WEBSITE PRIVACY POLICY

The Forge Kitchen Ltd is committed to ensuring that your privacy is protected and that the data you choose to share with us is safe and secure.

This policy explains how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) [pre GDPR enforcement] and the PECR (Privacy and Electronic Communications Regulations). This policy will explain areas of our website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR, DPA & PECR are adhered to. Additionally, it will explain the use of cookies or software, advertising or commercial sponsorship from third parties and the download of any documents, files or software made available to you on this website. Further explanations may be provided for specific pages or features of this website to help you understand how we, this website and its third parties interact with you and your computer / device in order to serve it to you. Our contact information is provided if you have any questions.

The DPA & GDPR May 2018
We and this website comply to the DPA (Data Protection Act 1998) and already complies to the GDPR (General Data Protection Regulation) which comes into effect from May 2018. We will update this policy accordingly after the completion of the UK’s exit from the European Union.

THE KIND OF DATA WE COLLECT

When you choose to sign up to our mailing list, we may collect:

– Your personal details, including your name, post code, email addresses and date of birth
– Information relating to your membership of any of our clubs, including a special anniversary, preferences or interests
– Details from the emails and other digital communications we send to you that you open, including any links in them that you click on

When you reserve a table with us online through Res Diary or EPO we may collect:

– Information about your online purchases (for example, what you have bought/ pre-ordered, when and where you bought it, how much you have paid or left as a deposit)

– Information about your online browsing behaviour on our Website, including when you click on one of our adverts and those shown on other organisations’ websites

– Your account login and confirmation details including your name, email address, contact number, personal preferences for your visit, a name or a password that you have chosen for EPO (Easy Pre-order)

When you browse our websites, we may collect and/or monitor:

– Information about any devices you have used to access our Services (including the make, model and operating system, IP address, browser type, mobile device identifiers)

– Pages you have visited on our websites, including clicks to make bookings and links to social media

Personal data you may provide when contacting us about our services:

– Personal data you might provide when making enquiries, answering questionnaires, providing feedback, or when contacting us or speaking to us through our social media platforms, e.g. your name and contact details

– Your feedback and contributions to customer surveys and questionnaires

HOW & WHY WE COLLECT AND USE YOUR DATA

We need to process your personal data so that we can manage and improve on the
services you require such as, reservations or information about our company, access to our customer loyalty rewards, offers, and promotions and assisting you with any orders and refunds you may ask for.

We use your data in the following ways:

Contact and interact with our customers

– To contact you and provide assistance regarding our services, for example by phone, email or post or by responding to social media posts that you have directed to us
– Manage promotions and competitions you take part in, including those we run with our suppliers and online service providers (i.e MailChimp, EPO, Res Diary)

THE ORGANISATIONS WE WORK WITH & HOW WE PROTECT YOUR DATA

If you choose to sign up to our mailing lists, MailChimp is our email service provider. Through this medium, we will send you relevant offers and news about our products and services but only if you have previously agreed to receive these marketing communications. You can unsubscribe to our lists at any point and for free, by clicking on the unsubscribe button on your emails.

EPO and Res Diary provide us with our online booking functionality and pre-ordering system and help us grow our database by providing you with the free option to choose whether you would like to hear more from us through our marketing communications. You are under no obligations to opt in and should you wish to do so may unsubscribe at any point. EPO and Res Diary are committed to helping safeguard your data.

Please note: Whilst we aim to protect your data to the best of our knowledge and belief, we cannot guarantee the security of any personal data that you transfer over the internet to us.

SHARING YOUR PERSONAL DATA

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
There are several reasons and circumstances where we may be obliged to share your personal data:

– If we are requested to do so by the law or public authority

– In the instance of establishing, exercising or defending our legal rights, including providing personal data to others for the purposes of the prevention of fraud and/or reducing credit risk

– Should we enter into negotiations about the sale or transfer of any of our businesses to other organisations or any of our rights or obligations under any agreement we may have with you, the organisation receiving your personal data will be able to use your personal data in the same way as us

-Passing on this information to successors in title to our business.

KEEPING YOUR DATA SAFE

As a company we understand the importance of keeping your data secure and are committed to doing so. We have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

We have technological safeguards in place to ensure that data is protected: i.e. firewalls, data encryption to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our site.

We are PCI compliant with regards to holding your credit and debit card information for payments made on site.

We enforce physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data. We may occasionally ask for proof of identity before we share your personal data with you.

Access to your information is only authorised to employees who require it to perform their jobs.

We cleanse our databases regularly.

USE OF COOKIES
This website uses cookies to improve the users experience while visiting the website. As required by legislation, where applicable this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer / device.
Cookies are small files saved to the user’s computer hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server, to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website to their computers hard drive, they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors, or use the cookie control system if available upon their first visit.

WEBSITE VISITOR TRACKING
We use tracking software to monitor visitors to our site to better understand how they use it. The software will save a cookie to your computer’s hard drive in order to track and monitor engagement and usage of the website, but will not store, save or collect personal information.

ADVERTS AND SPONSORED LINKS
Our website may contain sponsored links and adverts. These will typically be served through our advertising partners, who may have detailed privacy policies relating directly to the adverts they serve.

Clicking on any such adverts will send you to the advertiser’s website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computer’s hard drive. Users should therefore note that they click on sponsored external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

DOWNLOADS & MEDIA FILES
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available, users are advised to verify their authenticity using third party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third-party websites.

CONTACT & COMMUNICATION WITH US
Users contacting us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.

Where we have clearly stated and made you aware of the fact and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.

EMAIL MAILING LIST & MARKETING MESSAGES
We operate an email mailing list program used to inform our subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all Mailchimp lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.

Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.

You can read the MailChimp privacy policy in the resources section.

EXTERNAL WEBSITE LINKS & THIRD PARTIES
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website.

Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.

We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

SOCIAL MEDIA POLICY & USAGE
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms, users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.

There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.

YOUR RIGHTS
We, The Forge Kitchen Ltd, aim for complete transparency and openness regarding access to your personal data and uphold your rights to amend this at any time. If you are concerned that any of the details we hold on you are inaccurate, please write to us at the below address and we will be happy to change them.

The Forge Kitchen
1-3 Duke Street
Ipswich
Suffolk
IP3 0AE

Alternatively you can email grant@theforgekitchen.co.uk

Resources & Further Information
Overview of the GDPR – General Data Protection Regulation
Data Protection Act 1998
Privacy and Electronic Communications Regulations 2003
The Guide to the PECR 2003
Twitter Privacy Policy
Facebook Privacy Policy
Google Privacy Policy
Mailchimp Privacy Policy
HR Form Templates
Website Privacy Policy Template

v.3.0 April 2018 Edited & customised by: THE FORGE KITCHEN LTD