How we use your data
Here we cover the information we collect, what we do with it and what you can expect from our handling of your data. We strive to provide a great customer and user experience both in our shops and across our digital channels and platforms, which includes best practice with the collection, processing and sharing of data. If you have concerns, you can contact us and we’ll be pleased to discuss them.
This information is provided so you can make an informed decision when you use our digital platforms and features, including our website.
We collect information about:
- People that visit our website(s)
- People that subscribe to or read our email newsletter(s)
- People that contact us through our website
- People that interact with our social media posts or contact us through social media
1. Website Visitors
When someone visits our websites, which are hosted in the UK and accessed at cafe164.com and bakery164.com we use a number of services to enable us to serve the request and understand how our visitors consume it.
We offer an industry standard level of security across our website to improve the user experience, increase reliability and protect the information you may choose to submit to us. This is often known as SSL or secure sockets layer.
Your web browser will often indicate when a connection is secure, by displaying a notification message, e.g. ‘secure’ or displaying a symbol like a padlock. We aim to meet and exceed the industry standards for data security, however we cannot guarantee the security of data sent over the internet because of the variety of technologies and providers.
In servicing requests to our website, we rely on third party providers including CDN services. Your request or information that you submit to us through our website may pass through countries outside of the UK or Europe in fulfilling your request or submission.
Third party services, including Google Analytics and CloudFlare are used to improve the availability of our services and to understand the behaviour of visitors to our website and other digital services that we may provide from time to time.
This information does not include personally identifiable details, however it does tells us things like:
- Type of device used to visit the website
- Parts of the website that are most popular
- The features or aspects that are interacted with by a user
We collect this information on content that we produce and publish.
Web server log files are used to record standardised information on every request made to our website and the other resources we host. This information includes:
- The resource requested
- The time of the request
- Information on the device’s hardware and software making the request
- The IP address of the device or network making the request
This information is held for up to 2 calendar years and used for compliance, security and robustness purposes and is not normally used to identify individual users except where required for security or legal purposes.
2. Subscribers and readers of our emails and email newsletters
We store data to keep track of the people that subscribe to our emails, email newsletters and enter our competitions, including:
- User’s first name and last name
- User’s email address
- IP address of the device or network used to access the website
- Information to identify the hardware and software of the device used to access the website
- Geographic location of the device used to access the website
We use a third-party supplier, MailChimp, to securely store and process user data and analyse the behaviour of users.
Your information may be transmitted outside the United Kingdom and EU during subscription and processing.
We use secure methods including SSL and encryption to enhance the security of your data and prevent to the most possible extent the interception of your data as it travels over the internet, though we cannot guarantee the security of data as it travels over the internet or in the delivery of email.
Additionally, MailChimp collects user behaviour data on how subscribers and users consume our e-newsletter, which we use to improve our communications with our users. This information includes individual and aggregate information on emails opened and links clicked and by whom.
Where an action relates to a specific user or subscriber, such as an email open or link clicked, we may analyse this information to offer a better user experience, detect fraud, offer customised content and identify the content and experiences (some relating to paid campaigns from our brand partners) that particular users are interested in.
We may share or sell this data to the named third party company or brand partner when your data specifically relates to a promotion or campaign from that company or brand partner.
3. Users of the contact forms on our website
We provide contact forms on our website to enable users to contact 164.
When you enter information on our website in these cases, your information is transmitted over a secure connection between your computer and our website to prevent third parties from intercepting your information.
However, because of the nature of internet communications, the company cannot make any guarantees of the security of information transmitted over the internet.
The information collected will be appropriate to the subject matter of your enquiry, to enable your enquiry to be answered and responded to, and, where applicable, the commercial requirements of the brand sponsor.
The information collected will typically include:
- User’s first name and last name
- User’s email address
- IP address of the device or network used to access the website
- Information to identify the hardware and software of the device used to access the website
- Geographic location of the device used to enter the website, either estimated from the device or network’s IP address or from the device’s GPS capabilities (with a capable device and the user grants permission for the collection of this data)
- Date and time of the interaction
- Technical information relating to the interaction, such as device behaviour and cursor position on the screen
- Subject of the contact
- Enquiry text of the contact
- Telephone number of the user
- The types of communication the user wants to receive from us.
Where an action relates to a specific user or subscriber, such as an email open or link clicked, we may analyse this information to offer a better user experience, detect fraud, offer customised content and identify the content and experiences that particular users are interested in.
4. Users of our social media channels
We use Facebook, Twitter and Instagram as ways to disseminate our content to users and enable sharing of the content on our digital platforms. These social media channels also allow their users to send messages to the company and to leave comments against the content published via those channels.
The security of these social media channels is out of the control of the company and therefore the company takes no responsibility for it.
It is always advisable to check for a secure connection when entering any personal or sensitive information into a website or on social media.
These messages are likely to include personally identifiable information which has been previously entered, and, at a minimum, the user’s name and contact email address.
Your message, and associated information is stored and processed outside the United Kingdom and EU.