Privacy Policy

We are Troia (UK) Restaurants Ltd trading as: The Ivy Collection, The Ivy Asia, Harry’s Dolce Vita, Harry’s Bar James Street, Brasserie of Light. Our sister brands are Caprice Holdings Ltd and Birley Club Group. This privacy notice has been adopted by each of Troia (UK) Restaurants Ltd, Caprice Holdings Ltd and Birley Club Group (collectively “Restaurant Group”, “we”, “us, “our”).

Troia (UK) Restaurants Ltd is your data controller in relation to locations including The Ivy Collection, The Ivy Asia St Paul’s, The Ivy West Street, Harry’s Dolce Vita, Harry’s Bar James Street, Brasserie of Light and Granary Square Brasserie.

CH Acquisition Ltd is your data controller in relation to locations including J Sheekey, J Sheekey Atlantic Bar, 34 Mayfair, Balthazar, Daphne’s, Le Caprice, Rivington Greenwich, Scott’s, Sexy Fish.

MBH Group Ltd is your data controller in relation to locations including Annabel’s, Mark’s Club, Harry’s Bar, Bath & Racquets Club and George.

We are committed to ensuring that your privacy is protected and understand the need for the protection of all personal information provided by you to us. This privacy notice is to state what personal information we collect about you, or that you provide to us, and why we collect it and what we do with it. If you have any questions about our privacy notice or for any other data protection enquiries, please do get in touch with us by using the details in the ‘How do you contact us’ section.

 

QUICK GUIDE TO CONTENTS

What personal information do we collect about you? How do we use your personal information?

How long do we keep your personal information for? Who do we share your personal information with?

What happens if you do not provide us with the information we request? Do we make automated decisions concerning you?

Do we use cookies to collect personal data about you? Do we transfer your personal information outside the UK? What are your rights?

How will we contact you?

How do you contact us or get more help? Children’s data

How will you know if we change this privacy notice?

Further information or complaints in relation to the processing of your personal data

 

1. WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?

1.1 Types of personal information

We collect and use many different kinds of personal information to provide our dining experiences and services. The personal information we may collect about you is listed below so you can see what we may know about you.

1.1.1 Contact Details: Your first and last name, phone number, address and postcode, and how to contact you, including your email address;

1.1.2 Age: Your date of birth and/or age;

1.1.3 Demographic data and preferences: Your gender and preferred restaurant site;

1.1.4 Communications: What we learn about you from communications and conversations between us including reservations and information necessary to fulfil your special requests, feedback, gift cards, a summary of any problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving an issue submitted to our customer support;

1.1.5 Usage: Usage data about how you use our website, app, products and services, including your display name and profile photo if applicable; Technical: Details on the devices and technology you use, including your location;

1.1.6 Dietary preferences: Details about your dietary preferences, allergies and other health-related information;

1.1.7 Membership information: Details about your membership, benefits and rewards;

1.1.8 Financial: Your credit card details, billing address, and bank account information;

1.1.9 Contractual data: Details about any products or services that we may provide for you;

1.1.10 CCTV: Information provided through CCTV recordings at our restaurants.

1.2 Providing personal data belonging to others. If you provide the personal information of anyone other than yourself (e.g. your family members or friends), you are responsible for informing that person that we are collecting their personal information and for ensuring that you have valid permission to provide such personal information to

1.3 Where we collect your personal information from

Generally, we collect and process your information in the following ways:

1.3.1 Information you give us

a) When you make a reservation at the Restaurant Group;

b) When you purchase gift vouchers;

c) When you visit or make transactions on our website or app or in the establishments that we own or manage;

d) When you respond to our promotions, or subscribe to our mailing lists;

e) When you participate in competitions, contests or games organised by us;

f) When you attend events or functions organised by us, or conducted at our establishments, for example, property launches, private dining, ticketed events and hosted events, promotional and marketing events and other social events;

g) When you use our services (or express an interest in doing so) including services and transactions in respect of properties that we own or manage;

h) When you communicate with us by telephone, email, via our website or through other communication channels, for example, through social media platforms;

i) When you visit our website or app, or register a user account with our website or mobile applications;

j) When we seek information about you and receive your personal data in connection with your relationship with us; and

k) When you submit your personal data to us for any other reason.

1.3.2 Information we collect automatically when you use our services

a) Payment and transaction

b) Profile and usage This includes:

i) your IP address;

ii) the security details you create and use to connect to our services;

iii) your settings and marketing choices;

iv) data we gather from devices you use to connect to our online services; and

v) data we gather from cookies we use and other internet tracking software whilst you are using our website or mobile device For more information please refer to our cookie policy

1.3.3 Information we receive from third parties

a) Our business partners such as tour operators, booking agencies, reservation systems and third parties providing advertising, marketing and promotional services to us;

b) Social networks;

c) Event organiser for private dining;

d) Family members or friends who provide your personal information to us on your behalf; and/or

e) Public agencies or other public

1.3.4 Security

When your images are captured by us via CCTV cameras while you are within the restaurants, or when photographs or videos of you are taken when you attend events or functions organised by us.

 

HOW DO WE USE YOUR PERSONAL INFORMATION?

1.3.5 From time to time, we may include links on our website and app to third-party websites. Please pay attention when you connect to these websites and read their terms and conditions of use and privacy notices carefully. We do not control or monitor such websites or their web content. This privacy notice does not apply to any third-party websites and we are not responsible for the content, privacy notices, or processing of your personal data while you are visiting any third-party websites.

The website and app may include social media features and widgets, such as the Facebook Like button, the Share This button or interactive mini-programs that run on the website and app. These features may collect your IP address and which page you are visiting on our website and app, and may set a cookie or other identifier to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website or app. Your interactions with these features are governed by the privacy notice of the company providing it, and we are not responsible for the processing of your personal data by these third parties.

 

2. HOW DO WE USE YOUR PERSONAL INFORMATION?

2.1 We collect and process your personal information for several purposes. The law states that for each purpose we must explain to you what legal grounds we are using to justify our processing. When we process your personal information we will have one or more of the following reasons:

2.1.1 To provide a requested service or carry out a contract with you;

2.1.2 Where we have a legal obligation;

2.1.3 Where we have a legitimate interest;

2.1.4 Where we have your consent.

2.2 When we have a business or commercial reason of our own to use your personal information, this is called a “legitimate interest”. Where we rely on legitimate interest for processing your information, we carry out a ‘balancing test’ to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interests, before we go ahead with such processing. If you have any questions about the lawful bases upon which we collect and use your personal data, you can get in touch with us by using the details in the ‘How do you contact us’ section.

2.3 Here are the legal grounds for processing your personal information that is relevant to us:

2.3.1 To provide a requested service or carry out a contract with you

a) To manage our relationship and communicate with you;

b) To process your payments, if you purchase our products such as gift vouchers, to provide you with order updates and deal with your enquiries;

c) To authenticate the identity of individuals contacting us by telephone, electronic means or otherwise;

d) To administer and manage your account and associated services including updating your records and answering your queries;

e) To manage how we work with other companies that provide services to us and our customers; and

f) To exercise our rights set out in agreements and contracts.

g) To process a payment, including sharing your personal data with certain third-party service suppliers such as payment service providers.

2.3.2 Where we have a legal obligation

a) To comply with laws and regulations that apply to us;

b) As part of our efforts to keep our website and app safe and secure;

c) To establish, defend and enforce our legal rights; and

d) To deal with requests from you to exercise your rights under data protection

2.3.3 Where we have a legitimate interest

a) To manage our relationship with you;

b) For internal training and quality assurance purposes;

c) To administer and manage your account and associated services including updating our records and your membership profile;

d) To manage and audit our business operations including accounting;

e) To run our business in an efficient and proper way. This includes troubleshooting and managing our financial position, business capability, IT and governance requirements;

f) To develop and carry out marketing activities, where appropriate;

g) To study how our customers use products and services from us and other members of our Restaurant Group;

h) For security and safety purposes, in connection with the restaurants that we own or manage, or events organised by us or conducted at our restaurants;

i) For compliance with internal policies and procedures, including audit, accounting, risk management and record keeping;

g) For carrying out research and statistical analysis, including the development of new products and services or evaluation and improvement of our existing products and products and services;

2.3.4 Where we have your consent

a) To develop and carry out marketing activities such as informing you of our or of any member of our group’s latest activities, activations and promotions;

b) To study how our customers use products and services from us and other members of our group;

c) To communicate with you about our products and services;

d) We may also from time to time ask you for your consent for other purposes, which we will explain to you at that time.

 

3. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?

3.1 We will keep your personal information for as long as is necessary for us to use your information for the purposes described above in the section above about “How do we use your personal information”. We may keep your data for up to 3 years after your last interaction with us. The reasons we may do this are:

3.1.1 To respond to a question or complaint, or to show whether we gave you fair treatment.

3.1.2 To study customer and member data as part of our own internal research.

3.1.3 To comply with rules that apply to us about keeping records.

3.1.4 Our contractual obligations and rights in relation to the information you have provided to us.

3.1.5 Our legitimate interests where we have carried out a balancing test.

3.1.6 Statute of limitations under applicable law(s).

3.1.7 If you have made a request to have your information corrected if it’s inaccurate or incomplete.

3.1.8 Guidelines issued by relevant data protection

3.2 We may also keep your data for longer if we cannot delete it for legal or regulatory reasons, such as retaining the information for tax and accounting

3.3 After this time, we will either securely erase or anonymise your information where we no longer have a legitimate reason for keeping If this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

3.4 Your personal information is important to us and we will make sure your privacy is

3.5 After termination of your account, we may continue to use anonymised data (which does not identify individual users) which is aggregated with anonymised data of other users. We use this aggregated anonymised data for data analysis, profiling and research purposes, for example, to gain insights about our users. We may also keep your email address to ensure that you no longer receive any communications from us as well as your name, date of birth and latest address for fraud prevention purposes and for the exercise or defence of a legal enquiry.

 

4. WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH?

4.1 We may share your personal information with other parties in order to provide you with products and services, run our business and comply with regulations that apply to us. These include the following:

4.1.1 We may share your personal information within the Restaurant Group, primarily for business and operational purposes. As we continue to develop our business, we may sell or purchase If another entity acquires us or merges with us your personal information will be disclosed to such entity. Also, if any bankruptcy or reorganisation proceeding is brought by or against us, all such information will be considered an asset of ours and as such it is possible it will be sold or transferred to third parties.

4.1.2 We may share your personal information with third parties who perform functions on our behalf and who also provide services to us, such as professional advisors, social media networks, data management companies, digital agencies, reservation booking platforms, gift voucher solutions providers, CRM software providers and IT consultants carrying out testing and development work on our business technology systems and function co-ordinators. These third parties comply with similar and equally stringent undertakings of privacy and confidentiality and your information may be shared with third parties on an anonymised basis.

4.1.3 We may also share your personal information with our appointed representatives in connection with a contracted transaction between you and us, including solicitors. These third parties comply with similar and equally stringent undertakings of privacy and confidentiality.

4.1.4 We may also share your personal information with the following organisations:

a) Agents and advisers who we use to help run our business and explore new ways of doing business;

b) Companies that introduce you to us;

c) Companies that we introduce you to;

d) Companies you ask us to share your data

4.2 Where required we may also share your personal information with third parties to comply with a legal obligation; to enforce or apply our Terms of Service [Terms of Service of the website and app] or other agreements when we believe in good faith that an applicable law requires it; at the request of governmental authorities conducting an investigation; to detect and protect against fraud, or any technical or security vulnerabilities; to respond to an emergency; or otherwise to protect the rights, property, safety, or security of third parties, visitors to the our website, our business or the public.

5. WHAT HAPPENS IF YOU DO NOT PROVIDE US WITH THE INFORMATION WE REQUEST OR ASK THAT WE STOP PROCESSING YOUR INFORMATION?

5.1 If you do not provide the personal information necessary, or withdraw your consent for the processing of your personal information, where this information is necessary for us to provide services to you, we will not be able to provide these services to you and your party.

 

6. DO WE MAKE AUTOMATED DECISIONS CONCERNING YOU?

6.1 No, we do not carry out automated decisions concerning you.

 

7. DO WE USE COOKIES TO COLLECT PERSONAL DATA ABOUT YOU?

7.1 We and our service providers collect information about your use of our website and app from cookies, beacons, tags, scripts, and other similar technologies to distinguish you from other users and to analyse trends, administer our website and app, track users’ movements, and gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies on an individual and aggregated basis. See our cookie policy here [https://ivycollection.com/cookie-policy/] for more information.

 

8. DO WE TRANSFER YOUR PERSONAL INFORMATION OUTSIDE THE UK?

8.1 The personal data that we collect or receive about you may be transferred to and processed by recipients who are located inside or outside the UK. We will take all necessary measures to ensure that transfers out of the UK are adequately protected as required by applicable data protection laws.

WITH RESPECT TO DATA TRANSFERS TO COUNTRIES NOT PROVIDING AN ADEQUATE LEVEL OF DATA PROTECTION, WE RELY ON APPROPRIATE SAFEGUARDS, SUCH AS STANDARD DATA PROTECTION CLAUSES ADOPTED BY A RELEVANT REGULATOR OR SUPERVISORY AUTHORITY, APPROVED CODES OF CONDUCT TOGETHER WITH BINDING AND ENFORCEABLE COMMITMENTS OF THE RECIPIENT, OR APPROVED CERTIFICATION MECHANISMS TOGETHER WITH BINDING AND ENFORCEABLE COMMITMENTS OF THE RECIPIENT. YOU CAN ASK FOR A COPY OF SUCH APPROPRIATE SAFEGUARDS BY CONTACTING US AT [email protected].

 

9. WHAT ARE YOUR RIGHTS?

9.1 By law, you have a number of rights when it comes to your personal information. Please contact us here to exercise any of your rights. Further information and advice about your rights can be obtained from the UK data protection regulator, Information Commissioner’s Office, whose contact details can be found below in the section “Further information or complaints in relation to the processing of your personal data”

 

 

Right What does this mean?
1. The right to object to processing You have the right to object to certain types of processing, including processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
2. The right to be informed You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this privacy notice.
3. The right of access You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this privacy notice).

This is so you’re aware and can check that we’re using your information in accordance with data protection law.

4. The right to rectification You are entitled to have your information corrected if it’s inaccurate or incomplete.
5. The right to erasure This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.

 

6. The right to restrict processing You have rights to block or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be blocked to make sure the restriction is respected in future.
7. The right to data portability You have rights to obtain and reuse your personal information for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
8. The right to lodge a complaint You have the right to lodge a complaint about the way we handle or process your personal information with your national data protection regulator. You can find more details on how to do this below in the section “Further information or complaints in relation to the processing of your personal data”.
&
9. The right to withdraw consent
If you have given your consent to anything we do with your personal information, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal information with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal information for marketing purposes.

9.2 We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:

9.2.1 baseless or excessive/repeated requests, or

9.2.2 further copies of the same

9.2.3 Alternatively, we may be entitled to refuse to act on the request.

9.3 Please consider your request responsibly before submitting it. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.

 

10. HOW WILL WE CONTACT YOU?

10.1 We may contact you by phone or email. If you prefer a particular contact means over another please just let us us know.

 

11. HOW CAN YOU CONTACT US OR GET MORE HELP?

11.1 If you have any questions, comments or requests about this privacy notice, or would like to exercise any of your rights, please contact us by writing to us at the address below:

11.1.1 Email: [email protected] 

11.2 If you are unhappy about any aspect of the way we collect, share or use your personal information, please let us know using the contact details

11.3 You also have a right to complain to the Information Commissioner’s Office. Please find more information on how to do that below in the section “Further information or complaints in relation to the processing of your personal data”.

 

12. CHILDREN’S DATA

12.1 Our website and app are intended for users who are 16 years old or older and we do not knowingly collect personal information from children under 16 years of

12.2 If you are under 16 years old, please obtain consent from your parent or guardian before you submit any personal information to us. If you are a parent or guardian of a child and you have reason to believe your child or ward that is below 16 years of age has provided us with their personal information without your prior consent, please contact us to request for erasure of their personal data or for the minor to be unsubscribed from our mailing lists.

12.3 If we become aware that we have inadvertently received personal information from a child below 16 years of age, we will delete such information from our databases.

 

13. HOW WILL YOU KNOW IF WE CHANGE THIS PRIVACY NOTICE?

13.1 We may need to make changes to this privacy notice at any time. Please check back frequently to see any updates or changes to our privacy notice. The changes will go into effect on the “Last updated” date shown in the revised privacy notice. If we make any material change to how we collect your personal information, or how we use or share it, we will update the privacy notice on our website and app, and we will inform you of these changes by our normal means of communicating with you, including by email or by post.

 

14. FURTHER INFORMATION OR COMPLAINTS IN RELATION TO THE PROCESSING OF YOUR PERSONAL DATA

If you would like further information or have a complaint in relation to the processing of your personal data, please feel free to contact us at [email protected].

If you are not satisfied with our response to a complaint you have made, or think we are not complying with data protection laws, you can make a complaint to the UK data protection regulator who can be contacted as set out below:

For information about taxation, please click here.

Last updated: 24th July 2023