GDPR Privacy Policy 2020

 

1. Introduction

Hampshire's Finest Ltd. is committed to protecting the privacy of all customers irrespective of the relationship that you have with us. This Consumer Privacy Policy applies to the personal data that we collect and use for our retail customers (restaurant / deli / cookery school / online shop customers). The company covered by this policy is Hampshire's Finest Ltd. (company number 07737726 – trading as Applegarth Farm).

By providing your personal data to us you acknowledge that it will be processed in accordance with this policy.

Personal data that is captured for our employees or trade customers is covered separately in our Trade and Employee privacy policies.

 

2. Who is responsible for your data

To facilitate the delivery of our products and services Hampshire's Finest Ltd. is responsible for customer data. Our company registration number is 07737726 and our registered office is Applegarth Farm, Headley Road, Grayshott  Hampshire, GU26 6JL. We can also be contacted via email to hungry@applegarthfarm.co.uk

 

3. Personal data we collect about you

We collect personal data for a variety of purposes as outlined in section. You will provide much of this data to us directly by completing online forms or by communicating with our employees but we also gather some data via the digital interactions that you have with us.

 

Name and contact details (email address, telephone number and postal address)

• When you book a table / function / course / ticket

• When you buy products from our online shop (https://applegarthfarm.vouchercart.com/app)

• When you attend an event, meeting or class

• When you choose to receive marketing communication

• When you provide us with feedback or submit an enquiry

• When you enter a competition

• When you use WiFi

​

Date of Birth

• To confirm that you are over 18 in order to receive licensed goods and services

• When you choose to provide it for marketing personalisation

 

Interests

• When you choose to provide it for marketing personalisation

 

Dietary and special needs requirements

• When you choose to provide it when booking a table / function / course / event

 

Information about other guests on your booking including details of any children

• When you provide them on behalf of others as part of making a table / function / event booking / ticket booking

 

The correspondence that you have with us (eg emails, letters, calls, online chat service)

• When you contact us or we contact you. This may include telephone call recording.

 

Your location / visit information

• When you use WiFi

• When you make a booking

 

Your food / drink transaction details

• When you book a table 

 

CCTV Recording

• When you visit Applegarth Farm (including restaurant, deli & cookery school)

 

Information about how you use our websites including IP address and Google Analytics.

• When you browse our website

 

Device Information

• When you use our WiFi or leave us feedback

• When you browse our website

• When you open our marketing emails

 

Special Category Personal Data

The GDPR definition of Sensitive Personal Data includes data relating to health and religious beliefs.

As a result of you telling us that you have an allergy or a specific dietary requirement you may reveal
medical conditions or religious beliefs. Sensitive Data will only be processed in order to deliver the
products / services that you purchase from us.

 

4. How and why we use your personal data

We use your personal data to provide the following services:

• To deliver your bookings. When you book with us we will use your information to confirm and deliver your booking and any payments you have made and to send a follow up email for your valued feedback.

• To deliver products that you purchase. When you buy from our online store, we will use your information to deliver your purchases, confirm your order and payments you have made and send a follow up email for your valued feedback.

• To keep you informed of our products, services, offers and promotions. We may send you marketing communications about our food, drink, events and unique Applegarth experiences if you have indicated that you are happy to receive these (e.g. when you opt in to marketing when you book from us).

• We will monitor opens / clicks and offer redemption on marketing emails to assess engagement.

• To personalise and improve your customer experience. We may use your personal data in order to tailor our services to your needs and preferences and to provide you with a personalised customer experience.

• To optimise the performance of our website. We may also collect information on how you use our website including the pages that you visit and the search criteria that you perform in order to optimise the performance of the website and personalise the content that you see.

• To meet our legal obligations. We are required to keep certain records for legal reasons – for example invoices that we issue. We will keep and use this data in line with our legal requirements.

• We use CCTV to deter and detect crime and civil offences, to support court action and comply with our legal licensing requirements. We also use CCTV to provide a safe environment for our staff and customers. We use CCTV to facilitate entry/exit from buildings and improve customer service.

• For market research and to deliver business insight to help us ensure that our products and services remain relevant.

 

5. Sharing your personal data

• We are reliant on a number of 3rd party providers in order to provide our products and services. Where this is the case we will remain in control of the data and we will ensure that the 3rd parties comply with high-security standards for the protection of your personal data. . The 3rd parties will not have any rights to use the data for their own purposes. Our 3rd party providers include

  • Website hosting company. Wix (https://www.wix.com/)

  • Restaurant Booking System Provider. ResDiary (https://uk.resdiary.com/)

  • CRM, Customer Feedback providers & email marketing service provider. MailChimp (www.mailchimp.com) 

  • WiFi provider. 

  • Online shopping provider. VoucherCart (https://applegarthfarm.vouchercart.com/app/)

  • Online payment system. Stripe (https://stripe.com/)

• We also use 3rd party booking website ResDiary) to take table bookings. Customers that choose to use these sites will be doing so under the terms and conditions and privacy policy of these sites. In order to deliver the booking the 3rd party will share your data with us and once they have done so we will use the data in accordance with this Privacy Policy.

• Where relevant we will share your booking data with the franchisees who operate our restaurant.

• Legal authorities and legal advisors.

• We will also share your name and address details with our delivery partners in order to transport the product that you have ordered.

​​

6. Overseas Transfer of Data 

All of Hampshire's Finest Ltd. operations covered by this policy are based in the EU. However, the technical infrastructure of some of our providers is located in data centres outside the EU. The data will be transferred as follows:

• Online Shop Purchases. VoucherCart (www.shopify.com) provide the shopping cart technology that powers the applegarthfarm.co.uk online shop. VouchderCart have data centres inside the EU. 

We are currently auditing all of our suppliers and this policy will be updated if new information comes to light.

 

7. The legal basis for processing your data

We rely on the following reasons for using your data:

• Compliance with a legal obligation / regulatory authority.

• Performance of a Contract. In order to deliver the service that we have agreed to provide you with (such as a course or table booking)

• Legitimate Interest. In order to improve customer experience and develop our products & services

• Consent – where you have specifically consented to us using the data.

 

8. Retention and Security of your data

• We will only retain your personal data for as long as is necessary. This duration will depend on the type of data and the reason for processing it. For example :

  • We will view consent to receive marketing communication as revoked if the marketing communication hasn’t been engaged with (opened or clicked) within 13 months.

• We will ensure that we use appropriate technical and organisational security measures in order to ensure that your data remains secure. These measures include internal policies and staff training, appropriate contracts with 3rd party suppliers and role-based access control.

 

9. Your Rights

You have certain rights in relation to the personal information we hold about you. Some of these rights only apply in certain circumstances. In order to exercise these rights please contact us using the contact details below. Please note that we will require proof of identity as part of this request and most rights are subject to limitations and exceptions. We will provide reasons if we are unable to comply with any request for the exercise of your rights.

• Right of Access. You have the right at any time to ask us for a copy of the data that we hold about you and how it is used.

• Right of Correction or Completion. If the data that we have collected is inaccurate you have the right to update it.

• Right of Erasure. In certain circumstances, you have the right to request that Information we hold about you is erased. This usually applies if the data is no longer necessary for the purpose that it was collected for, or you withdraw your consent for its processing and request its erasure.

• Right to Object to or Restrict Processing. If you wish to challenge our need to process your data on legitimate interest grounds or if you wish to withdraw your consent.

• Right of Data Portability. You have a right to request that we transfer your data to another data processor.

 

Proof of Identity will be required before we can action some requests. If you choose to exercise any of your rights we will contact you to verify your identity.

 

10. Cookies

Like many other businesses, we use cookies on our website. Cookies are small pieces of information that are stored on your computer or mobile device that record how you use the site. For more detailed information on how we use cookies, please review our Cookie Policy which you can read here.

 

11. Updates to our Privacy Policy

We may make changes to this Privacy Policy from time to time when we do we will publish the updated version on our website.

 

12. Contact information & preferences

If you have any questions about this policy or how your data is processed, please contact us at Hampshire's Finest Ltd., Headley Road, Grayshott  Hampshire, GU26 6JL, via phone on 01248 71277 or via email to hungry@applegarthfarm.co.uk.

You can unsubscribe from our marketing communication at any time by clicking the unsubscribe link at the bottom of any of our marketing communications. 

Should you have any concerns about this policy or the way that we are processing data you have the Right to Lodge a Complaint with the Information Commissioner’s Office. Please look at www.ico.org.uk for more detail.

 

GDPR Version 1.0. This policy was last updated on 17 January 2020

​

​