Privacy and Cookies
What is the purpose of this Privacy Notice?
Your ‘personal data’ or ‘personal information’ is any piece of information that would allow us to identify you as an individual. The processing of personal data is governed by the EU General Data Protection Regulation (the “GDPR”) and national laws that supplement the GDPR in each European Economic Area (EEA) country. We take your privacy very seriously, and this document sets out what personal information we collect from you, how we intend to use it and what your rights in respect of that information are.
Who controls your personal information, and how do you get in touch?
The controller of your personal information is Queen and Whippet Catering (“we”, “us”, “our”). Should you have any query in respect of your personal information, you can contact us at the following: Data controller Queen and Whippet Catering, 27 Rangers Walk, Bristol BS15 3PW / jo@queenandwhippet.com / 07971286185. You also have the right to lodge a complaint with our supervisory authority, the Information Commissioner’s Office, which can be contacted at the following: Supervisory Authority UK Information Commissioner Website https://ico.org.uk/concerns/ Address Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom Telephone 0303 123 1113
Email https://ico.org.uk/global/contact-us/email/
What information do we collect about you?
We collect the following information from you for the purpose of processing your event booking: –
- Your full name
- Your email address
- Your telephone number
- Your personal address
- Your event address.
If you opted to receive marketing content from us, we may also use your email address for that purpose.
How do we collect your personal information?
We collect your personal information directly from you, when you email or telephone to book an event. We offer a sign-up form on our website from which you must actively opt-in to give permission for us to use your email address for marketing purposes.
What is our legal basis for collecting and using your personal information?
We will use your personal information (name, phone number, email address, home address and event address (if different) in order to perform our contractual obligations to you i.e. to organise and raise a contract and invoice for your event.
What if you do not want to provide your personal information?
You do not have to provide your personal information to us. However, should you choose not to provide it, we will be unable to process your event requirements.
How is your personal information protected?
We maintain strong physical, electronic and procedural safeguards to protect the confidentiality, integrity and availability of your personal information. In particular, we have taken appropriate security measures against illegal and/or unauthorised access to your personal information, and against the accidental loss of, or damage to, it.
Do we share your personal information with anyone?
Our email solution provider and our accounting software provider will have access to your personal information. This is necessary for us to operate our booking system and to provide you with an invoice. We may also need to share your personal information with the following in limited circumstances: – IT security providers; – Insurers; – External advisors (for example solicitors or auditors); and – Public authorities or law enforcement. Any time we provide access to your personal information to someone else, we will ensure that it is adequately secured to protect your privacy.
Will your personal information be transferred outside of the EEA?
Our accounting software providers are based outside the EEA. You can see their privacy policy here: https://www.xero.com/uk/about/terms/privacy/
How long do we keep your personal information?
The information that we collected for the purpose of processing your event booking will be kept for a period of six (6) years following the date of the event. We need to retain it for business records, and in case of a dispute relating to the event. Your payment information will be kept for a period of two (2) years following the date of the payment. We need to retain it as instructed by our payments processor, and in the event of a dispute relating to your payment. We may sometimes need to keep a copy of your personal information for a longer period, for example in the event of a dispute, to investigate a data breach or to comply with legal requirements.
What are your rights in respect of your personal information?
You have rights in respect of the personal information we hold on you, including the right to ask us to: – inform you on how we collect and use it (this Privacy Notice is designed to do that); – provide you access to the information we hold on you; – rectify it if you believe that it is incorrect; – delete it (only to the extent we rely on your consent to use it); – provide you with a copy of any information we hold on you; and – stop processing or using it temporarily (to the extent it is practical for us to do so). Should you want to exercise any of those rights, please contact us using the details set out in Section 2 above.
Consent
Where consent is used to process your data, you have the right to withdraw your consent at any time and ask us to stop processing your data. We will tell you about the implications of doing this and follow your wishes as required.
Changes to this Privacy Notice
We may need to make changes to this Privacy Notice in the future (for example, to comply with new legal requirements). Where that is the case, we will provide you with a revised Privacy Notice on our website, which you will be able to access in the same way you accessed this version.
This Privacy Notice was last updated on 18/05/2018