Who we are
This Privacy Notice sets out the basis on which Grill and Shakes E14 LTD will process personal information provided to us by you.
Our website address is: https://grillandshakes.co.uk
What personal data we collect and why we collect it
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this to determine if you are in the delivery area
- Delivery address: we’ll ask you to enter this so we can, for instance, check delivery area before you place an order, and send you the order!
When you purchase from us, we’ll ask you to provide information including your name, billing address, delivery address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 13 months for tax and accounting purposes. This includes your name, email address and billing and delivery addresses.
We will also store comments or reviews, if you choose to leave them.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be delivered, and
- Customer information like your name, email address, and billing and delivery information.
Our team members have access to this information to help fulfil orders, process refunds and support you.
What we share with others
Our online ordering system is managed by LiveMenu (trading name of DSTEP LIMITED), which monitors all our orders and acts as a fallback for us to ensure that no orders are missed by us. As an example, if a customer places an order but we are busy in-store to acknowledge that order, LiveMenu will make sure that orders at those times are not missed by us by contacting us directly and notifying us of that order. They do not store any data in separate machines. Your name, billing address, delivery address, phone number, payment method, delivery method and order details are only visible to them for a temporary amount of time of up to 48 hours, and then removed automatically.
We accept card payments through Stripe, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded content from other websites
Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
What rights you have over your data
If you have an account you can log in and view your data that we hold about you, these are things like, name, address, telephone, email and order history. You can easily edit any details except username, request deletion or in some cases delete it yourself.
If you don’t have an account on this site but have made an order using a guest checkout, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
If you are dissatisfied about any aspect of the way in which your data is processed you may, in the first instance refer the matter to us by calling us on our store number during open hours. This does not affect your right to make a complaint to the Information Commissioner’s Office.
How we protect your data
We treat all our customers’ data with the utmost care and take appropriate steps in compliance with the general data protection regulation to ensure it is kept safe.
- All data we collect is done so over encrypted connections (https).
- All data is stored behind state of the art firewalls managed by our data centre security team.
- All systems storing personal data have access logging.
- We do not store plain passwords and are one way encrypted.
- All systems are subject to regular penetration testing and are monitored for vulnerabilities and attacks.