IDENTITY & CONTACT DETAILS OF THE CONTROLLER & THE DATA PROTECTION OFFICER
The Dining Club Group Limited (DCG) is the fast growing owner of the UK’s three leading discount dining clubs, tastecard (Taste Marketing Limited), Gourmet Society (Simard Limited) and Hi-Life (Hi-Life Diners Club Limited). DCG are committed to protecting and respecting your privacy whilst remaining compliant with The General Data Protection Regulation (EU GDPR) and the Data Protection Act (DPA). In order for us to drive compliance, we have a Personal Information Management System which is compliant with BS 10012:2017 Data Protection.
The Dining Club Group Limited (DCG) are the Data Controller and have an appointed Data Protection Officer whom can be contacted via email; DPO@diningclubgroup.co.uk
You can also contact DCG via post at; Birkby Grange, 85 Birkby Hall Road, Birkby, Huddersfield, England, HD2 2XB.
PURPOSE OF THE PROCESSING AND THE LEGAL BASIS FOR THE PROCESSING
In order for The Dining Club Group (DCG) to fulfil its contractual and customer obligations, there is a requirement to collect specific personally identifiable information relating to our customers. There are a couple of legal bases for the processing of such personally identifiable information; primarily personal information is processed on the basis of consent. We retain evidence of the details of consent which has been provided by our customers in order to process their information. Where consent cannot be obtained for various reasons, we may legally process the information you provide to us because we have a legitimate interest in doing so, e.g. Direct Marketing or on a lawful basis, e.g. for employment requirements.
LEGITIMATE INTERESTS OF THE DINING CLUB GROUP (DCG) OR THIRD PARTY
The Dining Club Group (DCG) have a legitimate interest in further processing the information which is provided by customers at the point of sale for marketing purposes.
We may also use your information for other specific legitimate purposes such as:
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have either explicitly consented to or we believe you have a legitimate interest in.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To notify you about changes to our service.
We may also use your data, or permit selected third parties, such as but not limited to; participating restaurants or Livebookings Holdings Limited, trading as Bookatable, to use your data to provide you with information about goods and services which may be of interest to you and we may contact you about these by post or telephone.
We do not sell, rent or lease customer lists to third parties. We may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party. In addition, we may share data with trusted partners to help us perform affiliate marketing, statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to us, and they are required to maintain the confidentiality of your information.
If you are an existing customer, we will only contact you by electronic means (e-mail, SMS, Push or Post) with information about goods and services similar to those which were the subject of a previous sale to you.
If you are a new customer, and where we permit selected third parties, such as participating restaurants or Bookatable, to use your data, we (or they) will contact you by electronic means only if you have consented to this or have a legitimate interest.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information that you provide by filling in forms on one of our sites (www.tastecard.co.uk, www.gourmetsociety.co.uk or www.hi-life.co.uk) such as;
- User name and password – If we collect a user name and password, this is so we can keep your information secure and so that we can have your information to hand each time you visit us.
- Name, address and postcode – Without this we won’t know where to send your order or to whom, we also use postcodes to quickly get your full address to save you typing it out and in some cases to identify whether we deliver or offer services in your area. If you have location services enabled on your smart device we may also use this to recommend restaurants / applicable services in within the area you are in.
- Email address – We send confirmation of your orders via email and will send you informational messages as well as offers which may interest you.
- Telephone numbers – If there are any problems with your order or we need to check anything, we need to be able to contact you quickly.
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of your visits to our site and the resources that you access.
- App usage data – including location services.
- Details of the restaurant you’ve visited when using your dining club card and how you dined – including your savings.
RECIPIENTS OF THE PERSONAL DATA
The Dining Club Group (DCG) are required to transfer the personal information provided by its customers to third parties in order to fulfil contractual obligations. The following are categories of recipients that customer information could be transferred to:
- Data Centres
- Fulfilment Houses
- External IT Providers
- Payment Providers
- Business Benefit Providers
All information you provide to us is stored on our secure servers. Any payment transactions are encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We may disclose your personal information to any member of our group (The Dining Club Group Limited), which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
DETAILS OF TRANSFERS TO THIRD COUNTRIES & SAFEGUARDS
DCG have two information systems that require them to transfer personally identifiable information to a third party located in a third country, e.g. USA, controls are in place to ensure that the level of protection is not undermined and that security controls are at a level to commensurate with the type of information being transferred. This is applicable to the marketing database and email ticketing system. Aside from this, we ensure that all other personally identifiable information held on our customers and employees remains within the U.K.
DCG retain all customer information for 5 years after they last interacted with us. Where there has been a period of 5 years and there has been no interaction between the organisation and the customer, their information is erased and securely disposed of.
RIGHTS OF DATA SUBJECTS
As a Data Subject (individual) which DCG process information on behalf of, you have the right to withdraw consent from our processing at any given time (please see terms and conditions). You are able to do this through the contact details provided on page 1 of this policy. You can exercise the right at any time by contacting us at DPO@diningclubgroup.co.uk.
You also have a right to lodge a complaint with the Supervisory Authority (Information Commissioners Office in the UK), should you feel that we have not handled your information in line with legislative and regulatory requirements.
You have the right to make a Subject Access Request to DCG’s Data Protection Officer in the event that you wish to determine what information we hold on you. We welcome these requests and aim to respond within 72 working hours of receipt. Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
AUTOMATED DECISION MAKING, INCLUDING PROFILING & INFORMATION ABOUT HOW DECISIONS ARE MADE, THE SIGNIFICANCE OF THE CONSEQUENCES
We use location services through both our applications and websites in order for us to tailor our marketing material to your specific behaviour and activities, e.g. the types of restaurants which you regularly visit. We use email monitoring services to monitor the emails which we send to users. In doing this, we obtain information such as but not limited to:
- Time of receipt
- Time of opening
- Device user to open
- Location it was opened in
- Which parts of the email you interacted with
We use systems that enable us to link your social media accounts to your account if registered with the same email address. This enables us to tailor our promotions and products as best as possible.
Where you have provided us with a mobile number, we may market to you using SMS and Push notification interactions.
Our systems are set up to enable us to collect information on your dining history and spending history inclusive of savings made when using one of dining club cards, we link this data to your profile so that we can determine what other deals or informational emails may be of interest to you.
We may collect information about your computer, including where available your IP address, geographic location (if you allow when prompted by your browser), operating system and browser type, for system administration. This is statistical data about our users' browsing actions and patterns.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the web server that you have returned to a specific page. For example, if you personalise the pages on our site, or register on our site for any services we provide, a cookie helps us to recall your specific information on subsequent visits. When you return to our site the information you previously provided can be retrieved, so you can easily use the features that you previously customised.
You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of our site.
If you don’t make any changes to your current cookie settings via your browser, the following are the cookies that may be used when you visit this website:
The cookie is used to collect information about how you use and personalise our site.
When you close your web browser
The cookie is used to work out if you are a returning user and associates you with your past activity on our site
2 years after creation
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve our site. The cookies collect information in an anonymous form, including the number of visitors to our site, where visitors have come to our site from and the pages they visited.
This varies depending on the advertiser and the referring website, but typically will be 30 days
Third party advertising cookies
As do many other sites, we use third party advertisers to assist with targeted advertising. These cookies are used to deliver adverts that are hopefully relevant to you and your interests once you have left our site and are on a 3rd party advertising network. You can obtain information on interest-based advertising and opt-out of receiving interest-based ads from third party advertisers and ad networks, who follow the IAB Europe's Framework for Online Behavioural Advertising by visiting the YourOnlineChoices Site at www.youronlinechoices.com/uk/
Up to two years