PURPOSE OF THIS POLICY
This Policy aims to give you information on how we collect and process your Personal Data through your use of this website, including any data you may provide to us when you use our Wi-Fi services, visit one of our restaurants or bars, subscribe to our newsletter and loyalty scheme or use our website, when you have entered your personal information into forms on this website, when you contact us directly by telephone or email, including your unsolicited approaches to us, when you contact us via Social Media, when you give us your business card(s) or contact details, when a third party has arranged your introduction to us, or otherwise facilitated email communication.
Market House Ltd is committed to ensuring that your privacy is protected and follows the General Data Protection Regulation (GDPR).
Definition of Personal Data
Personal Data means any data that relates to an identifiable person who can be directly/indirectly identified from that data. In this case, it means personal data that you give to us via our site.
By providing your personal data, you agree that we can use your personal data in accordance with this policy.
Ensure you understand this policy in its entirety and take your time to read it.
Our full details are:
- Full name of legal entity: Market House Ltd
- Name or title of data privacy manager: Data Privacy Manager
- Email address: email@example.com
- Postal address: 12A Market Hill, East Of England CB2 3NJ
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk) or telephone: 0303 123 1113. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
How we collect your Data
1 – When you use our website
2 – When we need to verify your age
Market House is required by law to ensure we do not sell/serve alcohol to anyone under the age of 18 so we carry out age checks when appropriate. We may log some age verification checks anonymously to check and prove that they are being carried out in accordance with the licensing rules that apply to Market House.
The Challenge 21 and Challenge 25 schemes seek to discourage underage drinking by encouraging hospitality businesses to ask anyone who may be lucky enough to look like they are under 21 (or 25) for proof of their age before they are served. If you’re one of the lucky ones, please don’t be offended, it’s a compliment!. A photo-card driving licence, passport or military ID are valid proof of age for both schemes: if you don’t have these documents, please check the relevant Challenge scheme website to see what else we can accept.
To comply with Covid-19 regulations. NHS Test and Trace or NHS Scotland Test and Protect may request information from us about our visitors, we will share the information they require, to help them to identify people who are at a higher risk of infection.
Occasionally, a licensing authority may require the licensed premises in their area to verify or record information about their visitors, in particular information about their identity. If we are required to carry out such activities during your visit, further information will be provided at the Market House venue.
3 – When you subscribe to newsletters or direct marketing
If you permit us to do so, we will use the information you provide to select and send you messages containing special offers, discounts, promotions, gift cards and upcoming events or any other type of information you have requested.
Market House Wi-Fi users can change their marketing preferences on the Wi-Fi app’s Account Settings page at any time.
4 – When you book a table, private room, event or function.
We will use the information you provide to make and confirm your booking.
If you’re making a booking on behalf of a work colleague, we will ask for information about your organisation and the guest, so that we can invoice and bill the correct party.
If you tell us about dietary preferences, allergies, food intolerances or special access needs, we will use this information to help us look after you during your visit or stay with us.
If you provide us with information about birthdays, anniversaries or other celebrations that you want to commemorate during your visit, we will use this information to help make your celebration as special as possible. If you give us permission to do so, we will use this information to send you a reminder to book again when your next birthday or anniversary is almost due.
5 – When you make a payment, request a refund or redeem a voucher
We will use the information you provide to process your payment or refund. We do not keep records of payment card details, however, please be aware that some booking agents transmit payment card details by fax to whichever hotel their users have booked. If a booking agent sends us your payment card details, we will store the information securely until payment has been made, which is normally at the end of your stay.
6 – When you use our Wi-Fi service
We will use the information you provide to register you for and connect you to the service. When you first register, and each time that you connect to the service, we obtain additional information from your device and from the equipment used to provide the Wi-Fi service. This information describes where, when and how you registered or connected. We use this information to provide and maintain your connection to the service.
Please take these steps to prevent information sharing when you are not actively using the service:
- • Don’t select the ‘connect automatically’ option if you want to avoid connecting and sharing information automatically whenever you are in range of our Wi-Fi service
- • If you chose to automatically connect to the service but have since changed your mind, either delete then recreate the Wi-Fi connection or turn off Wi-Fi on your device whilst you are not using it
- • Check you have not saved your Market House Wi-Fi connection settings before you let anyone else use your device
7 – When we need to verify or record information about your identity
The UK government has asked pubs, hotels and restaurants to register information about their visitors during the Covid-19 pandemic. Therefore, the identity information you provide when making a booking or registering your visit, together with the date, time and name of the venue you are visiting, will be recorded for this purpose.
8 – When we carry out profiling
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively.
The personal data we use in our profiles includes:
- Demographic information, such as your age, gender, address and postcode
- Purchase information, such as what you bought, how you paid and whether or not you took advantage of a discount
- Information about family events and special occasions, such as the dates of birthdays, weddings and anniversaries
- Information about your use of our services and whether or not you participate in our promotions, such as our Wi-Fi service, email clubs, loyalty schemes and any competitions you enter
- Information about how you respond to our marketing and advertising campaigns, such as whether or not you read our marketing messages, see our adverts on social media or take up any of our special offers
As we collect profiling data, our services will become more and more relevant the more we learn about you. Ensuring we are constantly improving our target driven marketing with personal and specific promotions, events, and special offers with brands you will enjoy.
If you do not want us to use your personal data in this way, please see the Your Rights section of this Policy.
9 – When you use a gift card or participate in a loyalty scheme
When you buy a gift card, we will use the information you provide to personalise, activate and send the gift card to you or the person you bought it for.
When you redeem your gift card and whenever you present your loyalty scheme membership number during payment, we will use information about your visit, purchases and use of our services to update your gift card balance, credit your account with any loyalty points you have earned and update your profile.
10 – When you submit queries, compliments or complaints
We will use the information you provide to deal with your enquiry and keep you informed about its progress. If you compliment a person or a team for their service, we will pass your compliment on to them and their manager, so that their achievement can be recognised.
Most complaints can’t be resolved without discussing the matter with other people, so we may need to share information about your complaint with: the team present at Market House when you visited, their area or regional manager; the management team of a contractor we have engaged; or other types of third party organisation. We will only share information with others when it’s necessary to do so in order to investigate and resolve your complaint.
11 – When you take part in a survey
Please read the survey’s privacy notice before you participate.
12 – When we record promotional videos or interviews or take photos
We will most likely carry these out during out of service hours, however in the case we do if you don’t want to be involved, please let a member of staff know on your arrival so that they can ensure your wishes are respected.
13 – When we record CCTV images and emergency phone calls. If you would like further information about how we use CCTV images please refer to the CCTV section of this Privacy.
We may need your personal information when carrying out an emergency phone call on your behalf, we may also be asked to give any information of guests present before, during, or after an emergency has taken place within Market House.
14 – In the case of an accident
If you are unfortunate enough to be involved in an accident on our premises, we will use the information you or others present at the time provide to record the incident in an accident book. We may also use this information to conduct an investigation and to make or defend an insurance or other type of legal claim.
15 – If we impose a ban on visiting a venue
If you are unfortunately banned or restricted from our venue, we will use your name, photos and recordings of you and any other relevant personal information that we need to identify you and which we can obtain and use lawfully to enable our staff to record and enforce the ban.
16 – If we ask for other people’s personal data
Please refer them to this notice and ask for their permission to share their information first.
How We Use Your Personal Information
We will typically collect and use this information for the following purposes:
- For the performance of an agreement you have with us or our client and pursuant to which we are appointed as their supplier.
- For the purposes of our legitimate business interests or those of a third party, but only if these are not overridden by your interests, rights or freedoms.
We seek to ensure that our use of personal information is always proportionate.
We do not collect or store any sensitive data about you. Sensitive data may refer to details about your ethnicity, religion, sexual orientation, race, philosophical beliefs, political views, criminal convictions, information about your health, and information about genetic or biometric data.
Who We Share Your Personal Information With
DISCLOSURE OF CUSTOMER INFORMATION
There are circumstances where we wish to disclose or are compelled to disclose your Personal Data to third parties. This will only take place in accordance with the applicable law. Please note, save as described above we do not rent or trade email lists with other organisations and businesses.
We routinely share the following categories of personal information:
- Name, Address, Telephone Numbers, Email addresses
- Other demographic information such as preferences and interests
- Other information relevant to customer surveys and/or offers
This personal information may be shared with the following categories of recipients:
- Accountants, Solicitors, Debt Collections Agencies, Contractors and Freelance Staff, IT Support and Website Hosting & Support.
This data sharing enables us to perform our duties in delivering our products and services and is for the purposes of our legitimate business interests.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party.
International data transfers
Before your personal data is transferred outside the UK, we implement at least one of the following safeguards:
• Check whether the personal data is being transferred to a country that has been deemed to provide an adequate level of protection by the UK government. More information about this is available on the UK government website.
• Where we use third parties based in the United States, check if they have signed up to the Privacy Shield framework. This framework requires signatories to provide a similar level of protection to personal data as would be the case if the personal data remained within the UK.
• Use contractual clauses approved by the UK government which give personal data equivalent protection to that which it would have if processed in the UK.
• If we are unable to apply any of the first three safeguards, we will try to contact you to ask for your consent before we transfer your personal data.
We use different methods to collect data from and about you including through direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes Personal Data you provide when you:
- sign up for our newsletter;
- join our loyalty scheme;
- login to our Wi-Fi services;
- enter a competition, promotion or survey;
- give us some feedback; or
- when you visit one of our establishments.
Third parties or publicly available sources. We may receive Personal Data about you from various third parties and public sources as set out below:
- Technical Data from Google Analytics including details about your use of our website, browsing actions and patterns.
- Contact, Technical and Transaction Data from our WiFi provider Wireless Social https://www.wireless-social.com/privacy-policy
- our grounds for processing your Personal Data
Your consent, as the Data Subject, to the processing as specified in this Policy is the primary legal ground for our processing of your Personal Data. However, there may be circumstances where we may also rely on other valid legal grounds for the processing of your Personal Data, such as:
- your request for content, goods or services necessitating steps including processing of your Personal Data to be taken prior to entering into a contract with you and any processing that is necessary for the performance of such contract; and
- legitimate interests pursued by us as a business, except where such interests are overridden by your interests and fundamental rights and
- compliance with a legal obligation to which we are subject.
Where Your Personal Information May Be Held
Information may be held at our offices and those of our group companies, and third-party agencies, service providers, representatives and agents as described above.
We also use a number of third-party providers.
- To help maintain Website Security & Performance we use a third-party service. To deliver this service it processes the IP addresses of visitors to our website.
We have security measures in place to seek to ensure that there is appropriate security for information we hold.
How Long Your Personal Information Will Be Kept
We will hold personal information for the period of time we deliver products and services and until there is no foreseeable legitimate business interest with you, or until you have exercised your right for your personal information to be removed from our systems.
We also routinely delete some personal information from our systems before that data is two years old. This includes form submissions sent via our website.
We retain and use your personal information for our legitimate business interests.
DATA SUBJECT RIGHTS
You can ask us to stop sending you marketing messages at any time by contacting us as above or by following the opt-out links on any marketing message sent to you. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase or other transactions. Changing your Personal Data. You can change the Personal Data that we hold about you by contacting us, using the details set out above, and asking us to update your information. Data protection law provides data subjects with numerous rights, including the rights to access, rectify, erase, restrict, transport, and object to the processing of their Personal Data. Data subjects also have the right to lodge a complaint with the relevant data protection authority if they believe that their Personal Data is not being processed in accordance with applicable data protection law.
Under the General Data Protection Regulation you have a number of important rights free of charge, including rights to:
- Right to make subject access requests (SAR). Data subjects may, where permitted by applicable law, request copies of their Personal Data. If you would like to make a SAR, i.e. a request for copies of the Personal Data we hold about you, you may do so by writing to the Data Privacy Manager whose contact details are above. The request should make clear that a SAR is being made. You may also be required to submit a proof of your identity.
- Right to rectification. You may request that we rectify any inaccurate and/or complete any incomplete Personal Data.
- Right to withdraw consent. You may, as permitted by applicable law, withdraw your consent to the processing of your Personal Data at any time. Such withdrawal will not affect the lawfulness of processing based on your previous consent. Please note that if you withdraw your consent, you may not be able to benefit from certain service features for which the processing of your Personal Data is essential.
- Right to object to processing. You may, as permitted by applicable law, request that we stop processing your Personal Data.
- Right to erasure. You may request that we erase your Personal Data and we will comply with your request unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping your Personal Data, such as a legal obligation that we have to comply with, or if retention is necessary for us to comply with our legal obligations.
- Right to data portability. In certain circumstances, you may request that we provide your Personal Data to you in a structured, commonly used and machine readable format and have it transferred to another provider of the same or similar services.
- Your right to lodge a complaint with the supervisory authority. We suggest that you contact us about any questions or if you have a complaint in relation to how we process your Personal Data. However, you do have the right to contact the relevant supervisory authority directly. To contact the Information Commissioner’s Office in the United Kingdom, please visit the ICO website for instructions.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.
Keeping Your Personal Information Secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We store your personal information in access-controlled systems on servers hosted in the European Economic Area. Within Market House, your personal information is shared amongst only those employees who need to know your personal information.
What happens if our business changes hands?
Job Applications & Your Personal Information
If you apply for a job with us, Market House is the data controller for the information you provide during the process unless otherwise stated. If you have any queries about the process or how we handle your information please contact us at firstname.lastname@example.org.
All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.
The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t.
The Personal Information We Collect and Use
In the course of delivering our products and services and any other relevant activities, we collect some or all of the following personal information:
- Name(s), Postal Address(es), Telephone Number(s) and Email Address(es)
- Demographic information such as preferences and interests
- Other information relevant to customer surveys and/or offers
We seek to ensure that our collection of personal information is always proportionate.
CCTVMarket House is committed to operating a safe environment, it, therefore, has in place a closed-circuit television system (CCTV) to assist in providing a safe and secure environment for staff, customers and delivery personnel, as well as Market House Property.
CCTV systems are based around digital technology and therefore need to be treated as information that will be processed under the Data Protection Act 1998, the General Data Protection Regulation (GDPR) and any subsequent data protection legislation.
Market House will have due regard to the Data Protection Act 1998, the General Data Protection Regulation (GDPR) and any other subsequent data Protection legislation, and to the Freedom of Information Act 2000, the Protection of Freedoms Act 2012 and the Human Rights Act 1998.
Market House will follow the Surveillance Camera Code of Practice, issued under the Protection of Freedoms Act 2012.
The Market House system comprises several fixed dome cameras located both internally and externally around Market House. All Cameras may be monitored and are only available for use by approved members of staff.
The CCTV is owned by Market House and will be subject to review on an annual basis.
The purpose of this Policy is to regulate the management. Operation and use of the CCTV system at Market House.
Purpose of CCTV
Market House Has installed a CCTV System to:
A/ To increase the personal safety of staff, visitors, and delivery staff, and reduce the fear of physical abuse, intimidation and crime
B/ Protect Market House buildings and its assets to ensure they are kept free from intrusion, vandalism, damage or disruption
C/ To support the Police in a bid to deter and detect crime
D/Assist in prevention and detection of crime
E/Assist with the identification, apprehension and prosecution of offenders
F/ Assist with the identification of action/ activities that might result in disciplinary proceedings against staff and/ or customers
The system will be provided and operated in a way that is consistent with an individual’s right to privacy
The CCTV system will not be used to:
- Provide images to the world wide web
- Record sound
- Disclose to the media
The CCTV surveillance system is owned by Market House.
The General Manager is responsible for the day to day operation of the system and for ensuring compliance with this policy.
The CCTV system is registered with the Information Commissioner under the terms of the Data Protection Act 1998 and will seek to comply with the requirements of the Data Protection Act 1998, the General Data Protection Regulation (GDPR) and the Commissioner's code of practice.
Warning signs, as required by the Code of Practice of the Information Commissioner have been placed at access routes and areas covered by the CCTV System.
Image Viewing and Download Procedure Viewing.
Recordings may be viewed by the Police in the presence of the General Manager or Assistant General Manager following specific data access formal request.
The General Manager or Assistant General Manager is authorised to review CCTV recordings to ascertain the circumstances relating to potential incidents involving customers, staff, contractors and delivery personnel. Potential incidents involving staff may be viewed by the appropriate Head of Department.
Breaches of the Policy
Any suspected breach of this Policy by Market House staff will be considered under Market House Disciplinary Policy and Procedures.
Overview of System.
The CCTV system runs 24 hours a day, 7 days a week.
The CCTV system comprises fixed position cameras, zoom cameras and monitors.
CCTV signs will be prominently placed at strategic points and at the entrance and exit points.
Data Protection Act 1998.
For the purpose of the General Data Protection Regulation (GDPR) the General Manager is the designated data controller.
Market House has registered its processing of personal data, including CCTV with the Information Commissioner's Office.
This website is not intended for children and we do not knowingly collect data relating to children. If we learn that any information we collect has been provided by a child under the age of 18, we will promptly delete that information.
If you are a minor under 16 years of age, please obtain consent from your parent or guardian before you submit any personal information to us. If you are a parent or guardian of a minor and you have reason to believe your child or ward has provided us with their personal information without your prior consent, please contact us to request for erasure of their personal data or for the minor to be unsubscribed from our mailing lists.
What is a Cookie?
A cookie is a piece of text which asks permission to be placed on your computer’s hard drive. Once you agree (or your browser agrees automatically if you have set it up in that way), your browser adds that text in a small file.
A cookie helps analyse web traffic or lets website operators know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
How to control and delete cookies
We know that people have concerns about cookies, but we believe that the benefit that you and we gain from their proper use is worthwhile.
You can delete the files that contain cookies – those files are stored as part of your internet browser. If you wish to restrict or block the cookies which are set by this website, or indeed any other website, or if you wish to receive notification of cookie placement requests or decline cookies completely, you can do this through your browser settings. The Help function within your browser should tell you how. Please be aware that declining or denying cookies may prevent you from being able to use the website to its highest capability.
If you would like more information about how cookies work, you may wish to visit www.aboutcookies.org which contains comprehensive information on how to disable cookies on a wide variety of browsers. You will also find details on how to delete cookies from your computer as well as more general information about cookies. For information on how to do this on the browser of your mobile device you will need to refer to your manual.
Links To Other Websites
Our website contains links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.
Changes to This Privacy Notice
This privacy notice was published on 28/04/2022 and last updated on 3rd May 2022.
Market House may change this policy from time to time by updating this page. Please check this page from time to time to ensure that you are happy with any changes.