Privacy policy

The Sustainable Restaurant Association (SRA) [referred to in this policy as “we” “us” “our”] is a non-profit membership organisation based at 1 Royle Studios, 41 Wenlock Road, London, N1 7SG. At the SRA, we are committed to safeguarding your privacy; this policy sets out how we will treat your personal information.

From time-to-time we may make amendments to this policy so please check this page regularly to ensure you are happy with the changes. The SRA is not required to appoint a dedicated Data Protection Officer, however if you have any questions about this privacy policy or our treatment of your personal data, please direct them to hello@thesra.org and you will be contacted by a member of the team.

By using our website, you are agreeing to the terms in this policy.

1.How we collect and use your personal data
1.1 Website usage data
Like many organisations, we gather ‘usage data’ [your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use]. This data is collected via cookies (see section 4) and is used to monitor and improve our website and services. At first, the data collected is anonymous, however if you provide us with your personal data and agree to let us track your cookies, we will then monitor your visits to our website and use this information to understand more about you and personalise your experience.

1.2 Enquiry data
‘Enquiry data’ refers to the information that you provide to us in enquiring about our services or subscribing to our email notifications and/or newsletters. This may include your name, job title, business, phone number or email address. We use this data to contact you regarding your enquiry and to send you emails which you have specifically requested. This may include marketing communications relating to our business [or the businesses of carefully-selected third parties] which we think may be of interest to you although you may opt-out of receiving these at any time. The legal basis for this processing is your consent, given at the time of sign-up.

1.3 Membership data
By entering into a membership or other contract with us, we may ask you to provide data about yourself, your business practices and your colleagues. We use this data to carry out our obligations of the contract. The legal basis for this processing is our membership or other service contract with you.

2.Sharing your data with Third Parties
We may disclose information about you to third-party data processors [including our CRM database, website host, application developers and others] insofar as reasonably necessary to provide you our services.
We may disclose information about you to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.

We may process your data to the extent that we are required to do so by law, in connection with any legal proceedings or prospective legal proceedings. The legal basis for this processing is our legitimate interest namely in order to establish, exercise or defend our legal rights.
We will not without your express consent provide your personal information to any third parties for direct marketing.

3.Your rights
3.1 You may instruct us not to process your personal data for marketing purposes by email at any time by emailing us. We will always provide you with an opportunity to opt-out of email marketing.
3.2 You may instruct us to provide you with any personal information we hold about you. We will meet this request within the statutory 40 days unless the request is prohibitively complex.

3.3 You have the right to lodge a complaint with a supervisory authority responsible for data protection.
3.4 If you are unhappy with our management of your data, you have the right to request the deletion of your personal data without undue delay.

4.Cookies
A cookie consists of information sent by a web server to a web browser and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.

•‘session’ cookies are used to keep track of you whilst you navigate the website.
•‘persistent’ cookies are used to enable our website to recognise you when you visit.

Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third-party cookies. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including this one.

5.International data transfers
Your information will not be transferred to any country outside the European Economic Area (EEA) without adequate safeguards in place.

6.Security of your personal data
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information and  will store all personal data on secure (password- and firewall- protected) servers. All electronic transactions you make to or receive from us will be encrypted using SSL technology. Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

7.Third party websites links
Our website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.

8.Updating information
If you notice that the personal information which we hold about you needs to be corrected or updated, please email hello@thesra.org

This policy was last updated in May 2018