|Who are we?|
|We are Troia (UK) Restaurants Ltd trading as: The Ivy Collection, The Ivy Asia, Harry’s Dolce Vita, Harry’s Bar James Street, Brasserie of Light. Our sister brands are Caprice Holdings Ltd and Birley Club Group. This privacy notice has been adopted by each of Troia (UK) Restaurants Ltd, Caprice Holdings Ltd and Birley Club Group (collectively “Restaurant Group”, “we”, “us, “our”).
For all data protection enquiries for the Restaurant Group please contact:
We are committed to ensuring that your privacy is protected and understand the need for protection of all personal information provided by you to us. This privacy notice is to state what personal information we collect about you, why we collect it and what we do with it. If you have any questions about our privacy notice please do get in touch with us by using the details in the ‘How do you contact us’ section.
|Quick Guide to Contents|
|What personal information do we collect about you?|
|Types of personal information|
|We collect and use many different kinds of personal information to provide our dining experiences and services. The personal information we may collect about you is listed below so you can see what we may know about you.
|Where we collect your personal information from|
|Generally, we collect and process your information in the following ways:
Information you give us
Information we collect automatically when you use our services
Information we receive from third parties
|How do we use your personal information?|
|We collect and process your personal information for several purposes. The law states that for each purpose we must explain to you what legal grounds we are using to justify our processing. Where we process your personal information we will have one of more of the following reasons:
When we have a business or commercial reason of our own to use your personal information, this is called a “legitimate interest”. Where we rely on legitimate interest for processing your information, we carry out a ‘balancing test’ to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing.
Here are the legal grounds for processing your personal information that are relevant to us:
To provide a requested service or carry out a contract with you.
Where we have a legal obligation
Where we have a legitimate interest
Where we have your consent
|How long do we keep your personal information for?|
|We will keep your personal information for as long as you are a customer of ours. We may keep your data for up to 3 years after your last interaction with us or where you have made a transaction, your data will be removed 5 years after such transaction. The reasons we may do this are:
We may also keep your data for longer if we cannot delete it for legal or regulatory reasons.
After this time, we will securely erase your information.
Your personal information is important to us and we will make sure your privacy is protected.
|Who do we share your personal information with?|
|We may share your personal information with other parties in order to provide you with products and services, run our business and comply with rules that apply to us. These include the following:
We may share your personal information within the Restaurant Group, primarily for business and operational purposes. As we continue to develop our business, we may sell or purchase assets. If another entity acquires us or merges with us your personal information will be disclosed to such entity. Also, if any bankruptcy or reorganisation proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible they will be sold or transferred to third parties.
We may share your personal information with third parties who perform functions on our behalf and who also provide services to us, such as professional advisors, social media networks, data management companies, digital agencies, reservation booking platforms, gift voucher solutions providers, CRM software providers and IT consultants carrying out testing and development work on our business technology systems and function co-ordinators. These third parties comply with similar and equally stringent undertakings of privacy and confidentiality. We may also share your personal information to our appointed representatives in connection with a contracted transaction between you and us, including solicitors. These third parties comply with similar and equally stringent undertakings of privacy and confidentiality.
We may also share your personal information with the following organisations:
Where required we may also share your personal information with third parties to comply with a legal obligation; when we believe in good faith that an applicable law requires it; at the request of governmental authorities conducting an investigation; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of third parties, visitors to the our website, our business or the public.
|What happens if you do not provide us with the information we request or ask that we stop processing your information?|
|If you do not provide the personal information necessary, or withdraw your consent for the processing of your personal information, where this information is necessary for us to provide services to you, we will not be able to provide these services to you.|
|Do we make automated decisions concerning you?|
|No, we do not carry out automated decision making.|
|Do we transfer your personal information outside the UK and EEA?|
|We do not transfer your personal information outside the UK and EEA.|
|What are your rights?|
|By law, you have a number of rights when it comes to your personal information. Please contact us using the contact details below to exercise any of your rights. Further information and advice about your rights can be obtained from the data protection regulator in your country.|
|Rights||What does this mean?|
|1. The right to object to processing||You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).|
|2. The right to be informed||You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this privacy notice.|
|3. The right of access||You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this privacy notice).
This is so you’re aware and can check that we’re using your information in accordance with data protection law.
|4. The right to rectification||You are entitled to have your information corrected if it’s inaccurate or incomplete.|
|5. The right to erasure||This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.|
|6. The right to restrict processing||You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.|
|7. The right to data portability||You have rights to obtain and reuse your personal information for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.|
|8. The right to lodge a complaint||You have the right to lodge a complaint about the way we handle or process your personal information with your national data protection regulator.|
|9. The right to withdraw consent||If you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal information for marketing purposes.|
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
- baseless or excessive/repeated requests, or
- further copies of the same information.
Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
|How will we contact you?|
|We may contact you by phone or email. If you prefer a particular contact means over another please just let us know.|
|How can you contact us or get more help?|
|If you have any questions about this privacy notice, or would like to exercise any of your rights, please contact us by writing to us at the address below:
If you are unhappy about any aspect of the way we collect, share or use your personal information, please let us know using the contact details above.
You also have a right to complain to the Information Commissioner’s Office.
|How will you know if we change this privacy notice?|
|We may need to make changes to this privacy notice at any time. If we make any material change to how we collect your personal information, or how we use or share it, we will update the privacy notice on our website, and we will inform you of these changes by our normal means of communicating with you, including by email, or by post.|