We offer delivery services to our customers through the use of employed mangers and contracted drivers. Our services are initially focussed on takeaway food delivery services to the individual customers of our customers but may be expanded in the future (hereafter called ‘the Services’).
We have an online presence for marketing our Services (including a website) and retain certain pieces of personal data about our drivers, employees, customers and our customers’ customers (collectively hereafter called ‘Users’) as defined the data protection legislation, including the General Data Protection Regulation 2016/679 (hereafter called ‘GDPR’).
This statement is a privacy statement produced pursuant to GDPR which is designed to inform Users about how we collect, use and disclose personal data.
We take our data protection obligations very seriously and have policies setting out the individual rights of Users and on things like data retention and storage, data security, breach reporting and compliance with GDPR.
A number of those policies are available on request to Users and these are as follows:-
The purpose of this statement is to flag up the existence of these policies and also to give some general advice about our data processing activities.
In order to deliver our Services to Users, we may need to be provided with certain information which the law regards as personal data. Very briefly, personal data is any data which might identify a living individual. This includes (but is not limited to) things like names, addresses, contact details and so on.
We do not use any personal data which we collect for marketing purposes. The personal data we gather is to allow us to properly provide the Services and/or to deal with any request for provision of the Services. Specifically, we collect data from the following people for the following purposes:-
In some situations, we also need to gather and use personal data to ensure compliance with any law or regulation to which we are subject including (but not limited to) compliance with our health and safety obligations and compliance with our obligations to pay tax and National Insurance contributions on behalf of our employees.
We might also need to know about someone’s medical condition so we can comply with our obligation to make reasonable adjustments and we might also need to collect personal data from time to time if we are required to do so to comply with our equal opportunities obligations.
Where we have to do any of these things, the lawful basis for processing data is the ‘legal obligations’ basis.
We will not share your personal data with anyone else except as set out in this policy statement or in any of our wider raft of GDPR policies.
We will not use your personal data for any other purposes without telling you first and either seeking your consent or, where we do not need to seek consent, telling you what the lawful basis for processing is and notifying you of your rights.
If you access our Services or information about our Services online (such as through our App), we also collect information that your browser sends to us automatically. This information is sometimes known as log data and may include information about your computer’s unique IP (Internet Protocol) address, together with details of the version of the browser you are using, the pages of any of our website that you visited, the time and date of those visits and the time you spent looking at each page. Retaining this data helps us improve our online presence and thereby improve our services.
Cookies are computer files containing small amounts of data that are gathered by websites which you visit when you are browsing online. They identify you anonymously, but when taken together with other sources of information, it is possible that some information contained in cookies might constitute personal data under GDPR. Cookies are sent to your browser from any website that you visit and are stored on your hard drive.
You will normally have the ability to disable cookies and you may also refuse to accept cookies when you visit our online platforms. However, you should be aware that if you refuse to accept cookies, it may impact on the functionality of websites and you may not be able to access all parts of our App, our website or the Services.
From time to time, we may employ or engage third parties to help us deliver part of our Services, to deliver activities which are related to our Services or to help us analyse how our Services are being used and accessed. This might include our drivers, who are not our employees. Where our requirements are such that we need to disclose personal data to these third party service providers so that they can carry out their tasks, we will make sure that we comply with the provisions of GDPR as regards data security.
Although we are committed to protecting your data and to complying with our extensive suite of data protection policies, you should be aware that data transmission is never 100% safe and that sometimes, notwithstanding our best endeavours, there may be breaches of data security. In that situation, we are aware of (and will comply promptly and in full) with our obligations to report breaches of data protection to you and, where necessary, to the relevant authorities.
When providing our Services, we may provide links to other service providers, either in hard copy form (such as on brochures or leaflets) or on online platforms such as our website or App. If you access any of these third parties through these links, you will be directed to those parties. You should be aware that we have no control over those third parties and that they are not part of our company. We cannot guarantee that third parties have appropriate data protection policies in place and by making links available, we are making no representation as to the security of your personal data should you choose to use those links. We would strongly recommend that in every case you check the data protection regime of any third party you may wish to link to. We cannot be held responsible for any issues which arise as a result of your use of such links.
We do not knowingly target our Services at children and neither do we collect information from children save in specific circumstances related to the provision of certain parts of our Services, which are covered in more detail in the relevant privacy notices and supporting documentation. In the unlikely event that we need to retain or process data relating to a child, we will ensure that the child’s parent or guardian has all the information they require in advance of data processing activity.
We may update this privacy statement from time to time to reflect changes in law or changes in our data protection regime. Any changes will usually be effective immediately that an updated version of this privacy statement is issued.
If you have any questions or suggestions about this privacy statement or about any other aspect of our data protection regime, please do not hesitate to contact us at firstname.lastname@example.org marking your correspondence “Data Protection Query”. We will endeavour to respond to any request as soon as reasonably practicable.