Who are we?
Food Alert Limited is a limited company registered in England and Wales whose registered office is Kings Court, Water Lane, Wilmslow, Cheshire, United Kingdom, SK9 5AR. We operate as Data Controller for the information you provide to us.
Food Alert is committed to protecting your privacy and maintaining the security of any personal information received from you. We strictly adhere to the requirements of the General Data Protection Regulations (GDPR) in the UK.
The purpose of this statement is to explain to you what personal information we collect and how we may use it under the new General Data protection Regulations (EU) 2016 / 679 (GDPR). We have reviewed and updated our policies, processes and procedures to comply with the GDPR and have updated this Privacy Notice accordingly.
If you have any questions about the protection of your data, please email our Data Protection Officer: email@example.com
Click this link to report a concern to the ICO: https://ico.org.uk/concerns/
Personal information we collect when you interact with us
The personal information we collect includes:
When you order, we need to know your name, address, username, password, telephone number, email address and card details. This allows us to process and fulfil your order. You have the option to withhold personal information that is not required for the order process.
We use your personal information for payment, billing and access to e-learning materials which may be provided by third parties. We will only contact you with your consent.
We do not sell, rent or exchange your personal information with any third party for commercial reasons, beyond the essential requirement for credit/debit card validation during purchase. We may be required to give information to third parties such as expert witnesses, law enforcement agencies, courts and other professional advisers.
Food Alert never sends emails asking you to provide personal or credit card information. Food Alert does not disclose buyers’ information to third parties.
Web browser cookies
_gid – Online identifiers including cookie identifiers internet protocol addresses and device identifiers client identifiers.
adiV – The adiV cookie contains an identifier which is used by Response Tracker to track a visitor over time. This allows Response Tracker to show multiple visits made by a customer over time from the same browser. This cookie is set to expire 1 year after the visitor leaves the website.
_uetvid – This is a cookie utilised by Microsoft Bing Ads and is a tracking cookie. It allows us to engage with a user that has previously visited our website.
_hjid – cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_ga – Online identifiers including cookie identifiers internet protocol addresses and device identifiers client identifiers.
_gat_gtag_UA – Online identifiers including cookie identifiers internet protocol addresses and device identifiers client identifiers.
_gid – Online identifiers including cookie identifiers internet protocol addresses and device identifiers client identifiers.
_gcl_au – Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.
intercom-id-saz8xa7c – This cookie is used by Intercom as a session so that users can continue a chat as they move through the site.
hblid – a visitor identifier that we use only on your site to remember this visitor between visits.
wcsid – a session identifier that we use only on your site to keep track of a single chat session.
olfsk – storage identifier that we use to maintain chat state across pages (e.g. message history).
_okdetect – used for detecting when storage contexts have changed due to things like ssl or host transitions (helps maintain your chat across pages).
_okbk – extra state information (e.g. chat box being open/closed).
_ok – most recent Olark site ID (security measure).
_oklv – the Olark loader version (for improved caching).
_okla – used for caching purposes (loaded from CDN vs. loaded from our infrastructure).
_okgid – group id the visitor is locked to.
_okac – used for caching by setting a hash for assets to determine if they have changed and if they need to be refreshed.
_okck – used to test whether the visitor’s browser allows cookies to be stored.
wordpress_test_cookie – WordPress sets this cookie to see if your browser supports cookies (No identifiable information).
wordpress_logged_in_[hash] – indicates when you’re logged in, and who you are, for most interface use.
1P_JAR – Google cookie. These cookies are used to collect website statistics and track conversion rates.
ANID – The “ANID” cookie is used for advertising served across the web and stored in google.com.
NID – A Google cookie that stores preferences referring to a particular website.
__Secure-3PAPISID – Builds a profile of website visitor interests to show relevant and personalized ads through retargeting.
__Secure-3PSID – Builds a profile of website visitor interests to show relevant and personalized ads through retargeting.
__Secure-3PSIDCC – These cookies are used to deliver ads more relevant to you and your interests.
IDE – Advertising cookie that Google serves across the web; the main advertising cookie on non-Google sites is named ‘id’ or ‘IDE‘ and is stored in browsers under the domain doubleclick.net
DSID – The “DSID” cookie is used by Google to store user preferences and information on Google maps.
RUL – Cookies from DoubleClick help us track and analyse the performance of the ad campaigns we run on the web. They also help us identify on which webpages our ads appear.
This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers outside of the EEA.
- Take and fulfil customer orders
- Administer and enhance the site and service
- Only disclose information to third-parties for goods delivery purposes
- Any information stored by Food Alert is encrypted for your protection
Your personal identification information is used in a variety of ways, including, but not limited to, when you visit our website, place an order, subscribe to our newsletter and in connection with other activities, services, features or resources we make available on this site. You may be asked for, as appropriate, name, email address, mailing address, phone number etc. You may, however, visit our site anonymously. We will collect personal identification information from you only if you voluntarily submit such information to us.
Credit Card Information
Our payment processes are PCI DSS compliant. In order to process credit and debit card transactions, the bank or card processing agency may require to verify your personal details for authorisation. We do not store credit card information which is passed through directly to our payment service provider. Your information will not be transferred outside the EU for any other purpose.
We follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access in accordance with the GDPR regulations.
We will send emails to you, for the purpose of informing you of new products, offers and services. You may have consented to us sending you newsletters from time to time as part of the registration process. If you no longer wish us to be contacted please click here or unsubscribe from the Newsletter or email communications at firstname.lastname@example.org
You may opt out of this notification service by replying to the email that was sent with the word “unsubscribe” (without the quotes) in the subject line.
How we use your information
We will use your personal information to manage orders, provision of services, offers, surveys and newsletters you have requested. Specifically:
- To keep you informed of any special offers, company news, updates, product information or events that we believe might be of particular interest to you
- To administer and operate your account and to fulfill orders placed through our website
- For payment processing associated with the fulfilment of orders
- To respond to your customer service requests
- To track activity on our website
- For record-keeping purposes
- For market research
- To confirm your identification when you contact us
Food Alert’s Food poisoning allegations management
Food Alert advise businesses on food hygiene matters and we offer an investigation and management service to our clients for instances of alleged food poisoning. This service is provided under contract to our clients who will provide your details to us in order to investigate the allegation. We are a data controller for any data we collect and process in regards to the investigation. Our purpose for processing is to investigate the allegation and provide an outcome to you and our client and therefore we may collect special category data relating to any illness. We will share the outcome of our investigation with you and our client. Our legal basis for processing is consent (Article 6 1a & 9 2b) and we ask for your permission to undertake the investigation when we contact you. We will fully inform you of the process throughout, however you have the right to refuse consent or withdraw your consent at any time. We will retain the information for as long as we have a contract with our client, after which the information will be deleted in a timely manner. We do not intend to transfer your data out of the UK.
Where we process children’s data, we will generally discuss this with the parent or guardian unless the young person has capacity to understand the process.
Automated decision making
We do not undertake any automated decision, excluding Google Analytics, making using your data, nor do we use your data for profiling or any other investigative purposes.
Security of your data
We have taken all reasonable steps to ensure that we and our Data Processors adapt industry standard security protection systems to ensure the security of your data.
We have security procedures in place to ensure that we can effectively identify report, manage and resolve any personal data breaches.
We have procedures to deal with key data subject rights, like subject access requests and the right to request deletion.
We are reviewing our key third-party vendor arrangements to make sure we have the appropriate contractual protections in place to satisfy GDPR requirements.
We have an internal GDPR training program running across key areas of the business to increase awareness of how the legislation impacts their day-to-day roles.
We regularly review our data security procedures to ensure they are kept up-to-date.
Your rights under GDPR
The GDPR provides the following rights for individuals: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure – complete deletion of your personal data
- The right to restrict processing
- The right to data portability
- The right to object
You exercise your rights by submitting a Subject Access Request. If you would like to exercise any of your rights under GDPR and need assistance, please email our Data Protection Officer on email@example.com
Subject Access Request.
Under GDPR, individuals are entitled, subject to certain exceptions, to request access to information held about them. This is called a Subject Access Request.
Subject Access Requests should be made by email or in writing addressed to the Data Protection Officer (DPO) at firstname.lastname@example.org. The DPO can supply a standard request form, although you do not have to use this.
The information that you are entitled to is:
- What information the company holds about you and why
- How you can gain access to it.
- How to keep it up to date
- How the company is meeting its data protection obligations
The DPO will always verify the identity of anyone making a subject access request before handing over any personal information. The DPO will require photo ID and/or proof of address. Our aim to provide the relevant information to you within 30 days.
Your right to complain about us
If you are dissatisfied with our handling of your requests about the protection of your data you have the right to complain to the Information Commissioners Office (ICO). To report a concern to the ICO click this link.
By email: email@example.com
By letter: Data Protection Officer, Food Alert Limited, 1st Floor, 7-8 Savile Row, Mayfair, London W1S 3PE