We may change this policy at any time in which case we shall notify you of any changes to this policy by noting this on our website – https://www.noize-restaurant.co.uk/privacy-policy. The changes will apply to your use of our services after we have given notice. If you do not wish to accept the new policy you should inform us and not continue to use our services. If you continue to use our services after the date on which the change comes into effect, this indicates your agreement to be bound by the new policy.
This policy was last changed on 21 May 2018.
What information do we collect about you?
Why do we collect this information?
Data Protection law says that we are allowed to use personal information only if we have a proper reason to do so. The law says we must have one or more of these reasons:
- When it is in our legitimate interest
- When you consent to it
- When it is necessary to fulfil contractual obligations
- When it is necessary to comply with the law
- When it is necessary to protect someone’s life
- When it is necessary to perform a public task in the public interest or for our official functions and the function has a clear basis in law
A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you.
Where we rely on our legitimate interest, we have detailed what it is below. For clarity, we have also detailed where consent is required.
|What we use your personal information for||Our reasons||Our legitimate interests|
|Confirming a table reservation and diner requirements||Contractual necessity||N/A|
|Keeping you informed of your reservation details, any changes to reservation times||Legitimate interest||Being efficient about how we manage our reservations|
|Keeping you informed of changes to the restaurants’ opening hours and hence changes to your reservation||Legitimate interest||Being efficient about how we manage our reservations|
|Confirming private dining bookings, party bookings and diner requirements||Legitimate interest||Being efficient about how we manage our private dining bookings|
|Confirming off-site events and catering requirements||Legitimate interest||Enables us to place and follow up orders|
|Through e-marketing, keeping you informed of||Consent||N/A|
|events, offers, new ‘experiences’, new menus, new wines||In line with PECR (Privacy and Electronic Communications Regulations)|
How will we use the information you provide to us?
We collect information about you to process your reservation, manage your reservation, to tailor your experience and if you agree, to email you about other products and services we think may be of interest to you.
We will not share your information with third party companies other than as indicated in this policy.
Using your information
Your name and contact details
|How we use your name & contact details||Why?|
|Confirm your reservation and your requirements||We’ve got to do this to be able to make the reservation and to confirm your requirements at the time of booking or at a later date|
|Send you service messages by text, e-mail or by phone||We may have to do this to manage your booking and reservation|
|Send you information by email, SMS, or post, about menus, offers and events||To keep you up to date. We only send this with your permission|
|Fraud prevention and detection||To prevent and detect fraud against either you or us – unfortunate, but absolutely essential|
Your dining preferences
|How we use your dining preferences information||Why?|
|Provide the most appropriate menus, dishes and wines for you||To understand any allergies, likes, dislikes to be able to provide you with and/or recommend menus, dishes, wines that meet your requirements|
|Restaurant or private dining preferences||We do this to ensure you are booked into the correct area|
Your payment information
(Card number, expiry date, security/CVV code). We don’t store these details.
|How we use your payment information||Why?|
|Secure a reservation, take payment, give refunds, process vouchers, keep a record of deposits||We’ve got to do this to perform our contract with you i.e., to provide you with the reservation/meal/experience etc. that you have requested|
|Fraud prevention and detection||To prevent and detect fraud against either you or us|
Your contact history with us
What you’ve said to us — for example on phone calls, in writing or in person whilst dining in the restaurant or private dining room.
|How we use your contact history||Why?|
|Provide customer service and support||We do this so that you receive the best service from us|
|Tailor menus and your experience||Adapting menus and our offering to suit your needs and preferences|
Purchase and attendance history
|How we use your purchase and attendance history||Why?|
|Provide customer service and support||We do this to fulfil our obligations to you|
|Finding out what you, and other customers, like||To ensure we are giving you what you want|
|Payment record||We need to know you have paid and fulfilled your previous obligations so we can fulfil future obligations to you|
We would like to send you information about our services by email that may be of interest to you. We will only do this if you have consented to receive marketing as indicated below. You may opt out at any time to stop us from contacting you. If you no longer wish to be contacted for marketing purposes, please email email@example.com with the subject heading UNSUBSCRIBE. You will also have the option to opt out on every marketing email.
By ‘consent’, we mean where you have applied to register through our website https://www.noize-restaurant.co.uk or by ticking an opt-in box to receive marketing information from Noize on a third party website. You may also be asked over the phone whilst making a telephone reservation if you would like to opt-in to receive marketing information, this will be recorded on our booking system with a date and time stamp.
How long do we keep hold of your information?
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may keep hold of some of your information as required, even after it is no longer needed to provide the services to you. Subject to these reasons, we will delete your personal data on the date one month after the date on which you end your relationship with us e.g., after you have participated in the experience or dined with us.
You have many rights concerning your personal information. Please quote your name and organisation (where applicable) together with your telephone number and/or email address on any requests. We would be grateful if you could clearly indicate what you would like to know or what information you want a copy of (this helps us to more readily locate your data.) Your rights include:
- The right to be informed about how your personal information is being used (like this notice)
- The right to access the personal information we hold about you
- The right to request the correction of inaccurate personal information we hold about you
- The right to request that we delete your data, or stop processing it or collecting it, in some circumstances
- The right to stop direct marketing messages, which you can also do through ‘unsubscribe’options, and to withdraw consent for other consent-based processing at any time
- The right to request, in some circumstances, that we transfer or port elements of your data either to you or another service provider
- The right to complain to your data protection regulator — in the UK, the Information Commissioner’s Office (www.ico.org.uk). You can find out how to do this online here: https://ico.org.uk/concerns/
- If you would like a copy of some or all of your personal information, please email firstname.lastname@example.org or write to us at the following address:
39 Whitfield Street
As part of this request, we will take all reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.
We will respond to all enquiries/subject access requests within 30 days. This may be extended to 90 days in exceptional circumstances for highly complex requests. You have the right to make as many access requests as you would like, however frequent and repeated requests may incur reasonable charges to cover the administrative time required. Should this arise, it will be discussed with you.
We recognise that our customers are increasingly concerned about how companies protect personal information from misuse and abuse and about privacy in general. We are constantly reviewing and enhancing our technical, physical and managerial procedures and rules to protect your personal data from unauthorised access, accidental loss and/or destruction.
We use industry standard TLS certificates to provide encryption of data in transit, for example, all access to our website, internal systems and management portals is covered by HTTPS.
Please be aware that communications over the Internet, such as emails/webmails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the World Wide Web/Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
Third party service providers working on your behalf
We may pass your information to our third-party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. When we use third party service providers, we only disclose the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep the information secure and not for use it for their own direct marketing purposes.
As part of providing our services we may need to pass your information on to a third party, in order to deliver such products and services. Our third parties may include: Bookatable, OpenTable and Design My Night for the purpose of making a reservation; and Campaign Monitor for other direct marketing purposes for which you have provided consent, as well as those third party service providers used for hosting and storing the information that we collect.
Third parties will be required to remove your information from their systems as soon as it is no longer needed for the purposes it was shared for.
Data Storage and Security Systems
We store all personal data securely on either CRM cloud storage systems or our own internal storage systems. All our cloud storage is kept in EU based or EU GDPR compliant data centres which are managed with sophisticated high-level security systems. These storage services have their own data protection policies which we can provide you with on request. We choose storage providers with excellent security policies and systems to ensure minimal risk of data breaches and unauthorised access.
Our internal storage and communications systems are protected by high level, managed security systems, which are updated regularly.
Our IT infrastructure is managed by experts and is regularly reviewed to ensure security is constantly up to date.
How to contact us
39 Whitfield Street