Privacy Policy

Introduction

This privacy policy describes how Sweet and Sour Bakehouse protects and makes use of the information you give us when you request services from us, in line with the General Data Protection Regulation 2018. If you are asked to provide information to us, it will only be used in the ways described in this policy.

We may update this policy from time to time so please check this policy on our website occasionally to ensure that you’re happy with any changes. When you request services from us, you’re agreeing to be bound by this policy.

This privacy policy was last updated on: 5th July 2022

If you have any questions about this policy, please email: bakery@sweetandsourbakehouse.co.uk

What data we gather

We may collect the following information in order to provide the services you request:

  • Name
  • Contact information including email address, postal address and phone number
  • Relevant information about how to access your property in order to deliver products to you
  • Bank account details (should we need to process refunds directly to you)
  • Website usage data
  • Financial transactions made through PayPal or WooCommerce, third party processors who specialise in the secure online capture and processing of financial transactions, are held by them and not by Sweet and Sour Bakehouse.

How we use this data

The data we gather in this way is used to ensure we can deliver our services to you including to:

  • Fulfil orders
  • Contact you in response to a specific enquiry
  • Carry out our obligations arising from any contracts entered into by you and us
  • Send you communications about our business which are essential for us to fulfil our obligations to you and, if you have requested them, updates about our business.

We review our retention periods for personal information on a regular basis. We will hold your personal information on our systems for as long as is necessary for the relevant activity as set out in our data protection policy, or as long as is set out in any relevant agreement you hold with us.

Who has access to your information?

We will not sell or rent your information to third parties.

We will not share your information with third parties for marketing purposes.

Third Party Service Providers working on our behalf:

We may pass your information to our third party service providers for the purposes of completing tasks and providing services to you on our behalf (for example PayPal to process payments). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes.

PayPal

Financial transactions made through this website are made via PayPal, a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. This means Leeds Bread Co-op will not receive or store any of your financial information. If you have any questions regarding secure transactions, please contact us, or to read more about how PayPal stores and uses your information, click here for the full PayPal Privacy Policy.

WooCommerce

Financial transactions made through this website are made via PayPal, a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. This means Leeds Bread Co-op will not receive or store any of your financial information. If you have any questions regarding secure transactions, please contact us, or to read more about how PayPal stores and uses your information, click here for the full WooCommerce Privacy Policy.

Google Analytics

Our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.  Further information about Google’s privacy policy may be obtained from http://www.google.com/privacy.html.

WordPress

Our website collects data relating to bread subscriptions which is processed and stored securely through our servers and through the use of Cookies. Our website operates using WordPress. Click here to see WordPress’s Privacy Policy.

Woocommerce

Our online shop operates using Woocommerce. In order to process your purchases through Woocommerce we collect your name, phone number, billing address, and order details. Your credit card number and security code are not stored on the website. Woocommerce payment gateway plugins are designed to ensure credit card data never enters or passes through your website’s database. For more information please click here

iZettle and Stripe

We use iZettle (Terminal) and Stripe to take card payments in the bakery shop. We do not retain any of your card details, and if you opt to have an email receipt sent to you, we do not add your email address to a mailing list. To read iZettle’s Privacy Policy, please click  here:

https://www.izettle.com/gb/privacy-policy

https://stripe.com/gb/privacy

Security precautions in place to protect the loss, misuse or alteration of your information

We don’t ask you for personal information unless we truly need it. When you share your personal information with us, we take steps to ensure that it’s treated securely. We follow stringent procedures to ensure we work with all personal data in line with the General Data Protection Regulation 2018. We don’t store personal information on our servers unless required for the on-going operation of our services. We have taken all reasonable steps to ensure that access to the data held on these servers is limited to those members of staff who need your information as part of their role at Sweet and Sour Bakehouse. Everyone who works in our bakery is expected to work within GDPR guidelines.

How you can access and update the information we hold about you

We will never lease, distribute or sell your personal information to third parties except to comply with the law, develop our products, or protect our rights. Any personal information we hold about you is stored and processed under our data protection policy, in line with the General Data Protection Regulation 2018.

The accuracy of your information is important to us. If you change your contact details, or any of the other information we hold about you or your organisation, please email us at: bakery@sweetandsourbakehouse.co.uk or text us at tel:+447568789492

You have the right to ask for a copy of the information Sweet and Sour Bakehouse holds about you, known as making a Subject Access Request (we may charge £10 for information requests to cover our costs in providing you with these details). To do this, email: bakery@sweetandsourbakehouse.co.uk or text us tel:+447568789492

You have the right to have personal data erased if we are no longer required to hold it by law. To make such a request, email bakery@sweetandsourbakehouse.co.uk or text us tel:+447568789492