General Data Protection Regulation Compliant Updated May 2018
Thai Table restaurants (the “COMPANY”) respects your privacy concerns and provides this privacy statement to explain what information is gathered during an interaction and or visit to the COMPANY and how such information may be used.
USE OF INFORMATION
To serve you, the COMPANY collects specific personally identifiable information (“PERSONAL DATA”), such as your name, address, telephone number, so that it can provide their services for example, but not limited to, reservation and takeaway ordering.
PERSONAL DATA is information that specifically identifies you (name, email address, home address, phone number) and can be used to specifically locate you from within the COMPANY’S database and or filing system.
The COMPANY collects this information from you:
– Telephone number
Information provided by CLIENT (at the time of booking a reservation, ordering a takeout, corresponding via email and mail) is used to:
– make a reservation for you
– Preparing a takeaway order for you
– any other related services you have contacted to receive from us.
– Keep CLIENT file in good standing;
PERSONAL DATA submitted voluntarily by the CLIENT is held:
– On the COMPANY computer and backup, and hard copy(if necessary) in long term storage as required
– For 5 years (or longer if necessary).
– Data can be accessed by Isra Thai restaurant limited and Thai table limited employees for the purpose of performing of our services to clients
You can request copies of your personal data or deletion (subject to legal requirements) by emailing the COMPANY at firstname.lastname@example.org
LEGAL BASIS FOR USE OF INFORMATION
– The COMPANY is legally processing CLIENT’S PERSONAL DATA based on the following:
– The CLIENT has given his or her explicit and voluntary consent to the COMPANY;
– The CLIENT has a contract with the COMPANY that necessitates the COMPANY having his or her PERSONAL DATA;
– The COMPANY has a legal obligation that requires processing CLIENT’S PERSONAL DATA;
– There is a vital interest that necessitates the COMPANY processing CLIENT’S PERSONAL DATA;
– The COMPANY has an obligation necessitated by a public interest to process CLIENT’S PERSONAL DATA;
– The COMPANY has a legitimate interest to process CLIENT’S PERSONAL DATA;
PERSONAL DATA is never sold, leased, or shared with any third parties, except with legal bodies as required to fulfil requirements set out within our CONTRACT. A third party is a COMPANY outside of the CLIENT – COMPANY relationship.
CREDIT CARD INFORMATION
The COMPANY does not store any credit card information it may receive in regard to a specific transaction and/or billing arrangement except as necessary to complete and satisfy its rights and obligations with regard to such transaction, billing arrangement, and/or as otherwise authorized by a user.
The COMPANY may disclose CLIENT information in special cases when required by law enforcement and onlywhen required by law.
If the COMPANY has reasonable reason(s) to believe that disclosing PERSONAL DATA held by the COMPANY is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference (either intentionally or unintentionally) with the COMPANY’S rights or property, and or anyone else that could be harmed by such activities, then the COMPANY will work with the appropriate and legitimate law enforcement and or legal authorities to make sure that the PERSONAL DATA is handled in accordance with the applicable laws.
As a CLIENT you have the following rights:
Transparent information from the COMPANY regarding how they communicate and interact with the CLIENT;
The right to hear back from the COMPANY regarding any inquiry into CLIENT’S PERSONAL DATA;
To request correction of PERSONAL DATA from the COMPANY;
Access to CLIENT’S PERSONAL DATA including knowing the purposes that the data is used for;
To request erasure from the COMPANY’S records provided that there are not overriding legal, public interest, or legitimate interests;
To a restriction on the processing of the PERSONAL DATA;
Data portability of PERSONAL DATA (having a record provided to you that is readable and commonly used that outlines the PERSONAL DATA the COMPANY has on you)
To object to processing of PERSONAL DATA – the COMPANY shall no longer process the CLIENT’S PERSONAL DATA unless the COMPANY demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the CLIENT or for the establishment, exercise or defence of legal claims.
To file a complaint with the supervisory authority;
The right to unsubscribe at any time (withdraw consent)
PROFILING PERSONAL DATA
Profiling means any form of automated processing of PERSONAL DATA consisting of the use of PERSONAL DATA to evaluate certain personal aspects relating to a CLIENT, in particular to analyse or predict aspects concerning that CLIENT’S performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;
The COMPANY DOES NOT ENGAGE IN ANY SORT OF PROFILING OF ITS CLIENTS BASED ON PERSONAL DATA.
CHILDREN AGED 13 OR UNDER
The COMPANY recognizes the special obligation to protect PERSONAL DATA obtained from children age 13 and under. Any data collected from children age 13 and under will be done in a signed document by the parent and or guardian of the child.
If you have any complaints or concerns about the COMPANY or about this privacy statement, please let the COMPANY know directly.
Security for all PERSONAL DATA is extremely important to the COMPANY.
Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure.
As a result, while the COMPANY strives to protect CLIENT’S PERSONAL DATA, the COMPANY cannot ensure or warrant the security of any PERSONAL DATA the CLIENT transmits via the internet. By transmitting any such information to the COMPANY, CLIENT accepts that he or she does so at their own risk.
TRANSFER OF CUSTOMER INFORMATION
Customer list and information are properly considered assets of a business. If COMPANY merges with another entity, or if it sells its assets to another entity, the COMPANY’S customer list and information would be included among the assets transferred.
CLIENT would be given the opportunity to object before any such transfer would occur.