The EU General Data Protection Regulation (GDPR) effective from May 2018 gives all EU citizens more rights and protections for their personal data, to minimize the possibility of theft and fraud.
These regulations include provisions for the following areas:
- The right to be informed: Companies must publish a privacy notice, in addition to explaining transparently how they use this personal data.
- The right of access: Individuals will have the right to demand details of any of their data that a company may hold. This information must be provided within one month of a request at no charge to the individual.
- The right to rectification: If a person’s data is incorrect or incomplete, he or she has the right to have it corrected. If the company that holds the information has passed any of that information to third parties. The company must inform the third party of the correction and inform the person which third parties have their personal data.
- The right to be forgotten: A person may request the removal of his or her personal data in specific circumstances.
- The right to restrict processing: Under certain circumstances, an individual can block the processing of his or her personal data.
- The right to data portability: A person can access their data for their own use anywhere they prefer.
- The right to object: A person can object to the use of their personal data for most purposes.
Dhamecha Privacy and GDPR Policy
- 1.0 Our core principles regarding user privacy and data protection
- 2.0 Relevant legislation
- 3.0 Personal information that website and mobile application collects and why we collect it
- 4.0 How we store your personal information
- 6.0 Our third party data processors
- 7.0 Data breaches
- 8.0 Data controller
- 9.0 Compliance Team
- 5.0 About website’s server and mobile application’s server
1.0 Our core principles regarding user privacy and data protection
- User privacy and data protection are inviolable human rights
- We have a duty of care to people contained within our data
- Data is a liability: it should only be collected and processed when absolutely necessary
- We despise spam in all its forms
- We will never sell, rent or otherwise distribute or make public any personal information
2.0 Relevant legislation:
Alongside our business and internal computer systems, our website and mobile applicationare designed to comply with the following national and international legislation with regards to data protection and user privacy:
o UK Data Protection Act 1988 (DPA)
o EU Data Protection Directive 1995 (DPD)
o EU General Data Protection Regulation 2018 (GDPR)
Our website and mobile application are compliance with the above legislation, all elements of which are stringent in nature, means that website and mobile applications are likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well. If you are unsure about whether our website and mobile application are compliant with your own country of residences’ specific data protection and user privacy legislation you should contact our compliance team (details of whom can be found in section 9.0 below) for clarification.
3.0 Personal information that our website and mobileapplicationcollects and why we collect it
Our website and mobile application collect and use personal information for the following reasons:
3.1.1 Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction.
We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to track their journey through the website.
Although GA records data such as your approximate geographical location, device, internet browser and operating system, none of this information personally identifies you to us.
GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor (see section 6.0 below).
For your information, our website uses the Wix implementation of GA.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages on this website.
3.1.2 App location data
We use your data to determine the number of people in our stores to better understand demand to improve our customer service and staffing levels.
Our app uses data such as approximate current geographical locations, to provide the most relevant information to you, such the relevant store opening times, offer and promotion and the latest stock availability. No location data is stored in the app.
3.2 Our Customer Promotions
Should you choose to register to access information that we have published on our Customer promotions any personal details you enter with your comment will be saved to our website and mobileapplication database, along with your computer’s IP address and the time and date that you logged on to view the promotions.
This information is only used to identify you as a customer and is not passed on to any of the third party data processors defined in section 6.0.
3.3 Contact forms and email links
Should you choose to contact us using the contact form on our Contact Us page or an email link like this one, none of the data that you supply will be stored by our website and mobile applicationor passed to/be processed only by any other third party data processors defined in section 6.0 below.
Instead, the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
3.4 Email newsletter
If you choose to join our regular newsletter mailings (which is sent via email), the email address that you submit to us will be stored in our customer database, which we use for our email marketing. The email address that you submit will be stored within our internal computer systems.
Your email address will remain within our internal computer systems for as long as we continue to use the internal customer database for email marketing or until you specifically request removal from the list.
You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within the internal marketing database, you will receive occasional newsletter-style emails from us.
4.0 How we store your personal information
As detailed in section 3.2 above, the information supplied during registration will be stored in our customer database
- 5.0 About website’s server and mobile application’s server
Our website and mobile applicationarehosted in data centers in the UK All traffic (transferral of files) amongour website and mobile application and your browser is encrypted and delivered over HTTPS.
6.0 Our third-party data processors
We use only one third party to process personal data on our behalf. The third parties we use is Google Analytics
7.0 Data Breaches
We will report any unlawful data breach of our website and mobile application database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
8.0 Data controller
The data controller of our website and mobile application is:
Dhamecha Foods LTD
Whose registered office is at:
2 Hathaway Close
9.0 Compliance Team
Compliance Manager, Dhamecha foods LTD
Telephone: 0208 903 8181