About this policy
Commonhall Street Social at Chester Racecourse is committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible way. This policy outlines how we aim to achieve this and includes the information collected when:
• you use our website (www.thewhitehorsechester.co.uk).
• you make a booking on our website.
• you make enquiries on our website.
• someone is interested in working with us.
Definition of Personal Data
Personal Data means any data that relates to an identifiable person who can be directly/indirectly identified from that data. In this case, it means personal data that you give to us via our website. By providing your personal data, you agree that we can use your personal data in accordance with this policy. Ensure you understand this policy in its entirety and take your time to read it.
Who are we?
Commonhall Street Social at Chester Racecourse is a restaurant based in Chester. We are part of a group of restaurants.
Our registered address is: Chester Racecourse, The Racecourse, Chester CH1 2LY
The head office address is: Chester Racecourse, The Racecourse, Chester CH1 2LY
How do we collect information from you?
We collect information from you:
• when you make a booking.
• when you visit a restaurant (preferences, allergies etc.).
• make an enquiry.
• when you sign up to marketing emails.
What type of information is collected from you?
You may be asked to submit personal information about yourself when you make a booking. We will collect this information so we can fulfil your booking request and you may dine at our venue.
When you make a booking:
Commonhall Street Social collects information such as:
• e-mail address (used for booking confirmation and post-dining feedback emails)
• home or work address
• billing information taken for deposits, ticketing, or holding credit card information including for use in the case of no-shows
• telephone number
• company name
• dietary requests
• marketing preferences (whether you opt-in or opt-out)
When you dine at Commonhall Street Social:
• marketing responses (where applicable)
• survey responses
• current and past restaurant reservation details
When you access our website:
There is “Device Information” about your computer hardware and software that is automatically collected by Commonhall Street Social. This information can include:
• device type (e.g. mobile, computer, laptop, tablet)
• operating system
• IP address
• browser type
• browser information (e.g., type, language, and history)
• domain names
• access times
• referring website addresses
• other data about your device to provide the services as otherwise described in this policy.
If you use our website, we may receive your generic location (such as city or neighbourhood).
You may submit your CV if you’re interested in working for us to email@example.com. This information may include:
• personal details
• employment details
• salary history
• other relevant details
We will use this information to assess your application. We may also keep it in our records for future reference. Please get in contact if you would no longer like us to hold your records at firstname.lastname@example.org.
How is your information used?
Our use of your personal data will always have a lawful basis, either because it is necessary to perform obligations under a contract to which you are a party, or to take steps to negotiate and/or enter into a contract, complete a booking, provide our services to you, because you have consented to our use of your personal data (e.g. by subscribing to emails), or because it is in our legitimate interests. You have the right to withdraw consent at any time or object to our processing. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn. Where you have objected to processing we must take that into account when we assess whether we have a legitimate interest to ensure we do not impinge upon your rights and freedoms.
We require the information outlined in the previous section to understand your needs and provide you with a better service, and in particular for the following reasons:
• Internal record keeping.
• Send you service emails (booking confirmation and post-dining feedback).
• Improve our products and services.
• Send marketing communications if you have opted in to receive them.
• We may use the information to customise the website according to your interests.
Who has access to your information?
You acknowledge that we have the right to share your personal information with:
• Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. This may include our racecourses Chester and Bangor-on-Dee, the restaurants within our restaurant gruop
• Selected third parties including:
• business partners, suppliers and sub-contractors for the performance of any contract we enter into with you;
• advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we will provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in SW1). We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience;
• analytics and search engine providers that assist us in the improvement and optimisation of our website;
• credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
We may disclose your personal information to third parties:
• In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
• If any group company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
We will not otherwise sell, distribute, or lease your personal information to third parties. Any personal information we request from you will be safeguarded under current legislation.
We will only share your information with companies if necessary to deliver services on our behalf. For example service providers (e.g. ResDiary for the provision of online bookings), third-party payment processors, and other third parties to provide our website and fulfil your requests, and as otherwise consented to by you or as permitted by applicable law.
How and where do we store data?
For reservations taken through ResDiary software, your data will only be stored in the UK. ResDiary data is stored securely in data centres managed by Rackspace. Wherever we collect information such as credit card data, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser or looking for “https” at the beginning of the address of the web page. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively.
Your rights and choices
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. We will not pass your details to any third parties for marketing purposes unless you have expressly permitted us to. Furthermore, you can change your marketing preferences at any time by contacting us by email at email@example.com.
You have a right to request a copy of the personal information that Commonhall Street Social at Chester Racecourse holds about you and have any inaccuracies corrected. Any such requests should be made to this email address: firstname.lastname@example.org.
Where we are relying on consent as the basis for our use of your personal data, you have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it. Any such requests should be made to this email address: email@example.com.
We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Data will, therefore, be retained for the following periods (or its retention will be determined on the following basis):
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
We retain and destroy personal information in accordance with applicable laws and regulations.
For information on the above rights, please refer to the Information Commissioner’s Office website here: https://ico.org.uk/for-the-public/personal-information/
Data security is very important to us, and to protect your data we have taken suitable measures to safeguard and secure data collected through our website.
Use of 'cookies'
A cookie is a text file that is placed on your hard disk by a web page server which allows the website to recognise you when you visit. Cookies only collect data about browsing actions and patterns, and do not identify you as an individual.
• Opting Out: You can set your browser to not accept cookies, but this may limit your ability to use the services.
Our website may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
What happens if our business changes hands?
In the event that any of your data is to be transferred in such a manner, you will be contacted in advance and informed of the changes. When contacted you will be given the choice to have your data deleted or withheld from the new owner or controller.
We may share your information (such as meal or seating preferences and special occasions) with other restaurants in the same restaurant group. This is to enhance the hospitality experience that we (the restaurant group) provide you when you dine with us (such as, trying to seat you by a window, if you previously expressed a preference for window seating) (“customised service”) and to improve our table and shift planning.
In addition to providing you with more customised service, we may, as permitted by applicable law, share your information with our restaurant affiliates to support operations, such as to perform analytics, tailor marketing to you, support a loyalty program that you have chosen to participate in, and improve services.
For more information, please feel free to contact us at: firstname.lastname@example.org.
Changes to this statement