Gordon’s Wine Bar is committed to protecting the privacy of our customers and this privacy notice sets out details of how we use and process your data.


The name and contact details of our organisation:

Court Pie Catering Ltd t/a Gordon’s Wine Bar is a company limited by shares registered in England under company number 00981038 whose registered office is at Walter Wright, 89 High Street, Hadleigh, Ipswich, Suffolk IP7 5EA.

If you would like to get in touch with us for any further information the best way to do so is by emailing: info@gordonswinebar.com.


The personal data processing we undertake

Any information provided by you through our website uses a secure https connection and is stored securely.  We do not share your information with any third parties.

Any contact with you will be in direct response to a query, booking or order from you based on your consent to being contacted.

Any purchases made will be handled through PayPal so that we will never hold your card/payment details and will never ask you to provide us with such details directly.

We give our customers the option to sign-up to our newsletters to receive occasional news on upcoming events, products and general information. We provide the option to sign-up via our website or it can occasionally be processed manually if requested.

Email marketing campaigns may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database to improve how we communicate with the customer and ensure content is relevant. Such tracked activity may include, for example: the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity.


External Links

While we do our best to include quality, safe and relevant external links we cannot take any responsibility for the privacy policy of any external websites. It is at the customer’s own risk to click on the hyperlink. It is always advisable to read the website’s own privacy policy statement if in doubt.


Social Media Platforms

Gordon’s Wine Bar does make use of social media where we share images, videos and information to better communicate and interact with our customers. All the social media use is based on the terms and conditions as well as the privacy policies held with each social media platform respectively.

Any image or video shared is carefully selected and if any individual is present they will not be identified without consent. Consent will always be asked to share any image or video which was not taken ourselves.

We will share links through social media which often will get shortened. An example being: https://bit.ly/zyVUBo. While we do our best to make sure all links are safe and genuine many social media platforms are prone to spam and hacking and therefore we cannot be held responsible for any damages or implications caused by clicking on a shortened link.


CCTV and Facial Recognition

We use CCTV surveillance for both our inside and outside areas to maximise security and safety for both customers and staff. Access to the recordings are limited and controlled. Recordings will only be used if an incident is reported or if required by law, furthermore, it will only be handled by persons with approved access. Such as: police, insurers or courts of law.

CCTV recordings are kept for a maximum of 28 days at which point they are automatically deleted.

We also use facial recognition for the prevention of unlawful acts and we are able to fulfil the requirement for this to be in the “substantial public interest” (a requirement of the Data Protection Act 2018) by using the Facewatch real time alerting service. Facewatch act as joint Data Controller as explained in their privacy policy: https://www.facewatch.co.uk/privacy/


Website and Cookies

We use Google Analytics cookies to monitor and analyse web traffic and this can be used to keep track of user behaviour.

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilises the Data collected to track and examine the use of this website, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualise and personalise the ads of its own advertising network. The place of processing is in the US protected under Privacy Shield. For more information please see: Google Privacy Policy. If you wish to opt out please click here

If you would like to restrict the use of cookies you can also control this through your Internet browser and instructions on this are easily found using google.


The purposes of the processing

We process personal data for the following purposes:

  • Recruitment and employment of staff
  • Sales and Marketing
  • Customer Communications
  • Security of our patrons, staff, premises, data and other assets


The lawful basis for the processing:

As a legal basis for processing personal data we rely on legal obligation, fulfilment of contract, consent, public interest and legitimate interest.

The right to withdraw consent:

Where we rely on consent to process your personal data you may withdraw that consent at any time and we will cease processing.

The legitimate interests for the processing:

We only rely on legitimate interest for processing the personal data of customers with whom we have an existing relationship and who reasonably expect to receive communication from us.

The categories of personal data obtained:

We only process the minimum amount of personal data to fulfil the purpose of the processing and the requirements of the legal basis for processing.

The recipients or categories of recipients of the personal data:

We only pass on personal data to other recipients to fulfil the purpose of the processing and the requirements of the legal basis for processing e.g HMRC, marketing service providers, accountants, suppliers.

The details of transfers of the personal data to any third countries or international organisations:

All our data stays in the UK except that stored using a cloud data storage provider in the USA who conform with the US Privacy Shield.

The retention periods for the personal data:

Once collected Data is retained for no longer than 28 days to 12 months unless required for longer due to legal requirements.

The source of the personal data:

We only collect personal data provided by the data subject themselves other than as detailed in this notice.

The details of whether individuals are under a statutory or contractual obligation to provide the personal data:

It will be clear when signing a contract with us which personal data is required by law or contract to provide.

 The rights available to individuals in respect of the processing:

 The Data Protection Act 2018 provides the following rights for individuals:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data portability
  7. The right to object
  8. Rights in relation to automated decision making and profiling.

To exercise your rights as a data subject under the Data Protection Act 2018 please email us at  info@gordonswinebar.com.


The right to lodge a complaint with a supervisory authority:

You have the right to lodge a complaint with the UK Information Commissioner’s Office.

January 2019.