OUR PRIVACY STATEMENT
The Cake Tin Kitchen is committed to protecting your privacy. In order to provide our services to customers and to provide a more personalized shopping experience, we need to collect certain information from you. This Privacy Notice explains when and why we collect personal information about you as well as the types of personal data we may collect when you interact with us online or over the phone. It also explains how we’ll look after your data and keep it safe. There's a lot to digest but we want you to be fully informed as to how The Cake Tin Kitchen uses your data.
We hope what's below covers everything, but if you have any questions at all, do please drop us a line @ thecaketinkitchen@gmail.com . It’s likely that we’ll need to update this Privacy Notice every now and again to make sure it's accurate. We’ll let you know of any major changes, but the most up-to-date version will always be here for you to check.
Contents of Privacy Notice:
1. Explaining the legal bases we rely on
2. How we collect your personal data
3. The type of personal data we collect
4. How and why we use your personal data
5. Protection of your personal data
6. Length of time we keep your personal data
7. Who we need to share your personal data with and why
8. Your rights over your personal data
9. Questions?
10. Explaining the legal bases we rely on
The GDPR law on data protection sets out several different reasons a company may collect and process your personal data, including:
Consent
In specific situations, we can collect and process your data with your consent - e.g. when you place an order with us The Cake Tin Kitchen. When collecting your personal data, we’ll always make clear to you what data is necessary in connection with a service.
​
Contractual obligations
In some instances, we need your personal data to comply with our contractual obligations. For example, if you place an order with us, we need your address details to deliver your order if you request a delivery. You email address to send any paperwork.
Legal compliance
We may be legally bound to collect and process your data. For example, if someone is involved in any criminal activity or fraud affecting The Cake Tin Kitchen, we need to pass details to law enforcement.
2. How we collect your personal data
There are several ways in which we may collect information about you:​
-
When you send us an email or fill in a website contact form.
-
When you enter a competition or prize draw.
-
When you engage with us on social media.
-
When you have given a third-party permission to share information they hold about you with us.
-
When you visit our home kitchen, which have CCTV systems that may record your image (they are automatically erased on a weekly basis).
​
3. The type of personal data we collect
The personal data we may collect includes your name, billing/delivery address, email address, telephone number, notes from conversations we have with you. Please note that when you when you place an order, we do not hold your card details.
​
4. How and why we use your personal data
When you engage with us, we want to give you the best possible experience. By collecting data about you, it allows us to offer a great and tailored service. We use your data, so we can fulfill our contractual obligations to you. The data privacy law allows this as part of our contractual obligations and legitimate business interest in understanding our customers and providing the highest levels of service.
If you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide services you’ve asked for.
Here are some ways that we'll use your personal data and why:
-
To process any orders, you make. If we don't collect your personal data during this process, we won't be able to process or deliver your cake order and comply with our legal obligations. We will keep your details for a reasonable period afterwards in order to fulfill any contractual obligation.
-
Our team need to be able to respond to your queries, so we need your contact information to respond. We will keep a record of your information including notes on how we communicated with you and what was discussed. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests in providing you with remarkable customer service and it helps us improve this service to you.
-
When you place an order with us, your card details are not shared/requested with/by us @ The Cake Tin Kitchen.
-
In some locations we use CCTV to protect our customers, premises, assets and staff from crime. We do this based on our legitimate business interests (these recordings are automatically erased on a weekly basis)
-
To comply with our legal obligations, we will send you communications required by law or which are legally necessary e.g. significant updates to this Privacy Notice, legally required information relating to your orders. These messages are to inform you about changes to the service we provide you and will not include any promotional content and so do not require prior consent when sent by email.
-
If you enter a competition or prize draw run by us we will use your information to contact you in the event of you winning based on your agreement to the terms and conditions of the competition at the time of entry. The personal data relating to your competition entry will be gained via you joining our Facebook Page.
-
To comply with our contractual or legal obligations to share data with law enforcement.
​
5. Protection of your personal data
The security of your personal data is very important to us and we take a lot of care to handle and store it as best we can.
Here are some ways we secure your data:
-
The security of your personal data is very important to us and we take a lot of care to handle and store it as best we can and in line with new legislation as we know it is important to you as well as us.
-
We use encrypted https links between our web server and your browser which means that all data passed between you and us cannot be intercepted.
-
We do not store or ask for your card details.
-
We monitor and check our data security systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
​
6. Length of time we keep your personal data
We only keep your data for as long as is necessary for the purpose it was collected. After that period, your data is deleted or destroyed.
​
7. Who we need to share your personal data with and why
We may need to share your personal data with trusted third parties e.g. Law Enforcement. We only provide what they need, and they cannot use your data for anything other than the purposes that they have your data for.
We want your customer journey with us The Cake Tin Kitchen, from ordering to fulfilment of your order to be as smooth as possible. We use the following companies who will process your personal data as part of their contracts or terms and conditions with us:​
-
Wix.com - we currently use them to host our website
-
Royal Mail – our resource for sending small UK and overseas parcels - https://www.royalmail.com/privacy-notice
Please note the above suppliers are non-exhaustive and may change from time to time, but we will endeavour to keep the list above accurate and as up-to-date as possible.
Sharing your data with third parties for their own purposes:
We will never sell or trade your contact details with any third parties.
There are some instances where we may have to share your information based on our legal obligations, for instance:
-
Fraudulent activity
-
If the police/government ask us to disclose information we may be required to share your personal data with them, however we would assess this sort of request very carefully
-
For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies
8. Your rights over your personal dat​a
If you wish to request access and making changes to your personal data please contact us @ thecaketinkitchen@gmail.com
You also have the right to access and rectify mistakes in the data we hold about you at any time.
To keep your information confidential, we will ask you to verify your identity before proceeding with any requests. If there is a third party acting on your behalf, we will check that they have your permission to act.
​
Legitimate Business Interests
In cases where we are processing your personal data based on our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it.
COOKIES
Cookies are tiny text files stored on your computer when you visit certain web pages .