Our commitment to you
Who we are
Cracking Good Food is a social enterprise with company number 7369862. We will process any personal information we collect about you in accordance with current data protection laws (currently the Data Protection Act 1998. We will only use your personal data to send you information about what we’re doing and will never pass it on to anyone without prior permission.
Our overriding objective is to enhance the nutritional health and well-being of our customers which is why we inform you of our cooking activities that you can be a part of, free, or as a paying customer.
Data protection legislation applies to ‘personal data’ (data that relates to a living individual such as a name, home address or mobile telephone number) and regulates how that data is collected, held and processed. Data protection in the UK is currently governed by the Data Protection Act 1998 (the “DPA”), and from the 25th May 2018 by the new General Data Protection Regulation (GDPR).
For the purposes of the DPA, CGF (Cracking Good Food) is the ‘data controller’ of the personal data of CGF customers (i.e. the organisation that is responsible for, and controls the processing of, that personal data).
We believe that you ultimately own and should have control over your personal data
What do the following terms mean?
- “CGF” means Cracking Good Food
- The “Website” means the website located at www.crackinggoodfood.org
- “We”, “us” and “CGF” means Cracking Good Food
- “You” mean you in your capacity as a potential customer or existing customer.
Why we use your information
We will only use your information where we have a legal basis to do so and will always respect your rights.
Where we use your information, it is generally because you have consented to us doing so in order to provide a service to you or it may be because we consider we have a legitimate interest to do so. Where we rely on a legitimate interest to use your information, we will always ensure that this is done in a way so as not to be intrusive and that respects your rights. Other reasons may include using information because we have a legal obligation to do so or because we have to fulfil contractual obligations.
What personal data do we process?
We process the following types of personal data about you when you use Do-it:
- Information provided by you. We collect personal data, such as your name, address and email address, when you pay for a course online. As part of your personal profile, you will need to submit additional information such as your dietary requirements
- Information provided by you as parent/guardian for a child under 16 years of age. We collect personal data, such as their age and gender when you sign your consent during a session.
- We collect and process information and comments relating to your CGF experience; any comments you record around your CGF participation.
- Information collected automatically. CGF receives and stores information which is transmitted automatically from your computer when you browse the Internet and visit the CGF website. This includes information from cookies (which are described in the section below on Cookies), your IP address and browser type. Your IP address is the unique address of your computer which is automatically provided to other computers when your web browser requests a web page from those computers on the Internet.
How do we use your personal data?
We will use your personal data in order to deliver our service to you. This includes using your personal data to:
- Process your booking
- *Keep you aware of upcoming events
- *Promote future cooking school sessions to you
- Match your experience for our volunteer opportunities
- To respond to or fulfil any requests, complaints or queries you make to us
*We will use your email address to contact you from time to time to notify you of upcoming activities that we believe will be of interest to you. We will use the service of an online mailshot provider (namely Mailchimp). You will be given the opportunity to unsubscribe at any chosen time. You can also choose to delete your account.
We also may use the information collected automatically, such as your IP address and information stored via cookies, to gather statistics about the number of people who visit CGF and to customise its content, layout and services. If you contact us directly, using email, we will use the information you give to us to handle your enquiry or request. This may include responding to your query or feedback, or sending you relevant information. We may also keep a record of conversations we have with you, feedback you provide and any marketing or support materials we send out to you. This can help us to handle queries more efficiently. We may share this information, on an aggregate and anonymised basis, with third parties to help us improve CGF and better serve our users.
Unless you choose to sign up to our mailshots and other email updates, you will not receive any further mailings other than a reply to your enquiry.
How long we keep your data
We will continue to keep your data until you instruct us that you wish to be removed from our database.
Data gained from all feedback forms will be recorded electronically and used to promote future upcoming sessions. The hardcopy will be stored for up to 12months then destroyed using a cross shredder.
Data gained from registers, disclaimers, forms will be recorded for up to 12months then destroyed using a cross shredder.
Consent given for use of images will be stored for upto 5yrs then destroyed using a cross shredder.
Disclosure to third parties
We may provide your personal data and the data generated by cookies and the aggregate information to the vendors and service agencies that we may engage to assist us in providing you with the CGF service. Such third party entities will be obligated to use your personal data solely to provide services to us in connection with the CGF service, and for no other purpose.
We will disclose your personal data if we reasonably believe we are required to do so by law, regulation or other government authority or to protect the rights and property of CGF, its affiliates or the public. We may also cooperate with law enforcement agencies in any official investigation and we may disclose your personal data to the relevant agency or authority in doing so.
We reserve the right to transfer your personal data in the event of a transfer of ownership of CGF, such as acquisition by or merger with another company.
Under the General Data Protection Regulations (GDPR) you have the following rights:
- Information Right – the right to receive the information contained in this policy and our data collection forms about the way we process your personal data.
- Personal Data Access Right – the right to know that we are processing your personal data and, in most circumstances, to have a copy of the personal data of yours that we hold. You can also ask for certain other details such as what purpose we process your data for and how long we hold it.
- Personal Data Correction Right – You have the right to request that we correct inaccurate data or complete incomplete data that we hold on you.
- Personal Data Erasure Right – Known as the Right to be forgotten. In certain circumstances you may request that we erase your personal data held by us.
- Personal Data Restriction Right – You have the right to restrict the way we process your personal data in certain circumstances, for example if you contest the accuracy of the data, if our processing is unlawful, to pursue legal claims, where we are relying on legitimate interests to process data.
- Data Processing Objection Right – You have the right to object to us processing your data for (i) direct marketing purposes (ii) research or statistical purposes and (iii) purposes of profiling related to direct marketing or based on our legitimate interests
- Data Portability Right – you have the right to receive a copy of certain personal data or to have it transferred to another organisation in some circumstances
Right to Withdraw Consent at any time
Where we use your personal information based on your prior consent, such as where you have given us permission to send you marketing communications by email, mobile messaging or by direct message on social media, you can withdraw your consent at any time by contacting us.
Right to complain to the Information Commissioner’s Office (ICO)
You have the right to be confident that CGF handles your personal information responsibly and in line with good practice. If you have a concern about the way we are handling your information, then in the first instance you should raise this with us. We will take your concern seriously and work with you to try to resolve it. However if you are still unhappy with our response you can raise a concern with the ICO, the UK data protection regulator – see the links below for details:
Links to other sites
This Website contain links to other websites that are not owned or controlled by CGF. Please be aware that we are not responsible for the privacy practices of such other websites. We encourage you to be aware once you leave our Website and to read the privacy statements on the other websites that you visit.
When someone visits our website we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of our website. We collect this information in a way which does not identify anyone.
We use Google Analytics to help analyse use of our Website. This analytical tool uses ‘cookies’, which are text files placed on your computer, to collect standard internet log information and visitor behaviour information in an anonymous form. The information generated by the cookie about your use of the Website (including your IP address) is transmitted to Google. This information is then used to evaluate visitors’ use of the Website and to compile statistical reports on Website activity for us.
We will not (and will not allow any third party) to use the statistical analytics tool to track or to collect any personally identifiable information of visitors to our Website.
Disabling and enabling cookies
You have the ability to accept or decline cookies by modifying the settings on your internet browser. This website www.wikihow.com/Disable-Cookies tells you how to remove cookies from your browser. However, please note you may not be able to take full advantage of the functionality of the CGF Website if you do so.
Security and confidentiality
CGF uses industry standard technology designed to help keep your personal data safe. We use a 2048-bit SSL certificate for encryption as recommended by the cybersecurity industry and The National Institute of Standards and Technology (NIST) of the US Government. Please bear in mind though, that it is impossible for CGF to guarantee that impenetrable security measures are in place.
For example, we cannot control any illegal and/or unforeseen activity of other users that may allow them to get around the privacy or security settings on the Website. Consequently, you acknowledge that there are circumstances in which your personal data may be accessed by unauthorised persons.
CGF also takes appropriate organisational and security measures to safeguard your personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. Our objective is to protect your personal data as follows:
- All of CGFs systems, hardware and software used in relation to your personal data are kept secure in accordance with standard industry practice
- All CGF team members are informed of their obligations under the DPA and the restrictions in place on their use of the personal data.
- All CGF servers are hosted within the European Union (EU) using GDPR compliant hosting facilities that meet industry security standards.