This policy explains the types of personal data we (Jalapenos Restaurant) may collect about you when you interact with us. We collect and process data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. We do not disclose data to any third parties unless disclosure is necessary for the fulfilment of a service; you have specifically given consent for a particular service; or we have a legitimate interest in disclosing data. Instances in which we do disclose data to third parties are outlined below.
If you have any questions not answered by this policy, please contact us.
Our legal bases for processing personal data
Under the General Data Protection Regulations we rely on the following legal bases for processing your data:
Consent – we will ask your consent for marketing to you via email or post. If you consent we can collect and process your data for this purpose.
Contract – we sometimes need to collect and process your personal data in order to fulfil a contract with you, for example an order. We will also collect and process your data on this basis if you’ve asked us to provide a quote.
Legal – we are obliged to process some personal data to comply with the law. If you place an order with us we must retain some personal data for at least six years to comply with the Sale of Goods Act 1982, Consumer Rights Act of 2015 and HMRC guidance.
Legitimate interests – we collect and process some personal data to pursue our legitimate interests in a way you would reasonably expect as part of running our business; for example, to analyse information on our customers in order to provide new products or services.
The kinds of personal data we collect
Depending on your interaction with us, we may collect and process all or some of the following information:
- Address details
- Phone number
- Email address
- Marketing preferences
- Reservation history
- Computer IP address
How we protect your personal data
Our website is hosted on a secure server using a verified SSL (secure socket layer) system for transferring data. If you click on the small padlock symbol at the top of your browser’s screen, next to the web address, you will be taken to the site’s security certificate. If you have any concerns regarding the security of this site, please contact us.
With whom we share personal data
Sometimes we need to share your personal data with trusted third parties. In these instances, your data will only be used for the exact purpose we specify, will be transferred and stored securely, and will be deleted or rendered anonymous if we stop working with that third party.
Examples of the third parties with whom we share data are:
- Payment-processing services
- Email marketing service providers
- Event ticketing services
- Marketing mailing houses
- Customer service management systems
- Companies who show you personalised content on our website and in emails
- Marketing companies who analyse our customer data
This list is not exhaustive and may change from time-to-time in line with our business processes. Please be assured that we will only ever share your information with trusted parties who adhere to GDPR and the correct standards of security.
How long we keep your data
We will only keep your data for as long as it’s needed. After that, we’ll either delete it completely or render it anonymous (removing personal data but keeping information such as order amount for business analysis).
If you contact us for a quote and you don’t consent to marketing, we’ll keep your data for a year in case you wish to proceed with the quote.
If you receive services from us, we’ll keep your data for six years in order to comply with legal obligations. You can request that some of this is removed sooner – see below.
After six years we will remove your data unless you have consented to our marketing.
Your rights over personal data
You have the right to:
- Access your personal data, free of charge
- Have your personal data rectified if out of date or incorrect
- Have personal data erased, unless that would conflict with our legal obligations
- Withdraw consent for us to use personal data, if you have previously given consent
- Object to us processing your personal data and/or stop us using data for direct marketing
If you would like to exercise any of these rights, you should contact us.
How to stop us using your data for direct marketing
You can stop us marketing to you via post or email in the following ways:
- By clicking the ‘unsubscribe’ link at the bottom of any marketing email we send
- By contacting us and asking to opt out
Please note, you may continue to receive marketing from us for a short period after opting out. We will provide you with more detailed processing times should you make such a request.
How to lodge a complaint with a supervisory authority
If you are unhappy with our use of personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
The ICO’s contact details can be found on the ICO’s website.
What are cookies?
Most web browsers have default settings that allow cookies to be stored. However, under the “Managing Your Cookies” section below, we explain how to disable or enable cookies, should you wish to change your settings.
It should be noted that cookies cannot harm your computer. Furthermore, we do not store personally identifiable information such as credit card details in any cookies we create. We use encrypted information gathered from the cookies to help improve your experience of the site. For example, they help us to identify and resolve errors, or determine relevant related products to show you when browsing our site.
We have relationships with carefully selected and monitored suppliers who may also set cookies during your visit to be used for marketing purposes. The principal purpose of such cookies is to show you different products and services based on what you appear to be interested in. If you’d like to opt out from the storing of such cookies, please go to the Network Advertising Initiative website.
If you’d like to learn more about cookies in general and how to manage them, visit aboutcookies.org
Please note that we are not responsible for the content of external websites that are linked to from our website.