1. About Us
1.1 We are Dishoom Limited (referred to in this Policy as “we”, “us” or “our”). Our head office is located at 141–143 Shoreditch High Street, London, E1 6JE and our registered office address is Suite 5, 7th Floor 50 Broadway, London, United Kingdom, SW1H 0DB. We are registered at Companies House with company number 06226963.
1.2 Personal data is, in simple terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers (collectively, “Personal Data”). We understand that your privacy is important to you and that you care about how your Personal Data is used.
1.3 We respect and value the privacy of everyone who visits our websites, https://www.dishoom.com or https://store.dishoom.com (“Our Sites”), our social media platforms and/or interact with us in other ways, including accessing wi-fi in our cafes. We will only collect and use Personal Data in ways that are described in this Policy, and in a way that is consistent with our obligations and your rights under the law.
1.4 For the purposes of applicable data protection law (including the EU law version of the General Data Protection Regulation (EU 2016/679) and the Data Protection Act 2018)(collectively the “Data Protection Legislation”) we are a ‘data controller’ of your Personal Data.
2. What Personal Data do we collect?
2.1 We may collect Personal Data when you visit our Sites, participate in promotional or marketing activity, come to one of our cafes, sign in for our wi-fi or contact us. This information may include:
3. How do we use Personal Data?
3.1 We process Personal Data for the following purposes:
4. Who will your Personal Data be shared with, and where?
4.1 We will share your Personal Data:
5. What cookies will be used on the website?
6. How long will you hold my Personal Data?
6.1 We will keep Personal Data for as long as necessary to fulfil the purpose for which we obtained it. Thereafter, subject to certain exceptions, we will retain Personal Data until the earlier of: (i) a short period of time after you ask us to stop doing so (to allow us to implement your request); or (ii) 24 months after your last active engagement with us. If almost 24 months have expired since your last active engagement with us, we will contact you to check if you still want to hear from us. If you confirm you do, this will re-set the 24 month period to zero.
6.2 We also keep a record of your email address if you have unsubscribed, or you have asked us not to send you direct marketing, so that you do not receive marketing emails in future.
6.3 By law we have to keep some information about our customers for extended periods after they cease to be a customer. This might be for contractual, financial, tax or regulatory purposes. We may also keep a record of correspondence relating to queries and complaints for as long as reasonably necessary if we believe there is a prospect of litigation or an insurance claim.
6.4 In some circumstances you have a right to ask us to delete your Personal Data: see paragraph 11 below for further information.
6.5 In some circumstances we will anonymise your Personal Data (so it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without the need to notify you.
7. Where will we send your Personal Data?
7.1 Whilst our servers are kept in the UK, Dishoom uses service providers around the world. Consequently your Personal Data may be transferred, stored and/or processed in countries outside of the UK and Europe (the “EEA”). This may include countries where the local laws do not provide the same level of data protection as those in EEA or the UK. For example, some of our suppliers are based in India.
7.2 Where this is the case and we transfer Personal Data outside of the UK/EEA we use specific approved contracts which ensure the same levels of Personal Data protection that apply under the Data Protection Legislation. Please email firstname.lastname@example.org if you would like more details.
8. Telephone call monitoring
8.1 If you contact us by telephone we may monitor or record the call for training purposes, and to improve the quality of services that we provide to you.
9. Third party links
9.1 Our Sites sometimes contain links to other websites. If you follow these links please be aware that such sites have their own privacy policies which you should check - we don’t accept any liability for these sites or the information they collect.
10.1 We do not knowingly collect or store any Personal Data about children under the age of 13 and we do not offer any of our products or services directly to children under the age of 13.
11. How can you access your Personal Data?
11.1 If you want to know what Personal Data we hold about you, you can ask us for details and a copy of it. This is known as a “subject access request”.
11.2 All subject access requests should be made in writing and sent:
We will respond to your subject access request in accordance with the ICO guidelines. Please see: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/right-of-access/ for more information.
12. What rights do you have regarding Personal Data?
12.1 Under Data Protection Legislation, subject to some exceptions, you have the following rights:
12.2 For more information about our use of your Personal Data or exercising your rights as outlined above, please contact us using the details provided in paragraph 14.
12.3 Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
12.4 If you have any cause for complaint about our use of your Personal Data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would hope however that you give us the chance to resolve any complaint before you do this.
13. Facebook Ads
13.1 We may use Facebook advertising services to deliver content to you while you are using the Facebook platform. You can control how Facebook uses data to show you ads by turning off ads which may be based on interests and / or your relationship with specific advertisers, in your ad preference settings. For further information, please visit the various Facebook pages which allow you to learn more about Facebook ads and tracking technologies and to update your settings:
Further, by visiting ‘Your Online Choices’, you can opt-out from seeing Facebook’s interest-based ads. You can also use your mobile device settings to configure your advertising preferences.
13.2 Please note that even when you have opted out via the methods described above, you may still see our non-targeted adverts whilst you are online if your interests’ settings on Facebook are aligned to an audience segment (pre-defined by Facebook) which our business is also associated with. We do not control this.
14. Contact us
15. Changes to this policy
15.1 We may change this policy from time to time. The latest version will be uploaded to the Dishoom website and will take precedence over earlier versions. If we consider any changes represent an important change to how we use your Personal Data we will notify you.
This policy was last updated on 9th October 2023.