Privacy Policy
1. Introduction
This Privacy Policy outlines how we collect, use, store, and protect your personal information when you interact with the services, features, and content provided via our website, thelidodeckrestaurant.com. We are wholly committed to safeguarding the privacy of our users and ensuring compliance with all applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Protecting your personal data is central to our business practices, and we adopt a privacy-first approach in everything we do.
2. Scope of the Policy and Data Controller Role
This Privacy Policy governs all personal data collected through thelidodeckrestaurant.com and any related communications, forms, transactions, or services. The data controller, responsible for processing your personal information under applicable data protection laws, is Lido Deck Restaurant, which operates thelidodeckrestaurant.com. Any inquiries regarding this policy or the treatment of your personal data can be directed to our team at [email protected].
3. Categories of Data Processed
We only collect personal data necessary for the use of our services, website functionality, legal compliance, and user engagement objectives. The categories of data we process include:
a. Usage Data
Information about how you interact with thelidodeckrestaurant.com, including IP addresses, browser type and version, time zone settings, pages visited, clickstream data, session duration, and referral URLs.
b. Account Data
When you sign up or make a reservation, we collect information such as your full name, email address, billing and delivery addresses, and phone number.
c. Profile Data
Data related to your preferences, purchase history, user behavior across our website, and account activity.
d. Communication Data
Records and content of communications you send us, including inquiries, support requests, complaints, and contact form submissions.
e. Technical Data
Information about the devices and systems you use to access our services, including device model, operating system, server logs, and browser plugins.
f. Transaction Data
Details of purchases and transactions conducted through thelidodeckrestaurant.com, including payment methods, order details, delivery address, and transaction history.
g. Preference Data
Marketing preferences, language choices, dining preferences, favorite menu categories, and consent records related to direct marketing and mailing list enrollment.
4. Legal Bases for Processing
Under GDPR, our legal basis for collecting and processing your personal data includes:
– Performance of a contract: When processing is necessary for delivering a service or fulfilling a purchase or reservation.
– Consent: When you affirmatively consent to receive communications, cookies for analytics, or participate in optional services.
– Legitimate interests: Where processing supports direct marketing, service improvement, fraud prevention, and website analytics, provided your interests and rights are not overridden.
– Legal obligation: To comply with financial, legal, and regulatory requirements.
For CCPA purposes, we do not sell your personal information. We use it strictly to deliver and improve our services.
5. Your Rights
You have several rights regarding your personal data:
– Right of Access: You may request a copy of the personal data we hold about you.
– Right to Rectification: You may ask us to correct inaccurate or incomplete information.
– Right to Erasure (“Right to be Forgotten”): You can request deletion of your data where legally applicable.
– Right to Restriction: You can request a temporary limit on how we process your data.
– Right to Data Portability: You have the right to request that we transfer your data to another service provider in a structured, commonly used format.
– Right to Object: You may object to certain types of processing, including direct marketing.
– Right Not to Be Subject to Automated Decision-Making: We do not use your data for solely automated decisions that affect legal or similarly significant outcomes.
To exercise these rights, please email [email protected]. We will respond to all legitimate requests in accordance with applicable laws.
6. Security Measures
We maintain robust physical, technical, and administrative safeguards to protect the personal data we process. These include:
– Data encryption in transit and at rest
– Role-based access controls
– Secure firewalls and intrusion prevention systems
– Regular security audits and system patches
– Staff training in data security and privacy practices
– Daily backups and disaster recovery systems
Our implementation of these measures ensures the continued confidentiality, integrity, and availability of your data.
7. International Transfers
If your personal data is transferred outside the European Economic Area (EEA) or other home jurisdictions, we ensure appropriate safeguards are in place, such as execution of Standard Contractual Clauses (SCCs), adherence to the UK GDPR adequacy regimes, or implementation of safeguards for cross-border data sharing as required by applicable laws.
8. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, as outlined below:
– Usage, Technical, and Cookie Data: up to 24 months
– Account and Profile Data: for as long as your account is active or as required by legal obligations
– Transaction Data: retained for 6 years for financial and legal compliance
– Communication Data: retained for up to 3 years after the most recent interaction
– Preference and Consent Records: retained for as long as necessary to demonstrate lawful consent
Where legally required or if necessary for the resolution of disputes or enforcement of agreements, we may retain certain records beyond these timeframes.
9. Cookie Policy
We use cookies and similar technologies to optimize web performance, enhance user experience, and collect analytics:
– Essential Cookies: Necessary for website functionality (e.g., session maintenance, form submission)
– Functional Cookies: Enable personalized settings and improve user experience
– Analytics Cookies: Collect anonymized data on user interaction to improve site features (e.g., Google Analytics)
– Performance and Debugging Cookies: Help monitor system performance and errors
We do not use cookies to profile or sell your information.
10. Cookie Management and Compliance with GDPR & CCPA
On your first visit to thelidodeckrestaurant.com, a consent banner allows you to accept or customize cookie settings. You may change your preferences at any time via your browser settings or our cookie consent tool.
Under CCPA and GDPR, you have the right to opt out of non-essential cookies and to limit data sharing. We honor global privacy control (GPC) signals where supported.
11. Special Protections for Children Under 13
Our website, products, and services are not designed for or directed to children under the age of 13. We do not knowingly collect personal information from users under 13 years old. If a parent or guardian becomes aware that their child has provided us with information without appropriate consent, they should contact us immediately at [email protected] and we will take steps to delete such data.
12. Policy Updates and User Notifications
We may revise this Privacy Policy from time to time to reflect changes in legal, regulatory, or operational requirements. Any modifications will be posted on this page with an indication that the policy has been updated. Continued use of thelidodeckrestaurant.com signifies your acceptance of any such changes.
Where applicable by law, we will notify you of material updates by email or via on-site notices.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us at:
Email: [email protected]
Website: https://thelidodeckrestaurant.com
We are committed to full compliance with data protection laws, and we encourage any user with a privacy concern to reach out directly so we can assist you promptly and appropriately.