This Policy applies only to information we collect, process and use through the Systems and Services. This Policy does not apply to information that we collect through other channels, such as information that we collect offline, from other websites or from emails you send us.
If you have concerns about any changes and/or no longer wish for us to retain your personal data in line with GDPR you may cancel your account by emailing us at firstname.lastname@example.org
Key words used in this document are “personal information” or “personal data” which relates to information used to either directly or indirectly identify an individual, either from that information alone or from that information combined with other information Brindisa Kitchens has access about that individual.
Personal information may include details you provide or upload to our site, elements of information may be assigned by us please see below for further information.
Our Commitment to You
Brindisa Kitchens are committed to protecting the privacy, confidentiality and security of your personal information in order to comply with data protection legislation (e. g. General Data Protection Regulation in Europe Union), we will specifically seek prior explicit consent to the particular processing (e. g. automated individual decision-making) of special categories of personal data.
If personal information is provided, everything will be kept in accordance with this policy which details how we collect, use, disclose, process and protect any information that you give us when you use our products and services whether that be instore at our restaurants or via on-line at our website https://www.brindisakitchens.com/
When and Why is Information Is Collected?
Personal information is collected to provide services and /or products and as part of our legal compliance.
Our legitimate interests are whether you are a partner (Wholesale), Potential and Existing trade customer:
• As a current trading partner by registering and maintaining your account as efficiently as possible
• Our purpose is to provide you with information about our goods, services and events, to enhance our trading relationship, offering the right to object at any time using our contact details provided below.
Our legitimate interests towards online and customers attending events:
• We will only send you special offers, promotions and information of goods and events that may be of interest if you have consented to receive them.
• As an online customer, information is used to process and fulfil purchase orders and surveys regarding customer experiences
• Regarding Brindisa Kitchen competitions, data is required to ensure prize winners receive their rewards
• When making a reservation of any sort especially when making a reservation for large groups using booking forms or online platform
• Data is collected for our voucher system used to provide customers a Brindisa Kitchen experience and to make ensure its sent to the correct person
• If you sign up to our newsletter on our website where we provide the latest news and information about our products and services
• Information is collected also via email, phone and where required by additional notes added by internal staff for topics like dietary requirements
Who, What, How and Where information
collected and stored?
In order to provide our services to you, we will ask you to provide personal information required. Should you wish to decline providing your personal information, we may not be able to provide you with our products or services.
This means that the data collection is largely necessary for fulfilling the relationship we have with you, and where that is not the case, we have a legitimate interest in collecting the information described below.
We only collect information required for purposes that are necessary, specified and legitimate in nature. No further processing takes place that is outside of that manner. We may collect the following types of information (which may or may not be personal information):
• Information is taken by Brindisa Kitchen staff members which consist of hosts and managers, during the course of the business’ operations, who are trained on data security and take all possible measures to secure information and to keep it confidential
• Information specific to customer requirements such as dietary information, special requests, workplace, names of colleagues for the booking and other details if included by the customer
• Card payment details may be taken by phone and also with our online booking system
• We use EventBrite and OpenTable servers to securely store information through our online platform
• Other requests might be collected via our email system
• Card payment information is held by Payment Sense which are only kept for as long as necessary for the transaction to take place. This format is encrypted and tokenised
• Newsletter information is sorted by location
• Setting up your Brindisa Kitchens Account for the platform
• Providing other Brindisa Kitchen services such as for functions of that service, and to facilitate the provision of that service for the benefit of the user, e.g. downloading, updating, registering or Brindisa Kitchen web portals and related activities.
• Verifying user identity. Brindisa Kitchens uses this data to verify the user identity and ensure there is no log-in by hackers or unauthorized persons.
• Collecting user feedback. The feedback you choose to provide is valuable in helping Brindisa Kitchens make improvements to our services. In order to follow up on the feedback you have chosen to provide, Brindisa Kitchens may correspond with you using the personal information that you have provided and keep records.
• Take photographs to be used for promotional activities
• Ask you to fill in a Health and Safety questionnaire where your name and signature are collected
• Sending notices. From time to time, we may use your personal information to send important notices, such as communications and changes to our terms, conditions, and policies.
Type of Information Collected
Information you provide to us or upload: including and any other information you provide us:
FULL NAMES, DATE OF BIRTH, MOBILE PHONE NUMBER, HOME NUMBER, EMAIL ADDRESS, FEEDBACK, POSTAL ADDRESS, PHOTOS, GEOGRAPHIC INDICATORS
• Information specifically assigned to you by Brindisa Kitchens:
BRINDISA KITCHENS MEMBERSHIP ID
• Financial information: data used to complete purchases like:
BANK ACCOUNT NUMBER, ACCOUNT HOLDER NAME, SORT CODE, TAXPAYER IDENTIFICATION NUMBER, CREDIT CARD NUMBER
• Log information: information related to your use of apps and websites and security monitoring:
COOKIES, CCTV FOOTAGE
We may also collect other types of information which are not directly or indirectly linked to an individual and which is aggregated, anonymised or de-identified.
After you register on the Platform, we may collect information from the Cookies set by us with other information received from you. The provision of your data via Cookies is voluntary except for those Cookies that we place on your device because we need them for the performance of our Platform and our services.
What types of Cookies do we use?
Our Platform uses: “session cookies” which are temporary cookies that remain on your device until you leave the Platform and “persistent cookies” which remain on your device for much longer until you manually delete it (how long the Cookie remains will depend on the duration or “lifetime” of the specific Cookie and your browser settings).
What are Cookies used for?
Cookies transmit information about you and your use of the Platform, such as your browser type, search preferences, data relating to advertisements that have been displayed to you or that you have clicked on, and the date and time of your use. With the exception of an identifier Cookie that we associate with registered accounts to prevent fraud by members of the Platform, Cookies link to certain unique information that you entered at time of registration or on your profile, but this is not linked to your name.
How Cookies are used?
1. Enabling authentication using Cookies allows us determine whether or not you’ve signed in to the Platform and to keep you signed in during visits as you access different pages.
2. Enabling security using Cookies enables and supports security features, prevents fraud, and protects your data from unauthorised access.
3. Using Cookies to provides tailored preferences and features allowing personalised content such as showing you your recent search activity.
4. Cookies deliver, evaluate and improve advertising, such as by using information about you to provide relevant advertising both on and off the Platform.
Opting Out of Cookies
You can control, manage and/or delete cookies via your browser settings however, cookies are necessary for us to provide the services you use and you cannot opt out of these on the Platform. You are able to disable placement of some (but not all) Cookies by setting your browser to decline cookies, though this may worsen your user experience. For further information please go to the following website AboutCookies.org.
Sharing with Our Group and Third-Party Service Providers
We do not sell any personal information to third parties. We may disclose your personal information on occasion to third parties (as described below) in order to provide the products or services that you have requested or upon request by the data subject, or if required to do so for legal reasons, for example, as part of a criminal investigation.
Disclosure may be made to Third Party Service Providers and affiliated companies listed in this section below. In each case described in this section, you can be assured that Brindisa Kitchens will only share your personal information in accordance with your consent. This will engage sub-processors for the processing of your personal information.
You should know that when BK contractually specifies that the third party is subject to practices and obligations to comply with applicable local data protection laws such as GDPR and will contractually ensure that any Third-Party Service Providers comply with privacy standards.
To conduct business operations, we may be required to disclose your personal information to third party services that provide in communications, social media, technology or cloud facilities, service providers which are our mailing houses, delivery service providers, telecommunications companies, data storage facilities, customer service providers, advertising and marketing service, providers.
Companies we work with;
• Brindisa LTD. (Our Sister Company)
• Campaign Monitor (CRM Platform)
• Purple Wifi (Wifi Login)
• Selima (HR Platform for our team)
Brindisa Kitchens Security Measures
We are committed to ensuring that your personal information is secure. In order to prevent unauthorized access, disclosure or other risks, we have put in place reasonable physical, electronic and managerial procedures to safeguard and secure the information we collect. We will use all reasonable efforts to safeguard your personal information.
All your personal information is stored on secure servers that are protected in controlled facilities. We classify your data based on importance and sensitivity and ensure that your personal information has the highest security level.
We make sure that our employees and Third-Party Service Providers who access the information to help provide you with our products and services are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet such obligations. We have special access controls for cloud-based data storage as well.
We will take all practicable steps to safeguard your personal information. However, you should be aware that the use of the Internet is not entirely secure, and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.
We will take upon the personal data breach, notifying the breach to relevant supervisory authority or under some circumstances, notifying the personal data breach to the data subjects by complying with applicable laws.
Brindisa Kitchens recognizes each individual has privacy concerns and aims to ensure that methods are available and without complication to enable you to restrict the collection, use, disclosure or processing of your personal information and control your privacy settings by allowing:
• The right to request access to and/or correction of any other personal information that we hold about you, however before we proceed with your request please recognise the need for security as you will be asked to verify your identity.
• Free of charge and upon request a copy of your personal data collected and processed by us will be provided to you
Note: Any extra requests of the same information, may incur a reasonable fee based on administrative costs.
• In the event of realising your personal data held by us is incorrect or incomplete, please contact us via email as soon as possible HOLA@BRINDISAKITCHENS.com
• Should you wish to erase your personal information, your request will be considered against any outstanding contractual measures first, then if approved your request will follow a measured procedure.
Note: Once information has been erased, it cannot be un-erased. The information must be resubmitted by the candidate.
• You have the right to restrict processing which will be reviewed against contractual processes and if approved it will be applied under applicable circumstances related to GDPR, if the restriction of processing is lifted, you will be informed beforehand.
• If you are Europe Union user under GDPR, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.
• If you are Europe Union user under GDPR, you have the right to receive your personal information in a structured, commonly used format and transmits the information to another data controller.
Personal information will be held for as long as it is necessary to fulfil the purpose for which it was collected, or as required or by applicable laws.
Should we be notified or a reasonable assumption regarding personal information purposes is no longer required, we shall cease to retain and/ or remove the data associated with an individual.
If further processing is for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes according to the applicable laws, the data can be further retained by BK even if the further processing is incompatible with original purposes.
Trade customers: We will retain your data for such time as you are in trading relationship with Brindisa Ltd. If you stop trading with Brindisa Ltd. or your account is suspended for any other reason, your personal data may be retained on our system for a period of up to seven years.
Online customers: We will retain your data for such time as you are in trading relationship with Brindisa Ltd.
At any time, you may amend or delete any personal data that we hold or request us to do so.
Customers attending Brindisa Ltd. closed events: We will store images indefinitely unless a request is made to remove them for our archives. Photographs used in print cannot be removed.
We will store any personal data to fulfill our legal obligations (e.g. accidents investigation). At any time, you may request us to amend or delete any personal data that we hold. If we receive your data through a competition entry, we will retain it for as long as is necessary to administer the competition.
Withdrawal of Consent
• You may withdraw your consent for the collection, use and/or disclosure of your personal information in our possession or control by submitting a request. This may be done by email or by contacting your Line manager or human resources department. We will process your request within a reasonable time from when the request was made, and thereafter not collect, use and/or disclose your personal information as per your request.
• Please recognize that your withdrawal of consent could result in certain legal consequences. Depending on the extent of your withdrawal of consent for us to process your personal information, it may mean that you will not be able to enjoy Brindisa Kitchens’ products and services.
2.9 Transfer of Personal Information Outside of EU Jurisdiction
Brindisa Kitchens is a UK-headquartered company operating within the UK. As such, and to date we do not transfer any personal data to any party outside of the European Union or the European Economic Area.
Regardless should personal data be transferred outside of the EEA, BK we will do so on the basis of EU standard contractual clauses or any other safeguards provided for in the GDPR.
• We consider it the responsibility of parents to monitor their children’s use of our products and services. Nevertheless, it is our policy not to require personal information from minors or offer to send any promotional materials to persons in that category.
• Brindisa Kitchens does not seek or intend to seek to receive any personal information from minors. Should a parent or guardian have reasons to believe that a minor has provided Brindisa Kitchens with personal information without their prior consent, please contact us to ensure that the personal information is removed and the minor unsubscribes from any of the applicable Brindisa Kitchens services.
We will seek your fresh consent before we collect more personal information from you or when we wish to use or disclose your personal information for new purposes.
Systematic Approach to Manage Your Personal Information
If you are a Europe Union user under GDPR, Brindisa Kitchens will provide systematic approach to manage personal data deeply engages our people, management processes and information systems by applying a risk management methodology. According to the GDPR, for instance,
(1) Brindisa Kitchens set up a Data Protection Officer (DPO) in charge the data protection, please email “The Data Officer” using the email: HOLA@BRINDISAKITCHENS.com
(2) Procedures like data protection impact assessment (DPIA) and data flow mapping
7-9 EXHIBITION RD
SW7 2HE SOUTH KENSINGTON
Related Documents / References
• ICO website: https://ico.org.uk/
• GDPR website : https://gdpr-info.eu/
• Cookie Information https://www.aboutcookies.org/