Introduction

We are committed to protecting the privacy and security of your personal information. This Policy describes how we collect and use personal information through your use of this website, receipt of our goods and services, recruitment, and our other dealings with you. It also explains your rights in relation to that information. It applies to all employees, suppliers and customers.

Who we are

In this policy, where we refer to “Bruno’s” (or “we”, “us”, “our”), we mean Bruno’s Bakery Limited, registered as a private limited company in Jersey with registered number 101540. Bruno’s Bakery Limited is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protectionl legislation to notify you of the information contained in this policy. We ensure that we comply with all aspects of the Data Protection (Jersey) Law 2018.

The information we collect

Personal data or personal information, means any information about an individual from which that person can be identified.

We may collect various types of personal data about you, including:

• Your contact information, which may include your postal address, email address, and telephone numbers;
• Your personal identification information, which may include your name, passport information, data relating to previous convictions, personal data available in the public domain, and such other information that may be necessary for us to provide our services, employment, or engage in business with you;
• Your professional and employment information which may include your level of education and professional qualifications, your employment history, your residential status, and other details that may be necessary for us to provide our services, employment, or engage in business with you;
• Your financial information, which may include your bank details and ITIS effective rate;
• Information on your health, which may include your medical history, your emergency contact information, or sickness certificates, which is classified as “special category” data. This data requires a higher level of protection and we confirm that we have in place appropriate safeguards when processing such data.

Where we obtain your personal information

We collect your personal information from the following sources:

• Any personal information provided to us by way of application forms, CV’s, documents, meetings or correspondence by phone, email, through our website or otherwise;
• Any personal information we may receive from third parties such as recruitment advisors, financial or government institutions, who hold and process your information;
• Any personal information about you from publicly available sources relevant to our services.

How we use your personal information

We will only use your personal data when the law allows us to and only for the purposes in which we are engaged with you.

When we collect data we will only use your personal information to:

• Conduct administrative or operational processes within our business;
• Provide, improve and expand our bakery services;
• Compile anonymous statistics for example through our website usage;
• Perform a contract which we may have with you for bakery services, employment or otherwise;
• Ascertain your fitness to work and provide you with adjustments where required;
• Comply with our legal obligations;
• Establish, exercise or defend the legal rights of Bruno’s for the purpose of legal proceedings;
• Process and respond to orders, enquiries, complaints or employment applications received from you;
• Send you marketing material; and
• Deal with any other legitimate business purpose.

The data will be stored in a range of different places, in your personnel file if you are an
employee of ours, in our IT systems, and in our email accounts.

If you fail to provide personal information

If you fail to provide certain information, we may not be able to perform the contract we have entered into with you (such as paying you under your employment contract or a contract for supplies or services) or we may be prevented from complying with our legal obligations (such as to ensure the health and safety of our employees).

How and why we share your information

Within the business – in the course of operating our business or performing our contracts with you we may share personal information internally with our management team.

Outside of the business – we may share your personal information with third party agents, suppliers, contractors, law enforcement agencies, courts, government institutions, healthcare providers and your past or future employers.

We do not send your personal data outside of the European Economic Area.

Retention of personal information and security

Your personal information will be retained for as long as required:

• For the purposes for which the personal information was collected;
• In order to establish or defend legal rights or obligations; and
• As required by data protection laws.

Data will be securely destroyed when no longer required.

We take the security of your data seriously and we have put in place appropriate measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to the management team and third parties who have a legitimate need to know, such as the Comptroller of Taxes.

Access to and control of your personal information

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

You have the following rights in respect of the personal information about you that we process:

• The right to access and obtain a copy of your information on request;
• The right to rectify the information;
• The right to restrict the use of the information;
• The right to request that the information is erased;
• The right to object to processing of the information;
• The right to request a transfer of your information to another party; and
• The right to withdraw consent at any time (where we have relied on consent to process your information).

You are not required to pay a fee for exercising your rights. However, we may charge a reasonable fee if your request is clearly unfounded or excessive. If you make a request to access your information we have 4 weeks from receipt of your request to respond to you accordingly.

You also have the right to lodge a complaint about the processing of your personal information either with us ([email protected]) or the Information Commissioner in Jersey (https://oicjersey.org).

Changes to this privacy notice or change of purpose

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantive updates. We may also notify you in other ways from time to time about the processing of your personal information.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Questions and contact information

If you have any questions in relation to this notice please contact us using the details listed below:

Bruno’s Bakery Limited
5 York Street
St Helier
Jersey
JE2 3RQ
[email protected]