Privacy
MU PRIVACY POLICY
Manchester United takes your privacy very seriously and is committed to protecting your personal information. Please note that this privacy policy also forms part of our digital terms of use, which you can read here.
About us
Manchester United is a group of companies which includes Manchester United Football Club Limited and various other entities (together “Manchester United”, "MU", the “MU Group”, "we" and "us"). For a full and up-to-date list of entities in the MU Group please click here. This privacy policy applies to all companies within the MU Group from time to time.
About this privacy policy
This privacy policy explains what information we may collect about you, how we may use it, and the steps we take to ensure that it is kept secure. We also explain your rights in respect of your personal data.
Please note that our website and our other digital platforms contain links to third party websites / digital platforms which are provided for your convenience. We are only responsible for the privacy practices and security of our own website / digital platforms. We recommend that you check the privacy and security policies and procedures of each and every other website / digital platform that you visit.
How to contact us about your personal data or this privacy policy
If you have any questions about this privacy policy or about your personal data, please email us at privacy@manutd.co.uk or write to us at the following address:
Data Protection Officer
Manchester United Football Club Limited
Sir Matt Busby Way
Old Trafford
Manchester
M16 0RA
Information we collect and what we use it for
All personal information that we collect about you will be recorded, used, and protected by us in accordance with applicable data protection legislation and this privacy policy.
We use your data for the following purposes:
- to administer and provide products and services you purchase, request or have expressed an interest in
- to administer any competitions or other offers/promotions which you enter into
- for fraud screening and prevention purposes
- for crime prevention and detection purposes
- for safety and security purposes, including the safety and security of our players, staff and supporters (both on match days and non-match days)
- for marketing purposes (but only with your consent)
- for record keeping purposes
- to carry out market research so that we can improve the products and services we offer
- to create an individual profile for you so that we can understand and respect your preferences
- to track, personalise and improve your experience on our digital platforms
- if you apply for a job with us, to process your job application
- Please note that if you make a purchase or otherwise submit your data via the United Store e-commerce platform, your data will be collected and processed by Manchester United (in accordance with this policy) and also by GLOBALE U.K. Limited who act as merchant of record. GLOBALE U.K. Limited will process your personal data in accordance with their own privacy policy, which will be served to you prior to your data being collected.
When we provide you with products or services we may collect and store any personal information that you provide to us. We may, for example, keep a secure record of your name, address, date of birth, delivery address, email address, telephone number and payment card details. We may also record details of any disability, health or dietary needs you may have at the time of booking an event or service which will take place at the stadium or any of our other premises to help to ensure your comfort and safety.
When you sign up with us for an online account, register to receive marketing communications from us (and/or our sponsors and partners), enter one of our competitions, fill in one of our forms (whether online or offline) or otherwise expressly provide us with your personal information, we will collect and securely store any personal information that you provide to us (which may include name, address, email address, date of birth and mobile telephone number) and may use it to personalise and improve your experience on our digital platforms, provide products and services you request from us (including personalisation of those products or services), and carry out profiling and market research.
When you interact with our website or other digital platforms, we may also automatically collect the following information about your visit. This information is processed on the basis of our legitimate interests to help us better understand how our supporters use our digital platforms to enable us create better content and more relevant communications:
- how you have reached our digital platform and the internet protocol (IP) address you have used
- your browser type, versions and plug-ins, and your operating system
- your journey through our digital platform, including which links you click on and any searches you made, how long you stayed on a page, and other page interaction information
- which videos you have watched and for how long
- what content you like or share
- which adverts you saw and responded to
- which pop up or push messages you might have seen and responded to
- your subscription status
- information collected in any forms you complete
We may also infer your country of location from the IP address you have used to access our digital platforms and we may analyse which marketing activity led to your taking specific action on our digital platforms (e.g. downloading the official app).
If you apply for a job with us, we will use the personal information that you provide to process your application, to communicate with you regarding your application and to assess your suitability for the role. If you have any questions regarding the use, storage and retention of your personal information in relation to a job that you have applied for then, in addition to contacting the Data Protection Officer (details above), you can also contact People Services at people.services@manutd.co.uk.
We may also participate in ‘Audience’ services across all social media channels upon which Manchester United has a presence to display personalised advertisements when you visit these social media platforms. An example of these services is Facebook's ‘Custom Audience’ service. They work by converting your email address (or other personal data such as name, address, date of birth, mobile number and/or geographical location) to a unique number that the social media platform uses to match to unique numbers that the social media platform generates from email addresses of its users. Where we use such social media advertising services, we will only include you if you have consented to receive marketing from us. If you have given us your consent, you can change your mind at any time by sending an email to privacy@manutd.co.uk (or by adjusting your preferences in the online preference centre).
Where you choose to use our customer services screen share to allow our customer services advisor remote access to your MU web page, the session may be recorded for the legitimate interest purpose of training, monitoring and quality control. Card payment details will not be recorded.
Disclosure of your information
In order to provide our products and services to you or to otherwise fulfil contractual arrangements that we have with you, we may need to appoint other organisations to carry out some of the data processing activities on our behalf. These may include, for example, payment processing organisations, delivery organisations, fraud prevention and screening and credit risk management companies, and mailing houses.
We may share your data with advertising networks and/or social media platforms for the purposes of selecting and serving relevant adverts to you via those networks/platforms (including to serve relevant adverts to you when you visit our own digital platforms), and to search engine and analytics providers.
We may share your data with third parties (a) if we are under a legal or regulatory duty to do so, (b) if it is necessary to do so for our legitimate interest of enforcing our terms of use, terms and conditions of sale or other contractual rights, (c) to lawfully assist the police, law enforcement or security services with the prevention and detection of crime or terrorist activity, (d) where such disclosure is necessary for the legitimate interest of protecting the safety or security of any persons (including without limitation the safety and security of our players, staff, home supporters and visiting supporters on a match day), (e) where such disclosure is necessary for the legitimate interest of investigating breaches of our ticketing terms and conditions and/or ground regulations (this may include, without limitation, investigation of behaviour which is liable to attract a sanction under our sanctioning policy) (f) where such disclosure is necessary to provide or fulfil a product or service you have ordered, and (g) otherwise as permitted under applicable law. We may also from time to time receive data from organisations such as the police, other law enforcement agencies, the Premier League, The FA and other football clubs on the basis of legitimate interests for purposes (c), (d), (e) and (f) above.
We may share your data with our carefully selected sponsors and partners (as may change from time to time) but we will only do this if you have consented to receive marketing relating to our sponsors and partners or if one of the conditions in the paragraph above applies.
In all instances where we disclose your information to third parties, we will ensure that your information is appropriately protected.
Some of the organisations to which we may disclose your personal information are situated outside of the United Kingdom and European Union in countries which may not have laws that protect privacy rights as extensively as in the United Kingdom. If we do transfer your personal information to other territories, we will ensure that your data is subject to appropriate technical and contractual safeguards that assure the protection of your personal information.
Cookies
In common with many other website operators, we use standard technology called 'cookies' on our website. Cookies are small pieces of information that are stored by your browser on your computer's hard drive and they are used to record how you navigate this website on each visit.
For further, more detailed information on how we use cookies, please refer to our Cookie Policy which you can read here.
Security of information
We take the security of your personal information extremely seriously. When you submit your credit card details to us, we use industry standard Secure Sockets Layer (SSL) encryption technology to guard your information. In addition, we have robust security procedures in place to protect our paper based systems and computerised databases from loss and misuse, and only allow access to them when it is absolutely necessary to do so, and then under strict guidelines as to what use may be made of the personal information contained within them.
Where a password is required to access certain areas of our digital platforms, you are responsible for keeping your password secure and confidential. Please do not share or disclose your password to any other person.
Telephone callsWe may monitor or record telephone calls for security purposes and to improve the quality of services that we provide to you.
Please note that for your safety and security, the safety and security of our staff and visitors, and for the prevention and detection of crime, CCTV is in operation in all of our premises which are open to the public.
There is signage in and around all sites which operate CCTV.
If you are under 16
If you are under 16 and register for restricted areas of our digital platforms, we will collect your date of birth and retain that with your name and other details you may provide. This is so we can ensure we treat you in an age appropriate way in line with this policy.
For so long as you are under 16 we will not send you any marketing communications, allow you to access any of our digital platform message boards, or share your details with our MU commercial partners. However, if you have signed up to receive a product or service we may contact you about this.
Ages 13-15
If you are aged 13-15, you must first tell your parent or legal guardian that you wish to register on our digital platforms and get their consent. You must make sure that your parent or legal guardian knows and agrees each time before you:
- email us, or ask us to email anything to you;
- send any information to us;
- enter any competition or game that requires information about you or offers a prize;
- purchase an official membership; or
- offer or agree to buy anything online.
If you are the parent or legal guardian of a user of our digital platforms who is aged 13 to 15 we do not seek your direct consent to their registration, but we expect them to inform you and get your agreement in advance before they register and before each time they do any of the activities listed above.
Aged under 13
If you are under 13, you may only use the restricted areas of our digital platforms if your parent or legal guardian has first told us that you are allowed to do so.
If you are under 13 and wish to register, you must truthfully tell us your name, email address, country and date of birth. Our system will then ask you for the name and email address of your parent or legal guardian. We will send them an email so they are aware of your request and will ask them for their consent and to confirm they have authority to give that consent. We need their consent or refusal within 7 days, or else we will assume consent is not granted. Their consent can be withdrawn at any stage.
Even if your parent or legal guardian gives their consent to your registration, if you are under 13 we still expect you to tell them and get their agreement in advance each time before you:
- email us, or ask us to email anything to you;
- send any information to us;
- enter any competition or game that requires information about you or offers a prize;
- purchase an official membership; or
- offer or agree to buy anything online.
If you are the parent or legal guardian of a user of our digital platforms who is under 13, they can access and use unrestricted areas but we will need your direct consent if they wish to gain access to restricted areas. If a user enters a date of birth which indicates they are under 13 when they try to register, our system will request them to provide us with your name and email address so that we can contact you to get your consent. The registration process cannot proceed without this. If we do not hear from you within 7 days, we will assume consent is refused. If you consent, we will complete the registration process. Whether you refuse or provide consent, we will update the child by email.
More about your information - your rights
You can read about your rights as a data subject in detail at the ICO website.
You have the right to correct or update your personal information. You may correct or update your personal information at any time by emailing us at privacy@manutd.co.uk or by changing your profile on our website. Please include your name, address, date of birth and email address when you contact us as this helps us to ensure that we accept amendments only from the correct person. We encourage you to promptly update your personal information if it changes.
We will securely retain your information for as long as is reasonably necessary to fulfil the purpose for which it was collected (and in accordance with applicable law). At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis. If you wish to submit a request that your data be deleted, please contact us at the above address.
You have the right to receive a copy of the personal information that we hold about you. Please write to us at the address above if you wish to exercise this right.
If you have consented to receive marketing communications, you have the right to tell us to stop sending these to you. You can unsubscribe at any time by sending an email to privacy@manutd.co.uk (or by changing your preferences in your online preference centre).
You also have the right (i) to ask us to stop any consent-based processing after you have withdrawn your consent, (ii) to have your data delivered in a common format computer file and transferred to another entity where technically and lawfully possible, (iii) to ask us to restrict processing in certain circumstances (note that this is not an absolute right), (iv) to object to us processing your data on the basis of your individual circumstances (note that this is not an absolute right). You can read more about these rights at the ICO website (link above). To exercise any of these rights, please contact us at the above address.
Changes to this privacy policy
We aim to meet high standards and so our policies and procedures are constantly under review. From time to time we may change this privacy policy. Accordingly we recommend that you check this page periodically in order to review the latest version.
Where to make a complaint
If you have a complaint regarding any aspect of your personal data or this privacy policy, please write to us at the above address. If you are still not satisfied with the outcome of your complaint, you may write to the Information Commissioner’s Office at the following address:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
You can also contact the Information Commissioner’s Office using their online form: https://ico.org.uk/global/contact-us/contact-us-public/public-advice/
(version: 05 September 2024)