Le Chardon d’Or Ltd. 2019
Last updated: May 2019
This policy applies to:
• Visitors and users of website
• Our online voucher order service is provided by Voucher Cart their customer T&C’s can be viewed here
This policy explains:
• when and why we collect personal information from people who visit our website and complete forms
• how we use the information
• the conditions under which we may disclose the information to others
• how we keep it secure
By using our website, you consent to the data practices described in this statement.
How do we collect information from you?
We collect information related to how you interact with our software (including, but not limited to, clicks, page views, searches and steps taken to complete actions).
What type of information is collected from you?
In connection with your input of personal data on any forms on our website, Le Chardon d’Or Ltd collects the following personal information.
When you fill in a form enquiry:
Le Chardon d’Or Ltd. collects information such as:
• e-mail address
• telephone number
• special requests
• marketing preferences (whether you opt-in or opt-out)
When you fill out a form enquiry, we do not proactively collect personal information considered as sensitive personal information such as health-related information.
However, our forms may include questions which are designed for you to provide information you wish on dining preferences.
When you access our site:
There is “Device Information” about your computer hardware and software that is automatically collected by Google Analytics. This information can include:
• device type (e.g. mobile, computer, laptop, tablet)
• operating system
• IP address
• browser type
• browser information (e.g., type, language, and history)
• domain names
• access times
• referring website addresses
• other data about your device to provide the services as otherwise described in this policy.
We may receive your generic location (such as city or neighbourhood) or, with your consent, precise geographic location data when you browse our site from your mobile device.
How is your information used?
This information gathered by Le Chardon d’Or Ltd is used to maintain the quality of our service, and to provide general statistics regarding use of our site.
We may use your information to:
• process reservations
• notify you of your restaurant reservations
• pay deposits
• join wait lists
• provide you with new and improved features
• personalise your experiences on our Site
• seek your feedback on the services we provide
• let you know of changes in our services or terms and conditions
• send you marketing communications that you have opted into and you may be interested in
• collect data, including without limitation from you, with the purpose of improving the booking service and to provide feedback to the restaurant
• present a quality index for the restaurant industry
• collate and share aggregated or de-identified information at its absolute discretion, including but not limited to aggregate statistical data.
Consistent with above, we may communicate with you via electronic messages, including email (Microsoft outlook.com), text message, or mobile push notification to, for example:
• send you information relating to our products and services, including reservation confirmations and updates, receipts, technical notices, updates, security alerts, and support and administrative messages. • and/or, subject to you opting in, communicate with you about contests, offers, promotions, rewards, upcoming events, and other news about products and services offered by Le Chardon d’Or Ltd.
With your consent, we may contact you at the mobile phone number that you provide to us by way of direct dial calls and text messages in connection with the above Purposes.
Our Role as Data Controller and Data Processor
It is important to understand the difference between being a data controller and data processor.
When you fill a form on our site, we become the data controller for this information. This means we determine how your personal information is processed, how long your data is kept following making the form enquiry (retention period) and we maintain your marketing preferences.
When a diner books through the widget provided by ResDiary.com, ResDiary processes the data to Le Chardon d’Or Ltd.
When a diner chooses to create a profile on ResDiary.com then ResDiary become the controller for that personal data.
We review our retention periods on a regular basis. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as it is set out in any relevant contract you hold with us. If we recieve no contact from you, the longest period that we will hold your information is 24months, or until you request its deletion.
Who has access to your information?
Le Chardon d’Or Ltd does not sell, rent or lease its customer lists to third parties.
When you fill out a form request through our Site, such as a restaurant reservation, all details pertaining to the reservation are delivered to the restaurant’s email address via Umbraco Contour and server RackSpace in the UK. They are one of the leading Managed Security Service Providers in the world. Thousands of organisations, including global enterprises, use this company. Once received, the relevant (in-house) fully trained employee will process your enquiry/request and your information may be kept so that correspondence may be made with reference to that enquiry alone. When you request to ‘opt in’ you may be contacted on multiple occasions.
The notifications sent by email or SMS via our ResDiary system are to confirm your booking details and to send a survey out after dining.
Payment Card Information
Gift voucher services on our Site can be used via our data processor VoucherCart.com We require credit or debit card account information in order to process payments which is hosted by Secure Trading.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior consent. You can change your marketing preferences at any time by contacting us by email at [email protected]
If you would like to delete personal information relating to a booking or any data we hold, please contact the restaurant directly and allow five working days from the date of your request for your information to be removed.
Security precautions in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software, the Secure Socket Layer (SSL). When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
PCI Compliancy Statement
Credit cards are accepted for payments in house using one of our two GPRS terminals and processed by our security trained staff/management team. Merchant copy receipts are held and kept by our accounts department and the card's security code is NEVER recorded on this merchant receipt. Cardholder receipts are issued to our guests with partially concealed account details. Payments are also accepted over the phone and only ever processed by our management team. Card details are processed while the paying customer is on the line (using the cardholders security code) and the details are never recorded on paper or computer files. Merchant receipts are held by our accounts department and customer copies with partially concealed details are scanned and emailed to guests via secure PDF documents. Payments accepted online are made through third party host VoucherCart at https://brianmaule.vouchercart.com/ and are processed by SecureTrading. This Secure Trading account can only be accessed by our management team through the business computer over a secure IP address using two factor authentication with Microsoft Authenticator. This Secure Trading account is ONLY accessed in the instance of a customer incorrect purchase or the request of refund. The full customer account details are concealed and only partially revealed for refunding purposes.
Use of ‘cookies’
Opting Out: You can set your browser to not accept cookies, but this may limit your ability to use the Services.
Links to other websites
Le Chardon d’Or Ltd. website contains links to other websites. We only link to reputable sites, however we are not responsible for the privacy statements or other content on websites outside of our own.
Changes to this Statement
Who is the point of contact at Le Chardon d’Or Ltd. in the event of a data breach?
The point of contact from us is owner and operators Brian & Susan Maule, who are also our Data Protection Officers. They will invoke the data control procedure when required. Then they will report the breach to the relevant supervisory authority within 72 hours of our organisation becoming aware of it.
We will notify affected customers within 48 hours of becoming aware of the breach.