Policy prepared by: First Restaurant Group
Approved by management on: May 2019
Next review date: May 2022
This policy outlines how First Restaurant Group (compromising of the following companies: Frandek Ltd T/A The Waterway; Ordella Ltd T/A The Summerhouse; MHT Unique Two Ltd t/A ; MHT Unique Ltd t/A The One Tun; Pub and Rooms OC T/A The Grafton Arms); Pub and Rooms Ltd t/A The Hayden Pub and Rooms; Pub and Rooms Ltd t/A Oak & Poppy; uses your personal data. As a company we are committed to ensuring the privacy and security of your information is maintained. We therefore have strict guidelines in place to ensure that your data is handled in a fair, transparent and, of course, legally compliant way.
In addition to detailing what information it is that we collect from you, our policy also details how and when this information is used, how we
ensure your privacy and your legal rights relating to personal data.
In addition, our policy advises you of your right to instruct us to limit the use of your data at any time.
What information do we collect?
This information may include the following data:
- Your name, gender and/or date of birth.
- Your contact details including your address, telephone numbers and e-mail address.
- Records of your transactions including how, what and when you purchased from us.
- Any browsing activity from time you have spent on our websites- this may be collected by us using cookies, log files and other technologies.
- Information you may have voluntarily shared with us, or made publicly available on social platforms, such as Twitter.
- Data concerning online usage may also be linked to a unique identifier.
- Details of your marketing preferences.
- Any information you have given to us in response to a survey question.
- Correspondence you have had with First Restaurant Group, including event / booking enquiries.
This list is not exhaustive and there may be occasion where it is necessary to collect additional information from you.
In this event, we will request this in advance of collation.
How we collect information from you:
We may collect information from you when:
- You make a purchase/ booking in one of our venues or online.
- You visit us online.
- You make an enquiry either by email, social media or by phone.
- You contact our reservations team by phone.
- You respond to a feedback survey.
- You enter a competition.
- You interact with First Restaurant Group on any social media channels.
- You sign up to our ‘in venue’ guest wifi.
Collection of information from minors
Our website, reservations and payment systems are not intended for use by those under the age of 16. We therefore do not intentionally collect personal data from minors, (those under the age of 16). We respectfully ask our guests not to submit information, through any channel, regarding minors.
Why we collect your information:
- By collecting guest information, First Restaurant Group are able to:
- Share details of products / promotions that may be of interest to you.
- Communicate with you to provide customer service support.
- Adapt our product offered based on the understanding of our guests.
- To verify identity, detect / prevent fraudulent and criminal activity.
- To gain feedback from our guests about their experience.
We may also, where we have a legal right or duty to do so, use or disclose information. Examples of this would include requests from local authorities/ police in relation to an investigation.
Your right to opt in of marketing communications:
You have explicit right to opt in to any marketing communications. However, you always maintain the right to ‘opt out’ of receiving marketing communications. This can be done in one of the following ways:
- Selecting the ‘opt out/ unsubscribe’ links contained in all marketing communication received by email.
- Making contact with First Restaurant Group using the ‘contact us’ link from our webpage.
- Changing your marketing preferences from your online account, accessible via our website.
Sharing data with third parties
First Restaurant Group will never sell or rent your personal data with third parties. We may, however, need to share your personally identifiable data or anonymised data with selected partners including payment processing companies, IT service providers (such as hosting companies), analytics companies and marketing services agencies, (referred to as ‘service partners’ in the remainder of this document).
In all cases, First Restaurant Group will only allow service partners to handle your personal data when we are satisfied of their compliance to data protection and security controls. Sharing of data with service partners only occurs for the purpose of providing services to First Restaurant Group and yourself.
There may be occasions when First Restaurant Group may be legally obligated to share your information with third parties that are in addition to service partners. These may include:
- Government bodies;
- Law enforcement agents;
- Other legal agents, where legal obligation necessitates this;
- For the purpose of the prevention of fraud/ other criminal acts and the prosecution of offenders;
- For the protection of our guests and employees.
Confidentiality and Security of your information
First Restaurant Group is committed to ensuring that the personal data that is provided to us is secure. The business takes reasonable precautions to protect your personal information from any loss or misuse.
Period of time your information will be stored
Information that has been stored, with your expressed permission, will only be stored for as long as is necessary/ useful for the purposes set out in this policy. The maximum amount of time that your data will be stored is 5 years after the last transaction with First Restaurant Group or any interaction with the company, (e.g. New enquires/ responses to marketing communications etc). Where transaction data is stored for a period of time greater than 5 years, for legal compliance reasons, this information will be anonymised.
Our Legal Basis for Processing Personal Data
To ensure that First Restaurant Group use of your personal information always complies with the General Data Protection Regulation (GDPR), uses must fall under at least one of the specific lawful reasons that are set out in the GDPR.
Such reasons for lawful use would include:
- Where information is necessary to assist in the provision/ payment of goods and services.
- Compliance for other legal obligations, as set out in this policy.
- Protecting guests, colleagues and other individuals and maintaining their safety and welfare.
You have the following rights in regards with personal data held with First Restaurant Group:
- The right to be informed about any personal data that we hold about you.
- The right of access, update and rectification any out-of-date or incorrect personal data that we hold about you.
- The right to erase or restrict processing of your personal data that we hold in either certain databases (marketing communications databases, for example), or deleted entirely from our records. Such requests should also be made to the Data Protection Officer (firstname.lastname@example.org).
- The right to request and receive any personal data in a structured, commonly used and machine readable format.
- The right to object to the processing of personal data for any automated direct marketing, profiling or any other legitimate purposes.
If you wish to exercise any of the above rights, or indeed make a complaint about the way in which you find your data has been handled/ utilised you may do so by writing to our Data Protection Officer at email@example.com
- A cookie is a small file that asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
- We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
- Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
- You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Changes to this policy
Changes may also be made in response to a legal requirement to do so.
We will email you to inform you of any significant changes to this policy, however we do encourage you to review this from time to time in order to keep your knowledge of how we use your data up to date.
If you have any questions about how First Restaurant Group uses your personal data that are not answered here, please
- Email us: firstname.lastname@example.org
- Call us on 020 7266 6320
- Write to us: Data Protection Officer, First Restaurant Group, 16 Bristol Gardens, London W92JG