PRIVACY POLICY | SAMBÔ RODIZIO

1. WHO ARE WE?

Our website is https://samborodizio.co.uk

Sambô Rodizio Bar & Grill is operated by Sambô Rodizio Weymouth LTD a company registered in England and Wales under registration number 12025478 and our registered address is 41 Abbotsbury Road, Weymouth, Dorset, United Kingdom, DT4 0AQ. We are the data controller for the purposes of this Privacy Policy. This Privacy Policy relates to Sambô Rodizio Bar & Grill.

2. WHAT IS THIS PRIVACY POLICY FOR?

This Privacy Policy gives you information about how we will use personal data and other private information collected by or provided by you in one of our restaurants or you as a user of this Site. When we refer to ‘personal data’ in this Privacy Policy it means any information that relates to you from which you can be identified. This Privacy Policy governs the processing of your personal data, including in connection with your use of our Site, so please read it carefully.

3. WHAT PERSONAL DATA MAY WE COLLECT?

We may collect the following personal data about you:

The personal details you provide (such as name, address, e-mail address, business address and phone number) when submitting an enquiry or table booking
Table bookings are processed through the Table Agent booking engine which provides the booking details through to Sambô Rodizio Bar & Grill. For details please refer to their privacy policy https://tableagent.com/privacy/

Gift vouchers are processed through the Gif Up engine which provides voucher details through to Sambô Rodizio Bar & Grill. For details please refer to their privacy policy https://help.giftup.com/article/40-privacy-policy
Payment details that we require for the purpose of recording and processing your reservation request (and administering your reservation)
Personal details you choose to give when corresponding with us by phone, e-mail, or that you provide to us when you visit Sambô Rodizio Bar & Grill.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/ . After approval of your comment, your profile picture is visible to the public in the context of your comment.
Any other personal or private information about you that you choose to submit to this Site or any other websites we operate.
Information about other guests included in your booking details.
Information about your preferences (e.g. advertising interests, cookie data, clickstream data, browsing history, responses to direct marketing, and opt-outs from direct marketing) and any information provided to us by third parties.

COOKIES
Our Site uses cookies for a number of purposes, including to distinguish you from other users, to provide you with a good user experience when you browse our Site and to allow us to improve the features of this Site. If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

5. HOW WE USE YOUR DATA

We may use your personal data in the following ways:

To operate our business and provide you with services you have requested, primarily restaurant reservations.
To display the content of this Site, and any customisations you may select.
To verify your identity.
To acknowledge, confirm and deal with your enquiry, including a reservation request.
Where we are asked to deal with any other enquiries or complaints you may make.
To notify you about any changes to this Site, or services provided through this Site.
To administer our Site and ensure that our Site is presented in the most effective manner for you and for your computer/device.
For internal business/technical operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and as part of our efforts to keep our Site secure.
On an aggregate basis, to understand how individuals collectively use the features of our Site.
To give effect to your legal rights and your rights under this Privacy Policy.
To protect against fraud, identity theft, and other unlawful activity.
To establish or exercise any legal rights or claims.
To satisfy our obligations under applicable law, this Privacy Policy, and any other policies or terms that are applicable to our relationship with you.
For other purposes to which you have consented, and we may combine personal data that you provide to us with other information we collect about you for the purposes set out in this Privacy Policy.

6. DISCLOSURE OF YOUR PERSONAL DATA

We may share your personal data with third parties in the following situations:

We may disclose your personal data to our employees and agents to the extent necessary to provide you with services you have requested.

If you request a password reset, your IP address will be included in the reset email.
We may make your personal data available to selected third parties who act on our behalf to support our operations (for example, card processing or payment services (see the section below headed ‘Payment Information’) and credit reference agencies to protect against possible fraud, subject to appropriate contractual protections in accordance with applicable law.
To protect us, our guests or contractors against loss or damage (including, without limitation, exchanging information with the police, courts or law enforcement organisations).

Visitor may be checked through an automated spam detection service.
To the extent necessary to establish, exercise or defend legal rights or claims, or for the purposes of investigating actual or suspected unlawful activity.
For NHS Test and Trace/Test and Protect purposes in the context of COVID-19.

7. PAYMENT INFORMATION

Any credit/debit card payments and other payments you make through this Site will be processed by our third party payment provider, and the payment data you submit will be securely stored and encrypted by our payment service provider using up to date industry standards. Please note that we do not ourselves directly process or store the debit/credit card data that you submit, but third party service providers may do so on our behalf, in accordance with this Privacy Policy.

8. SECURITY

We take the security of our guests’ data very seriously and we use appropriate measures to protect all personal information collected in a secure, controlled environment consistent with GDPR legislation.

The personal data that we collect from you may be is stored on UK based servers.

Unfortunately, the transmission of information over the internet or public communications networks can never be completely secure. When you submit your personal information through our websites this at your own risk.

9. DATA RETENTION

We will only retain your personal data for as long as we require those personal data in connection with the purposes set out in this Privacy Policy, except where we are required or permitted, under applicable law, to retain your personal data for additional periods of time. Information provided for reservations and kept on Table Agent booking engine will be deleted after sixty months, after which the only data retained will be anonymised booking data. Information provided on our Contractor and Visitors log will be retained for twenty four months, after which it will be deleted. If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

10. YOUR DATA PROTECTION RIGHTS

Subject to applicable law, you may have the following rights in relation to your personal data:

The right to request access to, or copies of, your personal data that we process.
The right to request correction of any inaccuracies in your personal data.
The right to object, on legitimate grounds, to the processing of your personal data.
The right to request that your personal data are deleted. This does not affect your statutory rights. If you wish to exercise any of these rights please contact us as described in the section below headed ‘Contact’. We may also need to ask you for further information to verify your identity before we can respond to any request.

11. CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our Privacy Policy in the future will be posted on this page. Please check back frequently to see any updates or modifications.