Skip to main content
Outciders Logo
Select your country
United Kingdom flag
Ireland flag

Privacy Policy

This privacy notice explains how we collect, use and store your personal data. It also gives you information about your legal rights granted under data protection laws.

The controller is Magners GB Limited, Pavilion 2, The Pavilions, Bridgwater Road, Bristol, BS99 6ZZ.

If you have any questions about this privacy notice, or how your personal data is processed, please contact our Group Data Protection Officer at the address above or by emailing gdpr@candcgroup.com

This privacy notice was last updated in June 2026. We may amend this notice at any time. The latest version will be made available on this site, and we’ll contact you if we make any significant changes to it.

In some cases, we may be unable to respond to queries, investigate complaints or provide certain services if personal data is not provided. It’s also important that the information we hold about you is accurate and up to date, so please let us know if anything changes during your relationship with us.

  1. How we use your personal data

Providing and managing our services
  • Your personal data is used so we can provide goods and services to you and manage any accounts you hold with us. Any such processing is a contractual requirement so we can, for example, fulfil orders you place.
  • It’s used to process payments and to prevent fraudulent transactions. We do this as part of our contractual obligations to you, and our legitimate interests to help protect our customers from fraud.
  • We use your contact details to respond to queries or complaints as part of our contract with you and to provide good customer service. And if you attend our events, we use your information for event administration and planning.

 

Marketing and promotional communications
  • We only send you electronic direct marketing where we have your consent. You can unsubscribe at any time by using the link in our marketing emails, or by contacting our DPO at the contact details above.
  • We may track email engagement (e.g. open rates and clicks) using pixels to understand the effectiveness of campaigns.
  • Your personal data is used to administer any prize draws or competitions you enter. Some of these competitions use QR codes, to take you to a web-based entry form. Please note that we use a third-party vendor to provide our QR codes, who may conduct their own analysis of code usage. We also monitor QR code performance, but you cannot be identified from this data.
  • We carry out limited profiling to help us decide which products or services may be most relevant to our consumers. This may involve reviewing past purchases and combining this with other information we hold. We do this under our legitimate interests. You have the right to object at any time – see the ‘right to object’ held in the ‘Your Rights’ section below.
  • We use market research to enhance our sites, products, services, and relationships with consumers. We do this under our legitimate interests to provide our customers with the best possible products and service, and more widely inform research and development within our industry. Any research findings or reports do not identify individuals. You can contact us if you don’t want us to use your personal data for this purpose. For more information, see the ‘right to object’ held in the ‘Your rights’ section below.
Our use of social media
  • We use social media and online advertising to promote our products and events. We may use the advertising tools provided by these platforms to help show our marketing to consumers who are more likely to be interested in it. This can include using information we already hold, or sharing limited customer information with the platform, so it can match this against its user base and display our content and adverts to relevant audiences. Any sharing of personal data is done in a controlled way and in line with data protection law. Social media platforms may also use their own data to identify similar audiences.
  • In some cases, we and the social media platforms we work with jointly determine how your personal data is used, for example in relation to analytics and advertising services. Where this applies, we have put in place joint controller arrangements to set out how we and those platforms share data protection responsibilities. You can find further information on how your data is used by social media platforms in their respective privacy notices.
  • At all times you have the right to object to receiving personalised online marketing or your personal data being used for direct marketing purposes, including profiling. If you wish to exercise your right to object please contact us at GDPR@candcgroup.com. If you opt out, you may still see Outcider marketing, but it just won’t be tailored to you.
  • You can also manage some advertising settings on the social media platforms you use. Please refer to your social media platforms for more information on how to do this.
Event photography and videography
  • We may capture photographs or videos at our events and share them on our social media channels, internal communications and with trade publications. Signage will be in place at events to inform you when photography or videography is taking place.
  • If you ask us to remove social media content that includes your personal data, we will delete or stop using that content where it is under our control. However, where content has been reposted by others or indexed by search engines, we may not be able to remove all copies as these are outside our control.
Running and improving our business

The purposes outlined in this section are primarily carried out under the lawful basis of our legitimate interests.

  • We use your personal data to make sure we give you the best possible service, and to run effective and efficient systems and processes. This includes developing, testing and improving our systems, sites and services.
  • It’s used for business management, decision-making and planning purposes, to effectively run and protect our business.
  • We may send you survey and feedback requests to help improve our products and services. You’re under no obligation to respond or take part if you receive these from us.
  • We monitor our network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution.
  • We maintain and monitor this website including, but not limited to, traffic data, location data, web logs and other communication data.
Legal, safety and regulatory purposes
  • Your personal data will be used to manage service issues or legal disputes involving you, other customers and suppliers, or our own employees, workers and contractors.
  • It’ll be used to help prevent and detect crime, and support the health and safety of our workforce or others. For example, through CCTV systems in place at our sites and on our fleet vehicles. Signage will be in place to tell you where CCTV is operating.
  • We may use it during our accounting and auditing processes and for any regulatory or legal reporting purposes with which we must comply.

 

  1. Sharing your personal data

To operate effectively, we sometimes need to share personal data with trusted third parties. We require these third parties to respect the security of your data and to use it legally.

Where a third-party is acting as a ‘data processor’, they’ll act solely on our instructions and will only use your information for that specific purpose.

We may share your data:

  • With the other entities within our Group (C&C Group plc), as part of our regular reporting activities on company performance, as part of research findings conducted about our brands and products, in the context of a business reorganisation or group restructuring exercise, or for system maintenance support and hosting of data.
  • With companies that help us provide our products and services, for example companies that help us process payments, or fulfil orders and deliver products to you.
  • With marketing and media agencies who help us with our promotional activities, such as competitions and prize fulfilment.
  • With IT system providers, including data storage providers and their technical support teams, if necessary.
  • Governmental bodies, regulators, law enforcement agencies, insurers, our accountants, auditors, legal advisors, debt collection agencies, or court or tribunal services where we must do so to comply with legal obligations, exercise or defend our legal rights, to prevent and detect crime or prosecute offenders, or to safeguard and protect our employees, customers or other individuals.
  • If we sell or buy any business or assets, we may disclose your information to the prospective seller or buyer of such business or assets. If we’re acquired by a third party, customer information will be one of the transferred assets so they can continue to provide services to you.

 

  1. International transfers

Your personal data may be transferred to and stored in locations outside the UK and the European Economic Area (EEA). This will typically occur when we use service providers located outside of these areas. Where personal data is transferred, we ensure appropriate safeguards are in place, such as adequacy decisions or contractual protections.

Please contact our DPO if you want to find out more about where personal data is transferred to, or the safeguards we have in place.

 

  1. How long we keep your personal data

Your personal data is only kept for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any operational, legal or reporting requirements, and in order to defend our legal rights. To decide the right retention period, we consider the purposes for which the data is processed, the amount, nature, and sensitivity of it, the potential risk of harm from unauthorised use or disclosure, and any applicable legal requirements.

Your personal data is deleted once it’s no longer needed for these purposes.

 

  1. Your data protection rights

Under data protection law you have a number of rights, which you can exercise by contacting GDPR@candcgroup.com:

  • Request access to your personal information (commonly known as a data subject access request). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request the correction of incomplete or inaccurate personal information that we hold about you.
  • Request erasure of your personal information in certain circumstances. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information in certain circumstances. You also have the absolute right to object where we are processing your personal information for direct marketing purposes, including personalised online marketing and profiling.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party, known as data portability.
  • Withdraw your consent. In circumstances where your consent is the lawful basis for the processing, you have the right to withdraw your consent at any time.
  • Complain to us about how we’ve handled your personal data or your data rights. You can fill out our complaints form here or email GDPR@candcgroup.com. The form should not be used for general service complaints relating to C&C Group or its trading entities, nor for general enquiries.

 

  1. Your right to complain to a data protection regulator

We aim to collect, use and safeguard your personal information in line with data protection laws and guidance. While we hope that we can resolve your concerns through the complaints process outlined above, you can also raise a concern to a data protection regulator.

  • For UK residents:

Please note that as part of the UK Data (Use and Access) Act 2025, individuals are generally expected to raise complaints with us as the data controller before escalating them to the Information Commissioner’s Office (ICO).

You can find further information and contact details at https://ico.org.uk.

  • For Republic of Ireland residents:

You have the right to lodge a complaint with the Data Protection Commission (DPC). You can find further information and contact details at https://www.dataprotection.ie.