PRIVACY NOTICE
Important notice
​
This is the Privacy Notice of 63rd+1st which is a trading name of Thursdays (UK) Limited (company number 06034603) whose registered office is at Grant House, 101 Bourges Boulevard, Peterborough, PE1 1NG (“we”, “us” or “our”) and sets out how we collect and process your personal data. This Privacy Notice also provides certain information that is legally required and lists your rights in relation to your personal data.
​
This Privacy Notice relates to personal data that identifies “you” meaning our guests, suppliers or individuals who browse our website or use our mobile application, My 63rd+1st (the “App”) and other individuals outside our organisation with whom we interact. However, if you are an employee, or otherwise engaged in work for us or applying to work for us, a separate privacy notice applies to you instead.
​
We refer to this information throughout this Privacy Notice as “personal data” and paragraph 3 sets out further detail of what this includes.
This Privacy Notice applies to our website, online experiences including our chat bot and our App and describes how we collect, use and disclose your personal data when you visit these or our restaurants, or otherwise engage with us.
​
Please read this Privacy Notice to understand how we may use your personal data.
​
This Privacy Notice may vary from time to time so please check it regularly. This original version was published on 10th December 2020.
How to contact us
Data controller and contact details
For the purposes of relevant data protection legislation, we are the controller of the personal data you provide to us and as a controller we use the personal data we hold on you in accordance with this Privacy Notice.
​
If you wish to correct your personal data held by us or to opt out at any time from receiving marketing correspondence from us or to alter your marketing preferences, please contact dpm@tgifridays.co.uk . To update your marketing preferences or opt out of receiving marketing communication, you can access the preference centre by clicking the link which appears at the bottom of our marketing emails.
​
If you need to contact us in connection with our use of your personal data or gain access it, then please direct your query by email to dpm@tgifridays.co.uk
​
Data Protection Officer
Our Data Protection Manager can be contacted at dpm@tgifridays.co.uk or je.dataprotection@tgifridays.je for Jersey.
​
Categories of personal data we collect
The categories of personal data about you that we may collect are:
​
Individual Data which includes personal data you provide to us in person, via our website, App, through our social media channels or by telephone, including the personal and contact details (such as your first name, middle name, last name, username or similar identifier, title, date of birth, anniversaries and gender, billing address, delivery address, email address and telephone numbers) you supply when booking a table at one of our restaurants, using our App and when you contact us to pay a compliment, make a complaint or ask a general enquiry.
​
Audio and Visual Data which includes personal data which is gathered using our CCTV or other recording systems in the form of images or video footage that is taken at one of our restaurants or otherwise by us for promotional purposes;
​
Account and Profile Data which includes personal data which relates to your account or profile on our website or App, such as your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
​
Advertising and Marketing Data which includes personal data which relates to your marketing preferences, such as information about your preferences in receiving marketing materials from us and our third parties and your communication preferences as well as your personal interests;
​
Sales Data which includes personal data which relates to the transactions you have conducted with us, such as details about payments to and from you, receipt barcodes, details of subscriptions to our services or publications and other details of products and services you have purchased from us;
​
Economic and Financial Data which includes personal data which relates to your finances, such as your bank account and payment card details and information which we collect from you for the purposes of the prevention of fraud;
​
Advertising and Market Research Data which includes personal data which is gathered for the purposes of market research;
​
Information Technology Data which includes personal data which relates to your use of our website and App, such as your internet protocol (IP) address, login data, traffic data, weblogs and other communication data, browser type and version, time zone setting and location including geo location (see Location Data below), browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website or App;
​
Location Data which includes personal data which relates to your current location disclosed by GPS technology when you consent on the App to your Location Data being collected us and our third party providers; and
​
Health Data which includes personal data which is gathered for health and safety purposes including any accident report or claim log or any information you provide about allergies or other medical conditions during the booking process or in one of our restaurants.
​
We may also create personal data about you, for example, if you contact us by telephone to make a complaint, for example about our services or goods, then we may make a written record of key details of the conversation so that we can take steps to address the complaint.
​
We also obtain and use certain aggregated data such as statistical or demographic data for any purpose (“Aggregated Data”). Aggregated Data may be derived from your personal data but does not directly or indirectly reveal your identity. For example, we may aggregate some of your Information Technology Data operational data to calculate the percentage of users accessing a specific feature on our website. However, if we re-combine or re-connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.
​
In addition, we may obtain certain special categories of your data (“Special Categories of Data”), and this Privacy Notice specifically sets out how we may process these types of personal data. The Special Categories of Data are: (i) personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; and (ii) the processing of genetic data, biometric data for the purposes of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
​
We do not collect information about criminal convictions and offences.
​
The sources from which we obtain your personal data
We obtain your personal data from the following sources:
- Directly from you, either in person (at our restaurants or otherwise), via our website, App, social media channels, or by email or telephone. This could include personal data which you provide when you:
- make a reservation for one of our restaurants;
- create an account on our App and/or engage with the App;
- request information on our services or products or for other marketing to be sent to you;
- enter into a competition or promotion;
- complete a survey from us or give us feedback; and
- when you visit any of our restaurants.
- Automated technologies, such as CCTV or other recording systems, cookies, server logs and other similar technologies. We may automatically collect Information Technology Data about your equipment, browsing actions and patterns by using cookies, server logs and other similar technologies. We may also receive Information Technology Data about you if you visit other websites employing our cookies. Please see our cookie policy for further details. Audio and Visual Data may be collected on you if you attend any of our restaurants for security purposes.
​
Third parties, such as:
- from external providers of Wi-Fi which you give your name and contact details to when accessing Wi-Fi at one of our restaurants;
- our provider of guest feedback;
- from our provider of online reservations at our restaurants when you make a booking for one of our restaurants;
- analytics providers (such as Google based outside the EU);
- providers of technical, payment and food delivery services (such as Verifone, mastercard, Wireless Social);
- developer of our App;
- providers of social media platforms (such as Facebook, Twitter and Instagram) for example where you share our content through social media, for example by liking us on Facebook, following or tweeting about us on Twitter.
​
Publicly available sources, (mainly for our suppliers if applicable) such as:
Companies House; and Dunn and Bradstreet.
​
How we use your personal data & our basis for using it
Where we are relying on a basis other than consent
​
We may rely on one or more of the following legal bases when processing your personal data. We have set out the purposes for which we may process your personal data: Click here to download the pdf.
​
In addition, we may lawfully process Special Categories of Data in certain ways. We set these out along with the linked purposes for which we can process these Special Categories of Data: Click here to download the pdf.
​
Where we may rely on consent
​
We would like to use the personal data you provide to us for a variety of different purposes. For certain of these purposes, it is appropriate for us to obtain your prior consent. These are as follows:
- where, in the provision of our products and services to you, we need to use the Special Categories of Data that you provide to us relating to your health (where for example you have notified on your booking or otherwise informed us that you suffer from a dietary requirement such as an allergy);
- where we would like to use photos or images taken of you in promotional materials;
- where we or our carefully selected third parties have new products and services which we think you will be interested in; or
- where we would like to use your Location Data in the interests of providing you with a more personalised service and enhanced guest experience. We may use your Location Data to provide personalised content and advertising and to allow you to view offers available to you based on your location which we may provide to you by way of push notifications.
​
The legal basis of consent is only used by us in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way. You may at any time withdraw the specific consent you give to our processing your personal data by following the UNSUBSCRIBE link at the bottom of the marketing email or by contacting dpm@tgifridays.co.uk or by not providing your consent to the processing of your Location Data on the App or by withdrawing your consent at any time by disabling Location Data in your settings.
​
Please note even if you withdraw consent, we may rely on another basis to process your personal data.
​
Who receives the personal data you provide to us
We may disclose the personal data you provide to us to:
- our group companies and affiliates or third-party data processers who may process data on our behalf to enable us to carry out our usual business practices. Any such disclosure will only be so that we can process your personal data for the purposes set out in this Privacy Notice;
- our PR agency, the developer of our App and guest feedback;
- HMRC, legal and other regulatory authorities, including those who request your personal data or to report any potential or actual breach of applicable law or regulation;
- external professional advisers such as accountants, auditors, bankers, insurers and lawyers;
- law enforcement agencies, courts or other relevant party, to the extent necessary for the establishment, exercise or defence of legal rights;
- third parties where necessary for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties;
- third parties which are considering or have decided to acquire some or all of our assets or shares (including in the event of a reorganisation, dissolution or liquidation);
- third parties operating plugins or content on our website and on our App which you choose to interact with.
​
International transfers of personal data
It is possible that personal data we collect from you may be transferred, stored and/or processed outside the European Economic Area, including United States of America.
​
In connection with such transfers we rely on the following:
The relevant safeguard in place is the standard data protection contractual clauses between us and the recipient and a copy can be obtained by e.g. contacting our Data Protection Manager at the details above; or this is made on the basis of an adequacy decision, namely: the Privacy Shield for transfers to the US or the European Commission has decided that the relevant non-EU country ensures an adequate level of protection.
​
How long we will STORE your personal data for
We will store your personal data for the time period which is appropriate in accordance with our data retention policy. We will only hold your personal data for so long as is necessary for us to do so. We keep the length of time that we hold your personal data for under continual review. These reviews take place annually.
​
Contractual or statutory requirements on you to provide personal data
In certain circumstances the provision of personal data by you is a requirement to comply with the law or a contract, or necessary to enter into a contract.
​
It is your choice as to whether you provide us with your personal data necessary to enter into a contract or as part of a contractual requirement. If you do not provide your personal data, then the consequences of failing to do so may mean that we are unable to fulfil your order or accept a reservation or we may not be able to perform to the level you could otherwise expect. For example where you fail to notify us of any relevant food intolerance or allergy when placing an order which means we cannot take this into account when preparing your food order and you must bear the risk of any consequences as a result or where you fail to modify your marketing preferences (e.g. falling to notify us that you are vegetarian and as a result you continue to receive marketing material about our meat related products).
​
Accuracy of your personal information
It is important that the personal data we hold about you is accurate and current. and we take all reasonable precautions to ensure that this is the case but we do not undertake to check or verify the accuracy of personal data provided by you. Please keep us informed if your personal data changes during your relationship with us either by logging onto your account on the website, on the App or by contacting us.
We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
Your rights in relation to your personal data
Subject to applicable law including relevant data protection laws, in addition to your ability to withdraw any consent you have given to our processing your personal data (see paragraph 5), you may have a number of rights in connection with the processing of your personal data, including: the right to request access to your personal data that we process or control; the right to request rectification of any inaccuracies in your personal data or, taking into account the purposes of our processing, to request that incomplete data is completed; the right to request, on legitimate grounds as specified in law: erasure of your personal data that we process or control or restriction of processing of your personal data that we process or control; the right to object, on legitimate grounds as specified in law, to the processing of your personal data; the right to receive your personal data in a structured, commonly used and machine-readable format and to have your personal data transferred to another controller, to the extent applicable in law; and the right to lodge complaints regarding the processing of your personal data with the Information Commissioner’s Office. Please see https://ico.org.uk/concerns/ for how to do this.
​
If you would like to exercise any of the rights set out above, please contact us using the contact details set out in paragraph 2.
Links to other websites
This policy only applies to Thursdays (UK) Limited. If you link to another website from our website or the App, you should remember to read and understand that website’s privacy policy as well. We are not responsible for any use of your personal data that is made by unconnected third party websites.