, the reasons for the delay, and the expected time frame for the response.

  4. Are there any special considerations if we are thinking about asking to delete all of our personal data? Yes, please note that if you request to delete all of your personal data, or if you request to delete certain personal data that allows us to contact you or to maintain your account with Groupon, we will not be able to process any customer service requests related to your account going forward, including returns and voucher servicing.

  5. How can I ensure that a Groupon merchant deletes or updates the personal data they have about me or restricts processing of my personal data? We will inform merchants about such requests, but merchants are responsible for acting on them. If you have a request concerning personal data that is processed by a particular Groupon merchant, we recommend that you contact the merchant directly.

  6. Who can I ask if I have questions about Groupon’s data protection and privacy practices? As a starting point, please review our Privacy Statement. You may contact the Privacy Office at privacy@groupon.ie if you have additional questions.

  7. I don’t have an individual rights request, but I do have a complaint about how Groupon has handled my personal data. What should I do? You can report this complaint through the Portal, to the Privacy Office via email at privacy@groupon.ie, to the Compliance Team at legalcompliance@groupon.com or via Groupon’s Ethics Hotline, EthicsPoint, either online or by telephone using the number for the appropriate country which can be found on the EthicsPoint website.