Privacy policy for Haven iOrder App
1. Introduction
1.1 At Haven we are committed to protecting and respecting your privacy, whilst striving to provide the very best guest experience. We work very hard to keep your information safe and we want our services to be safe and enjoyable for everyone. We follow strict security procedures on how personal information is stored and used and who sees it to help stop any unauthorised person getting hold of it.
1.2 This privacy policy (and any other documents referred to in it) sets out the basis on which we will process and use any personal information that we collect from you when using our Haven Serve app. Please read this privacy policy carefully to understand our practices regarding your personal information and how we will treat it.
1.3 This privacy policy was last updated on 15 March 2021
2. Identity and Contact Details
2.1 We have a legal duty to protect personal information that we collect under Privacy Legislation such as, the Data Protection Act 2018 (the "DPA") and the Privacy and Electronic Communications Regulations 2003 (PECR).
2.2 For the purpose of the DPA and PECR, we are the data controller and are located at One Park Lane, Hemel Hempstead, HP2 4YL. If you have any queries relating to this policy, you may also contact us at privacy@Haven.com.
3. Personal information we collect from you and how we use it
When you create an account to use our Haven Serve app, we will ask you to provide information about yourself to create the account. We will also capture further information as you use the app.
Details of this information are set out below:
Name & title
Email address
Password (this is stored in an encrypted form)
Your location using GPS data from your device
Favourite locations
Transactional information (items you order, value of order)
Payment information (this is processed by our online payments processor. We only process encrypted payment information).
Why is the data for items 3.1 collected?
The information collected from you and other applicable sources is needed for us to:
Validate your identity to enable us to accept & process your booking
Protect you and Haven from fraud and other illegal activities
Allow us to fulfil your order
Administer your Haven Serve account
Improve and maintain our services and system.
Legal Grounds for processing the above data
a) For the performance of a contract to provide you with your order.
b) In our Legitimate Interests to:
Manage our business & improve our customer offerings
Develop and improve our services
Protect Haven and customers from fraudulent or illegal activities
3.1 How we use Sensitive Personal Information
We do not normally collect sensitive personal information from you. However, if you make us aware of any special requests, for your order including anything due to specific medical, dietary or religious requirements, we will note these so that we can do our best to meet your request.
Legal Grounds for processing the above data
c) Consent - we will process this data only for the purpose(s) you have consented to and not for any other purpose
4. How We Share Personal Information
4.1 We do not share customer personal information with third parties for the purposes of the third-party sending marketing information.
4.2 We share our customer personal information collected through Haven Serve, as necessary, with the following third parties:
a) Any member of our group, which includes our subsidiaries
b) Selected third parties, such as business partners and service providers where we ask them to provide services which help us to fulfil your orders through the Haven Serve App. In these cases, the third parties act as Data Processors for us and your information remains in our care and under our control.
c) Prospective buyers of our business or assets.
d) Third parties, such as the police and regulatory authorities, to protect our rights, property, or the safety of our guests, staff and assets or when obliged to by court order or similar legal obligation.
e) Third parties, such as law firms and law courts, to enforce or apply any contract with you.
5. Where We Transfer and Store Personal Information
5.1 The personal information that we collect through the Haven Serve App will be transferred to, and stored at, destinations within the European Economic Area, (the "EEA") by Zonal Retail Data Systems Ltd. Bourne Leisure and Zonal Retail Data systems Ltd will take all steps reasonably necessary to keep your data secure in line with this privacy policy.
6. Retention of Personal Information
6.1 We will keep your personal information for limited and appropriate periods of time only.
6.2 We will retain your personal information for the period necessary to fulfil the purposes outlined in this privacy policy unless a longer retention period is required or allowed by law. If you need further information, please contact us at privacy@Haven.com
7. Your Rights in Your Personal Information
7.1 You have certain rights in respect of the personal information that we hold about you. Details of these rights are set out below. To exercise any of these rights, please contact us at privacy@Haven.com
7.2 We will process all personal data in line with your rights, in each case to the extent required by and in accordance with applicable law only (including in accordance with any applicable time limits and any requirements regarding fees and charges). We will respect your personal information rights in respect of:
a) Access
At your request we will confirm to you whether or not we are processing your personal information and if so, provide you with access to and a copy of such personal information and the other details to which you are entitled.
b) Rectification
We will correct any inaccurate personal data and complete any incomplete personal data (including by providing a supplementary statement) that we hold about you.
c) Erasure
We will erase your personal information at your request without undue delay, dependent on circumstances and specific exemptions.
d) Restriction
We will restrict the processing of your personal information in certain circumstances, if you ask us to do so.
e) Data portability
We will provide you or third parties on your behalf with a copy of any personal information that we hold about you which you have provided to us in a structured, commonly used and machine-readable format.
f) Objection (including objection to direct marketing)
You have the right to object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing.
g) Automated decisions and profiling.
We will not make legally binding decisions based on automated processing, including profiling, dependent on circumstances and specific exemptions.
8. How we look after your information
8.1 We treat your information with the utmost care and take all appropriate steps to protect it.
8.2 We secure access to all transactional areas of our websites and apps using 'https' technology.
8.3 Access to your personal information is password-protected, and sensitive data is secured and tokenised to ensure it is protected.
8.4 We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
9. Changes to Our Privacy Policy
9.1 We reserve the right to modify this privacy policy from time to time. Any changes we make in the future will be posted within the App. You should check back frequently to see any updates or changes to our privacy policy.
10. Contact and Complaints
10.1 Questions, concerns, comments, requests or complaints regarding this privacy policy, our website and/or our use of your personal information should be addressed to privacy@Haven.com
10.2 If you have any complaints regarding this privacy policy, you may also contact the UK Information Commissioner at telephone number 0303 123 1113 or https://ico.org.uk/