Privacy Policy

Privacy and Cookie Policy

The following information outlines how information will be processed and stored within The Gourmet Hog Roast Limited

The Gourmet Hog Roast Limited takes the privacy rights of all its clients seriously and adopts a high standard of compliance and confidentiality when dealing with your data. We want you to understand that this is a safe place for you to discuss your feelings and concerns and we operate in a highly confidential environment. This privacy policy sets out the details of how data is collected and processed through the use of our website and when you use our services.

Data Controller

Marco Bosonotto is our data controller and is registered with the Information Commissioners Office (ICO). He is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact Dr Selina using the details below:

Data Controller: Marco Bosonotto
Email Address: info@gourmet-hog-roast.co.uk
Postal Address: Gourmet Hog Roast Limited, 23 Hoppingwood Avenue, KT3 4JX

What is processed and why:
The personal data we collect and process from clients includes the following:

  • Personal data: basic contact information including name, title, home address, email, contact number
  • Sensitive personal data: Signed contract, no other sensitive personal data is collected
  • Technical data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website

We require your explicit consent for processing sensitive data, so when you submit your details, we will send you a further communication asking for you to confirm your consent to this processing.
We also collect and use Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Technical Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

How is your personal data collected?

We use different methods to collect data from and about you. The majority of the time, our information is collected directly when you contact us in the following ways:

  • When you fill in any contact forms;
  • When you complete any forms before or during an event;
  • Verbally during discussions;
  • Correspondence with us via post, phone, email or otherwise;
  • When you apply for our services;
  • When you request marketing communications to be sent to you; or
  • When you give us feedback or contact us.

Another method we may use to collect data includes the use of automated technologies or interactions, like website cookies or other similar technologies. This includes information about your equipment, browsing actions and patterns and information about your browsing activity if you visit another website that uses the same cookies as us. This means we receive information about how you use these third-party websites.

This data collection helps us to improve user experience, and to gather information about how you use our website. For more information, please refer to our Cookie Policy.

The lawful basis for processing personal data:
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances to provide catering at your events:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us. Your information will never be sold to others.

What are the purposes for which we will use your data?

  • To register you as a new client.
  • To provide our services and to process and deliver any orders, including: a) to manage payments, fees and charges and b) to collect and recover money owed to us.
  • To manage our relationship with you e.g., to notify you about changes to our terms of this privacy policy or to ask you to leave a review.
  • To send you relevant marketing information about our services.
  • To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
  • To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.
  • To use data analytics to improve our website, services, marketing, client relationships and experiences.
  • To make suggestions and recommendations to you about goods or services that may be of interest to you

Do we use Cookies?
Cookies help make our website work better for you, remembering your preferences and improving your experience. You can control cookie settings in your browser. Cookies make your browsing experience on our site as smooth as possible, because they remember your preferences.

Our website uses cookies to distinguish you from other users of our website. Please refer to our Cookie Policy here to learn more:

How long we store personal information:
Your personal information will only be stored for as long as it is required.

Sharing personal information:
Information about you is held in confidence. This means that your personal information is only shared within its franchise network on a central CRM database.

We may also share your personal information with certain third party service providers who provide IT and system administration services to our practice. For example, Salesforce.com, who provide our customer CRM database, ValueText who provide our SMS marketing tool and Mailchimp who provide our email marketing tool. These third party service providers have a requirement to respect the security of your personal data. We do not permit them to use your personal data for their own purposes, and they are only permitted to process your data for specified purposes in line with our instructions.

Do we ever transfer your data internationally?
We do not transfer your data outside the United Kingdom.

We will NOT do the following with your personal information:
Your personal information will not be shared with third parties for marketing purposes, outside of the Gourmet Hog Roast franchise network.

How we will keep your personal information secure:
We have strong security measures in place to keep your personal information safe. Only authorised individuals who have a need to know are granted access to your data, such as our employees or trusted partners. They will process your data in accordance with our confidentiality terms.

Personal information is minimised in phone and email communication.
Sensitive personal data will be sent to clients in an email attachment that is password protected. Email applications use private (SSL) settings which encrypts email traffic.
No open or unsecure Wi-Fi will be used to send any personal data.
Personal information is stored on a GDPR compliant secure cloud-based storage facility. This is password protected. No information will be stored on any office computer or mobile phone.
Malware and antivirus protection is installed on all computing devices used to access the cloud storage and secure email.
Mobile devices are protected with a passcode/thumbprint scanner.

What are your legal rights in relation to your data?
You have the following rights regarding your personal data:

Access: You can request a copy of the personal data we hold about you. This is known as a “data subject access request.”

Correction: If the personal data we have about you is incomplete or incorrect, you can ask us to correct it.

Erasure: You can ask us to delete your personal data. It’s important to note, however, that there might be legal reasons that prevent us from fulfilling this request. If such reasons exist, we will inform you when you make your request.

Objection: In certain situations, you have the right to object to the processing of your personal data.

Restriction of Processing: You can request that we restrict the processing of your personal data under specific circumstances.

Data Portability: You have the right to request the transfer of your personal data directly to you or to a third party of your choice.

Withdrawal of Consent: At any point where we rely on your consent to process your personal data, you have the right to withdraw this consent. Withdrawal of consent will not affect the legality of the processing done before the consent was withdrawn. Should you withdraw your consent, we might be unable to provide you with certain products or services. We will inform you if that is the case when you withdraw your consent.

If you wish to exercise any of the rights set out above, please contact us.

We won’t charge any fees for you to request access to your personal data. However, a reasonable fee may be charged if your request is clearly unjustified, repetitive or excessive. We also reserve the right to not comply in this scenario.We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to the privacy policy and your duty to inform us of changes
We keep our privacy policy under regular review. This version was last updated in September 2024.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Thanks for reading our privacy policy. If you have any questions please don’t hesitate to contact us.