Privacy Notice

1. Introduction

This privacy notice explains how Decision Technologies Limited ("us", “our” or "we") will process your personal data and your rights. We are a controller in relation to the processing of the personal data collected in relation to our Services. We are part of MONY Group, which includes MoneySuperMarket,, MoneySavingExpert, TravelsupermarketIcelollyQuidco and Podium Solutions, each of which have their own privacy notices. For details about how your personal data is shared within the MONY Group, see section 5.

2. Personal data we process and why

Business Contacts

We will collect personal data such as your name, job title, employer organisation, contact details and communications with us. We typically collect this information directly from you, for example if you use our enquiry form or email us, or from your employer. If you do not provide personal data that is necessary for a contract with you/your organisation we may not be able to provide our Services to you/your organisation.

We will process this personal data for the purposes of:

  • managing our business relationship with the organisation that you represent, including providing customer service, communicating with your organisation and negotiating, concluding and performing business transactions with your organisation, such as partnering with your organisation. Legal basis: Contract and legitimate interests in running and promoting our business.
  • managing our business arrangements, including to assess and report on the effectiveness of our business relationship with your organisation. Legal basis: Legitimate interests in running and promoting our business.
  • ensuring compliance with applicable laws and regulations to which we are subject, including those which require us to keep records of business transactions with your organisation. Legal basis: Legal obligation.
  • ensuring compliance with contractual obligations with your organisation, including those which require us to notify your organisation of matters. Legal basis: Contract.
  • conducting any audit or investigation into our business dealings with your organisation, responding to any regulatory investigations commenced (or likely to be commenced) into us in relation to such business dealings or managing any legal claims brought (or likely to be brought) by or against us in relation to such business dealings. Legal basis: Legal obligation and legitimate interests in running and protecting our business.
  • Market research and product improvement. In addition to your business contact details, we will also process any personal data you provide in response to our market research. Legal basis: Consent and legitimate interests in improving our business.

Visitors to our website

When you visit our website, we may automatically collect the following information:

  • technical information including web usage information (e.g. IP address), browser type and version, time zone setting, operating system and platform; and
  • information about your visit, including the full Uniform Resource Locators (URLs) clickstream to, through and from our website, time on page, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods to browse away from the page (see 'Cookies').

We process this personal data for the purposes of security, troubleshooting, analytics and direct marketing. Our legal basis for processing is legitimate interests in running, protecting and improving our site and business.

 

3. Who is your personal data shared with

We are part of the MONY Group and use a shared IT infrastructure which includes shared technologies, platforms, systems and tools and may share your personal data with other MONY Group entities. This does not affect the purposes we use your personal data for and includes:

  • To improve products and services across the Group;
  • To provide customer service;
  • To detect, prevent and report crime; and
  • To manage our shared IT infrastructure.

We may also share your personal data with:

  • third parties where we are legally obliged or permitted to do so, for example to government bodies and regulatory authorities and to the courts and parties to legal proceedings pursuant to court rules and orders;
  • professional advisers, such as accountants, lawyers, or other consultants
  • service providers that act on our behalf such as software providers and payment service providers; and
  • Actual or proposed buyers of our business or assets and their professional service providers/other authorised.

 

4. International Transfers of Personal data

It might be necessary to transfer your personal data outside of the UK to provide our services. We only do this if the UK government has determined a jurisdiction as adequate for data protection purposes or if we have put in place appropriate safeguards, for example the UK’s international data transfer agreement. You can request details of those safeguards by contacting us.

5. Retention of Personal data

We keep your personal data for as long as is necessary based on the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of that data, the purposes for which we process it, whether we can achieve those purposes through other means, as well as legal, taxation, accounting and industry requirements and guidelines. We may delete your data sooner if you request erasure, but it may persist on backup or archival media for legal, tax, or regulatory purposes.

When the need to keep your personal data ends, we either delete or anonymise it.

6. Your rights

Under the UK GDPR, you have the right to:

  • Request access to a copy of the personal data we hold about you (commonly known as a subject access request).
  • Request correction of inaccurate or incomplete personal data that we hold about you.
  • Request erasure of your personal data where there is no good reason for us continuing to process it (commonly known as the right to be forgotten).
  • Object to processing of your personal data for direct marketing purposes, or in some circumstances, where we are relying on legitimate interests.
  • Request restriction of processing of your personal data in some circumstances, for example, while we investigate a complaint that the personal data we hold about you is inaccurate.
  • Request data portability whereby we will transfer your personal data either directly to you or to a third party in a machine readable format. This only applies to personal data provided by you that is processed by automated means on the basis of consent or contract.
  • Withdraw consent where we rely on consent to process your personal data.

There are exceptions to some of these rights and if applicable, we will explain this in our response to you.

7. Contacting us

If you wish to exercise any of the rights set out above, please contact dpo@decision.tech. You will not have to pay a fee to exercise any of these rights unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable fee. Alternatively, we may refuse to comply with your request in these circumstances.

When contacting us, please describe the information you require and make sure that you tell us any email addresses you have used with us, as this allows us to trace all relevant information. Depending on the nature of your request, we may ask you for your full name, your date of birth and your full address and documents to allow us to verify your identity.

We try to respond to all requests within one month but occasionally may extend this by two months if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

If you have any other queries or concerns about this Privacy Notice, or if you would like to contact our Data Protection Officer, you can email dpo@decision.tech or write to the Data Protection Officer at 1 Dean Street, London, United Kingdom, W1D 3RB.

You also have the right to complain to the ICO at any time, but we’d appreciate the chance to deal with your concerns first.

If you are a customer or user of our customer facing brands, MoneySuperMarketMoneySavingExpertTravelSupermarket or Quidco, please refer to the privacy notices on their respective websites for the relevant contact details.

8. Changes to this Privacy Notice

This privacy notice was last updated in July 2025 to make it clearer what personal data is used for each purpose and the lawful basis applicable. We may make changes to this privacy notice at any time and any changes will be published on our website so please check back regularly. If we make significant changes to this policy, we may also notify you by other means such as sending an email.