PRIVACY POLICY
This policy describes how we collect (and then uses) personal data obtained from you when you visit our website. You acknowledge and agree that your personal data may be processed in accordance with this policy. Without this, we will be unable to provide you with certain marketing communications.
1. Introduction
We are the data controller in respect of any personal data we collect about you.
2. Collection of your personal data
We collect and process the following information about you; this is for the purposes explained in section 3. Information you give us Name, email address (personal and/or work), postal address, encrypted password(s), telephone number(s), date of birth, gender, interests, preferences, and competition entry details and answers.
3. Use of your personal data
We may use your personal data for any or all of the following purposes: to provide a high level of customer service (including assisting with any of your enquiries and bookings) and to notify you of any security and data breach alerts, and technical notices (including services messages and updates to our Digital Applications and terms); to help operate, maintain and improve our offering and our Digital Applications; to communicate with you about our offers, promotions, upcoming events, reviews and other news or those of our selected partners – this may be via email, telephone, text message and/or push notification – you can change your marketing preferences (including the way in which we contact you) by visiting our preference centre – see section 12*; to facilitate profiling, segmentation and personalisation – these may be based on location, preferences, interests and past actions (including restaurant bookings); to meet our legal obligations and for establishing, exercising or defending our legal rights.
4. Sharing of your personal data
We sometimes need to share the personal information we process with other organisations where necessary or required, we may share your personal data with the following categories of third parties: service providers and suppliers assisting with our business activities, payment services providers, hosting providers, providers of IT support, providers of booking systems, accounting firms and law firms; ombudsman, regulators, public authorities and security organisations, such as the police, HM Revenue & Customs and the Information Commissioner’s Office, to the extent required by law, regulation, court order or if necessary to establish, exercise or defend our legal rights, including if we suspect fraud or attempted fraud; staff including volunteers, agents and temporary and casual workers; family, associates and representatives of the person whose personal data we are processing.
5. Legal basis for processing your personal data
We will process your personal data where it is necessary: for the performance or entering into of a contract with you, including in order to provide our offering, process your payment and to respond to enquiries and bookings made by you; for compliance with our legal obligations; for the purpose of furthering our legitimate interests including to: improve our offering and Digital Applications; prevent, detect and investigate fraud or illegal activity. We may also process your personal data on the basis of any consent given by you.
6. Protection of your personal data
We are committed to protecting your personal data and to keeping it safe and confidential. We will therefore ensure that appropriate technical and organisational physical, electronic and procedural safeguards are implemented to protect it. Access to your personal data will also be limited to our employees and certain third parties who process it on our behalf.
7. Storage of your personal data
Your personal data will generally be stored for up to 5 years. We may, however, keep your personal data for longer than 5 years if we need it to fulfil our contractual obligations to you, the law requires us to maintain it for a longer period or you have not withdrawn your consent.
8. Your rights
You have the following rights, albeit some of them only apply under certain circumstances: to have a copy of the personal data we have collected about you and to send a copy of it to another data controller; to update or amend the personal data we have collected about you if it is inaccurate or incomplete; to erase, or restrict the processing of, the personal data we have collected about you; to object to the processing of the personal data we have collected about you, including in respect of any data processed for direct marketing purposes; to withdraw any consents you have provided in respect of our processing of your personal data; and to lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk).