PRIVACY POLICY

SOUTH WEST LARDER

Definition

The purpose of this Policy is to set out the terms of South West Larders (Somerset Larder’s) position on the collection, use and disclosure of personal information that is obtained when you visit our website or that is provided by you (the customer).

We take your right to privacy seriously and are committed to protecting and respecting your privacy a tall times and should we ask you to provide information by which you can be identified, you (the customer) can be assured that these details will only be used in accordance with this Privacy Policy and only for the reasons you are aware of.

Somerset Larder’s website is ultimately controlled by South West Larder Ltd (Company number 11481919) registered in England and Wales and our registered office is 300 Thames Valley Park Drive, Reading, Berkshire RG6 1PT.

Document Owner & Approver

Document Owner	Stephen Stapenhill-Hunt	29^th July 2019
Approvers	Steven Braithwaite	29^th July 2019

Document Version Control

Version	Version Date	Document History	Revision Date
1.0	29^th July 2019	1^st Formatted	28^th July 2020
2.0	10^thMay 2021	Review	9^th May 2023
3.0	24^th November 2023	Review	23^rd November 2023

For distribution to all

About this Privacy Policy (Notice)

The following references to (we, us or our) mean South West Larder Limited (Somerset Larder) who we are;

References to (you or your) means you the customer, the person accessing our website or the person providing the personal information as explained in this privacy notice;

All references to the website are in line with South West Larders website;

South West Larder is committed to protecting and respecting your privacy. We take your privacy very seriously and we ask that you read this Privacy Notice carefully as it contains important information on:

The personal data we collect about you;
- How we look after your personal data when you visit our website (regardless of where you visit from);
- With whom your personal data might be shared; and
- Your Privacy Rights and how law protects you.

Personal information is the information that is about you and which identifies you, this being:

Full name;
- Email address;
- Telephone number;
- CV, covering letter and or other application details;
- Enquiry information;

We collect personal data about you when you:

Contact us through our website (including if you fill in the enquiry form;
- Consent to the use of cookies on our website (as further described in this policy);
- Apply for a vacancy.

Our website is not intended for children and we do not knowingly collect data relating to children, neither do we collect health information.

However, our website does include text boxes which are designed for you to provide us with further information, and you should be aware that information you freely submit may reveal to us certain information that may be considered special category personal information such as information relating to your allergens;

We request that you read this Privacy Policy when we are collecting or processing personal information about you so that you are fully aware of how and why we are using your personal information. This Privacy Policy supplements the other notices and is not intended to override them.

Who is responsible for the personal information we collect?

We (South West Larder / Somerset Larder) are the data controller for the purpose of Data Protection Law, in respect of to the personal information collected or obtained as outlined with this our Privacy Policy. This is because we dictate the purpose for which your personal information is used and how we use your personal information.

Should you have any questions regarding this Privacy Policy or the way we use your personal information, you can contact our Privacy and Compliance Manager at info@southwestlarder.co.uk

What personal information do we hold about you?

As stated in details above, we may collect and process the following categories of information about you for different reasons, depending on why you are in contact with us:-

Full name;
Email address;
Telephone number;
CV, covering letter and or other application details;
Enquiry information;

If you give us personal information on behalf of someone else, you confirm that the other person has appointed you to act on his / her behalf and has agreed that you can:

Give consent on his / her behalf to the processing of his / her personal data;
Receive on his / her behalf any data protection notices;
Give consent to the transfer of his / her personal data outside the United Kingdom (UK) and the European Economic Area (EEA).

How we will use personal information we hold about you

Under Data Protection Law we can only use your personal information when there is a legal basis for us to do so. Most commonly, we will use your personal information in the following circumstances:-

Where we need to perform the contract we are about to enter into or have entered into with you, for example in relation to job applicants, contractors and or suppliers (for the performance of a contract with you) of which you have given your consent to;

Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (for our legitimate interests of for a third party’s legitimate interests);

Where we need to comply with a legal or regulatory obligation (to comply with our legal obligations);

Where we or another person need to do so as part of carrying out a task in the public interest or carrying out public functions which are laid down in law, for example exercising statutory rights and carrying out our legal duties under our licences to operate;

We may monitor and record communications with you (such as emails) for the purpose of quality assurance, fraud prevention and compliance activities;

Where you provide us with your express or explicit consent (with your consent);

What we use your personal data for	Our legal basis
Process any orders for goods and / or services which you make with us	Performance of a contract with you or to take to enter into a contract at your request.
Assist you with your queries in relation to our business	Performance of a contract with you or to take steps at your request before entering into a contract.
Review any job application you submit to us.	Performance of a contract with you or to take steps at your request before entering into a contract.
Detect and prevent fraud.	Compliance with our Legal and Regulatory Obligations.
Customise our website and it’s content to your particular preferences	Consent (where we are not required to obtain your consent and do not do so, or our legitimate interests i.e. to provide you with information (as a prospect or existing customer) we consider may be useful to you).
Notify you of any changes to out website or to our services that may affect you.	Compliance with our legal and regulatory obligations.
Provide you with marketing materials and information about our business and services.	Consent (where we are not required to obtain your consent and do not do so, for our legitimate interests i.e. to provide you with information (as a prospect or existing customer) we consider may be useful to you).
Develop and improve our website, business and services.	Consent (where we are not required to obtain your consent and do not do so, for our legitimate interests i.e. to provide you with information (as a prospect or existing customer) we consider may be useful to you).

Your personal information may be used by us, our employees, service providers and disclosed to third parties for a number of different purposes which we have set out below. For each of these purposes, we have set out the legal basis we rely on to do so.

Please note: We may process your personal information on more than one legal basis depending on the specific purposes for which we are using your personal information. Please contact our Privacy and Compliance Manager if you need details about the specific legal basis we are relying on to process your personal information where more than on legal basis has been identified, this includes recruitment and other purposes not relating to recruitment or employment.

When we might share your personal data with third parties

We do not, and will not sell any of your personal data to any third party – including your name or email address. As an essential part of being able to provide our services to you, we do however, share your data with the following categories of third parties:

Service Providers that help us run our business, such as website hosting providers, website developers, and newsletter distribution;

Professional advisers, including lawyers, bankers, auditors, and insurers who provide advice to us when we require it;

Law Enforcement Agencies in connection with any investigation to help prevent unlawful activity, these may be Government departments, governmental agencies, regulatory organisations and justice agencies (including the courts, tribunals, policy, security services, Her Majesty’s Revenue and Customs, local authorities, the Home Office, the Information Commissioner, the Health and Safety Executive, and other regulators and law enforcement bodies;

Third Party Service Providers to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may see to acquire other businesses or merge with them. Or a business involved in the business / maintenance works and other aspects of the business – Including third party contractors. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.

Our Group Companies or other companies and entities within the group of South West Larder Limited trading as Somerset Larder Limited;

Our Service Providers – our business partners, suppliers, contractors and their sub-contractors for the performance of any contract we enter into with you or for the performance of any contract we enter into with them which relates to our business and under which they delivery work and services to us, including works and services which may involve processing personal information on our behalf such as IT service providers;

Our Banks, Insurers, Professional Advisers & Agents – including our banks, accountants, lawyers, insurers, brokers, agents, consultants and other professional advisers that assist us in carrying out our business activities and public functions;

Health Professional & Emergency Services – In the event of an emergency we may disclose personal information to health and medical professionals and emergency services where the health, safety or security of a person is at risk;

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specific purposes and in accordance with our instructions. If you would like any more information about the third parties which we work with to provide our services to you, please contact us on the contact details provided in this Privacy Notice.

Third party links

Our website may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for how they handle your personal information.

How we ask for consent

We may need to request specific information from you to help us confirm your identity and ensure your right access to your personal information (or to exercise any of your other rights). This is a security measure to ensure that your personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

When requesting this information we will ask you to check a box on any form requiring consent. By checking these boxes, you are confirming that you have been informed as to why we are collecting the information, howe this information will be used, for how long the information will be kept, who else will have access to this information and what your rights are as a data subject (all of which is set out in this privacy notice).

How we protect your personal information

To support with the protection of your personal data, we have put in place appropriate technical and organisational security measures to prevent your personal information from being accidentally lost, altered, used, disclosed or accessed in an unauthorised way. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to access this only and who are subject to a duty of confidentiality. In the case of third party data processors, they will only process your personal information on our instructions and have their own legal obligations under data protection law to protect your personal information and keep it secure.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any application regulator of a breach where we are legally required to do so.

All employees, contractors and sub-contractors receive the necessary training and resources to ensure they understand their responsibilities in relation to all of our policies and procedures.

In addition to these operational measures, we also use a range of technologies and security systems to reinforce the policies and procedures, including ensuring that:

Access to personal data is strictly restricted to those employees who need to access this information as part of their role;
Unauthorised external access to personal tata is prevented through the use of a firewall; and
Your personal data is stored on secure servers.

To make sure that these measures are suitable, we run vulnerability tests regularly. Audits to identify areas of weakness and non-compliance are routinely scheduled.

Failure to provide us with your personal information

We may be required to obtain your personal information to comply with our legal obligations or for the performance of our contract with you or to fulfil a request you have made. If you do not provide the relevant personal information to us, we may not be able to enter into the contract with you or properly perform our obligations under it. We may also be unable to fulfil your request.

Where your failure to provide information breaches a legal obligation we may be required to report this to regulators or law enforcement bodies. We will generally notify you of the consequences of failing to provide us with required information at the time.

How long we will keep your personal information for

We will only retain your personal information for as long as necessary to fulfil the purposes we collect it for, including the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal information we hold, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information (and whether we can achieve those purposes through other means) and the applicable legal requirements.

In some circumstances we may anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Where we will transfer your personal information

To deliver services to you, it is sometimes necessary for us to share your personal information outside the European Economic Area (EEA) e.g.:-

Where members of our staff needs to access your personal information remotely while they are travelling outside of the EEA;

If you are based outside the EEA;

These transfers are subject to special rules under European and UK data protection law. In those circumstances, we undertake an assessment of the level of protection in light of the circumstance surrounding the transfer. We will make sure that any transfers are limited to the minimum amount of personal information possible and will always take steps to ensure that your personal information is adequately protected. In certain circumstances we may need to see your consent unless there is an overriding legal need to transfer the personal information.

Your rights and choices in relation to your personal information

You may have certain rights with respect to your personal information. The rights may only apply in certain circumstances and are subject to certain exemptions. Please see the information below for a summary of your rights. You can exercise these rights by contacting the Data Protection Manager:-

Rights to access your personal information – at any point you can contact us to request the information we hold about you as well as why we have that information, who has access to the information and where we got the information. Once we have received your request, we will respond within 30 days;

Right to rectify your personal information – If the information we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated;

Right to erase of your personal information – If you feel that we should no longer be using your information or that we are illegally using your information, you can request that we erase the information we hold. When we receive your request, we will confirm whether the information has been deleted or tell you the reason why it cannot be deleted;

Right to object to the use of your personal information – You have the right to request that we stop processing your information. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your information to comply with your other rights.

The right to ask us to stop contacting you with direct marketing – You have the right to request that we stop contacting you with direct marketing.

Right to data portability – You have the right to request that we transfer your information to another controller. Once we have received you request, we will comply where it is feasible to do so. For your security we may need to verify your identity before we process your instructions above;

Right to withdraw consent – If you have provided us with your consent to use your personal data, you have a right to withdraw that consent at any time. You may withdraw your consent by contacting us.

For further information on each of those rights and / or if you would like to exercise any of those rights including the circumstances in which they do not apply, please contact us on the contact details provided in this Privacy Notice.

Automated decision making

We do not undertake any processing of your personal information by automated means in order to make decisions about you.

No fee usually required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Cookies & Tracking

Use of cookies

A cookie is a small text file which is placed onto your devise when you access our website. We use cookies on our website to:

Recognise you whenever you visit our website (this speeds up your access to the website as you not have to long in each time).
Obtain information about your personal preferences, online movements, and use of the internet;
Carry out research and statistical analysis to help improve our content, products and services and to help us better understand our customer requirements and interests;
Target our marketing and advertising campaigns more effectively by providing interest-based advertisements that are personalised to your interests; and
Make your online experiences more efficient and enjoyable.

In most cases we will need your clear, freely given, specific and informed consent in order to use cookies on our website. The exception is where the cookie is essential, meaning that it is required to ensure that the website functions properly.

Consent of Cookies

We will always ask for your permission to place cookies or other similar technologies on your device when you first visit our website, except where they are essential for us to provide you with a service that you have requested. You can withdraw any consent to the use of cookies or manage any other cookie preferences by using the cookies preferences tool on our website. If you do this, please be aware that you may lose some of the functionality of website.

For further information about cookies and how to disable them, please go to the Information Commissioner’s webpage on cookies (https://ico.org.uk/for-the-public/online/cookies/).

Description of Cookies

We use the following cookies and other technologies:

Essential: These cookies are essential to the operation of our website and cannot be switched off.
Analytics: These cookies allow us to have a better understanding of how our website is performing in terms of statistics, engagement levels, content relevance and ease of navigation. We use this information to help improve our website’s functionalities and content as well as your browsing experience.
Advertising: These cookies may be set by third parties. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites, based on uniquely identifying your browser and internet device and recording your visit to our website, the pages you have visited and the links you have followed:

The table below provides some information on the cookies which we use on our website:

(Example)

Cookie	Service	Purpose	Expiry
Wp_test_cookie	Website	To allow the site to function correctly	When the browser closes
OptanonConsent	One Trust	It stores information about the categories of cookies the site uses and whether the visitor has given or withdrawn consent for the use of each category	1 year
_utma	Google Analytics	Used to distinguish users and sessions, site performance and traffic monitoring.	2 years

Take Care when linking to our Social Media Sites

Our website provides links to our social media sites. Once on any of these social media sites, please take care if you choose to post any information, as this will be on a public domain and may be widely accessible. If you would like more information about how any information posted on these sites will be used, please read the sites privacy notice carefully.

Time limit to respond

We try to respond to all legitimate requests within one month, however, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated of our timescales. For more detailed information on our GDPR Regulations please see our Data Protection Policy.

Website cookies and third party links

A cookie is a small text file that’s stored on your computer or mobile device when you visit a website.

We use cookies to:-

Remember your preferences;

Tailor our sites and services to your interests;

You can set your browser not to accept cookies and the website below can give more information about deleting and controlling cookies www.aboutcookies.org

Changes to our Privacy Policy & your duty to inform us of changes

This Privacy Policy was last updated as per the document control table at the front of this document.

Any changes we make to this Privacy Policy will take effect as soon as it has been updated or otherwise communicated out.

Please ensure that you keep us informed of your personal information changes during your relationship with us.

How to complain

Please contact us if you have any queries or concerns about our use of your personal data (see Contacting below). We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) directly. Further information, including contact details is available at http://ico.org.uk

Contacting us

If you have any questions about this Privacy Notice, need further information about how we use your personal data or wish to lodge a complaint, please contact us by any of the following means:

By contacting:
Privacy & Compliance Manager
South West Larder
Suite A
Compass House
North Petherton
Bridgwater
TA6 6FA

info@southwestlarder.co.uk or
dataprotection@wshlimited.com or
Using the contact page on our website.

_______________________________________

Steven Braithwaite

Managing Director
South West Larder Limited

PRIVACY POLICY

open the larder

SOUTH WEST LARDER

PRIVACY POLICY