Order Produce

Privacy Policy

  • 1. Introduction

    We take data protection seriously.

    This privacy notice explains what personal data we may collect about you, why we collect it and how we may use it, and what rights you have in respect of your personal data.

    We are a data controller in respect of your personal data. This means that we make decisions about how to use your personal data for our business, and we are legally responsible for those decisions.

    From time to time we employ Boomerang Creative Limited, who may also become data controllers in respect of your personal data. Boomerang Creative Limited provides us with IT support; electronic data storage; website services; website hosting, creative design and marketing services.

    This privacy notice also applies to Boomerang Creative Limited.

    We’ll only use your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable laws. We’ll obtain your consent to our use of your personal data where it’s necessary or appropriate.

  • 2. Your personal data

    Personal data is information that can be used to identify you, such as your name, telephone number and email address.

    We may collect your personal data from the following sources:

    • you directly (e.g. by booking a table with us, if you correspond with us by email, or you apply for employment with us);
    • you indirectly (e.g. information collected when you browse our website, such as your IP address); and
    • social media (e.g. LinkedIn, Facebook and Twitter).
  • 3. Who we collect and use personal data about

    We collect and use personal data about:

    • customers and prospective customers;
    • suppliers and prospective suppliers;
    • advisers and other professional experts;
    • employees and prospective employees; and
    • enquirers, complainants.
  • 4. Types of personal data that we may collect and use

    The types of personal data that we may (depending on the circumstances) collect and use includes:

    • personal details;
    • business activities;
    • goods and services provided;
    • family details;
    • financial details;
    • lifestyle and social circumstances;
    • employment and education details, and all information contained in references (if you apply for employment with us).

    For example, when you make a booking with us, you’ll be asked to provide your name, mobile number and email address.

    We may also collect and use special category data.

    Special category data includes information about an individual’s criminal record, race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, sex life, or sexual orientation. We will process any special category data only where necessary, and in accordance with the GDPR.

    For example, we may process information about your health in booking requests.

    By way of further example, if you apply for employment with us, we may process information about any offences or alleged offences you’ve committed.

  • 5. Why we collect and how we may use your personal data

    We may collect and use your personal data to:

    • provide you with our products services;
    • respond to an enquiry you make about our products and services;
    • decide whether to provide you with our products and services, or to agree to you providing us with your products and services;
    • to manage our business or employment relationship with you;
    • comply with our legal obligations; and
    • further our legitimate business interests (see Our legitimate interests).

    We may also notify you of additional ways in which we use your personal data.

  • 6. Our legitimate interests

    We may collect and use personal data for our legitimate interests, such as:

    • selling and supplying our products and services;
    • maintaining the health, safety and welfare of our customers, employees and other individuals;
    • preventing fraud;
    • handling contacts, queries and disputes;
    • promoting, marketing and advertising our products and services;
    • understanding customer activities, preferences and needs;
    • improving our products and services;
    • complying with our legal obligations and handling legal claims; and
    • fulfilling our duties to our shareholders and other stakeholders.
  • 7. Our employment and recruitment procedures

    We collect and use personal data as part of our employment application procedure.

    If we conclude an employment contract with you, we’ll comply with all legal requirements regarding the use of your personal data during your employment with us.

    If you apply for employment with us and we do not employ you for whatever reason, we’ll securely delete your personal information within two months, unless we have a legitimate interest in retaining your personal data (in which case, we’ll securely delete your personal data as soon as we cease to have a legitimate interest in retaining this).

  • 8. Your consent to our use of your personal data

    There are six legal bases on which we may be entitled to collect and use your personal data, which means that your express consent is not always required.

    For example, the law allows us to collect and use personal data to perform contracts, or where this is necessary for our legitimate interests – provided our use of the personal data is fair and balanced.

    Where you provide us with your consent, you can withdraw this at any time by contacting us on 01488 657300. Alternatively, you can email us at info@fivebellswickham.co.uk or write to us at Five Bells, Baydon Road, Wickham, Newbury, Berkshire, RG20 8HH.

  • 9. Sharing your personal data with third parties

    We will never sell your personal data.

    To provide our products and services, and to administer and support our business, we may need to share your personal data to the minimum extent necessary with our suppliers and service partners, such as:

    • Boomerang Creative Limited (see Introduction section);
    • ResDiary, our external online restaurant booking and reservation provider;
    • external marketing companies to create, send and manage marketing communications in respect of our products and services; and
    • our professional advisers (e.g. accountants and lawyers).

    We may also need to share your personal data with other organisations, such as:

    • courts;
    • regulatory authorities;
    • police forces and security organisations;
    • credit reference agencies;
    • debt collection and tracing agencies;
    • local and central government;
    • current, past or prospective employers;
    • educators and examining bodies; and
    • pension providers.

    Where it’s necessary for us to share your personal data with anybody else, we’ll comply with all laws, including the GDPR. Amongst other things:

    • we impose contractual obligations on our suppliers and service partners to secure your personal data, and to ensure that your personal data is only used to provide services to you and us, and for no other purposes; and
    • where our data is held by third parties (e.g. in ResDiary or Boomerang Creative Limited servers or on cloud storage systems), personal data is only accessible by individuals who need to access to the data.
  • 10. Cookies

    Cookies are small pieces of computer code that may be stored on your computer, mobile or other device when you visit our website. Cookies do not give access to the rest of your computer.

    There are three main types of cookie:

    Type of cookie

    Purpose of cookie

    Capable of being turned off

    Necessary cookie

    Necessary for websites and applications to function properly.


    Performance cookie

    Improves performance and functionality of websites, or collects information to enable the functionality and performance of websites to be improved.

    For example, information may be collected about the number of site users, the traffic sources, which website pages are the most and least popular, and how visitors move around the website.


    However, if turned off we will not be able to tell you have visited our website.

    Functional cookie

    These cookies are for extra functionality on our website such as social media plugins and are likely to be set by third party providers such as facebook, twitter, Instagram and LinkedIn.


    However, if turned off some parts of the website may not function correctly.

    Cookies may also be session cookies that expire when you close your browser, or persistent cookies that remain on your computer until you remove them. Persistent cookies enable websites to remember you and your preferences.

    Our website may use necessary, performance and functional cookies. Where we use performance cookies, all information is aggregated and therefore anonymous. You can manage your cookie preferences here

    You can modify cookie settings within your browser. The websites www.aboutcookies.org.uk and www.youronlinechoices.eu provides information and help on how to do this.

    However, if you do not agree to, restrict or delete cookies, this may have a negative impact on the functionality of our website.

  • 11. Google analytics

    We may use Google Analytics, a service which uses cookies to enable website operators to analyse how their website is being used.

    If we use Google Analytics, information about your use of our website (including your IP address) may be sent to Google and stored on servers outside of the EEA. Google would then use this information to help us to analyse and improve our website, including providing us with reports.

    Google may also be required to transfer the information to third parties where required to do so by law, or where third parties provide services on Google’s behalf.

    We’ll only provide information to Google in accordance with Google’s policies and the GDPR.  Google is also required to comply with the GDPR.

  • 12. Name and address of the supervisory authority

    We are subject to the supervision of the Information Commissioner’s Office whose contact details are as follows:

    The Information Commissioner’s Office
    Wycliffe House
    SK9 5AF
    United Kingdom

    Phone: +44(0) 303 123 1113,
    Email: casework@ico.org.uk,
    website: https://ico.org.uk

  • 13. Security of personal data

    We have implemented technical and organisational measures to ensure our retention and use of personal data remains secure. However, the transmission of information via the internet is not completely secure and cannot be guaranteed.

    If you have a particular concern about a method of data retention or transfer, we’ll take reasonable steps to provide an alternative method.

  • 14. Transfers of personal data

    To deliver goods and services to you, it may sometimes be necessary for us to transfer personal data outside of the European Economic Area (e.g. if you or our service partners are located outside of the EEA). All transfers will be made in compliance with the GDPR and in accordance with the country-specific legislation.

  • 15. Accuracy and retention of personal data

    We verify personal data periodically to ensure that it’s kept up-to-date.

    We’ll only retain personal data for as long as it’s necessary for us to retain it. When it’s no longer necessary for us to retain your personal data, we’ll securely delete it.

    Generally, we’ll retain personal data for the statutory retention and/or limitation period which is relevant to the personal data. This is usually 6 years.

  • 16. Your personal data rights

    The GDPR provides you with the following rights:

    • your right to withdraw any consent you have given to our use of your personal data;
    • your right to obtain confirmation from us about whether we process your personal data, and if so, how;
    • your right to be provided with a copy of any personal data that we hold about you;
    • your right to object to our use of your personal data;
    • your right not to be subject to a decision made by us on based on automated processing of personal data;
    • your right to the prompt correction and/or completion of any inaccurate and/or incomplete personal data that we hold about you;
    • your right to be informed if your personal data has been compromised;
    • your right to request us to transfer your personal data to a third party;
    • In certain circumstances, you may have the right to be forgotten (i.e. to require us to delete your personal data);
    • in certain situations, you may have the right to restrict how we use your personal data (e.g. where there is a disagreement about its accuracy or legitimate use); and
    • your right to complain about us to a supervisory authority (in the UK, the Information Commissioner’s Office).

    We may ask you for proof of your identity and address to ensure that we are authorised to disclose information to you.

  • 17. General

    This privacy notice shall be governed by and interpreted in accordance with the law of England and Wales. All disputes arising under this notice shall be subject to the exclusive jurisdiction of the English courts.

    We may make changes to this notice to reflect changes in the law or our privacy practice. Any changes we make will be posted on our website and, where appropriate, notified to you in writing (e.g. by email).

    If you have any questions about this privacy notice, please contact us on 01488 657300. Alternatively, you can email us at info@fivebellswickham.co.uk or write to us at Five Bells, Baydon Road, Wickham, Newbury, Berkshire, RG20 8HH.

Stay In Touch with us...

Sign up to be the first to receive special news and event updates from The Five Bells

We will never pass your details to anyone else and you can unsubscribe from any email that you receive from us.

Subscribe to our newletter

* indicates required