YOUR PRIVACY SUMMARY
Your privacy is important to us.
It is The Cheshire Bakehouse's policy to respect your privacy regarding any information we may collect from you across our website, .
We only ask for personal information when we truly need it to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used.
We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we’ll protect within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.
We don’t share any personally identifying information publicly or with third-parties, except when required to by law.
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.
You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some of your desired services.
Your continued use of our website will be regarded as acceptance of our practices around privacy and personal information. If you have any questions about how we handle user data and personal information, feel free to contact us.
This policy is effective as of 1 April 2020.
The EU General Data Protection Regulations
The EU General Data Protection Regulations (GDPR) require all companies to treat personal information collected or handled securely and maintain accurate records as to how this information is stored and used. The Cheshire Bakehouse recognise that your privacy is important. This document details the information regarding personal data that The Cheshire Bakehouse collects, stores and uses.
The Cheshire Bakehouse will comply in full with the principals of the GDPR that requires that personal data shall be:
Processed lawfully, fairly and in a transparent manner in relation to individuals; Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay; Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
How we collect personal information
The Cheshire Bakehouse collects personal information via the following means:
• Personal Meetings
• Telephone Calls
• Online printed Forms
About Your Rights
All personnel that The Cheshire Bakehouse hold personal information on have the following rights:
• The right to be informed of the data being held
• The rights of access to the information being held
• The rights to rectification of any errors in the information being held
• The rights to have the information destroyed
• The rights to restrict the use of the information
• Subject Access Request
You can request a copy of the data we hold on you at any time and will provide it within 1 month of receiving your request in writing, if not sooner.
You have the right to request access to a copy of the personal information that we hold about you. This is also known as a ‘Subject Access Request’. This information is provided to you free of charge.
If you would like to submit a Subject Access Request, please contact us at this email address
We will respond to your request without delay and at the latest, within 1 month of receipt of your request.
About Data Retention
All data transferred to us by third parties will be stored in a restricted area of our secure server.
It will be held there until either the data is no longer required or the transferee has requested us to destroy the data. Data transferred to us will be disposed of using an electronic shredder. Data that has not been used will be destroyed by secure means after a period no greater than 12 months.
All data collected on employees will be held for at least 5 years after employment ceases for archiving purposes unless requested to do otherwise.
All data collected on customers or potential customers will be held whilst ever that data is considered useful or unless requested to do otherwise. The Data will be reviewed at least annually.
What happens if data is compromised
If at any time we become aware that your data has been compromised, or that a breach of our systems has occurred, which has an impact on the security of your data, we will notify the Information Commissioner’s Office, and you, without undue delay.
Our Contact Details