your privacy

STREAT EVENTS LTD T/A ANDMUNCH: PRIVACY POLICY

INTRODUCTION

strEAT Events LTD T/A ANDMUNCH: Privacy Policy

This website is operated by strEAT Events LTD, a company registered in Scotland CN: SC552229, whose registered office is at 199 Clarkston Road, Glasgow, Scotland, G44 3BS.

 

PURPOSE OF THIS PRIVACY POLICY

This privacy policy sets out how strEAT Events LTD T/A AndMunch uses and protects any information that you give to us when you use this website.

We are committed to protecting your personal data, using it responsibly and ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy policy.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

 

DATA CONTROLLER

strEAT Events LTD T/A AndMunch is the data controller and responsible for your personal data (collectively referred to as strEAT Events “we”, “us” or “our” in this privacy policy).

 

CONTACT DETAILS

You can contact us by:

Writing an email: hello@andmunch.com

Writing a letter: 199 Clarkston Road, Glasgow, Scotland, G44 3BS

Giving us a call on: 07772967443

Full name of legal entity: strEAT Events LTD T/A AndMunch

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to the privacy policy and your duty to inform us of changes

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be immediately posted on our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of our Site following the alterations. We recommend that you check this page regularly to keep up-to-date.

We keep our privacy policy under regular review. This version was last updated on 21st October 2020. 

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

 

THIRD PARTY LINKS

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

 

WHAT ARE MY RIGHTS?

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:

  • The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details above.
  • The right to access the personal data we hold about you. 
  • The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 2 to find out more.
  • The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. 
  • The right to restrict (i.e. prevent) the processing of your personal data.
  • The right to object to us using your personal data for a particular purpose or purposes.
  • The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
  • Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

 

THE DATA WE COLLECT ABOUT YOU

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  • Contact Data includes billing address, home and/or contact address, work address, email and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments to and from you and other details of orders submitted through our Site.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Profile Data includes your username and password, profiles, your interests, preferences (including dietary restrictions and food allergies), feedback and survey responses.
  • Usage Data includes information about how you use our website and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We may receive information about you from other sources (such as credit reference agencies) which we will add to the information which we already hold about you in receiving marketing from us and our third parties and your communication preferences.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.

 

HOW IS YOUR PERSONAL DATA COLLECTED?

We use different methods to collect data from and about you including through:

Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • apply for our products or services;
  • create an account on our website;
  • subscribe to our service or publications;
  • request marketing to be sent to you;
  • enter a competition, promotion or survey; or
  • give us feedback or contact us.

Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.

Third parties or publicly available sources. We will receive personal data about you from various third parties and public sources as set out below:

Technical Data from the following parties:

  • analytics providers such as Google both based outside the EU;
  • advertising networks such as Google based outside the EU; and
  • social media platforms such as Facebook and communications/search networks such as Google/Gmail via which you may elect to login automatically to the Platform (who may be based outside the EU); and
  • search information providers such as Google based outside of the EU, and Bing based outside of the EU.
  • Identity and Contact Data from customer service tools such as Intercom, who may be based outside the EU.
  • Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register based inside the EU.
  • Mailchimp is a tool for managing and sending newsletters – We may ask for and use Your Identity Data and Contact Data to link to a page hosted by Mailchimp. If You unsubscribe from our Mailchimp emails, you will be landed on a page hosted by Mailchimp.

 

HOW WE USE YOUR PERSONAL DATA

We require this information to understand your needs and provide you with a better service, and for the following reasons:

  • Our own internal record keeping.
  • We will need to pass on certain information such as your name and email address to our Caterers in order that they can provide the services you wish to book.
  • We may use your information for the purposes of providing you with our services and customer care.
  • We may need to disclose your information to public authorities, if requested by them or required by law. 
  • We may use the information to improve our services.
  • We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided. You may choose to unsubscribe from receiving this information at any time by following the instructions on the emails sent to you.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will obtain your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

 

PURPOSE FOR WHICH WE WILL USE YOUR PERSONAL DATA

Under the Data Protection Legislation, we must always have a lawful basis for using personal data. The following table describes how we may use your personal data, and our lawful bases for doing so.

MARKETING

We provide you with choices regarding certain personal data uses, particularly around marketing and advertising. You should contact us if you want to know how we are using your personal data and if you withdraw consent for us to do so.

FINANCIAL DATA

We do not store any personal credit or debit card details. 

We will store company account and financial details (name, account number, sort code, VAT number, company registration number) for supplier and clients where required so that we can send and/or request funds to you without delay.

Where financial data is processed it is only done so for the purpose of processing your booking.

 

THIRD-PARTY MARKETING

We will obtain your express opt-in consent before we share your personal data with any third party for marketing purposes.

 

OPTING-OUT

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email with information, news, and offers on our services of those of the vendors on the Site. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you always can opt-out.

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you, or by contacting us at hello@andmunch.co.uk

 

COOKIES

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

We use the following cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas of our Site.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our Site when they are using it. This helps us to improve the way our Site works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies. These are used to recognise you when you return to our Site. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies. These cookies record your visit to our Site, the pages you have visited and the links you have followed. We will use this information to make our Site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. If you would like to know more information on managing cookies in your browser including how to opt out of receiving cookies, please visit www .aboutcookies.org or www .allaboutcookies.org 

 

DISCLOSURES OF YOUR PERSONAL DATA 

We may share your personal data with the parties set out below for the purposes set out in the table “Purposes for which we will use your personal data” above.

External Third Parties.

Specific third parties listed in the table “Purposes for which we will use your personal data” above.

Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

INTERNATIONAL TRANSFERS

In some cases the personal data we collect from you might be processed outside the European Economic Area (“EEA”), such as the United States. These countries may not have the same protections for your personal data as the EEA has. However, we are obliged to ensure that the personal data that is processed by us and our suppliers outside of the EEA is protected in the same ways as it would be if it was processed within the EEA. There are therefore certain safeguards in place when your data is processed outside of the EEA.

We ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • your personal data is transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission – for more information please visit https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en ;
  • we use the EU approved Standard Contractual Clauses
  • where your personal data is transferred to third party providers based in the US, data may be transferred to them if they have self-certified under the Privacy Shield framework in relation to the type of data being transferred, which requires them to provide similar protection to personal data shared between the EU and the US – for more information please visit https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/eu-us-data-transfers_en 

 

DATA SECURITY

We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorised access, loss, destruction, or alteration. Some of the safeguards we use to protect your information are firewalls and data encryption, and information access controls. If you know or have reason to believe that your  Account credentials have been lost, stolen, misappropriated, or otherwise compromised or in case of any actual or suspected unauthorised use of your AndMunch account, please contact us following the instructions in the Contac details above.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

DATA RETENTION

How long will you use my personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

In some circumstances you can ask us to delete your data: see “Your legal rights” below for further information.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

UPDATED: 21/10/2020