Open Site Navigation

Privacy Policy – Independent Eateries

Policy Last Updated 29 Mar.2021

Introduction

Independent Eateries understands your concerns over the privacy of Personal Data you may provide to us as part of our day to day dealings with you. We will only collect and use information in ways that are useful to you and in a manner consistent with your rights and our obligations under the law.

This policy provides you with information about what types of information are collected, retention periods and other elements to comply with the EU Wide - General Data Protection Regulation and the UK’s Data Protection Bill 2018.

If you have any questions about this Privacy Policy or our treatment of your Personal Data please contact us using the details given below.

If you are dissatisfied with this response you may request that your complaint be escalated, in which case it will be escalated to Imogen Sandbach who will review your complaint and the initial response and provide a further response within 28 days of your request to escalate the matter.

If we are unable to resolve your complaint, you may make a complaint to the Information Commissioner’s Office (if based in the UK, otherwise to your local Supervisory Body). Please see https://ico.org.uk/for-the-public/raising-concerns  for more information.

Whilst this privacy policy sets out a general summary of your legal rights in respect of your Personal Data, this is a complex area of law and this privacy policy is not intended to represent legal advice. More information about your rights in respect of your Personal Data can be found on the Information Commissioner’s website at https://ico.org.uk/for-the-public

 

Who we are

 

Key Terms

The following terms are used or referred to in this privacy notice – as such it helps to be familiar with these core terms (amended version based on GDPR – Article 4): -

  • ‘Data Subject’ – The individual about who the data is held (you, or your employees in the case of a Company who have asked us to provide services on their behalf)

  • ‘Data Controller’ – company/individual that determines the purposes and means of the processing of personal data (typically this refers to us when we market to you, and your employer when they provide personal details about you)

  • ‘Data Processor’ – Company/Individual which processes personal data on behalf of the controller. This is typically a company that provides services to your employer e.g. IT company. 

  • ‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes signifies agreement to the processing of personal data relating to him or her. This is typically used by us to provide marketing services to you.

 

How and Where we store your data

We only keep your data for as long as we need to in order to use it as described in this policy, typically per statutory requirements/ and or as long as you are an active client.

Data security is of great importance to Us, and to protect your data, We have put in place suitable physical, electronic and organisational procedures to safeguard and secure data your personal data as detailed in our IT Security Policy.

Some of your data may be stored outside of the EU in the case of information within emails transiting, or at rest on Google’s Gmail mail servers. Google has confirmed that their operations take place within the EU-US Privacy Shield Framework. (https://policies.google.com/privacy/frameworks)

Data security is of great importance to Us, and to protect your data, We have put in place suitable physical, electronic and organisational procedures to safeguard and secure data your personal data. 

Some examples of steps we have taken to secure your data include (but are not limited to) :- 

 • Ongoing cloud based backup 

 • Physical access control. Studio access limited to approved personnel.

 • Secure destruction of worksheets containing PII. 

 

Data Retention Policy

We only keep your data for as long as we need to in order to use it, and/or for as long as we have your permission to keep it.  In any event, We will conduct an annual review to ascertain whether we need to keep your data. Your data will be deleted if we no longer need it in accordance with the terms of our Data Retention Policy.

Some of your personal data will need to be kept to meet either contractual or legal requirements – please contact us if you have any detailed queries.

 

Personal Data and Retention Period:

Name, Address & Contact Details - 5 Years

User/Site Name, Address & Contact Details supplied by 3rd parties - 2 Years

Name & Contact details acquired in the normal course of business. Suppliers, trade contacts, business networking contacts etc. - Whilst Active. Otherwise 2 Years. Requires re-consent if relying on ‘Consent’ as Lawful Basis.

 

The information we collect and the reasons why

Personal Data is anything which identifies you as an individual, either on its own or by reference to other information. If you are engaging with us to provide services, this also applies to any information you share with us. In some cases, the collection of data may be a statutory or contractual requirement, and we will be limited in the products and services We can provide you without your consent for Us to be able to use such data. We collect information from you in order to be able to supply you with an email newsletter and feature or give credit when using your work/promoting your business within the magazine. Where the data is generic business contact information then we may – with subsequent consent – seek to use that data for ongoing marketing and informational contact.

Our Website

We have a website which also collects details about you including your IP address and we may also use a technical feature called a cookie to record your visits. 

We will only use your personal data for providing and managing access to our website and if appropriate tailoring your experience whilst visiting.

 

What Cookies Do We Use and What For?

Our Site may place and access certain first party Cookies on your computer or device. First party Cookies are those placed directly by Us and are used only by Us. We use Cookies to facilitate and improve your experience of Our Site and to provide and improve Our services. For more details, please refer to the appropriate sections. We have carefully chosen these Cookies and have taken steps to ensure that your privacy is protected and respected at all times.

Our Site uses analytics services provided by Google. Website analytics refers to a set of tools used to collect and analyse usage statistics, enabling Us to better understand how people use Our Site. This, in turn, enables Us to improve Our Site and the services offered through it. You do not have to allow Us to use these Cookies, as detailed below, however whilst Our use of them does not pose any risk to your privacy or your safe use of Our Site, it does enable Us to continually improve Our Site, making it a better and more useful experience for you.

The analytics service used by Our Site uses Cookies to gather the required information. Certain of these Cookies may be placed immediately when you first visit Our Site and it may not be possible for Us to obtain your prior consent. For information on removing such Cookies please visit https://www.aboutcookies.org/ and/or http://www.aboutcookies.org.uk/managing-cookies

 

The analytics service(s) used by Our Site use(s) the following Cookies:

Google Cookies: __utma, __utmb, __utmc, __utmt, __utmv, __utmz

You may opt out of Google Cookies globally at https://tools.google.com/dlpage/gaoptout

 

Other First Party Cookies:

ssr-caching

XSRF-TOKEN

TS01e85bed

TS011cd2d5

 Hs

svSession

bSession

 

You can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party cookies. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.

You can choose to delete Cookies at any time however you may lose any information that enables you to access Our Site more quickly and efficiently including, but not limited to, login and personalisation settings.

It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.

 

Marketing

We will market to existing customers where the information/notification is related to existing services only.

For sales related marketing activities - we will require consent and for you to take an affirmative action, furthermore you will have the option to opt-out (unsubscribe at any point). As per your rights – you may also object to direct marketing and we will cease all related activities (unless they impact our ability to deliver our contracted services to you – if you are an existing customer).

We will also market to you in relation to services and products we offer, where we have a commercial agreement/contract with you.

 

Data Processing where we are the Data Processor

We process the following personal data where the documented purposes of processing are to provide brand identity design services under the lawful basis of performance of contract: -

Name & contact details of the client to maintain contact throughout project. This is provided by our client.

 

Data Processing where we are the Data Controller

Lawful Basis - Any personal data that is collected/processed must be processed in a lawful manner, this section informs you of the basis we have selected.

There are two types of personal data, standard data like names/addresses etc, as well as special categories of data which includes medical/biometric etc – to process this type of data we would need to meet an additional legal basis.

 

Personal Data

We process the following personal data where the lawful basis is Consent where the documented purposes of processing are to provide ongoing newsletter style contact  : -

  • Name & email address

 

We process the following personal data where the lawful basis is Performance of a Contract where the documented purposes of processing are to promote your business/work within our magazine  : -

  • Name & business contact information

  • Address details

 

Data Sharing (where we are the Data Controller)

In certain circumstances We may be legally required to share certain data held by Us, which may include your personal information, for example, where We are involved in legal proceedings, where We are complying with the requirements of legislation, a court order, or a governmental authority. We do not require any further consent from you in order to share your data in such circumstances and will comply as required with any legally binding request that is made of Us.

We may contract with third parties to supply products and/or services to you on Our behalf. These may include payment processing, delivery of goods, services or communications. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.

We will only share data with the third parties listed below and it is to enable us to provide our services to you (performance of contract), conduct normal business operations and in some circumstances to enable ongoing general communications (by consent)

  • Email Hosting provided by Google. Data may be stored in encrypted form outside of the EU under the EU-US Privacy Shield Framework.

  • Website Hosting (data limited to contact form email use) provided by Wix.

If we decide to change the services under our control & influence which process personal data we will request authorisation in advance and undertake a DPIA if appropriate.

 

What Happens If Our Business Changes Hands?

We may, from time to time, expand or reduce Our business and this may involve the sale and/or the transfer of control of all or part of Our business. Data provided by users will, where it is relevant to any part of Our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use the data for the purposes for which it was originally collected by Us.

In the event that any of your data is to be transferred in such a manner, you will be contacted in advance and informed of the changes.

 

Your rights

As an individual you have rights associated with your data :-

  1. Right of access by the data subject. You (the data subject) shall have the right to obtain from the controllerconfirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and related information.

  2. Right to Rectification – from the controller without undue delay the rectification of inaccurate personal data concerning him or here

  3. Right to Erasure – the right to obtain from the controller the erasure of personal data concerning him or her without undue delay – subject to suitable grounds.

  4. Right to Restriction of Processing– the right to obtain from the controller restriction of processing where certain rules apply

  5. Right to notify any recipients – where share data with in relation to the Articles 16,17 and 18 above.

  6. Right to data portability –  to receive personal data concerning him/her which they have provided to a controller

  7. Right to Object – on grounds relating to his/her situation 

    • where the lawful basis is legitimate interests. 

    • applies to direct marketing purposes.

 

Changes to Our Privacy Policy

We may change this Privacy Policy as we may deem necessary from time to time, or as may be required by law. Any changes will be immediately posted on our current website, referenced from email footer information and you will be deemed to have accepted the terms of the Privacy Policy on your first use of our Services following the alterations.