At Deliciously Ella, we are committed to protecting and respecting your privacy.
We want to give you the best service possible. In order to achieve this, when you interact with us be it in our deli, on our website, within our app or when you subscribe to our newsletter, we will gather information on you in order to improve these interactions. Some of this data you will formally give us like your email address and other information may be anonymously gathered.
Please read the following carefully to understand how we collect and process your personal data.
This covers, without limitation, your interaction with and use of our Deliciously Ella website, deliciouslyella.com, and any component element or part of that website, including the Deliciously Ella app, our Webshop, our Newsletter and any of our other Services, whether interacting with and/or using our Services as a consumer or while in the course of work or in any other business or enterprise capacity, context or environment.
This website is not intended for children and we do not knowingly collect data relating to children.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Deliciously Ella is the trading name used by The Mae Deli Limited and Deliciously Ella Limited, both companies within the Group ultimately owned and controlled by M&E Mills Holdings Limited whose Head Office is at: 250 Tottenham Court Road, 1st Floor, London, W1T 7QZ, United Kingdom.
Deliciously Ella Limited is the controller and responsible for your personal data. Our registration reference is: ZA122304
If you have any questions or concerns about our collection, use or disclosure of your personal information, please contact us at firstname.lastname@example.org.
Personal data means any information that may be used to identify you, such as your name, title, phone number, email address, or postal address. It is information where you as an individual can be identified. It does not include data where your identity has been removed.
We may collect, use, store and transfer different kinds of personal data about you including:
Sometimes you can choose if you want to give us your personal data and let us use it. Where that is the case we will tell you and give you the choice before you give the personal data to us. We will also tell you whether declining to share that personal data will have any effect on your use of our website and/or app or any services we provide.
We do not knowingly collect special categories of data (also known as sensitive personal data). If we were to do so, we would do so on the basis that it was necessary for reasons of substantial public interest, to establish, exercise or defend any legal claims, or in some cases, with explicit consent. In any case, we would carry out the processing in accordance with applicable laws.
We collect personal data from you in the following ways:
Under data protection laws, we can only use your personal data if we have a lawful reason to do so e.g:
A legitimate interest is when we have a business or commercial reason to use your personal data, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us.
Please see the table below which explains what we use your personal data for and why.
|What we use your personal data for||Our reasons|
|Creating and managing your account with us.||To perform our contract with you or take steps at your request before entering into a contract.|
|Providing products to you including providing information to third party providers e.g. financial services or delivery providers.||To perform our contract with you or take steps at your request before entering into a contract.|
|Conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or us.||To comply with our legal and regulatory obligations.|
|To meet our internal and external audit requirements, including our information security obligations.||To comply with our legal and regulatory obligations.|
|Customising our website and its content to your particular preferences based on a record of your selected preferences or on your use of the website.||Depending on the circumstances:|
|Retaining and evaluating information on your recent visits to our website and how you move around different sections of our website for analytics purposes to understand how people use our website so that we can make it more intuitive or to check our website is working as intended.||Depending on the circumstances:|
|Communications with you not related to marketing, including about changes to our terms or policies or changes to the products or other important notices.||Depending on the circumstances:|
|Protecting the security of systems and data used to provide the services.|
To comply with our legal and regulatory obligations
We may also use your personal data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests, i.e. to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us
|Statistical analysis to help us understand our customer base.||For our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service to you at the best price.|
|Updating and enhancing customer records.||To perform our contract with you or to take steps at your request before entering into a contract.|
|Disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our business||To comply with our legal and regulatory obligations.|
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
You can subscribe to our newsletters and marketing materials though our app, website and other channels and this includes entering competitions through, or subscribing to in to receive information from us through other channels.
We will use your personal data to send you the newsletters and marketing materials (either by email, text message, telephone or post). We may also send you updates on our products including exclusive offers, promotions and new products.
We have legitimate interest in using your personal data for marketing purposes. This means we do not need your consent to send you marketing information. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.
You have the right to opt out of receiving marketing communications at any time by clicking the unsubscribe link at the bottom of any of our newsletter emails or by contacting our Customer Support Team.
We will always treat your personal data with the utmost respect and never sell it with other organisations for marketing purposes.
To provide our services to you, we may share your personal data with:
In rare cases we may disclose your personal information:
Some personal data that we collect from you may be stored and processed outside the EEA by our service providers based in the USA who provide IT, sales, marketing and system administration services (all of whom are Privacy Shield certified).
For webshop orders your personal data required to make the order delivery will be shared with our third party fulfilment partner and with their delivery partner Royal Mail both based in the EEA.
These measures include:
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Where we have given you (or where you have chosen) a password which enables you to access Deliciously Ella, you are responsible for keeping this password confidential. You must not to share a password with anyone.
You have the right to ask us for more information about our safeguards. Please contact us if you would like to receive further details.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to Deliciously Ella; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We will delete your personal data within 30 days if you delete your account.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
You have certain rights regarding your personal data. These include the rights to:
request a copy of the personal data we hold about you;
Where we rely on our legitimate interests to obtain and use your personal data then you have the right to object if you believe your fundamental rights and freedoms outweigh our legitimate interests. Where processing is carried out based upon your consent, you have the right to withdraw that consent.
Your ability to exercise these rights will depend on a number of factors and in some instances, we will not be able to comply with your request e.g. because we have legitimate grounds for not doing so or where the right does not apply to the particular personal data we hold on you.
You should note that if you exercise certain of these rights we may be unable to continue to provide some or all of our products or services to you (for example where the personal data is required by us to comply with a statutory requirement, or is necessary in order for us to perform our contract with you).
We ask that you contact us to update or correct your personal data if it changes or if the personal information we hold about you is inaccurate.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.