We are committed to safeguarding the privacy of our visitors and customers; this policy sets out how we collect and use your personal information.
The legal basis on which we process your information may be that it is necessary for compliance with a legal or regulatory obligation; that it is necessary for the pursuance of the legitimate interests of River Café (providing those interests are not overridden by your rights and freedoms, including your right to have your personal information protected); or that we have your explicit consent for such processing (and that consent has not been withdrawn).
This policy applies to data which is collected via our websites, restaurant booking system, email communication, use of a mobile App, over the telephone, as a result of accessing a data network maintained by us, via contact on social media, via personal interaction with employees or agents of River Café, via CCTV or thermal-imaging cameras or by any other means. Information which is collected will be the responsibility of River Café, who will act as Data Controller in relation to this data.
(1) What information do we collect?
We may collect, store and use the following kinds of personal information:
(a) information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, website navigation);
(b) any other information that you choose to send to us, including your name and address, email address, and telephone number (landline and/or mobile);
(c) we may use Location Based Services (LBS) to understand traffic patterns in venues. The location data we capture helps us to understand venues, such as how long customers stand in line and how they generally move around an area, enhancing operational efficiency and improving user experience.
(d) Details of your interactions with us whether electronic or in person and whether direct or via third party applications such as social media and review websites.
A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to: keep track of you whilst you navigate the website; and we will use the persistent cookies to: enable our website to recognise you when you visit.
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites.
(3) What do we use your personal data for?
Personal information collected by us may be used by River Café and/or persons acting on our behalf for our legitimate business interests including (but not limited to):
(a) to send statements and invoices to you, and collect payments from you;
(b) to send you general (non-marketing) commercial communications, for example keeping you up to date with changes in our business;
(c) to send you email notifications and other information which you have specifically requested, for example in response to queries;
(d) direct marketing of products, services, promotions, and events, but with the proviso that use of data for such direct marketing purposes will not be undertaken other than with your explicit consent, and having given you the option to opt-out of such communications at any time;
(e) to ensure the protection of the interests and reputation of River Café, including assessing and responding to customer feedback and complaints;
(f) to manage your commercial dealings with River Café, whether in respect of restaurant bookings, use by you of our services and goods purchased by you, or otherwise;
(g) to send you communications including by email requesting a review of, and /or feedback on, products or services supplied to you. You may opt out of future such requests at any time. Information collected in this way is for internal research only to enable us to improve our products and services and is not used for any future marketing purpose.
(h) to comply with our legal, tax and regulatory obligations;
(i) to ensure the security and access of our physical premises, websites, platforms and other applications
(j) other purposes reasonably ancillary to the above.
(4) When we may disclose your personal data
In addition, we may disclose your personal information:
(a) to the extent that we are required to do so by law;
(b) in connection with any legal proceedings or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(5) Security of your personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Any third parties we engage to process your personal information are obliged to respect the security of your data.
Note: Data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
Data may be processed, accessed, or stored in a country or territory outside your home country. If we transfer your data to a jurisdiction which does not offer the same level of protection of personal data as may be enjoyed in your home territory we will ensure that your data is appropriately protected.
(6) How long we retain personal data
We will retain your personal data for as long as is necessary to fulfill the purpose for which it was collected.
Once those purposes are complete, we may then have legal or regulatory obligations to fulfill in connection with data retention.
Additionally, we may also retain personal data in some circumstances for a period of at least ten years in order to ensure that we are able to answer and deal with any queries, complaints, tax enquiries, or investigations or any legal proceedings which may arise.
(7) Your rights
Your rights in relation to your personal data include, but are not limited to, the following.
(a) You may instruct us to provide you with any personal information we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address). We may withhold such personal information to the extent permitted by law. We also reserve the right to charge a reasonable fee, or refuse to act on the request, where requests are manifestly vexatious, unfounded or excessive.
(b) In certain circumstances you may also have the right to ask us to erase your personal data or restrict its processing.
(c) Where we process your data for our legitimate interests, you have the right to object to such processing. You may also instruct us not to process your personal information for direct marketing purposes by email at any time. Please bear in mind that if you object to processing or withdraw your consent, this may affect our ability to deliver services to you.(d) You have the right to have any inaccurate personal data we hold about you rectified.
(8) Third party websites
The websites maintained by River Café contain links to other websites whose data protection practices may differ from ours. We are not responsible for the privacy policies or practices of third party websites and if you should visit such sites you should ensure that you review the appropriate privacy notices as we have no control over information that is submitted to, or collected by, these third parties.
(9) Policy amendments
(11) Protection of Personal Information Act
The Protection of Personal Information Act 4 of 2013 aims: to promote the protection of personal information processed by public and private bodies; to introduce certain conditions so as to establish minimum requirements for the processing of personal information; to provide for the establishment of an Information Regulator to exercise certain powers and to perform certain duties and functions in terms of this Act and the Promotion of Access to Information Act, 2000; to provide for the issuing of codes of conduct; to provide for the rights of persons regarding unsolicited electronic communications and automated decision making; to regulate the flow of personal information across the borders of the Republic; and to provide for matters connected therewith.
The Protection of Personal Information Act 4 of 2013 can be accessed at www.gov.za
(12) Track & Trace
In accordance with Government Track & Trace guidelines issued in connection with the COVID-19 pandemic, we will process your name, telephone number and email address which will be taken from the register form when you visit. This information may be processed for the purpose of providing the Government with your details in connection with their COVID-19 Trace & Trace scheme. Information will only be provided to Government upon request and within 21 days of your visit only. You do not have to participate in this scheme but if you do we may decide to deny access or ask you to leave. By providing your details, you consent to the foregoing.
If you would like to make a complaint to the Information Regulator, the contact details are as follows: SALU Building, 316 Thabo Sehume Street, PRETORIA Tel: 012 406 4818 Fax: 086 500 3351 firstname.lastname@example.org or visit their website.