Ideal School Meals logo

PRIVACY POLICY

Policy Statement

This policy explains how we will handle the privacy of your personal information. We are committed to maintaining robust privacy protection for all our users and will take the necessary steps to ensure that personal data is safeguarded and kept in accordance with all applicable data protection laws and regulations.

We may change this policy from time to time and you should check this page from time to time to ensure that you are happy with any changes.

Use of our website and providing us with personal details constitutes your legal agreement to the terms contained within this Policy. If you do not accept these terms, you are advised not to use the website.

About us

Ideal School Meals and School Meals Online are trading names of Ideal HSM Ltd with company registered number 08991318. Our registered address is 10 Broad Street, Spalding, Lincolnshire PE11 1TB. Our online service is provided through www.schoolmealsonline.com

We are a Data Processor under data protection legislation and manage your data in relation to our website and communications with us in accordance with data protection laws applicable to businesses in the UK.

What information do we collect?

We collect the minimum amount of information required to enable us to provide the service. Any information collected is processed in accordance with UK legislation.

Types of personal information collected:

- Personal information – e.g Name and contact details
- Characteristics – e.g. Free School Meal eligibility, allergy requirements or relevant medical information

How we use your personal information

Your information will be used by us to enable us to provide our services to you and fulfil our contractual obligations to our clients. We act as a Data Processor of your information and only act on the instructions of a Data Controller (normally this would be a school or other education establishment).

We undertake to protect your personal and sensitive data in a manner that is consistent with the requirements of the General Data Protection Regulation (GDPR) and will take reasonable measures to ensure the secure storage of your data.

Personal data will be used for the purposes specified in this Privacy Policy, to include the following:

- Administration of the website
- Personalisation of the website/ browsing experience
- Communication to follow up with enquires made by phone, email or fax
- Provide third parties with statistical information about our users - but this information will not be used to identify any individual user
- Ask for feedback and reviews

Management of enquiries and complaints made by or about you relating to the website.

Users of this website do so at their own discretion and provide any such personal details at their own risk.

Sharing Information

Disclosure

We don’t share, sell, or distribute your data to third parties, except as contractually agreed with you or as provided in this Privacy Policy.

We may disclose your personal information if we are required to do so by law, in connection with any legal proceedings, and in order to establish, exercise or defend our legal rights, or if otherwise legally permitted.

Data Processors

We may use other Data Processors who act on our instruction in processing your data and who must adhere to their obligations under the GDPR.

Marketing

We will only send you emails about our services, i.e. direct marketing, with your express consent. You have the option not to give consent and to withdraw consent at any time. You may withdraw your consent for us to contact you by contacting us at enquiries@idealschoolmeals.co.uk

Non-personally identifiable visitor information may be provided to third parties for marketing, advertising or other uses.

External links

Users of the website are advised to adopt a policy of caution before clicking on any external web links. Clicking an external link will take the user away from our website. Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s terms and conditions.

We cannot guarantee or verify the contents of any externally linked website and users click on external links at their own risk. We cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Retaining your data

We keep your personal information for the duration of the contract to enable us to provide services to you and also as required to meet legal, statutory and regulatory obligations. We will continue to store only the necessary personal data needed for 24 months after expiry of the contract. After this period, any personal data not needed will no longer be retained. The need to hold information is regularly reviewed and information/data will be disposed of when no longer required.

Data Storage

Any information that you supply to us may be stored and processed by our servers or any other country that provides suitable and adequate security measures to protect the data. Your data may be transferred in accordance with the relevant data protection laws. We do not store personal data outside of the EEA.

Data Subject Rights

Subject Access Requests

The General Data Protection Regulation (GDPR) gives individuals, known as ‘data subjects’, the right to access personal data that is held by organisations by a subject access request (SAR). We will endeavour to respond quickly to any such requests, which legally require us to respond within one month of receiving the request and necessary information. To make a SAR request email us at to enquiries@idealschoolmeals.co.uk

Right to Rectification

Data subjects have the right to request that we amend or change personal information that we hold about you, that is inaccurate or incorrect.

Right to erasure

Data subjects have the right to ask us to delete personal information from our systems without giving any reason and at any time. We will act on any request without delay.

Right to restrict processing

Data subjects have the right to rectification or erasure of personal data in the following circumstances:

- Personal data is not accurate
- The processing of data is unlawful - data subjects may request that processing is restricted
- Data is required to exercise legal rights or defend legal claims

Data is unlawful but there may be lawful grounds for processing, which override this right.

Right to data portability

Data subjects have the right to obtain and transfer their data to different service providers.

Right to object

Data subjects have the right to object to the processing of data at any time based on their particular situation. This includes objecting to profiling unless it is in the ‘public interest’ or exercised lawfully by an official authority. We will only process data under lawful grounds.

Right not to be subject to decisions based on automated processing

We do not use any automated processing that results in any automated decision based on a data subject’s personal information.

Using your rights

If you wish to invoke any of these rights, please email us at equiries@idealschoolmeals.co.uk

Data Breaches

We will report any unlawful breach of data as required by the GDPR within 72 hours of the breach occurring, if it is considered that there is an actual, or possibility, that data within our control including the control of our data processors, has been compromised. The Data Controller will be informed in accordance with our obligations under data protection legislation.

If the breach is classified as ‘high risk’ we will notify all data subjects concerned using an appropriate means of communication. Any relevant breaches will be reported to the ICO.

Important Information

Questions and queries

If you have any concerns about how we handle your data, you can contact the Data Controller by email to enquiries@idealschoolmeals.co.uk or write to us at 10 Broad Street, Spalding, Lincolnshire PE11 1TB.

Changes to this policy

We reserve the right to change this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. You will be deemed to have accepted any changes to the terms of the privacy policy on your next visit of the website following the amendment.

Complaints

If you want to raise a concern about the use of your data, you can contact us by email to enquiries@idealschoolmeals.co.uk Alternatively, you can formally raise a concern or complaint to the Information Commissioner’s Office (ICO) directly on 0303 123 1113, or see the options for reporting issues on https://ico.org.uk/concerns/

No Waiver

No failure or delay by us in exercising any of our rights in accordance with this Privacy Policy or our terms and conditions shall be deemed to be a waiver of that right, and no waiver of a breach of any provision of the Agreement shall be deemed to be a waiver of any subsequent breach of the same or any other provision.

Severance

If one or more of the provisions of this Privacy Policy or our terms and conditions is found to be unlawful, invalid or otherwise unenforceable, those provision(s) shall be deemed severed from the remainder of these terms and conditions and shall remain enforceable.

Third Party Rights

The terms of this Privacy Policy shall not confer rights on any third parties.

Jurisdiction and Governing Law

The terms of this Privacy Policy and all disputes, whether contractual or otherwise, arising out of or in connection with the policy are governed by and shall be construed in accordance with the laws of England and Wales and each party submits to the exclusive jurisdiction of these courts.