C
Order Now

Privacy Policy

Last Updated: May 2024 | Version 4.2

This Privacy Policy outlines how CASTLE MACLELLAN FOODS LIMITED ("the Company", "we", "us", or "our") collects, processes, and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA 2018).

1. Introduction and Scope

We are committed to being transparent about how we handle your personal information. This policy applies to our website (index.php), our mobile applications, and all interactions regarding our premium food delivery services. As a data controller, we are registered with the Information Commissioner’s Office (ICO) in the United Kingdom.

2. Data We Collect

We collect and process the following categories of personal data:

  • Identity Data: Name, title, and date of birth.
  • Contact Data: Billing address, delivery address, email address, and telephone numbers.
  • Financial Data: Bank account and payment card details (processed through secure, PCI-DSS compliant gateways).
  • Technical Data: IP address, login data, browser type and version, time zone setting, and operating system.
  • Profile Data: Your interests, preferences, feedback, and survey responses.

3. Legal Grounds for Processing

We rely on several legal bases to process your data, including: - Contractual Necessity: To fulfill your order and deliver food to your address. - Consent: For marketing communications where you have explicitly opted in. - Legal Obligation: For tax purposes and regulatory compliance. - Legitimate Interests: To improve our services and ensure the security of our network.

4. Data Retention and Security

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected. For financial records, this is typically seven years to comply with UK tax law. All data is stored on encrypted servers with restricted access controls. We implement industry-standard SSL/TLS encryption for all data transmissions.

5. Your Rights Under UK GDPR

You have the right to access, correct, or erase your data. You may also object to processing or request data portability. To exercise these rights, contact our Data Protection Officer at info@prairiefinance.sbs. We will respond to all requests within 30 days.

[Additional 800 words detailing third-party processors, international transfers, and automated decision-making protocols...]