Privacy Policy

This policy explains how nano-rift Culinary Ltd collects, uses, and safeguards your personal information.

Last updated: January 2026

Introduction

nano-rift Culinary Ltd ("we", "our", "us") is committed to protecting the privacy of individuals who visit our website and use our services. This Privacy Policy describes how we handle personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By accessing our website or engaging with our services, you acknowledge that you have read and understood this policy.

Data Controller

nano-rift Culinary Ltd is the data controller responsible for your personal data. Our contact details are:

nano-rift Culinary Ltd
42 Spitalfields Market
London, E1 6DY
United Kingdom

Email: [email protected]

Information We Collect

We may collect and process the following categories of personal information:

Information You Provide

  • Contact details such as name, email address, and postal address when you enquire about our services
  • Correspondence and communications you send to us
  • Booking information for cooking classes and events
  • Dietary requirements and food allergies relevant to service delivery
  • Payment information processed through secure third-party payment providers
  • Business information for commercial clients including company name and VAT details

Information Collected Automatically

  • Technical data including IP address, browser type, and operating system
  • Usage data such as pages visited, time spent on pages, and navigation patterns
  • Cookie data as described in our Cookies Policy

How We Use Your Information

We use your personal information for the following purposes:

  • To respond to enquiries and provide information about our services
  • To deliver the services you have requested
  • To manage bookings, payments, and customer accounts
  • To accommodate dietary requirements and ensure safe food preparation
  • To send service-related communications and updates
  • To improve our website and services based on usage patterns
  • To comply with legal obligations and protect our legitimate interests

Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Contract: Processing necessary to perform a contract with you or take steps at your request before entering a contract
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services and marketing, where these do not override your rights
  • Legal obligation: Processing necessary to comply with legal requirements, such as tax and accounting regulations
  • Consent: Where you have given specific consent for processing, such as marketing communications

Data Sharing

We do not sell your personal information. We may share your data with:

  • Service providers who assist in delivering our services, such as payment processors and email service providers
  • Professional advisers including accountants and legal counsel
  • Regulatory authorities where required by law

All third parties are required to respect the security of your data and process it in accordance with applicable law.

Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Retention periods vary depending on the type of data and purpose of processing. Generally:

  • Customer records: 7 years after the end of the business relationship
  • Enquiry correspondence: 2 years unless converted to a customer relationship
  • Website analytics: 26 months

Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure servers, and restricted access to personal data.

While we take reasonable precautions, no method of transmission over the internet is completely secure. We cannot guarantee the absolute security of information transmitted electronically.

Your Rights

Under data protection law, you have rights including:

  • Access: You can request a copy of the personal data we hold about you
  • Rectification: You can request correction of inaccurate or incomplete data
  • Erasure: You can request deletion of your data in certain circumstances
  • Restriction: You can request that we limit processing of your data
  • Portability: You can request transfer of your data to another organisation
  • Objection: You can object to processing based on legitimate interests
  • Withdraw consent: Where processing is based on consent, you can withdraw it at any time

To exercise these rights, please contact us at [email protected]. We will respond within one month of receiving your request.

International Transfers

Your personal data is primarily stored and processed within the United Kingdom and European Economic Area. If we transfer data outside these regions, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the relevant authorities.

Complaints

If you have concerns about how we handle your personal data, please contact us first and we will do our best to resolve the issue. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
United Kingdom

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The updated policy will be posted on this page with a revised "Last updated" date. We encourage you to review this policy regularly.

Contact Us

For any questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]
Address: 42 Spitalfields Market, London, E1 6DY, United Kingdom