TwoSpoons is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement.
TwoSpoons may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 27.06.2022.
This policy covers:
- Who we are
- The information we collect
- How we use & store personal information
- Legal basis for processing personal data
- When do we share your data
- How do we store your data
- How long do we keep personal data
- Your rights in relation to personal data
This policy refers to information shared to us via our website enquiry form, e-mail, phone, via a third-party distributor or in person.
Who we are?
TwoSpoons are based at 44 Audleystown Road, Strangford, Downpatrick, BT30 7LP
What information do we collect?
We collect, names, addresses, email addresses, phone numbers and website information. We collect data when a client calls, emails and uses our website contact enquiry form.
How do we use personal information?
- We process the data collated for purposes such as:
- Communicating with clients
- Providing goods and services
- Account set up and administration
- Delivering marketing and events communication
- Internal research and development purposes
- Legal obligations (e.g. prevention of fraud)
- Meeting internal audit requirements
Please note this list is not exhaustive.
What legal basis do we have for processing your personal data?
- Contract – invoicing, delivery details etc.
- legitimate interests – enquiry response, communication of offer or information relevant & of interest
- compliance with legal obligations – auditing, prevention of fraud
Where do we store and process personal data?
Data is located in the UK and stored on password protected computers. Any hard copy information is filed in a locked filing cabinet in a locked building.
How do we secure personal data?
- We perform protected backups of information stored on computer and have a secure cloud based e-mail system to ensure data security & provide business continuity and disaster recovery
- Information is kept on password protected computers, and if hard copies are necessary, locked storage
- Only specified computer users have access to the passwords
- We conduct privacy impact assessments in accordance with the law and our business procedures
- We train staff on data security
- We manage third party risks, through use of contracts and security reviews
How long do we keep your personal data for?
We will retain data for no longer than reasonably necessary.
Once no longer required data is disposed of by removing contact details from our online and hardcopy records by deletion & shredding.
Your rights in relation to personal data
Under the GDPR, you have rights in respect of:
- Access to personal information
- Correction and deletion
- Withdrawal of consent (if processing data on condition of consent)
- Data portability
- Restriction of processing and objection
- Lodging a complaint with the Information Commissioner’s Office
If you would like access to your information you can request this by contacting us via e-mail on firstname.lastname@example.org. We may contact you to ascertain identity & security of the information to be forwarded. If you feel your information is incorrect please contact us and we will update & confirm. If you would like to have your information removed please also contact us. We may be required to keep certain information by law for auditing purposes.
How to contact us?
You can get in touch with any questions or concerns about our privacy practices, your personal information, or if you wish to file a complaint via
44 Audleystown Road