Information on this site is advertising in nature

GDPR Compliance

Last updated: January 2024

Our Commitment to Data Protection

dazzleray is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines how we handle your personal data and your rights under data protection legislation.

Data Controller

dazzleray is the data controller responsible for your personal data. Our contact details are:

dazzleray
47 Clerkenwell Road
London EC1M 5RS
United Kingdom
Email: [email protected]

Your Rights Under UK GDPR

Under data protection law, you have the following rights:

Right to Be Informed

You have the right to be informed about the collection and use of your personal data. Our Privacy Policy provides this information in a clear and accessible format.

Right of Access

You have the right to request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to your request within one month.

Right to Rectification

You have the right to request that we correct any inaccurate personal data we hold about you, or complete any incomplete data.

Right to Erasure

Also known as the "right to be forgotten", you can request deletion of your personal data in certain circumstances, including:

  • The data is no longer necessary for its original purpose
  • You withdraw consent (where consent was the legal basis)
  • You object to processing and there is no overriding legitimate interest
  • The data has been unlawfully processed

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit that data to another controller.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds.

Rights Related to Automated Decision Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects. We do not currently use automated decision-making processes.

How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected] with your request. We may need to verify your identity before processing your request.

We will respond to your request within one month. In complex cases, we may extend this by a further two months, but we will inform you of this within the first month.

Data Processing Activities

Categories of Data We Process

  • Identity data (name)
  • Contact data (email address, postal address)
  • Service data (booking history, preferences, dietary requirements)
  • Technical data (IP address, browser type, device information)
  • Usage data (how you use our website)

Purposes of Processing

  • To provide and manage our culinary services
  • To communicate with you about bookings and enquiries
  • To improve our website and services
  • To comply with legal obligations

Data Security Measures

We have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit using SSL/TLS
  • Regular security assessments
  • Access controls limiting who can access personal data
  • Staff training on data protection

Data Breach Procedures

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly.

International Transfers

We primarily process data within the United Kingdom. If we transfer data outside the UK, we will ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

Data Protection Officer

Given the nature and scale of our processing activities, we are not required to appoint a Data Protection Officer. However, all data protection queries can be directed to [email protected].

Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk

Updates to This Document

We may update this GDPR compliance document from time to time. Any changes will be posted on this page with an updated revision date.