Last updated: September 2018
At Thirteen Church Street, we know that you care how information about you is used and shared and we appreciate your trust in us to do that carefully and sensibly.
This policy applies to:
- visitors and users of Thirteen Church Street websites, including www.thirteenchurchstreet.co.uk (“Sites”)
- any Thirteen Churchstreet Limited branded restaurant services available including the purchasing of an online gift voucher through our third party platform thirteenchurchstreet.voucherconnect.com
- any email communication and email exchanged via our third party platform mailchimp.com
This privacy notice aims to give you information on how we, Thirteen Church Street Limited, collects and processes your personal data, including
- when and why we collect personal information from people who visit our website and make reservations via our Services
- how we use the information
- the conditions under which we may disclose the information to others
- how we keep it secure
By visiting thirteenchurchstreet.co.uk or accessing and using our services, you are accepting and consenting to the practices described in this Privacy Notice.
Who are we?
We provide hospitality services. We aim to please our customers with our approach to the quality of service. We are committed to respecting your privacy.
For the purpose of the General Data Protection Regulation 2016/679 and any implementing legislation (the "GDPR"), Thirteen church street limited, trading as Thirteen church street, or "we” or “us" or “our”, will be the data controller responsible for any personal data we process.
Our registered address is: 2 The Cart Shed, Houghton, Arundel BN18 9LW.
The Managing Director
Business address: 13 Church Street, Storrington, Pulborough RH20 4LA
Telephone: 01903 746964
How do we collect information from you?
We collect information related to how you use our Services, including how you interact with our software (including, but not limited to, clicks, page views, searches and steps taken to complete actions).
HOW AND WHAT TYPE OF INFORMATION IS COLLECTED FROM YOU?
In connection with your registration, booking, or making a payment to a restaurant on our website, we collect personal information.
When you make a booking, placing an online order:
We collect information such as:
- e-mail address
- telephone number
- marketing preferences (whether you opt-in or opt-out)
When you make a booking, making an online order, we do not proactively collect personal information considered as sensitive personal information such as health-related information. However, our Sites include text boxes which are designed for you to provide information you wish on dining preferences.
Incomplete bookings (booking is not confirmed)
We will capture personal information and opt-in preferences in the booking process. This is the case for incomplete bookings. When a diner makes a booking, opts in to marketing, agrees to the Terms and Conditions of the booking, and later on cancel the booking, or the booking is unsuccessful this diner is still opted into marketing, despite being marked as an incomplete booking.
When you sign up to our mailing list for offers and promotions:
This refers to when you click “Please sign me up” on our Site.
We collect the above information in the “When you make a booking” section and additional information such as:
- current and past restaurant reservation details
- special restaurant requests
- dining preferences
When you make a purchase on our web site:
We collect personal information: and additional information such as:
- home or work address
- billing information taken for deposits, gift voucher purchase or holding credit card information for use in the case of no-shows (where applicable)
There is “Device Information” about your computer hardware and software that is automatically collected by our third party platform, voucherconect.com and stripe.com. This information can include:
- device type (e.g. mobile, computer, laptop, tablet)
- operating system
- IP address
- browser type
- browser information (e.g., type, language, and history)
- domain names
- access times
- referring website addresses
- other data about your device to provide the services as otherwise described in this policy.
HOW IS YOUR INFORMATION USED?
This information is used by us for the operation of services, to maintain quality of the service, and to provide general statistics regarding use of our site.
Please keep in mind that if you directly disclose personally identifiable information or personally sensitive data through our public message boards, this information may be collected and used by others.
Note: we do not read any of your private online communications.
We may use your information to:
- process reservations
- notify you of your restaurant reservations
- buy gift vouchers
- pay deposits
- join wait lists
- provide you with new and improved features
- personalise your experiences on our Sites
- seek your feedback on the services we provide
- let you know of changes in our services or terms and conditions
- send you marketing communications that you have opted into and you may be interested in
- collect data, including without limitation from you, with the purpose of improving the booking service and to provide feedback to the restaurant
- present a quality index for the restaurant industry
- collate and share aggregated or de-identified information at its absolute discretion, including but not limited to aggregate statistical data.
We may combine your Personal Information with Device Information and location information to serve you specifically, such as to deliver a product to you according to your preferences or restrictions, or for advertising or advertising targeting purposes. When we combine Personal Information with Device Information in this way, we treat it as, and apply all of the safeguards in this Policy applicable to, Personal Information.
Consistent with above, we may communicate with you via electronic messages, including email, text message, or mobile push notification to, for example:
- send you information relating to our products and services, including reservation confirmations and updates, receipts, technical notices, updates, security alerts, and support and administrative messages.
- and/or, subject to the Your Choices section, below, and/or applicable law, communicate with you about contests, offers, promotions, rewards, upcoming events, and other news about products and services offered by us.
With your consent, we may contact you at the mobile phone number that you provide to us by way of direct dial calls and text messages in connection with the above Purposes.
OUR ROLE AS DATA CONTROLLER AND DATA PROCESSOR
It is important to understand the difference between being a data controller and data processor.
When bookings are made for a restaurant using our technology on any other digital platforms, via the thirteenchurchstreet.co.uk portal, we are the data controller. This means we determine how your personal information is processed. This included both how long your data is kept following making a booking (retention period), and maintaining marketing preferences.
We review our retention periods on a regular basis. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as it is set out in any relevant contract you hold with us.
WHO HAS ACCESS TO YOUR INFORMATION?
We do not sell, rent or lease customer lists to third parties.
We may share your information with other third parties for marketing purposes with your consent. More details can be seen in the Your Choices section below. In such cases, please note that you are subject to the separate privacy policies of such third parties.
Information shared with restaurants and their affiliates
When you make a dining request through our Sites, such as a restaurant reservation or making a payment to a restaurant through our Sites, all details pertaining to the reservation is delivered to our system.
The notifications sent by email or SMS via our systems are to confirm your booking details and to send a survey out after dining.
THIRD PARTY SERVICE PROVIDERS WORKING ON OUR BEHALF
We may pass on your information to our third party service providers, agent subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. When we use third party service providers, we disclose only the information that is necessary to deliver the service. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so.
List of third party service providers:
- Voucherconnect.com (gift voucher purchasing process)
- Stripe.com (online gift voucher purchasing card payment process)
- Worldpay (in house card payment processing)
We will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to:
(a) comply with the law or comply with legal process served on thirteen church street or the site
(b) protect and defend the rights or property of thirteen church street
(c) act under exigent circumstances to protect the personal safety of users of thirteen church street, or the public.
We may transfer your personal information to a third party:
- as part of a sale of some or all of our business and assets to any third party
- or as part of any business restructuring or reorganisation
- or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation
However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
PAYMENT CARD INFORMATION
To use certain services on our Sites and Applications we may require credit or debit card account information in order to:
- make payments
- pay a deposit
- pre-order payment
- purchase gift vouchers.
By submitting your credit or debit card account information through our Sites, to the extent permitted by applicable law, you expressly consent to the sharing of your information with restaurants, third-party payment processors (e.g Stripe), and other third-party service providers (e.g voucherconnect), and you further agree to the following terms.
When you use a credit or debit card to secure a reservation (paying a deposit) through our telephone communication, we collect and process your credit or debit card including card number and expiration date, the CVV number, the card registration details including house name/number, the post code, on a single use basis. We do not store this information for any future use purposes.
When you initially provide your credit or debit card account information through our Sites in order to use our restaurant payment services, including purchasing gift voucher, your credit or debit card account information is provided directly to our third-party payment service providers, Stripe.com. As explained in the thirteen church street Terms and Conditions, these third parties may store your credit or debit card account information so you can use our restaurant payment services through our Sites in the future to the extent permitted by local law.
- For information about the security of your credit or debit card account see further information on Security precautions in place to protect the loss, misuse or alteration of your information.
You can choose whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us, you can opt out by not ticking the relevant boxes on the forms where we collect your personal information.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. We will not contact you for marketing purposes by post unless you have given your prior consent.
If you would like access to your data then please contact us at email@example.com
You can change your marketing preferences at any time by contacting us by email at firstname.lastname@example.org
If you would like to delete personal information relating to a booking, please contact us at email@example.com
Please allow five working days from the date of your request for your information to be removed from our software.
SECURITY PRECAUTIONS IN PLACE TO PROTECT THE LOSS, MISUSE OR ALTERATION OF YOUR INFORMATION
When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software, the Secure Socket Layer (SSL). When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer. Stripe never stores any card details.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
CHANGES TO THIS STATEMENT