Privacy Policy

Dopsu respects your privacy and is committed to doing the right thing when it comes to how we collect, use, and protect your data. That is why we have developed this privacy notice which will inform you as to what we do with your personal data and how we look after it, sets out your privacy rights, and explains how the law protects you.
The privacy notice will go over the following areas:
• Who we are and how to contact us.
• The personal data we collect.
• How we use this data.
• Our legal basis for processing your data.
• When we share personal data.
• Where we store and process your data.
• How we keep your data secure.
• How long we retain your data.
• Your rights in relation to personal data.

We encourage you to read this privacy notice carefully, and should you have any questions or concerns please contact us using the details provided in the Our Contact Details section below.

Our Contact Details
Dopsu is the data controller and is responsible for your personal data (referred to in this notice as “we”, “us” or “our”). Should you have any questions or would like to make a request to exercise your legal rights, please contact us using the following details.

Full name: Dopsu Food
Postal address: Dopsu, PO Box 251, Northallerton, DL7 7EW
Email: contact@dopsu.com

Please mark any envelopes with “FAO: Dopsu Data Protection” to make sure they are promptly received by the correct people. You have the right to make a complaint to the ICO (Information Commissioner’s Office) at any time.

The ICO is the UK supervisory authority on data protection, their website can be found here: www.ico.org.uk. However, we would appreciate the chance to deal with any concerns you may have, so we ask that you please contact us in the first instance using the details above.

Personal Data We Collect
Your personal data is any information that could be used to identify you. It does not include any data where the identifying information has been removed; this is known as anonymous data. We may collect, use, store, and transfer various types of personal data which we have grouped into the following categories:
• Identity Data: First name, surname, title, username or other identifier.
• Contact Data: Billing/postal address, email, phone number, social media account.
• Technical Data: Login data, IP address, browser type, mobile device identifiers, device make, device model, device operating system.
• Profile Data: Username and password.
• Usage Data: How websites are used, how you found the website, etc.
• Image Data: CCTV images/video, facial images.

How We Collect Personal Data
We collect your personal data through various methods depending on the circumstances.
• When you fill in a Contact Us form on any of our websites or contact us through social media or other online services, we collect your Identity and Contact data directly from you as requested on the form or other method through which you have contacted us.
• When you browse our websites, we collect your Technical and Usage data via our usage of Cookies and Google Analytics
• Where it is reasonable to do so we may collect Personal Data from publicly available sources such as internet searches, companies house, and broadcast media.

How We Use Personal Data and Our Legal Basis
We must have a lawful basis to collect and use personal data; the lawful bases are set out in the UK GDPR. Here we will explain how your personal data is used and what our lawful basis is for using it in this way.

Identity, Contact & Profile data
• Legitimate interest: This helps provide an efficient online experience for our customers, suppliers, and website visitors, improving our current relationships and helping to foster new ones. Discover how you found our websites, what interests you, how you access them, etc.

Technical & Usage data
• Legitimate interest: This helps us to keep our websites relevant and up to date with what our visitors are looking for and allows us to see what improvements we can make
• Consent: Analytical cookies are installed by consent. This can be withdrawn at any time by clearing cookies from the browser. To contact and interact with your Contact data
• Legitimate interest: Responding to any initial contact or keeping in contact will help us to foster a relationship with you that will be beneficial to both parties
• Monitor who enters our sites Identity, Contact & Image data

Sharing Personal Data
We may share your personal data with service providers and other organisations as appropriate. Where a service provider is carrying out a function using personal data on our behalf, we make sure to have appropriate contracts in place detailing that provider’s responsibilities regarding the data being shared with them. We carefully vet all our service providers to make sure they have appropriate technical and organisational measures in place to safeguard personal data.

Personal data may also be shared with other third-party organisations for certain reasons, including:
• The law or a public authority requiring us to share the data
• If we need to share personal data to establish, exercise or defend our legal rights
• To an organisation we sell or transfer (or enter into negotiations to sell or transfer) any of our businesses or any of our rights or obligations under any agreement we may have with you to
• To third parties you ask or permit us to share your data with
• To organisations which introduce you to us

We may transfer data outside of the UK, however we will always make sure one of the following safeguards is in place:
• The organisation to which we are sharing data resides in a country deemed to have passed an adequacy decision by the EU Commission; these decisions remain valid as of 31 December 2020, though the UK intends to review these decisions over time
• We have specific contracts in place with the recipient organisation that have been approved by the ICO, meaning the data is still effectively protected by the GDPR even if the country in which that organisation resides is not in the European Economic Area or has not passed an adequacy decision.

How We Secure Personal Data
We use computer safeguards such as firewalls and data encryption, and we enforce physical access controls to our buildings and files to keep this data safe. We only authorise access to employees who need it to carry out their job responsibilities. Data entered in any of our websites is protected using HTTPS while being transmitted. We enforce physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of data. Physical documentation is stored in locked and secure cabinets, while electronic data is stored on secure servers to which only the required employees have access. All servers that store electronic data are backed up and transmitted off-site in an encrypted state.

How Long We Retain Personal Data
We will keep your data the minimum length of time required to comply with the purposes set out in this policy and relevant legal obligations. In certain cases your data may be kept longer than what is necessary to comply with the purpose stated if there is a legal requirement for us to do so. In some circumstances you can request for any personal data we hold about you deleted, as detailed in the Your Rights section below. In this case we will remove the data within one month and confirm this with you. We may anonymise your personal data for research or statistical purposes; in these cases the data can no longer be traced back to you, so we are allowed to keep it indefinitely.

Your Rights
You have certain rights regarding your data under the UK Data Protection laws and are free to exercise these at any time. You have the right to:
• Request access to any personal data we hold about you
• Request corrections to any of your personal data
• Request deletion of any of your personal data
• Withdraw your consent for us to process your personal data
• Request the restriction of processing your personal data
• Request the transfer of your personal data
• Object to the processing of your personal data
• Make a complaint to the ICO about our processing of your personal data

Should you wish to exercise any of your rights, please contact us via any of the methods laid out in the Our Contact Details section. We will not charge you a fee should you request access to your data or exercise any of your other rights, however we may refuse to comply if your request is clearly unfounded, repetitive, or excessive. By law we must respond to all requests within one month and we try to do this in most cases, however we may take longer if your request is particularly complex or if there are several requests made. We may request identification documents from you to confirm your identity and ensure someone else is not trying to access your personal data. If you are making a request through a third-party, we ask for a letter of authority from you authorising that party to receive your data. We may also contact you to ask for further details of your request to make sure we are able to respond on time.

Managing Cookies
Dopsu websites and online services use cookies for the reasons explained in the How We Use Personal Data and Our Legal Basis section. Your browser can automatically refuse some or all website cookies depending on the settings you have applied. If you wish to remove any cookies that you have accepted, you can do this by clearing them from within your browser settings. Please note that disabling or refusing cookies may cause some areas of our websites and online services to stop functioning correctly.

Changes To This Privacy Notice
We may make changes to this privacy notice in line with any law changes or should any of our purposes for collecting your data change, for example. Please make sure to check this page frequently to stay up to data with our privacy policy. To Your Data It is important that personal data we hold about you is up-to-date and accurate. We therefore ask that you please keep us informed of any changes to your personal data during your relationship with us using the details supplied in the Our Contact Details section.

Third-Party Links
Please note that any third-party websites that may be linked to this or any of our other websites are not controlled by us and we are not responsible for their use of your personal data. We encourage you to read the privacy notices of every website you visit once you leave our website.