Our Privacy Policy

Terms of use

©Copyright The Good Eating Company registered in England at; One Southampton Row, London‚ WC1B 5HA. Registered No: 03893038

Copyright

You may only download or print information from this site for non-commercial personal use. Partial or complete reproduction by electronic or mechanical means without The Good Eating Company’s expressed written consent shall be deemed counterfeiting and is illegal; The Good Eating Company website is distributed internationally and covers our worldwide business activities. As a result, some products or services may not be available in our country; this does not mean that The Good Eating Company is planning to make said products or service available in our country.

The Good Eating Company name and logo are registered trademarks in the UK and USA. All the branding listed on our website is also registered.

The Good Eating Company makes no warranty that the information on this site does not contain errors or inaccuracies and disclaims any liability. Information on this will be updated or supplemented periodically without prior notice. This page and all site pages are original works owned by The Good Eating Company

 

Governing Law

These terms and conditions are governed by and to be interpreted in accordance with English law and in the event of any dispute arising in relation to these terms and conditions or any dispute arising in relation to the website whether in contract or tort or otherwise, the English courts will have non-exclusive jurisdiction over such dispute.

 

Privacy Policy

The Data Controller is Sodexo Limited of One Southampton Row, London WC1B 5HA.  

The Good Eating Company ("We") are committed to protecting and respecting your privacy. 

Your privacy is very important to us.  We are committed to complying with any applicable legislation relating to Personal Data. This policy together with our terms of use set out the basis on which any personal data We collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

The Good Eating Company & Sodexo Limited is part of an international group of companies.  Our parent Company Sodexo SA was founded in 1966 in France and is now the worldwide leader in quality of life services. We provide on-site services, benefits and rewards services and personal and home services to many clients to improve quality of life.  We don’t routinely share Personal Data between our group companies and we’ve set out more details about when we do in the section titled “Disclosure of your Information”

 

The email for our local Data Protection contact is DataProtection.UKandIE@sodexo.com and our Group Data Protection Officer is dpo.group@sodexo.com

The Data Controller is Sodexo Limited of One Southampton Row, London WC1B 5HA

How we may collect data from you and how?

Explanation of the purposes which we may use your personal data

 

Contract and providing services

This means things like:
•    Carrying out our obligations arising from any contracts entered into between you and us, or a third party we are fulfilling a contract for. For example, sometimes we provide services for a corporate client for users of their service etc. 
•     Allowing you to participate in interactive features of our service, when you choose to do so.
•     To notifying you about changes to our service or that we have taken over a service/business.
•     To registering you as a new customer.
•    To processing and delivering your order, provide the service. This could include things like details of dietary requirements for guests if we are catering an event or assistance requirements for guests attending events.
•    To managing your relationship with us.

Legal Obligations 

This is things like keeping records for tax purposes and complying with statutory requirements when providing services to Consumers.

Legitimate Interests 

This means things like running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise, health and safety or security requirements such as managing CCTV. Where we manage CCTV on site a separate policy will set out details regards the CCTV used. 

It can also mean enabling you to participate in a prize draw, competition or complete a survey. Studying how customers use our products and services to develop our business. We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). For example, we may market an event to individuals who live near a venue based on the geographical data we hold about them. We only send electronic direct marketing communications to individuals if they have consented to us doing so.

IP Addresses and Cookies

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to us or our partners. This is statistical data about our users' browsing actions and patterns and does not identify any individual.


For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalised service.
They enable us:
•    To estimate our audience size and usage pattern.  
•    To store information about your preferences, and so allow us to customise our site according to your individual interests.  
•    To speed up your searches. 
•    To recognise you when you return to our site.


You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.


Find out more about our use of cookies 


Technical Data may be obtained from the following parties analytics providers such as Google based outside the UK and EEA

Where we store your personal data

The data that We collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once We have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Disclosure of your information

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 2006.  This information is not routinely shared. It may be shared for the provision of joint services, for example IT support, Legal advice, debt recovery or HR support. It may also be shared for statistical analysis. Where appropriate a data sharing agreement is put in place. In the unusual circumstance that personal data could be shared with a Group Company outside UK/EEA standard EU contractual clauses will be applied.

We may disclose your personal information to third parties:

•    If we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. 

•    If Sodexo Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.  

•    If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Sodexo Limited and/or its subsidiary and associated companies, our customers, or others or to assist with regulatory or criminal investigations. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. 

•    To fulfil a contract, for example where details have to be shared with a venue that has been booked, or where we provide onsite client services.

 

 

Your rights

GEC is committed to ensure protection of your rights under applicable laws. You will find below a table summarizing your different rights: 
 

Right of access

You can request access to your personal data. You may also request rectification of inaccurate personal data, or to have incomplete personal data completed. 

You can request any available information as to the source of the personal data and you may also request a copy of your personal data being processed by The Good Eating Company 


Right to be forgotten

Your right to be forgotten entitles you to request the erasure of your personal data in cases where:
(i)    the data is no longer necessary;
(ii)    you choose to withdraw your consent;
(iii)    you object to the processing of your personal data by automated means using technical specifications; 
(iv)    your personal data has been unlawfully processed;
(v)    there is a legal obligation to erase your personal data;
(vi)    erasure is required to ensure compliance with applicable laws.


Right to restriction of processing

You may request that processing of your personal data be restricted in the cases where:
(i)    you contest the accuracy of the personal data;
(ii)    GEC no longer needs the personal data, for the purposes of the processing;
(iii)    you have objected to processing for legitimate reasons.

Right to data portability

You can request, where applicable, the portability of your personal data that you have provided to GEC, in a structured, commonly used, and machine-readable format and you have the right to transmit this data to another Controller without hindrance from GEC where:
(a)    the processing of your personal data is based on consent or on a contract; and
(b)    the processing is carried out by automated means.
You can also request that your personal data be transmitted to a third party of your choice (where technically feasible). 

Right to object to processing including direct marketing

You can object to us using your Personal Data for direct marketing.  You can also contact us to object to how we are using your Personal Data for any other reason but we may not have to stop using it for this purpose.

Right to Withdraw Consent 

If We process your personal data on the basis of your consent, you can withdraw your consent at any time.

Right not to be subject to automated decisions

You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal affect upon you or significantly affects you. You have the right to object to processing including direct marketing.

Right to lodge a complaint

You can choose to lodge a Complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages. Personal Data
You have also the right to lodge your Complaint before the courts where the GEC entity has an establishment or where you have your habitual residence. 

 

You can also send your request by email to DSAR.UKandIE@sodexo.com, in writing to 310 Broadway, Salford, M50 2UE. The team will liaise with you about how you to contact you about your request and receive information.  Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.

If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.

Our site may, from time to time, contain links, plug-ins or applications to and from the websites of our group companies, partner networks, advertisers and affiliates. If you follow a link to any of these websites or enable these connections, please note that these websites have their own privacy policies and that We do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. 

Storage limitation and accuracy

GEC will keep Personal Data that is processed accurate and, where necessary, up to date. We only keep Personal Data for as long as necessary for the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements and, where required for Sodexo to assert or defend against legal claims, until approximately 6 months after the end of any relevant legal limitation period. If you want to learn more about our specific retention periods for your Personal Data established in our retention policy you may contact us at DataProtection.UKandIE@sodexo.com.  Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable and regulations.

Security of your personal data

We implement appropriate technical and organizational measures to protect Personal Data against accidental or unlawful alteration or loss, or from unauthorized, use, disclosure or access, in accordance with our Group Information and Systems Security Policy. 

We take, when appropriate, all reasonable measures based on Privacy by design and Privacy by default principles to implement the necessary safeguards and protect the Processing of Personal Data. We also carry out, depending on the level of risk raised by the processing, a Privacy impact assessment (“PIA”) to adopt appropriate safeguards and ensure the protection of the Personal Data. We also provide additional security safeguards for data considered to be Sensitive Personal Data.


European data protection law does not allow the transfer of Personal Data to third countries outside EEA that do not ensure an adequate level of data protection. Some of the third countries in which GEC operates outside EEA do not provide the same level of data protection as the country in which you reside and are not recognised by the European Commission as providing an adequate level of protection for individuals’ data privacy rights. 

For transfers of your Personal Data to such countries, either to entities within or outside GEC, GEC has put in place an adequate safeguard to protect your Personal Data. You will be provided with more information about any transfer of your Personal Data outside of Europe at the time of the collection of your Personal Data through appropriate privacy statements.  

For further information, including obtaining a copy of the documents used to protect your information, please contact us at Data.Protection.UKandIE@sodexo.com.

Changes to our privacy policy

Any changes We may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

Google Analytics and social media

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.

We use third party tool plugs on social media applications. For example, we use a third-party provider, Hootsuite, to manage our social-media interactions. If you send us a private or direct message via social media, it will be stored by Hootsuite for three months. It will not be shared with any third -party organisations. We see all this information and decide how we manage it. For example, if you send a message via social media that needs a response from us, we may process it as an enquiry or a complaint. We may use social media posts about us. We also use Facebook Insights and Twitter Analytics to monitor page performance.