In this policy, “processes” means collects, stores, shares and otherwise uses for lawful purposes. “We” and “our” means Yummies Deli Ltd and it covers all the instances where we might process personal information of customers, clients, supporters, event attendees, beneficiaries and other relevant parties.
This policy has been updated in April 2018 to reflect the new data protection legislation called the General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications Regulation (PECR).
If you have any questions about this policy or how we use your personal information, please contact us using the contact details given below.
Yummies Deli Ltd are permitted to process data if they have a legal basis for doing so, we will process data on the basis that:
- Express and informed consent has been given by the person whose data is being processed; and/or
- Yummies Deli Ltd has a legitimate interest in processing the data; and/or
- It is necessary in relation to a contract or agreement which the person has entered into or because the person has asked for something to be done so they can enter into a contract or agreement; and/or
- There is a legal obligation on Yummies Deli Ltd to process data.
- Where Yummies Deli Ltd is relying solely on consent as the basis for processing data, we are required to obtain your expressed consent and you can modify or withdraw this consent at any time by notifying us in writing, although this may affect the extent to which Yummies Deli Ltd is able to provide services to or interact with you in future.
We may change this policy and if we do we shall publish it on our website. Regardless of any changes made we will continue to process your personal data in accordance with your rights and our obligations in law.
Your personal information: what we collect
The personal information we collect about you will depend on your relationship with our business. It includes (but isn’t limited to):
- your name, address, telephone number, date of birth, gender and email address;
- debit or credit card information, your bank account number, sort code and other banking information as well as information required to validate your identity and prevent fraud;
- your preferences and interests as found on our website – we may utilise your preferences to ensure we send you the most relevant communication in the future providing consent has been given to do so;
- other information you provide to us which is necessary to conduct business with you
- your activity online concerning your visit/s to our website and when we send you an email
- information we may require regarding you or a family member’s background in order to locate something
- You, as the data subject, may change your preferences or request deletion of your data at any time in writing, subject to any overriding legal obligation that we may have for its retention.
We may keep such data on a ‘suppression list’ so we know not to contact you or process your data in future until further notice.
You also have the right to raise any issues of concern about us regarding data protection and our processing of your information to the data protection regulator, The Information Commissioner’s Office (ICO). Here is a helpful link to their website. https://ico.org.uk/concerns/
We do not, and never would, profile your information in order to ascertain any preferences based on your personal information. We would also never sell your information to a third party.
How we use your personal information
We use your personal information for the following purposes:
- to confirm that any purchases have been processed correctly and to validate you;
- to send you administrative notices, relating to our organisation and its activities, where relevant;
- for our internal purposes such as management, research, analytics, organisational reporting, and ways that will improve efficiencies in line with regulations;
- to check with you that you are content with regards the type of communications that you receive;
- to market our company and its relevant services, products and information including occasionally third-party events or activities that may be of interest to you by the appropriate means and in accordance with the GDPR and the PECR.
- to create anonymous and aggregated reports about our supporters, customers or members to ensure our organisation is communicating with and delivering the best possible services.
- to help the emergency services if required;
- to prevent and detect criminal activity and fraud;
- to comply with applicable laws, regulations, court orders, government and law enforcement agencies’ requests, to operate our systems properly and to protect ourselves, our beneficiaries and our supporters;
Who we share your personal information with
We do not sell or share personal details to third parties for the purposes of marketing.
But, we may use the services of a third party to run a promotion you have consented to being a part of and then we might need to share your details with them. This would happen if your data was required to deliver the specific activity, in which we would need to share certain data to complete the task.
We will only share data with others if we can be certain that they adhere to the same high standards that we do processing personal data and security.
When we share your information with others they must follow our strict instructions whilst complying with appropriate security measures. We regularly assess their security measures and we continue to monitor their compliance throughout the time we use their services.
We may also share your data with law enforcement agencies, regulators, courts, public authorities or emergency services when required to do so.
Cookies and other similar technologies
Cookies are small text files placed on your device which uniquely identify your device. Cookies cannot be used to run programs or deliver viruses to your device.
For more information about our use of these technologies please contact our assigned Data Protection Office (DPO), Lawrence Samuel, Managing Director, Yummies Deli Ltd.
How long we keep your personal information
The period for which we keep your information depends on the purpose for which your information was collected and the use.
We will not keep your personal information for longer than necessary for those purposes or for any other legal requirements. If you would like more details in relation to your personal data, please contact us.
We review all data retention periods every two years. Data collected for accounts purposes are kept for seven years plus an additional period of six months. You can request data we have on file to be forgotten.
Keeping your personal information up to date
We want to make sure that any personal information we hold about you is up to date. So if you think your personal information is inaccurate, you can ask us to correct or remove it at no charge to you.
This is called your right to rectification. Please contact us if you would like to change any information that we may hold on you.
Under the GDPR, you have a right to know what personal information we hold about you. To request any information, please fill in our Subject Access Request Form (available on request) and send it to our Data Controller whose details are listed above, and we will make sure that this is handled in a swift and appropriate manner.
If you do not want to receive information from us, or would only like to receive information about a certain aspect of what we do (e.g. events or emergencies) please get in touch with us and we will change your preferences.
How we protect your personal information
We maintain the highest standards of data privacy and security to protect your personal details and other information about you because we want you to feel completely confident about the communications you receive from us. We regularly review our processes and procedures to protect your information from unauthorised access and use, accidental loss and/or destruction.
How to Contact Us
Please contact our assigned Data Protection Office (DPO), Lawrence Samuel, Managing Director, Yummies Deli Ltd.