1. INTRODUCTION
Welcome to the KellyDeli’s privacy policy.
KellyDeli respects your privacy and is committed to protecting your personal data. This
privacy policy will inform you as to how we look after your personal data when you visit our
website sushidaily.com (regardless of where you visit it from) and tell you about your privacy
rights and how the law protects you.
2. IMPORTANT INFORMATION AND WHO WE ARE
2.1 PURPOSE OF THIS PRIVACY POLICY
We take your privacy very seriously. Please read this privacy policy carefully as it contains
important information on who we are and how and why we collect, store, use and share any
information relating to you (your personal data) in connection with your use of our website.
It also explains your rights in relation to your personal data and how to contact us or a
relevant regulator in the event you have a complaint.
We collect, use and are responsible for certain personal data about you. When we do so we
are subject to the UK General Data Protection Regulation (UK GDPR). We are also subject
to the EU General Data Protection Regulation (EU GDPR) in relation to goods and services
we offer to individuals in the European Economic Area (EEA).
This website is not intended for children, and we do not knowingly collect data relating to
children.
It is important that you read this privacy policy together with any other privacy policy or fair
processing policy we may provide on specific occasions when we are collecting or
processing personal data about you so that you are fully aware of how and why we are using
your data. This privacy policy supplements other notices and privacy policies and is not
intended to override them.
2.2. CONTROLLER
KellyDeli Group is made up of different legal entities. This privacy policy is issued on behalf
of the KellyDeli Group so when we mention “KellyDeli”, “we”, “us” or “our” in this privacy
policy, we are referring to the relevant company in the KellyDeli Group responsible for
processing your data.
KellyDeli Company Limited – as identified below – is the controller and responsible for this
website.
Website Privacy Policy – January 2025
2.3. HOW TO CONTACT US
If you have any questions about this privacy policy or our privacy practices, please contact
us in the following ways:
Full name of legal entity: KellyDeli Company Limited
Email address: privacy@kellydeli.com
Postal address: 91-93 Great Eastern Street London EC2A3HZ London United
Kingdom
2.4 CHANGES TO THE PRIVACY POLICY
We keep our privacy policy under regular review.
This version was last updated in January 2025.
2.5 THIRD-PARTY LINKS
This website may include links to third-party websites, plug-ins and applications. Clicking on
those links or enabling those connections may allow third parties to collect or share data
about you. We do not control these third-party websites and are not responsible for their
privacy statements. When you leave our website, we encourage you to read the privacy
policy of every website you visit.
3. THE DATA WE COLLECT ABOUT YOU
3.1 Personal data, or personal information, means any information about an individual from
which that person can be identified. It does not include data where the identity has been
removed (anonymous data).
3.2 We collect personal information about you when you use our website ("Website") or
otherwise interact with us via other channels such as social networks.
3.3. We collect information that you provide to us directly when registering for our Sushi
Daily Club, communicating with us, making enquiries, completing our partnership application
form or visiting/using our website. This includes your name, username, password, address,
date of birth, email address, telephone number, your location, social media profile
information (where you reach out via social media such as Facebook or Instagram) and
content of your communications. We also collect transaction information from when you
make a purchase including your payment credit card information and the products you buy.
This also includes profile information such as the products you like.
Website Privacy Policy – January 2025
3.4 Other personal data can be collected indirectly and automatically, for example, your
browsing or shopping activity. We may also log general information about your browser or
device whenever you visit our website. This information may include your computer’s
Internet Protocol (IP) address, your browser type and version, the pages you visit on our
Website, the time and date of your visit, and the time spent on each page. Like most website
operators, we collect this data to better understand how our visitors use our services, and
how we may improve your experience of our website in future. Some of this data may be
obtained automatically through the use of cookies – please refer to our Cookies Policy
(https://sushidaily.com/gb-en/cookies-policy/) for more information.
3.5 In specific instances, we may need to collect additional data for the purposes explained
to you at that time.
3.6 We work with third parties (including, for example sub-contractors) who may collect
personal information from you and pass it on to us. Where this is the case, the relevant third
party is responsible for notifying the details of the same to you and for obtaining the relevant
consents from you (if necessary).
4. HOW IS YOUR INFORMATION USED AND WHAT IS THE LEGAL BASIS FOR THIS
USE?
4.1 We process your information for the following purposes:
4.1.1 To fulfil a contract. This includes:
- administering our reward club Sushi Daily Club;
- to process and fulfil any orders, subscriptions or other purchase made;
- to provide customer service;
- to process your payments;
- to verify your identity;
- to process any entries that you make into competitions run by us;
4.1.2 To conduct our business and pursue our legitimate interests, in particular:
- to communicate with you about products, services and offers that may be of interests to
you;
- to provide products you have requested and for customer services purposes to respond to
any comments or complaints you send us;
- to continuously improve our products and services and personalise your experience online;
Website Privacy Policy – January 2025
- to notify you about changes to our website.
- to provide you access to our website and to improve your user experience;
- to better understand our customers, how often they come to and how long they spent in our
website.
- for market research and customer services purposes.
4.1.3 Where you give us your consent:
- we send you marketing communications;
- we place cookies;
- on other occasions where we ask you for consent, we will use the data for the purpose
which we explain at that time.
4.1.5 For purposes which are required by law:
- responding to court orders, subpoenas or other legal processes with which we are required
to comply;
- for crime and fraud prevention, detection and related purposes.
4.2 In certain circumstances, some of the above grounds for processing will overlap and
there will be several grounds which justify our use of your personal information.
4.4 You aren't always required to give us your personal data, but where we need to collect or
process your personal data by law, or under the terms of a contract we have with you, and
you fail to provide that data when requested (or fail to consent to the processing of that data,
if necessary), we may not be able to perform the agreement or arrangement we have or are
trying to enter into with you, or provide you with certain of our goods and services.
5. WHO WE SHARE YOUR PERSONAL DATA WITH?
5.1 Third Party Service Providers working on our behalf
In order to make certain services available to you, we may pass your information to our third-
party service providers, suppliers. subcontractors. These include IT, Website hosting,
marketing service providers and payment processors (for example, to process deliveries and
send you your order confirmation). We only allow those organisations to handle your
personal data if we are satisfied they take appropriate measures to protect your personal
data
5.2 Third Parties with whom we transact
Website Privacy Policy – January 2025
If any of our businesses enter into a joint venture with, purchase or are sold to or merge with
another business entity, your information may be disclosed or transferred to the target
company, our new business partners, administrators, or owners or their advisors.
5.3 Sharing to comply with legal obligations
We may use the information that you provide to us if we are under a duty to disclose or
share your information in order to comply with any legal obligation.
5.4. Data Transfers
In addition to the data sharing described in section 5.1, 5.2 and 5.3, the information that we
collect from you may, where lawful, be transferred to, and stored at, a destination outside the
UK or the European Economic Area ("EEA").
Where we do so, we will sure that transfers:
- are made to countries that have been deemed to provide an adequate level of protection to
personal data; or
- are carried out under standard contractual clauses approved by the European Commission
as providing appropriate safeguards, copies of which are available to view on the
Commission’s website (https://ec.europa.eu).
If you would like further information about data transferred outside the UK/EEA, please
contact our Data Protection Officer (see ‘HOW TO CONTACT US’ above).
6. YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your
personal data. You have the right to:
6.1 Request access to your personal data (commonly known as a “data subject access
request”). This enables you to receive a copy of the personal data we hold about you and to
check that we are lawfully processing it.
6.2 Request correction of the personal data that we hold about you. This enables you to
have any incomplete or inaccurate data we hold about you corrected, though we may need
to verify the accuracy of the new data you provide to us.
6.3 Request erasure of your personal data. This enables you to ask us to delete or remove
personal data where there is no good reason for us continuing to process it. You also have
the right to ask us to delete or remove your personal data where you have successfully
exercised your right to object to processing (see below), where we may have processed your
Website Privacy Policy – January 2025
information unlawfully or where we are required to erase your personal data to comply with
local law. Note, however, that we may not always be able to comply with your request of
erasure for specific legal reasons which will be notified to you, if applicable, at the time of
your request.
6.4 Object to processing of your personal data where we are relying on a legitimate interest
(or those of a third party) and there is something about your particular situation which makes
you want to object to processing on this ground as you feel it impacts on your fundamental
rights and freedoms. You also have the right to object where we are processing your
personal data for direct marketing purposes. In some cases, we may demonstrate that we
have compelling legitimate grounds to process your information which override your rights
and freedoms.
6.5 Request restriction of processing of your personal data. This enables you to ask us to
suspend the processing of your personal data in the following scenarios:
6.5.1. If you want us to establish the data’s accuracy.
6.5.2. Where our use of the data is unlawful but you do not want us to erase it.
6.5.3 Where you need us to hold the data even if we no longer require it as you need it to
establish, exercise or defend legal claims.
6.5.4. You have objected to our use of your data but we need to verify whether we have
overriding legitimate grounds to use it.
6.6 Request the transfer of your personal data to you or to a third party. We will provide to
you, or a third party you have chosen, your personal data in a structured, commonly used,
machine-readable format. Note that this right only applies to automated information which
you initially provided consent for us to use or where we used the information to perform a
contract with you.
6.7 Withdraw consent at any time where we are relying on consent to process your personal
data. However, this will not affect the lawfulness of any processing carried out before you
withdraw your consent. If you withdraw your consent, we may not be able to provide certain
products or services to you. We will advise you if this is the case at the time you withdraw
your consent.
6.8 If you wish to exercise any of the rights set out above, when contacting us please:
provide enough information to identify yourself (eg your full name, address and customer or
matter reference number) and any additional identity information we may reasonably request
from you, and let us know which right(s) you want to exercise and the information to which
your request relates.
Website Privacy Policy – January 2025
You may also find it helpful to refer to the guidance from the UK’s Information
Commissioner (https://ico.org.uk/for-the-public/) on your rights under the UK GDPR.
7. HOW LONG WILL YOU USE MY PERSONAL DATA FOR?
7.1 Where we process personal data for marketing purposes or with your consent, we
process the data until you ask us to stop and for a short period after this (to allow us to
implement your requests). We also keep a record of the fact that you have asked us not to
send you direct marketing or to process your data indefinitely so that we can respect your
request in future.
7.2 Where we process personal data in connection with performing a contract, subscription
or for a competition, we keep the data for 2 years from your last interaction with us.
8 COOKIES
A cookie is a small text file which is placed onto your device when you use our website.
You can set your browser to refuse all or some browser cookies, or to alert you when
websites set or access cookies. If you disable or refuse cookies, please note that some parts
of this website may become inaccessible or not function properly. For more information
about the cookies we use (please see https://kellydeli.com/gb-en/cookies-policy).
9 KEEPING YOUR PERSONAL DATA SECURE
We have appropriate security measures to prevent personal data from being accidentally
lost, or used or accessed unlawfully. We limit access to your personal data to those who
have a genuine need to access it.
We also have procedures in place to deal with any suspected data security breach. We will
notify you and any applicable regulator of a suspected data security breach where we are
legally required to do so.
10 FRANCHISEES
Some of our kiosks and other businesses are run by franchisees. A franchisee is a separate
business that has a licence to sell produce under one of our brands.
Website Privacy Policy – January 2025
Each franchisee is responsible for compliance with privacy laws, and we place strict burdens
on franchisees to ensure that they do so. Occasionally, there may be an exchange of
personal data with a franchisee where it is necessary: for example, if you have raised a
query with us about a matter that relates to a franchised kiosk, we would be required to
discuss that issue with the franchisee, which would involve the use of your personal data for
this purpose.
