We are committed to complete transparency on how we collect, use, manage and protect your personal information. The data controller is Cluck Street Food (referred to in this policy as “we”, “us” or “our”). The data processor is Wix.com.
• The personal information we collect
• How and why we collect your personal information
• How and why we process your personal information
• Who your data is shared with
• How long we store your personal information
• The steps we take to ensure your personal information is kept safe and secure
• The rights you have regarding your personal information
• How to contact us
2. The personal information we collect
• We collect your email address and other personal details when you register to receive an order.
• We collect your email address and IP address when you submit a comment on one of our posts.
• We collect your name, email address and IP address when you submit a message via our contact forms on our Site.
• When you visit our Site we may collect information about your online browsing behaviour and any devices you have used to access our Site (including your IP address, browser type and mobile device identifiers)
You should be aware that Wix.com is used as a data processor. We are not liable for any third party policies. By transacting with Menu by Lou you are also agreeing to the policies of Wix.com.
3. How and why we collect your personal information
Reasons We May Contact You
We collect and may use your personal information to:
• contact you in response to the communications that you have directed at us. We want to be able to help you so we use personal data to provide clarification or assistance in response to your communications.
• Contact you regarding an order or a promotion that we are running.
• Contact you regarding the functions of Wix.com as a data processor.
We will periodically review your personal information to ensure that we do not keep it for longer than is permitted by law (see section 6 below).
4. How and why we process your personal information
We will only collect and use your personal information (as described in sections 2 and 3) in accordance with data protection laws. Our grounds for processing your personal information are as follows:
Consent – Where necessary we will only collect and process your personal information if you have consented for us to do so.
Legitimate Interests – We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws there is a concept of “legitimate interests” as a justification for processing your personal information. Our legitimate interests for processing your personal information are:
• to enable you to access and use the Site;
• to communicate with you about your use of our website and order system
• to improve our Site. We may use your personal information to undertake demographic segmentation and generate profiling information to help us understand what you might be interested in and for market research. We are always working to make a better Site for you and using your personal information in this way helps us to do this.
From May 2018, you will have a right to object to our use of your personal information for these legitimate interests, including a right to object to profiling by us (see section 9 below).
5. Disclosure of the information we collect
The personal information you enter when registering on our Site or that we collect when you use our Site is confidential and except in the circumstances mentioned below, we will not disclose it to any third party.
We may disclose the information described at clause 2 to a third party in the following circumstances:
• If required or permitted to do so by law;
• If required to do so by any court or any other applicable regulatory, compliance, governmental or law enforcement agency;
• If necessary in connection with legal proceedings or potential legal proceedings;
• In line with our own Terms and Conditions of Use and
• As required by our data processor and their obligations
6. How long do we keep your personal information for?
Our data processor has separate policies in place for these matters.
7. How are we keeping your personal information secure?
Keeping information about you secure is very important to us so we store and process your personal information in accordance with the high standards required under data protection legislation.
You may complete a registration process when you sign up to use parts of our Site. This may include the creation of a username, password and/or other identification information. Any such details should be kept confidential by you and should not be disclosed to or shared with anyone. Where you do disclose any of these details, you are solely responsible for all activities undertaken on our Site where they are used. To protect your account, we ask you to choose a strong password to access your data on our Site. A strong password should include a mixture of letters and numbers. This password must be unique and must not be used anywhere else or for any other purpose. Your password can only be reset with access to the email address registered in our system. We do our best to keep the information you disclose to us secure. However, we can’t guarantee its security. By using our Site you accept the inherent risks of providing information online and will not hold us responsible for any breach of security. We also do our best to ensure that our data processor is properly secure. However, we cannot guarantee its security. By using our site you accept the inherent risks of the third party data processor and will not hold us responsible for any breach of security.
8.1 IP address
When you use parts of our site, we log the IP addresses of users’ computers which we use solely for administration and troubleshooting purposes.
• to improve the functionality and performance of the Site;
• to improve the user experience of the Site;
9. Your rights
Your privacy is important to us. All emails or other forms of communication directly from us to you will include clear instructions on how to unsubscribe. Plus, if you don’t want to be contacted by us anymore you can email firstname.lastname@example.org This clause 9 sets out your other information rights.
9.1. You already have certain rights under existing data protection legislation, including a right to request a copy of the personal information we hold on you, if you request it in writing. From 25th May, 2018 you will have the following rights:
9.1.1. Right to correct: the right to have your personal information rectified if it is inaccurate or incomplete;
9.1.2. Right to erase: the right to request that we delete or remove your personal information from our systems;
9.1.3. Right to restrict our use of your information: the right to ‘block’ us from using your personal information or limit the way in which we can use it;
9.1.4. Right to data portability: the right to request that we move, copy or transfer your personal information;
9.1.5. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests, or where we use your personal information to carry out profiling to inform our market research and user demographics. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we’re continuing to process your personal information.
We will use reasonable efforts consistent with our legal duty to provide you with your rights in accordance with data protection legislation. At our discretion, we may charge £10 for information requests that are excessive, particularly if it is repetitive or for further copies of the same information. We require you to prove your identity with two pieces of approved identification. We will use reasonable efforts to supply, correct or delete personal information about you on our files.
9.2. If you’re not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may be able to refer your complaint to the relevant data protection regulator. In the UK, this is the Information Commissioner’s Office.
Effective as of: 17.05.2021