Last update: 18 May 2018
For the purposes of the Data Protection Act 1998, we confirm that the data controller of the site at www.drapers-hall.co.uk (“the Site”) is Drapers Hall Limited, a limited liability company registered in England and Wales (company registration number 08339438) with its registered office address at Unit 5, Shropshire Food Enterprise Centre, 24 Vanguard Way, Shrewsbury SY1 3TG (“we” or “us”).
Information we may collect about you
We may collect and process the following information about you:
- personal information you provide us, when you register on the Site, subscribe to our services, place a reservation, participate in discussion boards or other social media functions, enter a competition, promotion or survey, post a Contribution, contact us, or if you report a problem with the Site. Such information may include your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph or any other information from which you may be personally identified. Personal information supplied as part of the commenting function on blog posts will, unless we tell you otherwise, be able to be seen by other users of the Site, so make sure you only provide information you are happy to be seen in this way.
- if you contact us, we may keep a record of that correspondence;
- we may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
- details of transactions you carry out through our site and data necessary for the fulfilment of your reservation including your name, email address, delivery address, credit/debit card number, security code and expiry date; and
- Information we automatically collect when you visit the Site, such as technical information detailing your visits to the Site including but not limited to traffic data, location data and other communication data.
- Information we receive from other sources, for example if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site.
- We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
If you contact us using Facebook Messenger, we receive your basic information which you provide to us when initiating the message on Facebook, account information (first name, last name, gender, locale, profile picture, time zone) from Facebook. We use this information to respond to your message, and we may use it to re-contact you via Facebook Messenger, within the time period permitted by Facebook. We do not keep this information longer than necessary to do this (generally one week). We do not combine it with data collected on the Site.
How we may use your information
We use information held about you in the following ways:
- to carry out our obligations arising from any contracts entered into between you and us;
- to administer your dining reservation or room reservation with us;
- to administer the Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to allow you to participate in any interactive features of our Site;
- to keep the Site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- to ensure that content from our site is presented in the most effective manner for you and for your computer;
- to administer prize draws, competitions or promotions;
- to notify you about any changes to the service;
- to run promotional activity;
- to provide you with the information, products and services that you request from us or which we feel may interest you based on the information you have provided to us, including, for example, your country, date of birth and address (if you have consented to receiving email updates from Drapers Hall Limited).
If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale to you.
We may also use your data to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by. If you do not want us to use your data in this way, please change the settings in your account.
Disclosure of your data
We may share your information with any member of our group, including Drapers Hall Ltd, our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. We may also share your information with selected third parties including:
- Our agents, business partners, advisors, suppliers and sub-contractors for the performance of any contract we enter into with them or you
- Advertisers and advertising networks to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users
- Our partners that sponsor or promote any competition that we conduct or promote via the Site
- Our partners for the purpose of contacting you directly about their offers, promotions, goods or services (if you have requested to be contacted for such purposes)
- Analytics and search engine providers that assist us in the improvement and optimisation of the Site
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
- If Drapers Hall Limited or substantially all of our assets are acquired by a third party, in which case personal information held by us will be one of the transferred assets
If you have consented to receiving email updates from Drapers Hall Limited, you agree that we may use your information to contact you by e-mail about offers, events, products or related services that you may find useful. We may also contact you with regard to offers and services which are relevant to your order or enquiry placed with us. If you do not wish to receive marketing communications from us, you can unsubscribe at any time by following the unsubscribe link in any marketing communications received from us, or by contacting us at firstname.lastname@example.org.
We do not share your data with any third party for marketing purposes.
Third party websites
The Site may, from time to time, contain links to and from the websites owned and/or controlled by third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for the privacy practices of such third party websites. Please check these policies before you submit any personal information to these websites.
Storage of your data
Making room reservations on our site is safe and secure. Our online booking facility uses industry-standard Secure Sockets Layer (SSL) technology to provide encryption of personal information such as your name, address and credit card details. In this way, information passed between your computer and us cannot be read in the unlikely event of someone intercepting it. Credit or debit card transactions are secure.
We will only accept online room reservations using Secure Socket Layer (SSL) technology - this means you cannot inadvertently reveal personal information by using an unsecure connection. The latest browsers all support SSL. If for any reason this option has been disabled on your browser, you will not be able to transact until you reset these options.
You can check that you are transacting in a secure environment by looking for either a locked padlock icon or an image of a key in the grey bar at the bottom of your screen. This should appear on any page where you are entering personal information (such as your credit card details) - no other page will transmit information about you.
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.
You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such soft opt-in processing by changing the settings in your account. You can also exercise the right at any time by contacting us at email@example.com.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
We take the risk of internet fraud very seriously. With the volume of fraudulent credit card transactions increasing, we make every effort to ensure all orders are thoroughly checked using the information already supplied. There is a possibility we may contact you to make additional security checks and we ask for your co-operation to enable us to complete them. Fraudulent transactions will not be tolerated by us and such transactions will be reported to the relevant authorities.
Access to your data
We respect your right to access, correct, request deletion or request restriction of our usage of your personal information as required by applicable law. We also take steps to ensure that the personal information we collect and process is accurate and up to date.
- You have the right to know what personal information we maintain about you
- We will provide you with a copy of your personal information in a structured, commonly used electronic format upon request
- If your personal information is incorrect or incomplete, you have the right to ask us to update it
- You have the right to object to our processing of your personal information
- You can also ask us to delete or restrict how we use your personal information, but this right is determined by applicable law and may impact your access to some of our Services
You have the right to access information held about you and, where necessary, to have it amended under The Data Protection Act 1988 and the 2018 General Data Protection Regulation. Your right of access can be exercised in accordance with this applicable legislation. Any access request may be subject to a reasonable fee to meet our costs in providing you with details of the information we hold about you. Any access request which could be considered manifestly unfounded, excessive or repetitive may be subject to a reasonable administrative fee to meet our costs in providing you with details of the information we hold about you.
To request access to your personal information, or if you are concerned that any of the information we hold on you is incorrect, please email us at firstname.lastname@example.org.
We retain your personal information for as long as necessary to provide the Services you have requested, for the fulfilment of your order and the marketing of similar products and services relevant to your order, or for other essential purposes such as complying with our legal obligations, resolving queries, and enforcing our policies.