Chocolate Fountain Heaven Ltd (“We”, “Us”, “Our”) are committed to protecting information through appropriate controls, being transparent about what data We hold and how We use it, and about respecting Your privacy. “You” (“Your”) are Our client to whom We provide services, or are considering entering into an agreement with Us for the provision of Our services.
The rules on processing of personal data are set out in the General Data Protection Regulation (the “GDPR”). The terms “Data Controller”, “Data Processor”, “Data Subject”, “Personal Data”, “Processing” and “Appropriate Technical and Organisational Measures” used below shall be interpreted in accordance with the GDPR.
This policy sets out the basis on which any Personal Data We collect from You, or that You provide to Us, will be processed by Us. This website is not intended for children and we do not knowingly collect data relating to children.
Chocolate Fountain Heaven Ltd is a company registered in Northern Ireland, whose registered office and trading address is Chocolate Fountain Heaven Ltd, 50 b Clooney Terrace, Londonderry, BT47 6AP (this address is NOT open to the public). We are the Data Controller.
Please let us know if at any time Your personal information changes by emailing us at Sales@entertainmentideas.com.
The Personal Data We collect from You includes but is not limited to the following:
- when You enquire about Our services, We will request Personal Data such as Your name, business name, email address and telephone numbers and information about You or Your business to help Us to advise You on the suitability of Our services and to contact You with further information;
- when You register for an account with Us, We will request Personal Data such as Your name, business name, email address, postal address, telephone numbers, photographs, credit/debit card details to help Us identify You and provide a service to You.
- when You contact Us to discuss Your services, We will ask for certain information to be able to confirm Your identity, check Our records and answer Your questions quickly and accurately;
- when You visit Our website, We may collect and process information about Your usage by using “cookies” and other similar technologies to help Us make improvements to the websites and to the services We make available. Please see the Cookies section below for more information;
- where We receive or send emails or other forms of communication on Your behalf, We may collect the names, postal addresses and email addresses of the third parties and any information contained therein;
- when You correspond with Us by phone, email or otherwise, We will collect all information provided by You; and
- where We provide relevant services to You, We will collect the names and contact details of Your business customers, suppliers and other contacts, and any information they provide.
In compliance with GDPR Article 6 (“processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract”), We will use the Personal Data for purposes that include but are not limited to:
- processing any enquiries You have about Our services;
- verifying Your identity when You use Our services or contact Us;
- understanding, processing and executing instructions You give Us in relation to the delivery of our services;
- delivering Our services to You;
- analysing Our services with the aim of improving them;
- notifying You about changes to Our websites, services or terms and conditions or anything else We may be required or reasonably expected to notify You of;
- providing You with accurate and detailed billing for using Our services; and
- collecting payment, and recovering any monies You may owe to Us, for use of Our services.
In compliance with GDPR Article 6 (“processing is necessary for compliance with a legal obligation to which the controller is subject”), We will use the Personal Data for purposes that include but are not limited to:
- maintaining Our business records and accounts;
- meeting Our obligations to HMRC;
- preventing or detecting a crime, fraud or misuse of Our services, and investigating where We believe any of these have or may have occurred;
- meeting Our obligations under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and the London Local Authorities Act 2007;
- meeting Our obligations under the Data Retention (EC Directive) Regulations 2009;
In compliance with GDPR Article 6 (“the Data Subject has given consent to the processing of his or her Personal Data for one or more specific purposes”), if You have given and not withdrawn consent We may use the Personal Data for these purposes:
- to provide You with information about Our other services, offers or products that You may be interested in; and
- to provide You with information about third party services, offers or products that You may be interested in.
Whilst storing Your data, We will use Appropriate Technical and Organisational Measures to keep Personal Data secure and to prevent it being accidently lost, accessed or used in an unauthorised way, altered or disclosed. We will make reasonable efforts to ensure the data is accurate and up to date and will undertake to rectify any inaccuracies of which We become aware without delay. All Personal Data We store is stored in the European Economic Area.
We may share information with third parties:
- in response to properly made requests from law enforcement agencies for the prevention and detection of a crime, for the purpose of safeguarding national security or when the law requires Us to, such as in response to a court order or other lawful demand or powers contained in legislation;
- in response to properly made requests from regulatory bodies such as the Information Commissioners Office;
- as part of the process of selling Our business;
- as part of current or future legal proceedings; and
- with a company who is assisting Us in providing services to You or who provides services to Us which enable Us to provide Our services to You, examples of such services being billing and financial systems, telecommunications services and customer management systems. Where We share information with other parties who provide such services, they must comply with the requirements of the GDPR and any other relevant legislation to protect Your information and keep it secure.
Where any data breach is identified that affects the information that We hold about or have processed from You, We will take urgent action in accordance with the GDPR and guidance issued from the Information Commissioner’s Office. If You identify any data breach that affects data We have passed to You, You must notify Us in writing immediately and provide full information about the data affected by this breach.
The time period that We will keep information for will vary depending on what the information is used for. Unless there is a specific legal requirement to the contrary, We will keep information in a form which permits identification of Data Subjects only for as long as it is necessary for the purposes for which We process it. Once the requirement to hold the data is complete, appropriate measures will be taken to delete the data in line with the terms of the GDPR.
Automated decision making based on Personal Data is not used in Our business.
Our web sites contain links to other sites. We are not responsible for the privacy practices or the content of such web sites.
We will not attempt to personally identify visitors from their IP addresses unless required to as a matter of law or regulation or in order to protect Our or Our other customers’ rights.
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about Your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about Your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
Data subject access request
Under the GDPR, a Data Subject has the right to request a record of the data held about him/her. To do this a request should be submitted in writing to Chocolate Fountain Heaven Ltd, Clayhall road Gosport, PO12 2AH (this address is NOT open to the public). We may ask the Data Subject to provide Us with proof of identity to make sure We are giving information to the right person. You will not have to pay a fee to access Your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if Your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with Your request in these circumstances. We may need to request specific information from You to help us confirm Your identity and ensure Your right to access Your personal data (or to exercise any of Your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact You to ask for further information in relation to Your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if Your request is particularly complex or you have made a number of requests. In this case, we will notify You and keep You updated.
Other rights of Data Subject
The GDPR gives Data Subjects a number of other rights including the right to request the correction or erasure of Personal Data, the right to request the restriction of processing of Personal Data, the right to request the transfer of Personal Data (to the Data Subject or a third party), and the right to withdraw Your consent to the processing at any time where consent is the lawful basis for processing.
Please note that the ways in which We collect, use and protect Personal Data will be reviewed periodically and may change from time to time. We will notify You by email should such changes occur.
If You have any questions about privacy issues, want Us to update Your marketing preferences, or amend information, please contact Us either by email on Sales@entertainmentideas.com or by post at Chocolate Fountain Heaven Ltd, Clayhall road Gosport, PO12 2AH (this address is NOT open to the public).
In the first instance, please contact Us using the details above. If this does not resolve Your complaint to Your satisfaction, You have the right to complain to the Information Commissioner about the way in which We collect and use Your Personal Data: https://www.ico.org.uk/concerns or telephone 0303 123 1113. We are registered with the Information Commissioner’s Office under Register Entry ZA198078
- “the service” means any service offered by Chocolate Fountain Heaven Ltd
- “You” (or “Your”) means any user of Chocolate Fountain Heaven Ltd or any other site operated by Chocolate Fountain Heaven Ltd
- “Us” means Chocolate Fountain Heaven Ltd
- “We” means Chocolate Fountain Heaven Ltd
- “Our” means Chocolate Fountain Heaven Ltd
- “User” means someone who uses Chocolate Fountain Heaven Ltd website for any purpose