No.Twenty9 Limited (hereinafter known as the Company) is committed to protecting and respecting your privacy.
This Policy has been written in for compliance with the General Data Protection Regulation (GDPR) and to explain when and why we collect personal information about people who are employees or our clients or potential clients, how the Company uses it, the conditions under which we may disclose it to others and how we keep it secure.
We may change this Policy from time to time so please check that you have the current version. If you are using our website, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to us at No.Twenty9 Bar & Restaurant, 29 Market Place, Burnham Market, Norfolk, PE31 8HF. Alternatively, our telephone number is: 01328 738498.
Who are we?
We are an independently owned and managed bar and restaurant in the heart of Burnham Market. We opened on 15th January 2018.
Customer service is a high priority and we will always endeavour to serve our customers to the highest degree.
We are open seven days per week, from 8.30am onwards. Breakfast is served from 8.30am until 11am and the full menu is served from 12pm through to 9pm.
How do we collect information from you?
We obtain information about our:
- a) employees when they initially apply for positions in the Company and
- b) clients when they wish to make a table reservation or enquire about the services we offer.
- c) When you engage with us on social media.
What type of information is collected from you?
The personal information we collect is usually limited to name, address (for employees only) email address and contact telephone number(s).
How is this information used?
We may use this information to:
- process an application for employment (including those required for pre-employment checks current at the time of application) and ongoing through employment such as pensions, personal taxation and the like;
- process enquiries and reservations from our clients;
- to carry out our obligations arising from any agreement/contracts entered into;
- seeking views or comments on the services we provide;
- notification of changes to our services;
- sending of information which has been requested and that may be of interest.
- We have CCTV systems in operation for the security of customer and employees. These systems may record your image during your visit.
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory or regulatory obligations (for example CCTV images 31 days unless required to be held for evidential evidence).
We will hold your personal information on our systems for as long as is necessary for the relevant activity or as long as is set out in any relevant agreement.
Who has access to your information?
We will not sell or impart client information to any third parties other than the emergency services or third party alarm receiving centres or in the case of employees for pensions, personal taxation and the like.
We may, in appropriate cases, voluntarily or where required by law, pass your data to the Police and similar organisations such as law enforcement agencies (including fraud prevention and detection) or other governmental agencies.
We will never share information with third party agents for marketing purposes.
Third Party Service Providers working on our behalf: We may pass information to our third party service providers, agent’s subcontractors and other associated organisations for the purposes of completing tasks and providing services on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have an agreement in place that requires them to keep all information secure and not to use it for their own direct marketing purposes. Please be reassured that we will never release any information to third parties beyond the emergency services or approved sub-contractors for them to use for their own direct marketing purposes in any circumstance unless we are required to do so by law, for example, by a court order or for the purposes of prosecution or prevention of crime.
Third Party Product Providers we work in association with
On occasions, we are required to work closely with the emergency services. The emergency services will only use such details to provide information and carry out their obligations arising from any incident occurring on or adjacent to our premises. However, we take steps to ensure that everyone’s privacy rights continue to be protected.
You will always have a choice about whether or not you wish to receive information from us. The Company does not currently undertake any direct marketing via a third party agent. However, we may contact you for marketing purposes by e-mail but we will have obtained your permission to opt in to this. You will always retain the right to opt out.
How you can access and update your information
The accuracy of your information is important to us. If you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: email@example.com or by writing to us at No.Twenty9 Bar & Restaurant, 29 Market Place, Burnham Market, PE31 8HF. Alternatively, our telephone number is: 01328 738498.
You have the right to ask for a copy of the information the Company holds about you (we may charge £10 for information requests to cover our costs in providing you with details of the information we hold about you).
In certain circumstances, such as where the data is no longer necessary for the purposes for which it was collected, you have a right to require us to erase all personal data held about you. Note: There are a number of exemptions to this right, for example in relation to freedom of expression and compliance with legal obligations.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it is kept securely.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our IT Systems (soft copy information) or held securely in our offices (hard copy information).
We know how much data security matters to all our customers. With this in mind, we will treat your data with the utmost care and take all appropriate steps to protect it.
Access to your personal data on our systems is password-protected.
When your product or service is provided by one of our chosen providers, your data will be collected and used by them under the terms of their own separate privacy policies.
We do not analyse your personal information to create a profile of your usage or any other such as interests and preferences so that we can contact you with information relevant to you.
We may make use of the information about you in order to provide you with information that directly affects you or in the case of system users, their system.
Use of ‘cookies’
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage pattern.
- To store information about your preferences, and so allow us to customise our site according to your individual interests.
- To speed up your searches.
- To recognise you when you return to our site.
Links to other websites
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
18 or Under
We are concerned to protect the privacy of children aged 18 or under (although under the GDPR, this is currently the under 16’s). If you are aged 18 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
Transferring your information outside of Europe
As part of any application for employment or the services offered to you, the information which you provide to us may be transferred to countries outside the European Union (“EU”).
These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
If you access our services while you are outside the EU, your information may be transferred outside the EU in order to provide you with those services.
At the time of publication of this Policy, our web site does not use any web site recording service. Should this change then this Policy will be updated to reflect this change.
Your Rights under Data Protection Legislation
You have various rights under data protection legislation:
(a) your right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
(b) your right to correct any errors in the information we hold about you, and to change and correct any details you have already given us. Please inform us about any changes to your details so that we can keep our records accurate and up to date.
(c) your right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your rights under data protection legislation on the forms we use to collect your data. You can also exercise the right at any time by emailing us at: firstname.lastname@example.org or by writing to us at No.Twenty9 Bar & Restaurant, 29 Market Place, Burnham Market, Norfolk, PE31 8HF. Alternatively, our telephone number is: 01328 738498.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in May 2018.