Our Privacy Policy

This Privacy Notice

This privacy notice is for this website, www.thesussexyeoman.com

Under the General Data Protection Regulation 2016 Bonzo Drink Sussex Ltd registered at 49 St Paul’s Street, Brighton, East Sussex, BN2 3HR is defined as the controller. You may contact us at any point in writing to the above address or by email here: bookings@thesussexyeoman.com regarding this notice and the use of your data.

This notice sets out the way The Sussex Yeoman processes, stores and protects user data and information that you may supply to us. It also outlines the obligations and requirements of the users, the website and website owners.

Purpose for Collection

Our use of your personal data will always have a lawful basis, either because it is necessary to complete a booking, because you have consented to our use of your personal data (e.g. by subscribing to emails), or because it is in our legitimate interests.

We collect information from you to improve the quality of our services and to provide you with up to date information pertaining to special offers and new menus in our restaurant. We have a legitimate interest in improving your experience at our venue which we do by communicating with you with the information you provided.

This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to.

We use some of the data we collect via cookies and via the purchases you make to send targeted advertising to you on social platforms we do this so that we can offer you special deals on products we have identified that you may like.

Information collected via email marketing campaigns is used to refine future email campaigns and supply the user with more relevant content based around their activity.

Data Collected

We do not collect special categories of data about you, we do collect personal data such as your name, contact number and email address.

Data is collected by a variety of means, this includes when you fill out a form to book a table, when you email us or call us.

We keep this data for a minimum of 12 months past the date of your last visit, on occasion we may have a regulatory obligation to keep data beyond this time frame, when this regulatory time period expires we will keep it for a further 12 months.

We do not and will not sell your information onto other parties for any purpose, we will share your information with law enforcement organisations or others such as the NHS where we have a vital interest to do so or a legal obligation.

When your personal data needs to be transferred to an overseas country or organisation that is not part of the EEA (European Economic Area), we will always ensure that there are adequate levels of protection and a similar legislation with regards to data protection. Each country might have different laws and regulations with regards to data protection, however we will always ensure that the country and/or organisation of destination always has appropriate measures in place to safeguard your data.

Data Security Safeguards

We have put in place several technical and organisational measures aimed at protecting the confidentiality, the integrity and the availability of your personal data.

All the endpoints of the company are protected with antivirus, anti-malware and firewall protection.

A password policy is currently in place to ensure that the data stored on our systems is only accessible to authorised personnel. The passwords are changed on a regular basis.

We regularly make backups of our data to ensure that it is readily available in the event of technical problems or disaster recovery.

Your Rights

The General Data Protection Regulation gives people many rights, if you would like to exercise any of your rights, please contact us and we will respond as soon as possible in line with the requirements of GDPR. Please note that we will only divulge information to those making requests once we have verified your identity.

If you would like to remove your consent to receive marketing material you can unsubscribe at any time by clicking the unsubscribe link at the bottom of any of our emails and you will instantly be removed from our database.

The Right To Erasure

Under Article 17 of the GDPR individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The Sussex Yeoman will process all such requests within one month of their receipt, where appropriate. The right is not absolute and only applies in certain circumstances.

When does the right to erasure apply?

Individuals have the right to have their personal data erased if:

  1. the personal data is no longer necessary for the purpose which we originally collected or processed it for;
  2. we are relying on consent as your lawful basis for holding the data, and the individual withdraws their consent;
  3. we are relying on legitimate interests as our basis for processing, the individual objects to the processing of their data, and there is no overriding legitimate interest to continue this processing;
  4. we are processing the personal data for direct marketing purposes and the individual objects to that processing;
  5. we have processed the personal data unlawfully (ie in breach of the lawfulness requirement of the 1st principle);
  6. we have to do it to comply with a legal obligation; or
  7. we have processed the personal data to offer information society services to a child.

When does the right to erasure not apply?

The right to erasure does not apply if processing is necessary for one of the following reasons:

  1. to exercise the right of freedom of expression and information;
  2. to comply with a legal obligation;
  3. for the performance of a task carried out in the public interest or in the exercise of official authority;
  4. for archiving purposes in the public interest, scientific research historical research or statistical purposes where erasure is likely to render impossible or seriously impair the achievement of that processing; or
  5. for the establishment, exercise or defence of legal claims.

Contact and Communication

We make every effort to safeguard the integrity and confidentiality of your data and therefore subscriptions to our newsletters are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003 and all subsequent amendments. All personal details relating to subscriptions are held securely and in accordance with the General Data Protection Regulation 2016.

In all correspondence you receive from us you will be given an option to opt-out or unsubscribe, where this is not available instructions will be given instruction on how to manually do this.

This process is detailed at the footer of each email campaign.

External Links

Although this website only looks to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites)

The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts.

Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Shortened Links in Social Media

This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs.

Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.

Social Media Platforms have their own privacy policies and terms and conditions, please ensure you read these to understand how they use your data.

Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details.

This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.

This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question.

Additional information:

If you have any questions with regards to this privacy notice, the way your data is handled or if you would like to exercise any of your rights under the General Data Protection Regulation, please contact us.

The Information Commissioner’s Office

If you would like to learn more about the General Data Protection Regulation or make a complaint, you can visit the ICO’s website following this link: https://ico.org.uk/

In addition to all the information provided in this privacy notice, you can also find more in-depth information with regards to the rights you have under the general data protection regulation following this link: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Revision 1.0, Nov 2018.

We look forward to seeing you and your guests soon!