Data protection and privacy
‘Personal Data’ - any information that relates to an identified or identifiable living individual eg Email address and Phone Number.
‘Processing’ - any operation or set of operations performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
‘Filing systems’ - any structured set of personal data that are accessible according to specific criteria whether centralised, decentralised or dispersed on a functional or geographical basis.
‘Controller’ - determines the purposes and means of processing personal data.
‘Processor’ - is responsible for processing personal data on behalf of a controller.
‘Consent’ - any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
‘Data Subject’ - any person whose personal data is being collected, held or processed.
‘Personal Data Breach’ - a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised. disclosure of, or access to, personal data transmitted, stored or otherwise processed
When do we collect data?
We can collect data on you from a variety of different sources these include:
When you purchase products or services from the site or over the phone;
When you become a subscriber;
When you create an account in order to build and save an event.
When you speak to our customer services personnel;
Via explicit data capture measures, for example by entering competitions and completing surveys; and
We use Google remarketing to capture cookie information so we can target visitors who have shown an interest in our services/products. If you would like to opt out, visit yourGoogle Ad Settings.
Personal Data Collected Automatically from the use by you of the Sites. The data transmitted from your browser includes your IP address, the date and time of the visit the pages accessed, the access status/HTTP status code, your browser, your operating system and interface, as well as the language and version of the browser software. The legal basis for collecting and processing this personal data is to be able to operate the Sites and provide you with access to the pages you wish to access.
If you link, connect, or login to your Chillisauce Account with a third party service (e.g. Google, Facebook, LinkedIn), the third party service may send us information such as your registration and profile information from that service. This information varies and is controlled by that service or as authorised by you via your privacy settings at that service.
In any of the above cases, the data we collect could be personal data. This Personal data includes name, email address and phone number. Our legal basis for the collection and processing of this data is the provision to you of the services purchased by you.
What do we do with your personal information?
When you buy anything via the site, we may need to collect information about you to process the transaction, fulfil your order and provide you with the services you expect. This information may include but is not limited to, details such as your name, your address and your credit card details. Card details are not held on any Chillisauce server but are linked directly to our Merchant Service providers SagePay.
Unless we have your express consent we will only disclose personal data to third parties if this is required for the purpose of completing your transaction with us. This is, of course, subject to the proviso that we may disclose your data to certain permitted third parties, such as members of our own group, our own professional advisers who are bound by confidentiality codes, and when we are legally obliged to disclose your data.
By becoming a subscriber you consent to receive from us by e-mail our e-newsletter and details of other special offers which we may think may be of interest to you.
Chillisauce retains and uses your personal information to provide you with the best experience by providing you with a personalised service and to give you details of offers which we think will be of interest to you. We may also use the information to process any transactions you undertake with us and for internal administration and analysis.
We do not sell, rent or trade your personal information to third parties for marketing purposes without your express consent.
We will ensure that your personal information is kept confidential and secure, and that the appropriate technical and organisational measures, to prevent unlawful or accidental destruction, accidental loss, unauthorised disclosure or access or other unlawful forms of processing, are implemented.
We will process your personal information for the purposes listed above given our legitimate interest in undertaking marketing activities to offer you products or services that may be of your interest.
International Data Transfers
We use data processors located outside the European Economic Area only after taking such steps as are required to ensure that Personal Data they process on our behalf receives protection equivalent to that provided in the EEA. Our processors are either certified as compliant with the EU-U.S. Privacy Shield Framework where they are located in the USA or have entered into an agreement with us containing the model clauses approved by the European Commission as providing contractual protection equivalent to that provided by the data protection regulations applicable in the EEA. To learn more about the Privacy Shield program, please visitwww.privacyshield.gov.
Cookies are small files which are sent to your browser and stored on your computer's hard disc. Whenever you visit Chillisauce and unless you elect not to receive cookies, then your computer will store an identifying code in the cookie which may mean you do not need to type in your email address each time you return to the site. Other than this, we do not store your password or any other information in the cookie, or use it for any other purpose. Our third-party advertiser may place or recognise a unique cookie on your browser. You can at any time set your browser to notify you before you receive a cookie, giving you the opportunity to decide whether to accept it. You can also set your browser to turn off cookies.
Third Party Advertising
The ads appearing on this Web site are delivered to you, on our behalf, by our Web advertising partner. Information about your visit to this site, such as number of times you have viewed an ad (but not your name, address, or any other personal information), is used to serve ads.
In the UK we operate and are registered in accordance with applicable data protection legislation.
Chillisauce Newsletter subscribers have the option to opt-out of receiving further information from us.
We also monitor our marketing emails to ensure they are sent to relevant consumers. We remove email address from our database periodically if we find the consumer no longer opens or clicks through the email, this is in addition to the standard unsubscribe option in all our emails.
Data Subject Request
Under the rules of GDPR data subjects have specific rights to their personal data; these rights include obtaining copies of it, requesting changes to it, restricting the processing of it, deleting it, or receiving it in an electronic format so it can be moved to another controller. To receive this Chillisauce must receive a formal request by either email or postal letter. This will be acted on within one month of receipt. A reasonable cost could be associated with this request if it is deemed either unfounded, excessive or repetitive in character.
To change your e-mail address details log into your members area.
If you need to Modify or Change your personal details after you have made a purchase on the site please contact us as soon as possible.
Right to Erasure/be Forgotten
Data Subjects have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. • the personal data is no longer necessary for the purpose which you originally collected or processed it for;
• you are relying on consent as your lawful basis for holding the data, and the individual withdraws their consent;
• you are relying on legitimate interests as your basis for processing, the individual objects to the processing of their data, and there is no overriding legitimate interest to continue this processing;
• you are processing the personal data for direct marketing purposes and the individual objects to that processing;
• you have processed the personal data unlawfully (ie in breach of the lawfulness requirement of the 1st principle);
• you must do it to comply with a legal obligation
If the request falls into any one of these circumstance Chillisauce will remove your personal data within one month.
If you have any questions or concerns about the information we hold about you, you can also contact our Data Protection Officers by firstname.lastname@example.org
Other Miscellaneous Section
Please note that in using the Channels you agree to be bound by the following obligations:
You accept financial responsibility for all transactions made under your name or account.
In order to make a purchase, you must be over 18 years old and have the legal capacity to make the transaction.
You must make sure that all the information you provide to us is true and accurate.
You must not use the any of the Channels for speculative, false or fraudulent bookings.
The transmission of threatening, defamatory, pornographic, political or racist material or any material that is otherwise unlawful is expressly prohibited.
The site and any content may not be modified, copied, transmitted, distributed, sold, displayed, licensed, or reproduced in any way by you, except if you wish to make copies of the website for your own personal and non-commercial use.
Our site may contain links to other third party websites over which Chillisauce has no control. Chillisauce cannot, therefore, have any responsibility in relation to the accuracy, completeness or quality of the information contained on those websites.
The copyright and the propriety rights on the website and other Channels and all content are owned by Chillisauce or its third party licensors and in this respect Chillisauce reserves all rights.
Chillisauce uses secure technology to safeguard information including personal information and financial transactions.
Chillisauce reserve the right to change or update its these terms and conditions relating to the use of the Channels from time to time. We will inform you on the relevant Channel when we have updated the terms. Please note that you will be unable to make a purchase from any Channel unless you have confirmed that you have read and understood the most recent version of the terms.
This user agreement is between you and Chillisauce and is governed by the laws of England and Wales.
Created 28th May 2018 Updated 13th June 2019