Privacy Policy
​
We respect and are committed to protecting your privacy. This policy explains how we collect, store and use personal data when you visit our website, when you enter into dialogue or a transaction with us and when we are processing personal data in accordance with the services we provide. It also describes the types of data we collect, how we use this data to ensure we provide relevant and timely services to you, and your rights to control our use of that data. This policy lays out our specific commitments, in compliance with and beyond the General Data Protection Regulation (commonly known as the GDPR) and the associated Data Protection Act.
This policy only covers your personal identifiable information on this website or where we process your personal data. There are many links on our website to third party sites beyond our control, and we suggest that you always check the privacy policies of these sites before using them. Also, this policy does not cover the personal data processing activities of anyone for whom we process personal data as a data processor, i.e. in accordance with their instructions.
​
By visiting this or our other websites, and in providing any personal data about yourself to us, you are confirming that you have read, understood and accept our policies and practices. If you are at all uncertain about any aspect of our policies and practices, please contact us and refrain from using this website.
​
Your Personal Information
Collecting specific and relevant personal data is a necessary part of us being able to provide you with any services you may request from us or in providing services to our Clients. We never collect sensitive data.
​
We will only use your personal data for the legitimate purpose for which it was collected, and we will do this in a fair and in a secure and transparent manner. We will never use your personal data for any other purpose unless you have clearly agreed to it, or it is necessary for legitimate interests. When we hold or use your personal data as a data controller we provide to you a privacy notice which sets out in detail how your personal data may be used and the reasons for these uses, together with details of your rights. Where we collect personal data from you directly, we will provide this privacy notice at the time we collect the personal data from you. Where we receive your personal data indirectly, we will provide this privacy notice when we first contact you or within a month, whichever is earlier.
​
We will only provide this privacy notice to you once, generally at the start of our relationship with you as a data controller. However, if the applicable privacy notice is updated, then we will provide you with details of the updated version.
​
Data Controllers/Data Processors
Please note that where we are processing your data on behalf of a third party in many cases we will only process your data as a data processor, i.e. someone only processing data in accordance with the instructions of another person. This is usually as a data processor of one of our customers. In these cases, we will not process your personal data as a data controller, i.e. someone is able to control and decide how personal data is used.
​
This distinction is important. You have certain rights in relation to your personal data, for example the right to be provided with the personal data held about you and details of its use and the right to have certain of your personal data either erased or anonymised, commonly referred to as the right to be forgotten. These rights can generally only be exercised against a data controller of your data. In some cases, this means that you cannot exercise these rights against us directly (i.e. where we only act as a data processor), but you can do so against the data controller (i.e. the person who controls how we process the personal data). In these cases we will endeavour to inform you who is the data controller of your personal data so that you can direct any such requests to them.
​
Also, it is only a data controller that will provide you with a privacy notice about your personal data, so where we process your personal data as a data processor for a third party, that third party should provide you with a privacy notice which will set out details regarding the processing of your personal data, which should also include the processing to be carried out by us on their behalf.
​
Privacy
We respect your privacy and take additional steps safeguard your personal data. We always aim to treat personal data with respect, and to treat it as we would wish our own personal data to be treated and to keep it secure. We do not sell personal data to third parties.
​
What Personal Data Do We Collect?
You will be asked for personal data such as your name, company name (where applicable), address, email address and telephone contact number when you make an enquiry or order products and services from us.
​
How Do We Use Your Personal Data?
Where appropriate, we use your personal data to:
• Enter into, or perform, a contract or arrangement;
• For our own legitimate interests (such as marketing, internal record keeping, market research or to improve our products or services), provided your rights don’t override these.
This May Include:
• Providing you with related news / reports
• Letting you know about our new products and services in which you may be interested
• Informing you about changes and improvements to our products and services and to this website
We do not employ automated decision making or profiling in our business.
​
More details will be included in the privacy notice provided to you about the processing of your personal data.
​
If you register to receive email communications from us alerting you to news and offers, you can opt-in or out of receiving these at any time. You can do this by completing the contact us form on the Website or by sending an email to: info@sobremesa.bar
We shall not disclose your personal data unless obliged to, or allowed to do so by law, or where we need to do so in order to run our business (e.g. where other people process data for us). In such circumstances, we will normally put in place confidentiality or non-disclosure undertakings and other arrangements to protect your personal data.
Links
This website may contain links to other websites. We are not responsible for the privacy practices of these other websites, and if you provide them with any of your personal data they will be a data controller of your personal data and you should read their own privacy policies before you provide them with your personal data. The policy described here applies only to personal data collected or processed by District Enforcement Limited.
​
Security
We are committed to handling all information with high standards of information security. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorise access to personal information only for those employees or agents who require it to fulfil their job responsibilities. Password control applies to all data systems and we operate a strict policy on their use. All access is logged and we will not hesitate to report any suspicious or criminal activity to the Police and/or to the user's ISP.
​
Rights Regarding Your Personal Data
You have a qualified right to access the data we hold about you. If you wish to do this please submit a request to:
​
Data Protection Officer Vanilla Thinking Limited (Trading as Sobremesa Bar) 30 Gibb Street, Digbeth Birmingham. B9 4BF. England.
​
or by email to info@sobremesa.bar
​
We Will:
• Tell you whether any of your personal data is being processed by us
• Provide a description of the personal data, the reasons it is being processed
• Provide to you a copy of your personal data and, where available, the source of the data, unless the source of your data is subject to a non disclosure agreement and is also therefore subject to the same data protection provisions – Such as an industry awards nomination from a peer, client or associate.
We will do this within the prescribed 1-month period allowed, however, should the request involve complicated data flows across multiple systems, this time period could be extended, but we will always make contact with you at the point a request is raised.
​
You also have a qualified right to have your personal data either erased or anonymised, which is commonly referred to as the right to be forgotten. Again, if you wish to do this please submit a request to:
​
Data Protection Officer. Vanilla Thinking Limited (Trading as Sobremesa Bar). 30 Gibb Street, Digbeth Birmingham. B9 4BF. England.
​
or by email to info@sobremesa.bar
​
We Will:
• Assess what if any of your personal data is covered by the right to be forgotten
• Explain to you the reasons for any personal data which is held by us not being subject to the right to be forgotten, for example its retention is required by law
If you wish to invoke any of the other rights that you may have in relation to your personal data, for example rights to rectification, right to restrict processing, right to portability, right to object to processing and the right to object to automated decision making then you can only do so to the data controller. We may not always be the data controller of your personal data, so you may not always be able to invoke these rights against us.
​
Cookies
In order to provide you with the best, tailored experience, our site will need to place small text files, or 'cookies', on your computer.
​
Most cookies that we use are 'session' cookies and only exist for the time that you are using our site. They perform functional tasks such as remembering that you are logged in as you move from page-to-page.
​
You can set your browser to reject all cookies. Please note that if you do this then certain areas of this website may not be able to function for you. Choose a browser setting that rejects third-party cookies but allows the benign, functional ones that make the good stuff work.
​
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
Contact Regarding This Privacy Policy
All communications regarding Information Security and Data Protection should be directed to our Data Protection Officer, at:
​
Data Protection Officer. Vanilla Thinking Limited (Trading as Sobremesa Bar). 30 Gibb Street, Digbeth Birmingham. B9 4BF. England.
​
or by email to info@sobremesa.bar
​
Should you wish to make a Subject Access Request or to make a request to invoke other rights, please do so by sending to the address above or directly to info@sobremesa.bar
This policy was updated in April 2021
​
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics.
​
As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
This policy was updated in April 2021