This Privacy Notice
This privacy notice is for this website, https://drakemorgan.wpengine.com
Under the General Data Protection Regulation 2016 Drake & Morgan Ltd registered at Suite 88 – 90, Temple Chambers 3 – 7 Temple Avenue, London, EC4Y 0HP is defined as the controller, we have a number of venues such as The Folly Bar, The Refinery and The Parlour Bar, a full list of venues is available here https://www.drakeandmorgan.co.uk/bars-restaurants/. You may contact us at any point in writing to the above address or by email here: firstname.lastname@example.org regarding this notice and the use of your data.
This notice sets out the way Drake & Morgan processes, stores and protects user data and information that you may supply to us. It also outlines the obligations and requirements of the users, the website and website owners.
Purpose for collection
Our use of your personal data will always have a lawful basis, either because it is necessary to complete a booking, because you have consented to our use of your personal data (e.g. by subscribing to emails), or because it is in our legitimate interests.
We collect information from you to improve the quality of our services and to provide you with up to date information pertaining to special offers and new menus in our bars and restaurants. We have a legitimate interest in improving your experience at our venues which we do by communicating with you with the information you provided.
This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to.
We use some of the data we collect via cookies and via the purchases you make to send targeted advertising to you on social platforms we do this so that we can offer you special deals on products we have identified that you may like.
Information collected via email marketing campaigns is used to refine future email campaigns and supply the user with more relevant content based around their activity.
We do not collect special categories of data about you, we do collect personal data such as your name, address, contact number, birthday, location, email address and food interests such as wine preferences or types of food most eaten. We do also collect information pertaining to your health, we do this as we have a vital interest to ensure that any allergy needs you have are attended to.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation.
Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity.
Data is collected by a variety of means, this includes when you fill out a form to book a table, when you email us, call us, view or reply to any marketing material that we send you or when we receive information about you from our business partners such as Wireless Social.
We keep this data for a minimum of 12 months past the date of your last visit to any of our bars or restaurants, on occasion we may have a regulatory obligation to keep data beyond this time frame, when this regulatory time period expires we will keep it for a further 12 months.
3rd Parties and International Transfers
We use third parties for the delivery of our service and therefore from time to time your information will be passed onto third parties for that purpose.
The third parties that we use for the delivery of our services and references to their privacy policies are:
Beyond this, we do not and will not sell your information onto other parties for any purpose, we will share your information with law enforcement organisations or others such as the NHS where we have a vital interest to do so or a legal obligation.
When your personal data needs to be transferred to an overseas country or organisation that is not part of the EEA (European Economic Area), we will always ensure that there are adequate levels of protection and a similar legislation with regards to data protection. Each country might have different laws and regulations with regards to data protection, however we will always ensure that the country and/or organisation of destination always has appropriate measures in place to safeguard your data.
The information we process is stored within the EEA with three exceptions where data is processed in the USA by Fishbowl, Survey Monkey and Open Table.
Data security safeguards
We have put in place several technical and organisational measures aimed at protecting the confidentiality, the integrity and the availability of your personal data.
All the endpoints of the company are protected with antivirus, anti-malware and firewall protection.
Encryption technology is in use to protect the integrity of the personal data we process. Encryption prevents data from being easily accessible and recoverable in the event of theft or computer misuse.
A password policy is currently in place to ensure that the data stored on our systems is only accessible to authorised personnel. The passwords are changed on a regular basis.
We regularly make backups of our data to ensure that it is readily available in the event of technical problems or disaster recovery.
The General Data Protection Regulation gives people many rights, if you would like to exercise any of your rights, please contact James Sherrington via email email@example.com and we will respond as soon as possible in line with the requirements of GDPR. Please note that we will only divulge information to those making requests once we have verified your identity.
If you would like to remove your consent to receive marketing material you can unsubscribe at any time by clicking the unsubscribe link at the bottom of any of our emails and you will instantly be removed from our database. Alternatively you can visit our email provider, Fishbowl, at: https://www.fishbowl.com/privacy/contact/ where you can submit a request to Fishbowl who manage our email database have your data deleted or updated.
Contact & Communication
We make every effort to safeguard the integrity and confidentiality of your data and therefore subscriptions to our newsletters are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003 and all subsequent amendments. All personal details relating to subscriptions are held securely and in accordance with the General Data Protection Regulation 2016.
In all correspondence you receive from us you will be given an option to opt-out or unsubscribe, where this is not available instructions will be given instruction on how to manually do this.
This process is detailed at the footer of each email campaign.
Although this website only looks to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites)
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts.
Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy URLs (this is an example: http://bit.ly/zyVUBo).
Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
Social Media Platforms have their own privacy policies and terms and conditions, please ensure you read these to understand how they use your data.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details.
This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question.
Drake & Morgan are very proud to support several important charitable causes, through a number of fundraising initiatives.
We wanted to give our wonderful customers a way to join in the fundraising too, so we teamed up with Pennies, the digital charity box to help an amazing charity, Maggie’s, support local people affected by cancer”.
When you pay using your card and Chip & PIN in any Drake & Morgan restaurant, you’ll be given the opportunity to ‘top-up’ your bill and donate 50p to charity. Every penny goes to charity: 90% goes to Maggie’s (registered charity no. SCO24414) and 10% goes to Pennies (registered charity no. 1122489).
If you have any questions with regards to this privacy notice, the way your data is handled or if you would like to exercise any of your rights under the General Data Protection Regulation, please contact James Sherrington.
The Information Commissioner’s Office
If you would like to learn more about the General Data Protection Regulation or make a complaint, you can visit the ICO’s website following this link: https://ico.org.uk/
In addition to all the information provided in this privacy notice, you can also find more in-depth information with regards to the rights you have under the general data protection regulation following this link: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
Revision 1.2, May 2018.