PLEASE READ CAREFULLY, IF YOU DO NOT ACCEPT THESE TERMS, YOU ARE ADVISED NOT TO USE THE WEBSITE
This policy was last updated: 25th May 2018
Use of this website, www.thewoolpackinnislip.co.uk, constitutes your legal agreement to the terms within this policy and your acceptance of this policy is deemed to occur upon your first use of the website.
The Woolpack Inn Islip may change this policy from time to time by updating this page. You should check this page before using the website to ensure that you are aware of and accept any changes.
We will take all reasonable steps to ensure that personal information is safeguarded and kept in accordance with the law.
By providing us with your data, you warrant that you are over 16 years of age.
The Woolpack Inn Islip is registered in England and Wales under company registration number 08970448. Our registered office address is 6 Kettering Road, Islip, Kettering NN14 3JU.
Where we manage personal data, we identify as a Data Controller and recognise and act on our obligations under applicable data protection laws. For any issues relating to data protection the person responsible is Darren Harding. Our organisation (T W I Pubs Limited) is registered with the ICO and our registration number is ZA413528.
Information that you provide to us is retained and processed in accordance with UK data protection legislation. This includes data given to us from the following:
Contact: We have a Contact Form and this is used to collect your name, email and phone number as well as your message, so that we can contact you and provide details of our services to you, make bookings, confirm bookings and deal with general company enquiries. Data is held on the grounds of being legitimate to our business interests.
Phone calls: Phone calls to us may be recorded and any data relating to the call may be retained by us. The data will be held on the basis of being for our legitimate business needs or in order to fulfil our contractual obligations if you are a client of ours.
Social media: We use social media to engage with users and link to our Facebook page. We do not keep any specific data that identifies you as an individual user, but hold details of our followers on these platforms. You should refer to the Privacy Policies of these channels to understand how they treat your data in relation to linking to our site.
Some of the information you provide to us may be considered sensitive personal data which includes information about a data subjects health or disabilities. All such data will be treated as confidential where appropriate and suitable safeguards of the data will be used.
We do not market this website at those under 18 years old. Consistent with the GDPR we will never knowingly request personally identifiable information from anyone under the age of 16 years old.
We will take appropriate steps to delete any personal data of individuals less than 16 years of age that has been collected on our website upon learning of the existence of such data.
From time to time, we may need to obtain information from third parties about you. This will only apply where it is necessary to provide our services and as permitted by law.
We use Enviio for managing our accommodation bookings and Open Table to allow you to make bookings for tables. We do not control the use of personal data provided to third parties and you should refer to their separate policies:
Open Table at https://www.opentable.com/legal/privacy-policy
We may use the information we collect from you in the following ways:
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
We may disclose your personal information if we are required to do so in the following circumstances:
We may use Data Processors who act on our instruction in relation to the management of your data and they must adhere to all data protection laws and regulations. We will ensure that any Data Processors used only operate on our written instructions and comply with their obligations under the GDPR. You will be informed of any other Data Controllers who have access to your data and who may determine processing activities separately to us, or as a Joint Data Controller.
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are subject to our terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate and/or engage with them with due care and caution in regard to their own privacy and personal details. This website nor its owners will not ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
The Woolpack Inn uses social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised that before using such social sharing buttons, that they do so at their own discretion, and should consider that the social media platform may track and save requests to share a web page, through the users’ social media platform account.
This website does not process customer payments for our goods and services. All payment details and sensitive information is handled by our authorised third parties. Transactions processed through a third party are not stored or processed on our servers.
We keep your personal information in accordance with our Data Retention Policy which reflects our needs to provide services to you as contracted and also as required to meet legal, statutory and regulatory obligations. The need to hold information is regularly reviewed and data will be disposed of when no longer required.
Your personal data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
We take appropriate steps to ensure a safe processing of personal data, however, we cannot guarantee the security of data transmitted through our website or by email. Any transmission is at your own risk.
Our website is hosted by Poppy Design (see www.poppydesignstudio.com). Any information that you supply to us may be stored and processed by our servers located in the EEA or another country that provides ‘adequate’ safeguards in accordance with the GDPR. Your data will only be transferred as permitted by the relevant data protection laws.
The Woolpack Inn recognises a data subjects rights and will uphold these in accordance with data protection laws. You are entitled to see the information held about you and you may ask us about any of the following:
Data subjects (i.e. individuals) have the right to access personal data that is held by submitting a subject access request (SAR) to The Woolpack Inn. We will endeavour to respond quickly to any such requests, which legally require us to respond within one month of receiving the request and necessary information. A subject access request can be made by emailing us at firstname.lastname@example.org
Data subjects have the right to request that we amend or change personal information that is inaccurate or incorrect.
Data subjects have the right to ask us to delete personal information from our systems without giving any reason and at any time. We will act on any such request without delay.
Data subjects have the right to rectification or erasure of personal data in the following circumstances:
Data subjects have the right to obtain and request the transfer of their data to different service providers.
Data subjects have the right to object to the processing of data at any time based on their particular situation. This includes objecting to profiling unless it is in the ‘public interest’ or exercised lawfully by an official authority. We will only process data under lawful grounds.
We do not use any automated processing that results in any automated decision based on a data subject’s personal information.
If you wish to invoke any of these rights, you should contact the person responsible for data protection by emailing us at email@example.com
We will report any unlawful breach of data as required by the GDPR within 72 hours of the breach occurring, if it is considered that there is an actual, or possibility, that data within our control including the control of our data processors, has been compromised. If the breach is classified as ‘high risk’ we will notify all data subjects concerned using an appropriate means of communication. We will report any relevant breaches to the ICO, see below.
If you have any concerns about how we handle your data, you can contact the Data Controller by email to firstname.lastname@example.org
If you want to raise a concern about the use of your data, you can contact us by email to email@example.com. Alternatively, you can formally raise a concern or complaint to the Information Commissioner’s Office (ICO) directly on 0303 123 1113, or see the options for reporting issues on https://ico.org.uk/concerns/
Copyright © 2018 The Woolpack Inn