We are committed to protecting and respecting your privacy. This Privacy Policy was last updated on 26 April 2024.
This Privacy Policy forms part of our Terms of Service (unless a separate agreement has been entered into in which case that agreement will prevail) and constitutes a legally binding agreement between you and us that governs:
● the Personal Information we collect & how we collect it;
● how we use the Personal Information, how we store it & who we share it with; and
● how you can update your Personal Information & find out what PersonalInformation we hold about you.
In this Privacy Policy, the term "you" refers to you, the customer, and any of your customers that use our software or services (together, the “Services”), and any visitor to our website at https://getspoonfed.com/ and the terms "Spoonfed", "we", "us" and "our"refer to 365 RM (UK) Limited (and its subsidiaries), a company registered inScotland under company number SC382380 with our registered office at Floor 3,226 St Vincent Street, Glasgow, G2 5RQ, and Spoonfed, Inc., with an address at 200 South 10th Street, Suite 1600,Richmond, VA 23219
We may change or update the terms of this Privacy Policy from time to time and you should therefore check it frequently. If we make any material changes to our Privacy Policy we will post a change notice on our website. Our Privacy Policy will always indicate the date it was “Last Updated”and this will change whenever we amend our Privacy Policy. Your continued use of the Services will indicate your acceptance of the amended Privacy Policy.
Introduction
1. This is a notice to inform you of our policy about all information that we record about you. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us. It covers information that could identify you (“PersonalInformation” and information that could not. In the context of the law and this Privacy Policy, “process” means collect, store, transfer, use or otherwise act on information.
2. We regret that if there are one or more points below with which you are not happy, your only recourse is to leave our website immediately.
3. We take seriously the protection of your privacy and confidentiality. We understand that all visitors to our website are entitled to know that their Personal Information will not be used for any purpose unintended by them, and will not accidentally fall into the hands of a third party.
4. We undertake to preserve the confidentiality of all Personal Information you provide to us, and hope that you reciprocate.
5. Our policy complies with data protection laws accordingly implemented, including the retained EU law version of the General Data Protection Regulation (EU)(2016/679), the UK Data Protection Act 2018 and the California Consumer Privacy Act 2018 (CCPA) and the and the California Privacy Rights Act (CPRA) ("data protection laws”). Regardless of where you are living, we will comply with the data protection laws applicable in the UK, but for those resident in California, we will also comply with the CCPA and CPRA.
6. We are registered with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (ico.org.uk), and our registration number is ZA934964. If you are in any way dissatisfied about how we process your Personal Information, you have a right to lodge a complaint with the Information Commissioner's Office. This can be done at https://ico.org.uk/concerns/. We would appreciate it if you contacted us first so we can discuss these with you before you approach the ICO by reaching out to us at support@getspoonfed.co.uk
7. Data protection laws require us to tell you about your rights and our obligations to you in regard to the processing and control of your Personal Information. We do this now, by requesting that you read the information provided at www.knowyourprivacyrights.org
8. Except as set out below, we do not share, or sell, or disclose to a third party, any Personal Information collected from you or about you through our website.
1. The information we may collect about you
We may collect, use, store and transfer different kinds of Personal Information about you which we have grouped together as follows:
● Identity Data includes first name, last name, username or similar identifier and title.
● Contact Data includes billing address, delivery address, email address and telephone numbers.
● Financial Data includes bank account details.
● Transaction Data includes details about payments to and from you and other details of products and Services you have purchased from us.
● Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
● Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
● Usage Data includes information about how you use our website, products, and Services.
● Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Aggregated Data such as statistical or demographic data for any purpose, isn’t considered Personal Information under data protection laws as this data will not directly or indirectly reveal your identity. We may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.
We don’t collect any Special Categories of Personal Information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). We also don’t collect any information about criminal convictions and offences.
2. How is your Personal Information collected?
We use different methods to collect Personal Information from and about you including through:
● Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding or engaging with us by post, phone, email, social media or otherwise.
● Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies.
● Third parties or publicly available sources. We may receive Personal Information about you from various third parties and public sources, such as Google, Companies House, or the electoral register.
3. The bases on which we process information about you
We will only use your Personal Information when data protection laws allow us to. Most commonly, we will use your Personal Information in the following circumstances:
● Where we need to perform the contract, we are about to enter into or have entered into with you
● Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
● Where we need to comply with a legal obligation.
We will typically collect your Personal Information through direct interactions with us. You may give us your Identity and Contact Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes Personal Information you provide when you:
● Create an account on our website
● Use our Services
● Subscribe to our blog/newsletter/email marketing
● Give us feedback or contact us
● Apply for or enquire about a job vacancy or opportunity.
We may process your Personal Information for compliance with a regulatory requirement or legal obligation to which we are subject. Your Personal Information will only be processed if processing the Personal Information to comply with such obligation is a reasonable and appropriate way of achieving compliance.
4. Purposes for which we will use your Personal Information
We have set out below the ways we may use your Personal Information, and which of the lawful bases we rely onto do so:
There are other circumstances under which we will process your Personal Information:
Sourcing new leads
We have a legitimate interest to process Identity Data and Contact Data relating to decision makers and budget holders in catering organisations that we consider potential customers. The data is gathered from publicly available sources and directly from the companies concerned.
The data is processed solely for compiling a database of contacts that Spoonfed and no other company will market to. The only Personal Information stored will be necessary for marketing purposes, such as names, place of work and contact details.
We will contact any citizen whose details are stored for this reason soon after recording their Personal Information, informing them of our Privacy Policy and giving them the opportunity to object to our holding their Personal Information.
Dealing with direct debits
When you agree to set up a direct debit or other electronic payment arrangements, such as SEPA (Single Euro Payments Area) or ACH( Automated Clearing House), the Financial Data you give to us is passed to our own bank or other payment service providers for processing according to our instructions.
For customers in the UK, we are registered under the direct debit guarantee scheme. This scheme ensures that your bank will refund disputed payments without question, pending further investigation. Direct debits can only be set up for payments to beneficiaries that are approved originators of direct debits, and such beneficiaries are subjected to rigorous vetting procedures. Once approved, they are required to give indemnity guarantees through their banks.
For international customers, similar protections are in place for transactions processed via SEPA and ACH networks, ensuring secure and compliant handling of payment transactions in accordance with relevant regulations in each jurisdiction.
Affiliate and business partner information
This is the Identity Data and Contact Data given to us by you in your capacity as an affiliate of us or as a business partner. It allows us to recognise visitors that you have referred to us, and to credit to you commission due for such referrals. It also includes information that allows us to transfer commission to you. We will therefore also process Financial Data and Transaction Data. The Personal Information is not used for any other purpose.
We undertake to preserve the confidentiality of the Personal Information and of the terms of our relationship. We expect any affiliate or partner to agree to reciprocate this policy.
5. Cookies
We use cookies in accordance with the relevant parts of thePrivacy and Electronic Communications (EC Directive) Regulations 2003 and data protection laws. Cookies are small text files that are placed on your computer's hard drive by your web browser when you visit any website. They allow information gathered on one web page to be stored until it is needed for use on another, allowing a website to provide you with a personalised experience and the website owner with statistics about how you use the website so that it can be improved.
Some cookies may last for a defined period of time, such as one day or until you close your browser. Others last indefinitely. Your web browser should allow you to delete any you choose. It also should allow you to prevent or limit their use.
We use the following cookies:
● Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
● Analytical or performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
● Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
● Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
When you first visit our website, we alert you to the fact that our website uses cookies. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our Services or website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our website. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org
We use the following cookies to track visitor numbers and behaviour on our website:
● _utma - used to identify how many unique visitors our website has had.
● _utmz - used to find out where a user came from (e.g. from a search engine or from a link to our website from another website).
● _utmv - used to store visitor-level custom variable data and updated every time data is sent to Google Analytics.
● _ga - used to distinguish between users over a 2 year expiration time.
● _gid - used to distinguish between users over a 24 hour expiration time.
● intercom-id - used to integrate Intercom into Google Analytics to contact people who have returned to our website
● _gat_UA-* - Google Analytics sets this cookie for user behaviour tracking with a 1-minute duration.
● __cf_bm - This cookie, set by Cloudflare, is used to support Cloudflare Bot Management and has a 1-hour duration.
● rc::a - This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks and has no duration.
● rc::c - This cookie is set by the Google recaptcha service to identify bots to protect the website against malicious spam attacks and lasts the duration of the session.
● __cfruid - Cloudflare sets this cookie to identify trusted web traffic for calendly.com apps and lasts the duration of the session.
● OptanonConsent - OneTrust sets this cookie to store details about the site's cookie category and check whether visitors have given or withdrawn consent from the use of each category, used by calendly.com apps and has a 1-hour duration.
● __sharethis_cookie_test__- Share - This sets this cookie to track which pages are being shared and by whom and lasts the duration of the session.
Google Analytics is a third party cookie, provided by Google, Inc. The cookies used by Google Analytics help us to analyse how users use our website and to count the number of people who use it. Google Analytics stores your IP address anonymously. Google does not associate your IP address with any personally identifiable information. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
6. Disclosure and sharing of your information
We may disclose your Personal Information in the following cases:
● If we want to sell our business, or our company, we can disclose it to the potential buyer
● We can disclose it to other businesses in our group, as defined in the UK Companies Act 2006
● We can disclose it if we have a legal obligation to do so, or in order to protect other people’s property, safety, or rights
● We can exchange information with others, such as credit reference agencies to protect against fraud or credit risks, so far as it relates to clients or customers who instruct their credit card issuer to cancel payment to us without having first provided an acceptable reason to us and given us the opportunity to refund their money.
We may contract with third parties to supply goods and services to you on our behalf. These include:
● Credit card processing services
● Order fulfilment service providers
● Analytics service providers
● Website management service providers
● Information technology and related infrastructure provision
● Email delivery services
● Our auditors and legal advisors.
These third parties are known as sub-processors. Where we share your personal data with those sub-processors, they will be bound by confidentiality and data protection obligations. We do this to ensure that your Personal Information is kept safe and secure.
7. Storing and transferring your Personal Information
Our website is hosted in Ireland, but we may also use outsourced services in countries outside the European Economic Area (EEA) from time to time in other aspects of our business. As such, we may transfer yourPersonal Information outside of the UK or EEA, where we engage third parties to provide items and services on our behalf or where Personal Information obtained in the UK may be used by our employees in the United States. We will ensure that any companies used to process Personal Information are compliant with our own privacy notice.
Whenever we transfer your Personal Information out of the UK or EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented, such as only transferring your Personal Information to countries that have been deemed to provide an adequate level of protection for Personal Information. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK or the EEA.
Data security is of great importance to us, and to protect your Personal Information we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure data collected through our website and our Services. Specifically, we use Google cloud services to host all Personal Information collected. Google’s cloud services employ industry standard security including encryption in transmit and at rest and ISO/IEC27001/27017/27018/27701, SOC 1/2/3, PCI DSS, and FedRAMP certifications. For more information, please refer to: https://cloud.google.com/security/.
It’s important to note that personal data is encrypted between your device and any external host storage we use. We use Secure Sockets Layer (SSL) certificates to verify our identity to your browser and to encrypt any Personal Information you give us.
Whenever Personal Information is transferred between us on our website, you can check that it is done so using SSL by looking for a closed padlock symbol or other trust mark in your browser’s URL bar or toolbar.
8. Your rights
When you provide us with Personal Information, you have certain legal rights, and these include:
● To request access to, deletion or correction of, your Personal Information held by us at no cost to you
● To request that your Personal Information be transferred to another person (data portability)
● To be informed of what data processing is taking place
● To restrict processing
● To object to processing of your Personal Information
● To complain to a supervisory authority.
We regularly review our data retention obligations to ensure we are not retaining Personal Information for longer than we are legally obliged to. If you wish to access, rectify, erase, or transfer your Personal Information, please contact us at support@getspoonfed.co.uk.
You won’t have to pay a fee to access your Personal Information data (or to exercise any of the other rights), but we can charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive, or we can refuse to comply in these circumstances.
We may need you to provide evidence of your identity as a security measure and we may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month, but it could take longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
9. Notice for California residents of privacy practices and rights
If you are a California resident, California law may provide you with additional rights regarding your Personal Information.
The CCPA gives you the following rights:
● Right to know about the Personal Information we collect and share:
● The CCPA gives you the right to request that we disclose the specific pieces of Personal Information we have collected about you;
● Please see above for information on the data we collect on you, and how we process it; and
● We do not sell your Personal Information. However, we do disclose your Personal Information to limited third parties, as described above.
● Right of deletion:
● You have the right to request that we delete your Personal Information, subject to certain exceptions
● If you wish to delete your Personal Information, please contact us at support@getspoonfed.co.uk. Please note that we may require certain information from you in order to verify your identity before proceeding with your request.
We collect the categories of Personal Information from you in connection with your use of our website as described above.
We won’t discriminate against you for exercising any of your CCPA rights.
10. Retention period for Personal Information
Except as otherwise mentioned in this Privacy Policy, we keep your Personal Information only for as long as required by us:
1. to provide you with the Services you have requested;
2. to comply with other law, including for the period demanded by our tax authorities;
3. to support a claim or defence in court.
11. Third party links
This Privacy Policy only relates to our website. We might have links on/within our website to other websites, and these websites will have their own terms and conditions and privacy policies. You should check those privacy policies before providing your Personal Information to those websites.
12. Review of this Privacy Policy
We may update this Privacy Policy from time to time as necessary. The terms that apply to you are those posted here on our website on the day you use our website. We advise you to save a copy for your records.
If you have any questions regarding our Privacy Policy, please contact us at support@getspoonfed.co.uk