Who is responsible for your data?
To help us deliver the services and standard that you require and expect, Joseph Holt shares data within the business and is responsible for customer data. Our company registration number is 182757 and our registered office is The Brewery, Empire Street, Manchester, M3 1JD.
We can also be contacted via email at firstname.lastname@example.org.
Personal Data collected by Joseph Holt
We collect personal data for a number of reasons. These are outlined below.
We get this data from the customer directly when they complete online forms, communicate with our employees and on through various digital platforms to engage.
Name and contact details, email address, telephone number and postal address
- When you book a table, function room or hotel room with us.
- When you attend a brewery tour.
- When you choose to receive marketing communication.
- When you provide us with feedback or submit an enquiry.
- When you join the Birthday Club
- When you receive a promotional mail shot, both off line and on line (i.e. a Loyalty Card)
Date of Birth
- To confirm that you are over 18 in order to receive personalised recommendations for our goods and services.
- When you choose to provide it for marketing personalisation.
Dietary and special needs requirements
- When you choose to provide it when booking a table / function / hotel room.
Information about other guests on your booking, including details of any children in the party
- When you provide them on behalf of others as part of a table, function or hotel booking.
The correspondence that you have with us (e.g. emails, letters or phone calls.)
- When you contact us or we contact you.
Your location / visit information
- When you use WiFi.
- When you make a booking.
- When you use the mobile app.
- When you stay in one of our hotels.
Your accommodation transaction details
- When you book a hotel room.
- When you visit Joseph Holt sites (including The Brewery and our pubs)
Information about how you use our website, including IP address and Google Analytics
- Anytime you use our website. (To provide a personalised user journey)
Special Category Personal Data
Sensitive Personal Data, as defined by GDPR, includes any data relating to health and religious beliefs. From time to time, you may need to tell us that you have an allergy or a specific dietary requirement. Occasionally, you may also need to tell us that you have a medical condition or religious beliefs. This Sensitive Data will only be used for the need it was given.
Coronavirus Test and Trace Data Collection
Customers will be asked to provide some personal data on visiting a Joseph Holt pub to help assist the NHS Test and Trace system. Your data will be held temporarily for 21 days and then deleted. It will NOT be used by Joseph Holt for any other purpose. The only place your data may be shared is the government Test and Trace system for them to contact you if there is a local outbreak of Covid-19.
How and why Joseph Holt use your personal data
We use your personal data to provide the following services:
- When you book at our pubs, we will use your information to confirm your booking and any payments or deposits you have made.
- To keep you informed of our products, services, offers and promotions. We may send you marketing communications about our food and drink, offers, events, competitions and unique Joseph Holt experiences. We will only do this if you have indicated that you are happy to receive these types of communications. (e.g. when you sign up for the Birthday Club and opt-in).
- We will monitor opens / clicks on marketing emails to assess relevance and make improvements.
- To personalise and improve your customer experience. We may use your personal data in order to tailor our services and offers to your preferences.
- To optimise the performance of our website. We may also collect information on how you use our websites including the pages that you visit and the search criteria that you perform in order to optimise the performance of the website and personalise the content that you see.
- We use CCTV for several reasons; to protect our staff and customers from crime, to support court actions and comply with legal licencing requirements. We have CCTV at the Brewery and throughout our pubs.
- For market research and to help us understand our business and marketplace to ensure that our beers and services are up to date and relevant.
Sharing your personal data
Joseph Holt uses a number of 3rd party providers in order to deliver the service and standards required by our customers. When we need to use a 3rd party provider, Joseph Holt remains in control of your data and ensure that companies we choose to work with, comply with our stringent security standards. Data used by 3rd party providers will only ever be used for Joseph Holt purposes. Our 3rd party providers include:
- Website hosting companies – Design by Day and 34sp.com
- WiFi providers. Sky Wifi (www.sky.com/wifi)
- When relevant we will share your booking data with the manager or retail partner who operates the pub in question.
- We will work alongside legal authorities and legal advisors, when customer data is requested.
- Joseph Holt will never sell or pass your personal data to any third-party company, unless it is required by law.
Transfer of Data outside the EU
- Get Response – USA and Russia
We are currently auditing our suppliers and this policy will be updated if and when new information is highlighted and relevant.
The legal basis for processing your Data
We rely on the following reasons for using your data:
- Compliance with a legal responsibility / regulatory authority.
- Consent – where you have specifically consented to us using the data.
- In order to deliver the service that we have agreed to provide you with (such as facilitating pub enquires and sending out Birthday Club vouchers).
- Legitimate interest. To improve customer experience and improve our business.
Retention and Security of your Data
Joseph Holt will keep your personal data for as long as is deemed necessary. The length of time will naturally depend on the type of data and reason for holding it. For example:
- We will remove and delete any personal data when requested via the unsubscribe button that appears on marketing communication.
- We are required to keep hotel invoices for 6 years.
- We will ensure that we use suitable technical and organisational security measures to keep your personal data secure at all times. These measures include internal company policy and staff training, appropriate contracts with 3rd party suppliers and role-based access control.
You have certain rights regarding the personal data we hold about you. Some of these rights only apply in certain circumstances. In order to exercise these rights please contact us using the contact details below. Please note that we will require proof of identity as part of this request and most rights are subject to limitations and exceptions. We will provide details if we are unable to comply with any request that you make regarding your rights.
- Right of Access. You have the right at any time to ask Joseph Holt for a copy of the data that we hold about you and to confirm how it is used.
- Right of Correction or Completion. If the data that we have collected is inaccurate you have the right to update it.
- Right of Erasure. In certain circumstances, you have the right to request that information we hold about you is erased. This usually applies if the data is no longer necessary for the purpose that it was collected for, or you withdraw your consent for its processing and request its erasure.
- Right to Object to or Restrict Processing. If you wish to challenge our need to process your data on legitimate interest grounds or if you wish to withdraw your consent.
You can unsubscribe from our marketing communication at any time by clicking the unsubscribe link at the bottom of any of our marketing communications. Alternatively, you can email email@example.com.
Should you have any concerns about this policy or the way that we are processing data you have the right to lodge a complaint with the Information Commissioner’s Office. Please look at www.ico.org.uk for more detail.
GDPR Version 1.0. This policy was last updated on 23rd May 2018