Rebecca's Kitchen
Privacy Policy
Last updated: 23 March 2026
At Rebecca's Kitchen, we are committed to protecting your privacy and being transparent about how we handle your personal information. This Privacy Policy explains what data we collect, why we collect it, how we use and share it, and the rights you have over your information.
By visiting our website or using our services, you agree to the practices described in this policy. Please read it carefully.
1. Who We Are
Rebecca's Kitchen is a food business operating in the United Kingdom. We are the data controller responsible for your personal information collected through our website.
Contact us at:
Rebecca's Kitchen
Email: rebeccaskitchen238@gmail.com
Website: www.rebeccaskitchen.co.uk
2. Information We Collect
We collect personal information in the following ways:
2.1 Information You Provide Directly
• Name, email address, and phone number when you place an order, make a booking, or contact us
• Delivery address and billing details when completing a purchase
• Dietary requirements, allergies, or food preferences you share with us
• Account login credentials if you create an account on our website
• Feedback, reviews, or messages you send through our contact forms or email
2.2 Information Collected Automatically
• IP address, browser type, and device information when you visit our website
• Pages viewed, links clicked, and time spent on our site (via cookies and analytics tools)
• Referring website or search terms that brought you to our site
• Location data (approximate, derived from IP address)
2.3 Information from Third Parties
• Payment information processed securely through our payment provider (we do not store card details)
• Social media profile data if you choose to connect or interact with us via social media platforms
3. How We Use Your Information
We use your personal information for the following purposes:
3.1 To Provide Our Services
• Process and fulfil your orders, bookings, and enquiries
• Communicate with you about your orders, including confirmations, updates, and delivery notifications
• Manage your account and preferences
• Handle dietary or allergy requirements to keep you safe
3.2 To Improve Our Business
• Analyse website usage to improve content and user experience
• Understand customer preferences and tailor our menu and services
• Conduct internal research and business planning
3.3 Marketing and Communications
• Send you newsletters, promotions, or updates about Rebecca's Kitchen — only with your consent
• Personalise marketing communications based on your preferences and order history
You can opt out of marketing communications at any time by clicking 'unsubscribe' in any email or contacting us directly.
3.4 Legal and Compliance
• Comply with legal obligations, including tax, food safety, and consumer protection laws
• Prevent fraud, misuse, or security breaches
• Respond to legal claims or regulatory requests
4. Our Legal Basis for Processing
Under UK GDPR and the Data Protection Act 2018, we rely on the following lawful bases:
• Contract: Processing is necessary to fulfil your orders or bookings
• Legitimate Interests: To improve our website, prevent fraud, and operate our business responsibly
• Consent: For marketing emails and non-essential cookies — you can withdraw consent at any time
• Legal Obligation: Where we are required by law to process your data
5. Cookies
Our website uses cookies — small text files stored on your device — to improve your experience.
Types of Cookies We Use
• Essential Cookies: Required for the website to function (e.g., shopping cart, login sessions)
• Analytics Cookies: Help us understand how visitors use our site (e.g., Google Analytics)
• Marketing Cookies: Used to deliver relevant adverts and track campaign effectiveness
You can manage your cookie preferences through our cookie banner when you first visit the site, or by adjusting your browser settings. Disabling certain cookies may affect website functionality.
6. Sharing Your Information
We do not sell your personal data. We may share it only in the following limited circumstances:
• Service Providers: Trusted third parties who help us run our business (e.g., payment processors, delivery couriers, email platforms, website hosting providers). These parties are contractually bound to protect your data.
• Legal Requirements: Where we are required to disclose information by law, court order, or regulatory authority
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred — you will be notified if this occurs
• With Your Consent: For any other purpose, only with your explicit agreement
7. International Transfers
We primarily store and process your data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place, such as UK adequacy regulations or Standard Contractual Clauses, in line with applicable data protection law.
8. How Long We Keep Your Data
We retain your personal data only for as long as necessary:
• Order and transaction records: Up to 7 years (for legal and tax compliance)
• Account information: Until you delete your account or request erasure
• Marketing preferences: Until you withdraw consent
• Website analytics: Up to 26 months in aggregated form
When data is no longer needed, we securely delete or anonymise it.
9. Your Rights
Under UK data protection law, you have the following rights:
• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Ask us to correct inaccurate or incomplete information
• Right to Erasure: Request deletion of your data ('right to be forgotten'), where applicable
• Right to Restrict Processing: Ask us to limit how we use your data in certain circumstances
• Right to Data Portability: Receive your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Rights Related to Automated Decision-Making: We do not make solely automated decisions that significantly affect you
To exercise any of these rights, please contact us at rebeccaskitchen238@gmail.com. We will respond within one month. We may ask you to verify your identity before processing your request.
10. Data Security
We take appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, or misuse. These include:
• Encrypted connections (HTTPS/TLS) across our website
• Secure payment processing through PCI-DSS compliant providers
• Restricted access to personal data within our organisation
• Regular review of our security practices
While we take every precaution, no online transmission is 100% secure. If you suspect any misuse of your data, please contact us immediately.
11. Children's PrivacyOur website and services are not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.12. Third-Party LinksOur website may contain links to third-party websites, such as social media platforms or delivery partners. This Privacy Policy does not apply to those sites. We encourage you to review their privacy policies before providing any personal information.13. Changes to This PolicyWe may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make significant changes, we will post the updated policy on our website and update the 'Last updated' date at the top of this document.We encourage you to review this policy periodically.14. How to ComplainIf you have concerns about how we handle your personal data and we are unable to resolve them, you have the right to lodge a complaint with the UK's data protection authority:Information Commissioner's Office (ICO)Website: www.ico.org.ukHelpline: 0303 123 111315. Contact UsFor any questions, requests, or concerns about this Privacy Policy or your personal data, please get in touch:Rebecca's Kitchen — Privacy Team
Email:rebeccaskitchen238@gmail.com
Website:
11. Children's PrivacyOur website and services are not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.12. Third-Party LinksOur website may contain links to third-party websites, such as social media platforms or delivery partners. This Privacy Policy does not apply to those sites. We encourage you to review their privacy policies before providing any personal information.13. Changes to This PolicyWe may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make significant changes, we will post the updated policy on our website and update the 'Last updated' date at the top of this document.We encourage you to review this policy periodically.14. How to ComplainIf you have concerns about how we handle your personal data and we are unable to resolve them, you have the right to lodge a complaint with the UK's data protection authority:Information Commissioner's Office (ICO)Website: www.ico.org.ukHelpline: 0303 123 111315. Contact UsFor any questions, requests, or concerns about this Privacy Policy or your personal data, please get in touch:Rebecca's Kitchen — Privacy Team
Email: rebeccaskitchen238@gmail.com
Website: www.rebeccaskitchenbrighton.com
We aim to respond to all enquiries within 5 business days.