Viking Restaurant General Privacy Policy
General Data Protection Regulation (GDPR)
Privacy Notice for external use
We issue this privacy notice in the interests of transparency over how we use (“process”) the personal data that we collect from our Customers, suppliers and third parties (“you”).
Personal data for these purposes means any information relating to an identified or identifiable person.
“Sensitive personal data” means personal data consisting of information as to –
- The racial or ethnic origin of the individual,
- Their political opinions,
- Their religious or philosophical beliefs,
- Their membership of a trade union,
- Their physical or mental health or condition,
- Their sexual life,
- The commission or alleged commission by them of any offence,
- Any proceedings for any offence committed or alleged to have been committed by them, the disposal of such proceedings or the sentence of any court in such proceedings,
- Genetic data; and
- Biometric data where processed to uniquely identify a person (for example a photo in an electronic passport)
Data Controller
For data protection purposes the “data controller” means the person or organisation who determines the purposes for which and the manner in which any personal data is processed.
The data controller is Viking Restaurant
The Administrator for the data controller can be contacted by emailing on reservations@vikingrestaurant.ae
What personal data is collected?
GDPR EXTERNAL DATA PRIVACY NOTICE for VIKING RESTAURANT.
- Personal contact details such as name, title.
- If provided personal email address and personal mobile phone numbers.
- CCTV footage and other information obtained through electronic means such as computerised records.
For you we do not collect, store and use sensitive personal data.
For you we do not collect, store and use sensitive personal data.
How data is collected from you.
Your personal details are collected through direct communications “(Telephone, email)” with you or your company.
We do not collect data through targeting technologies “(Website)”. However if you email us through the website we may retain information from this email.
Purpose of processing the data
It is necessary for us to process this personal data for the following reasons:
- We will need the information in order to carry out Contracted works
- We will need to maintain that information for the general purposes of the ongoing relationship including health and safety of our individuals on your premises.
Some examples of the specific situations in which we will use your personal data are: contact you regarding projects that you are carrying out, contact you to maintain the contract i.e. to inform you of start dates, operatives details, health and safety paperwork and discuss the account. The purchasing of supplies.
Our legal basis for processing personal data of our customers, suppliers and third parties is that:
- Processing the personal data is necessary for the purpose of carrying out the contract.
- Processing is necessary to comply with a legal obligation (for example we are obliged under contract law to keep information for 12 years)
- Processing the data is necessary for the purposes of our “legitimate interests” as the data controller (except where such interests are overridden by the interests, rights or freedoms of the individual).
Our “legitimate interests” for these purposes are:
- The need to process data on customers, suppliers and third parties for the purposes of carrying out the contract;
- The need to gather data on customers for the purposes safeguarding the health and safety of our individuals;
- The need to process personal data for the purposes of entering into contract with the customer, supplier and third party.
Recipients of personal data
Your personal data may be received by the following categories of people:
- Our Sales and marketing team;
- Contracts Manager;
- Finance team;
- Any individual authorised by us to maintain your files;
- Our professional advisers;
- Appropriate external regulators and authorities (such as HSE)
A small amount of your personal data “(Name, Mobile number, signature)” maybe uploaded on to our online platform or booking system and will be accessible by our operatives and you, where requested. This is for the purposes of contact details for our operatives and daily work records where requested.
We do not envisage that your data would be transferred to a country outside the EEA. If we perceive the need to do that we would discuss that with you and explain the legal basis for the transfer of the data at that stage.
Duration of storage of personal data
We will keep personal data for no longer than is strictly necessary, having regard to the original purpose for which the data was processed. In some cases we will be legally obliged to keep your data for a set period.
Your rights in relation to your personal data
- The right to be forgotten
You have the right to request that your personal data is deleted if:
- it is no longer necessary for us to store that data having regard to the purposes for which it was originally collected; or
- In circumstances where we rely solely on your consent to process the data (and have no other legal basis for processing the data), you withdraw your consent to the data being processed; or
- You object to the processing of the data for good reasons which are not overridden by another compelling reason for us to retain the data; or
- The data was unlawfully processed; or e) the data needs to be deleted to comply with a legal obligation.
However, we can refuse to comply with a request to delete your personal data where we process that data:
- To exercise the right of freedom of expression and information;
- To comply with a legal obligation or the performance of a public interest task or exercise of official authority;
- For public health purposes in the public interest;
- For archiving purposes in the public interest, historical research or statistical purposes;
- The exercise or defence of legal claims.
The Viking Restaurant is a chance to experience the feast of the Vikings with a contemporary touch.