Privacy Policy of Canopy Cuisine

Canopy Cuisine is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our site, use our services, or interact with us. This policy applies to all services offered by Canopy Cuisine, including bespoke catering for events, corporate functions, private dining, themed menus, sustainable ingredient sourcing, and event planning consultation.

1. Information We Collect

We collect various types of information in connection with the services we provide, which may include personal data. Personal data is information that can be used to identify you directly or indirectly.

1.1. Personal Data You Provide Directly To Us:

When you inquire about our services, request a quote, make a booking, or otherwise communicate with us, you may provide us with the following personal information:

• Contact Information: Your name, email address, phone number, and physical address.
• Event Details: Information related to your event, such as date, time, location, number of guests, dietary requirements (e.g., allergies, intolerances, dietary preferences), and specific service requests.
• Payment Information: While we do not directly store credit card details on our servers, we collect billing address and other transaction details for processing payments through secure third-party payment processors.
• Communication Content: Any information you provide in your communications with us, including emails, calls, and messages.

1.2. Information Collected Automatically:

When you visit our site, we may automatically collect certain information about your device and browsing activity:

• Log Data: Your IP address, browser type, operating system, referring URLs, pages viewed, and the dates/times of your visits.
• Cookies and Tracking Technologies: We use cookies and similar tracking technologies to track activity on our service and hold certain information. These are used to improve user experience, analyze site usage, and for marketing purposes.

2. How We Use Your Information

We use the information we collect for various purposes, including:

• Providing and Managing Services: To deliver our catering services, process bookings, manage events, and fulfill our contractual obligations.
• Communication: To respond to your inquiries, send service-related updates, confirmations, invoices, and provide customer support.
• Personalization: To tailor our menus and service offerings to your specific preferences and dietary requirements.
• Improvement of Services: To analyze how our site and services are used, identify trends, and improve our offerings and user experience.
• Marketing: To send you promotional materials, newsletters, or information about new services and special offers, where you have consented to receive such communications.
• Compliance and Legal Obligations: To comply with legal obligations, resolve disputes, and enforce our agreements.

3. Legal Basis for Processing Personal Data (GDPR)

Our legal basis for collecting and using the personal data described in this Privacy Policy depends on the personal data we collect and the specific context in which we collect it:

• Performance of a Contract: We need to process your personal data to perform a contract with you or to take steps at your request before entering into a contract.
• Consent: We may process your data when you have given us explicit consent to do so for a specific purpose. You can withdraw your consent at any time.
• Legitimate Interests: We may process your data when it is necessary for our legitimate interests, provided these interests do not override your rights and freedoms. This includes improving our services, preventing fraud, and ensuring the security of our operations.
• Legal Obligations: We may process your data to comply with legal obligations or regulatory requirements.

4. Disclosure of Your Information

We may share your personal data with third parties in the following situations:

• Service Providers: We may share your information with trusted third-party service providers who assist us in operating our business (e.g., payment processors, IT support, analytics providers, marketing services). These providers are contractually obligated to protect your data and only use it for the purposes for which it was shared.
• Event Partners: For certain events, we may collaborate with other event professionals (e.g., venue providers, florists, entertainment). We may share relevant information with them to facilitate event coordination, but only with your explicit consent or if necessary for the performance of our contract with you.
• Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).
• Business Transfers: In the event of a merger, acquisition, or asset sale, your personal data may be transferred to the acquiring entity.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

6. Your Data Protection Rights (GDPR)

Under certain circumstances, residents of the European Economic Area (EEA) and the UK have the following data protection rights:

• The right to access: You have the right to request copies of your personal data.
• The right to rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
• The right to erasure: You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing: You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. To exercise any of these rights, please contact us using the contact details provided below.

7. Security of Your Information

We implement appropriate technical and organizational measures designed to protect the security of any personal data we process. However, please be aware that no security system is impenetrable, and we cannot guarantee 100% security of our systems. We strive to protect your personal data, but transmission of information over the internet is not entirely secure and you do so at your own risk.

8. Third-Party Websites

Our site may contain links to third-party websites that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. We advise you to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

10. Contact Us

If you have any questions about this Privacy Policy, your data, or would like to exercise one of your data protection rights, please contact us:

• By Post: Canopy Cuisine, Essex Road, London, City of, N1 3PR, United Kingdom

You also have the right to lodge a complaint with a supervisory authority, particularly in the country where you reside, work, or where allegedly an infringement of the General Data Protection Regulation occurred.