Introduction

“Grape Tree” is the trademark or registered trademark of JG Foods Limited.

For the purpose of the General Data Protection Regulation (2016/679) (“GDPR”) the data controller is JG Foods Limited of Unit 2, Dandy Bank Road, Pensnett Trading estate, Kingswinford DY6 7TD. We will, in processing your data, comply with the GDPR and all other data protection and privacy laws applied in England from time to time.

This privacy policy sets out how we use and protect any information that you give us while using this website or when you are in one of our stores (hereafter "the Store"). The Store is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. The Store may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

Explaining the legal bases we rely on

The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:

Consent in specific situations. We can collect and process your data with your consent. For example, when you sign up to receive email newsletters.

When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.

Contractual obligations. In certain circumstances, we need your personal data to comply with our contractual obligations. For example, we’ll need to collect your address details to deliver your online order.

Legal compliance. If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity affecting Grape Tree to law enforcement.

Legitimate interest. In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

For example, we may use your purchase history to send you or make available personalised offers.

We may also use your address details to send you direct marketing information by post or telling you about products and services that we think might interest you.

When do we collect your personal data

When you visit our stores and sign up for a loyalty card, we register that card to your contact and email address. We may also request a contact telephone number. This is to enable us to run your loyalty account and enable us to inform you of product information and special offers via post, text and email.

When you visit our web site and create an account with us, you provide a contact and email address. We may also request a contact telephone number. This is to enable us to run your loyalty account and enable us to inform you of product information and special offers via post, text and email.

When you visit our site, we capture information through cookies. You can manage these when you visit our site. You can view ‘How we use cookies’ and the ‘Cookies we use’ in the sections below for more details.

When you engage with us on social media.

When you contact us by any means with queries, complaints etc.

When you ask one of our colleagues to email you information about a product or service.

When you comment on or review our products and services.

When you fill in any forms. For example, if an accident happens in store, a colleague may collect your personal data.

When you use our stores, some of which may have CCTV systems operated for the security of both customers and staff. These systems may record your image during your visit.

When you’ve given a third-party permission to share with us the information they hold about you.

What we collect

We collect the following information if you use our web site:

• Your preferences and interests
• Other information relevant to customer surveys and/or offers
• Details of your visits to our web site
• Information gathered by the use of cookies in your web browser.

Additionally, we collect the following information if you shop online with us:
• Your name
• Your contact information including email address and telephone number
• Your billing/delivery address
• Details of orders, purchases and payments

For your security, we also keep an encrypted record of your login password.

For the avoidance of doubt, we do not store any payment card details.

In addition to the above, where you interact with us online or via email, we collect:
• Details of any complaints or comments you make,
• Details of purchases you have made
• How and when you contact us
• Your comments and product reviews.

We also collect your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.

Where you have a store loyalty card with us, we collect the following:
• Your name
• Your contact information including email address and telephone number
• The address to where the card is registered

We’ll only ask for and use your personal data collected to deliver the service you have requested, advising you about our general promotions, recommending items of interest and to tailor your shopping experience with us.

What we do with the information we gather

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

• To process any orders you make using our website
• To notify you of product despatch and tracking
• To monitor and control abandoned baskets prior to checkout
• To safeguard your account
• To process payments and to prevent fraudulent transactions
• Internal record keeping and complying with our legal obligations.
• For running the loyalty scheme(s).
• To respond to your queries, refund requests and complaints
• We may use the information to improve our products and services.
• We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
• From time to time, we may also use your information to contact you for market research purposes.
• We may contact you by email, phone or mail.
• We may use the information to customise the website according to your interests.

How long will we keep your personal data

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

An example of customer data retention periods would be your orders.

When you place an order, we’ll keep the personal data you give us indefinitely (or unless requested otherwise by yourselves) so we can comply with our legal and contractual obligations.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

Where we share your information with trusted third parties, we also ensure they comply with our standards of physical, electronic and managerial procedures to safeguard and secure the information we collect.

How we use cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are necessary in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Cookies may be used for many different purposes. In the first place, cookies can be required to make the website function properly. For example, without cookies, it would be difficult to make a website remember that you have logged in or visited the website before. These are called necessary cookies.

Cookies are also use to enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. These cookies are called preference cookies.

Thirdly, cookies can also be used to analyse how a website is used, e.g. to count the number of visitors, or to learn how the website may be improved. All tracking data and website usage are stored anonymously and cannot be linked back to individual website visitors. These cookies are called statistical cookies.

A fourth important use of cookies is to enable online advertising, which may be personalised to show ads that are more relevant and interesting to you. This is done by (targeted) marketing cookies.

When you first log on to our website, you are able to tailor your cookie consent. Should you wish to amend your consent profile, clear us from your cookie history and revisit us again to tailor your cookie profile. Unless you have set your browser to block cookies completely, or tailored the cookie profile, this website will utilise the cookies listed under ‘Cookies we use’ on your computer.

Modern web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org.

Visibility

There are some elements of data visible to us as part of your use of the website. The information we have visibility of regardless of your acceptance of analytics cookies is:

• the internet domain e.g. www.organisation.co.uk and internet protocol address (IP address) from which you access the website. This is made available by your internet service provider and is not user controlled
• the type of browser (Internet Explorer or Google Chrome) and operating system (Windows, Linux, macOS etc) that is used
• the device used, such as a mobile phone or tablet
• the date and time of visit
• the page(s) visited
• the address of the website from which is linked to saladcreative.com (this is commonly described as a referrer)

We only use this information above to review website and server performance.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Controlling your personal information

You may choose to restrict the collection or use of your personal information in the following ways:

• whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes.
• if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by amending your preference on your online account or letting us know by Email or you can find our contact address in the ‘Getting In Touch’ information.

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.

You may request details of the personal information which we hold about you under the Data Protection Act 1998. In the first instance this data is usually provided free of charge. If you would like a copy of the information held on you please Email us or find our contact address in the ‘Getting In Touch’ information.

If you believe that any information we are holding on you is incorrect or incomplete, please Email us as soon as possible using info@grapetree.co.uk or you can find our contact address in the ‘Getting In Touch’ information. We will promptly correct any information found to be incorrect.

If you believe we have no legitimate need to continue holding your personal data, for example, when the purpose for which it was held has come to an end. Please write to or Email us as soon as possible using info@grapetree.co.uk or our contact address in the ‘Getting In Touch’ information. We will promptly review the data we hold, the reason why it is held and advise you of the actions we have taken to comply with your request.

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Who we share your personal information with

We sometimes share your personal data with trusted third parties for legitimate purposes. Examples include: delivery of goods, for fraud management, to handle complaints or to help us personalise our offers to you. In these instances, we demand these organisations keep your data safe and protect your privacy:

We provide only the information they need to perform their specific services.

They may only use your data for the exact purposes we specify in our contract with them.

We work closely with them to ensure that your privacy is respected and protected at all times.

If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

Examples of the kind of third parties we work with are:

• Our payment processing companies who process payments on our behalf
• IT companies who support our website and other business systems.
• Operational companies such as delivery couriers.
• Direct marketing companies who help us manage our electronic communications with you.

Sharing your data with third parties for their own purposes:

We will only do this in very specific circumstances, for example:

• For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
• We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.

We may, from time to time, expand, reduce or sell JG Foods Limited and this may involve the transfer of divisions or the whole business to new owners. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.

Where your personal data may be processed

Sometimes we will need to share your personal data with third parties and suppliers outside the European Economic Area (EEA), such as Australia or the USA.

Protecting your data outside the EEA

The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. We may transfer personal data that we collect from you to third-party data processors in countries that are outside the EEA. For example, this might be required in order to fulfil your order, process your payment details or provide support services.

If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times.

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

Contacting the Regulator

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113 Or go online to www.ico.org.uk/concerns opens in a new window; please note we can't be responsible for the content of third-party sites.

List of cookies we use

For a full up to date list of cookies we use, the category they fall into and the durations they are retained on your device, visit our cookie acceptance pop up. If you have previously visited our web site, you will need to clear us from your cookie history for the pop up to work the next time you visit our site.