Last update: March 2021
Thanks for using one of our platforms. Whether it was visiting one of the Nando’s websites, downloading and installing the Nando’s App or for using one of our services which requires you to provide us with your Personal Information (as defined below). We want to make sure you feel comfortable about what happens when you browse our website or give us any of your information. Formal’s not our style, so we’ve made this as easy to read as we can (but we can’t help it being so long, sorry).
Our websites in the UK and the Republic of Ireland are:
We’ll refer to these websites, our App and other services which require you to provide us with your Personal Information collectively as the “Service” in the rest of this policy (it just saves time).
For the purpose of the Data Protection Act (the “Act”), the Data Controller of our Services for both UK and Irish customers is Nando’s Chickenland Limited (UK). Data Controller is just a legal term that means we have responsibilities of your Personal Information under the Act. Our registered company number is 02580031. We are registered with the UK Information Commissioner's Office (Registration Number: Z9462934).
All information will be held and used in accordance with the Act. If you want to read more about the Act, have a look here:
United Kingdom: ico.org.uk/your-data-matters/
1. What information will Nando’s collect about me?
When you visit our Service (in a restaurant, on a mobile device, tablet or desktop) or download and use our App, you may provide us with information personal to you including for example your name, your address, your postcode, your email address, your mobile phone number and your date of birth, whether you are a student, and the other information outlined below (your "Personal Information"). You may provide additional Personal Information if you wish.
You may provide us with Personal Information in a number of ways:
1) by registering your Nando’s Card (either online or using our App) or by subscribing to receive email, SMS or Push communications from us. To become a registered Nando’s Card holder you must provide us with your name, email address, date of birth and postcode, but you may provide us with additional information if you choose to do so.
2) when using one of our Eat In services, such as table reservation, virtual queue management or completing an order at your table you may be asked to provide basic registration details such as your name, email address and a contact phone number.
3) by ordering a takeaway using our online ordering service or by using our App. When you place a takeaway order online we may collect information such as what items you’ve browsed, your favourite and past orders, restaurant locations, if you’ve applied any dietary filters and order values.
4) by inputting your payment details – but only in order to complete a transaction.
5) by allowing us to collect your physical geolocation through our App (if you have enabled Location Services and agreed to allow Nando’s to send you Push messages) or website (e.g. to determine your nearest location for an online order fulfilment).
6) by registering a Nando’s Gift Card online (in order to protect or spend any of your balance).
7) by registering to use our in-restaurant WiFi services.
8) by signing up for promotions or competitions.
9) by corresponding with our Customer Experience team by email, live chat, in writing, on social media or telephone, in which case we may retain the content of your emails, letters or conversations together with your title, name, email address, the social media username that you’re using, telephone number and our responses.
10) by registering your NHS email address to enable your entitlement to Emergency Services discount online.
We may also collect information about your device, including (where available) your IP address, operating system and browser type, the geographical location of your device, how you use our Service, and the date and length of your visit. This information is collected automatically. This information is aggregated and it does not identify you as an individual. We do this to help improve your experience on our Service.
2. How will you use my Personal Information:
We use your personal information for:
1) allowing you to create a Nando’s account and to use any of the services we provide to account holders
2) allowing you to make a table reservation, be alerted to table availability and/or to process and pay for an order at your table
3) processing an order for collection or delivery
4) allowing you to register your Nando’s Loyalty or Gift Cards with us and to respond to any correspondence (emails, letters, post by owls…);
5) contacting you with information about Nando’s products, services, news and special offers, if you’ve given your consent (signed up to it) when you registered with us;
6) making sure you get the best experience from our Service - depending on what computer or device that you’re using;
7) if you’re using the App (and you have given us permission to do so by enabling this on your device), sending you ‘Push’ notifications containing information about our products and services and to provide you with information in the App;
8) notifying you about changes or updates to any of our Services;
9) carrying out market research and product development;
10) meeting legal, regulatory and compliance requirements;
11) investigating any complaints about the Service;
12) investigating any safety or security incidents or breaches;
13) responding to any reasonable enquiry from the NHS Test and Trace organisation; or
14) allowing you to verify your NHS email address against your Nando's account so that you can use the Emergency Services discount online.
We always want to make sure you’re in control of the information you give us, so we will ensure only the data we really need for the services being used is processed.
3. What is the lawful basis for processing my Personal Information?
We will only use your personal information when the law allows us to. In most cases, we will use your personal information in the following circumstances:
1) Where we need to perform the contract we have entered into with you, e.g. in the processing of an online or eat in order, making a table reservation etc.
2) Where we need to comply with a legal obligation, e.g. in the investigation of a complaint or accident.
3) Where it is necessary for our legitimate interests, e.g. to gather feedback from you on our products and services
4) Where we have your explicit consent to do so, e.g. if you have signed up to receive our regular newsletter emails
4. Do you share my Personal Information with anyone else?
We only share information with companies that we use to help us better understand and serve you. We never sell or give your Personal Information away to anybody.
We may share your Personal Information with:
We’ll share your “Personal Information” with people or departments within Nando’s but only if they have a need to access it.
When you place an order with us for delivery, we will only share the personal information required by our partners to fulfil your order.
Likewise, if you use reserve a table at one of our restaurants or process an order at your table our carefully selected partners will only collect and process the personal information needed to deliver that service.
We engage third party payment processors to process the payment of your online order. These third party processors may store your payment card details, if you want them to, to speed up your transaction time. If you do not want to take advantage of this, please do not select this function.
We may also share Personal Information with third parties for marketing, advertising and strategic development purposes to help us understand customer trends and patterns and to make sure that Nando’s is talking to you about the most relevant things. We have Agreements in place that define what third parties can and cannot do with your Personal Information. We also conduct periodic reviews of third parties to ensure compliance. However we will only send marketing to you where you have previously consented to receiving marketing materials from us.
We may also share such details with auditors or legal professionals to obtain professional advice. If we do this, your statutory data protection rights will be preserved.
You should be aware that if we’re requested by the police, a regulatory or government authority in the investigation of suspected illegal activities to provide your Personal Information, then we are entitled do so.
Occasionally, we’ll ask to share your Personal Information with third parties for marketing purposes. We’ll only do this when we have your explicit consent to do so (for example, when you enter a competition we’ll ask for your consent). If you don’t give your consent, it won’t prejudice your chances in any competitions. Promise.
We are using customer insight tools to improve our websites and app. These services may record the screens you visit on our website and some high-level device information. They do not collect personally identifiable information and do not track your browsing habits across apps or websites.
5. What security measures are in place to protect my “Personal Information”?
The transmission of information via the internet is not completely secure. Although we take steps to protect your information, we can’t guarantee the security of your data transmitted to the Service; any transmission is at your own risk. We have implemented reasonable technical and organisational measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration or disclosure. We’ll continue to maintain and improve these security measures in line with legal and technological developments.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
6. How and where will Nando’s store my Personal Information?
Where you’ve chosen a password which allows you to access certain parts of our Service, please keep this confidential – this one’s on you! We recommend that you don’t share your password with anyone else (even your Mum). We recommend that your password is unique to your Nando’s account. We will not be liable for any unauthorised access or transactions entered into using your name and password where it has been shared with your permission or if you haven’t taken adequate steps to prevent it on either a desktop computer or another device. If you access our Service using a public computer, we advise you not to store your password and to log out of any parts of our Service. If you’re using a mobile phone or tablet to use our Service, we advise that you have an appropriate passcode (not the easiest one possible… you know the drill).
7. Links, advertisers, third party sponsors & ad-servers
8. How can I find out what Personal Information Nando’s holds about me or update my details?
The Act gives you the right to access your Personal Information that we hold. To protect your privacy and security, we’ll take reasonable steps to verify your identity before we carry out your request. We will not ordinarily charge a fee for access to your Personal Information but we are entitled to charge a reasonable fee for providing a copy of your Personal Information to you if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You also have the right to ask us to update or amend any information that is wrong, ask us to stop sending you marketing information (we won’t take it to heart, honest) or even to ask us to delete your account and the associated Personal Information.
If you have any questions about what we do with your Personal Information, ask us to make any changes to your account or to make a complaint please contact us using one of the methods below:
Speak to our Customer Experience team by telephoning 020 3974 2182 (Monday-Friday 9:00 – 17:30)
Chatting to us using the live chat function on our website
Emailing us at firstname.lastname@example.org
Writing to us at Nando’s Customer Experience, Erico House, 93-99 Upper Richmond Road, Putney, London SW15 2TG
Messaging us on Facebook or Twitter (if you’re sending us your number or anything else personal to you then please only do this via a direct message).
Or contact our Data Privacy Officer by emailing email@example.com
We hope we can answer any questions or resolve any problems but if you are still unhappy then you can contact the:
United Kingdom: Information Commissioner’s Office via their webservice www.ico.org.uk
Republic of Ireland: Information Protection Commissioner via their webservice http://www.dataprotection.ie
9. How long will Nando’s keep my information for?
We won’t keep your Personal Information for longer than is necessary for legitimate business purposes or than is required by law.
During the Coronavirus recovery period, we may be asked by the appropriate Government(s) to retain certain personal information for an extended period of time to aid track and trace capabilities.
When required to do so we will always ensure the data retained and, where applicable, shared, is always proportionate and limited to what is necessary.
10. The use of our service by under 14s
Our Services are not intended for children and are therefore only to be used by anyone aged 14 or over and those under the age of 16 should have their parents or guardians’ permission. We encourage the supervision of children's online activities. For example, parental control tools which are available online to help provide a child-friendly online environment. These tools can also prevent children from disclosing their name, address, and other Personal Information online without parental permission. Your child's privacy is important to us and we are committed to safeguarding children's Personal Information collected online. Users of our Service may participate in many activities without providing any Personal Information. However, if you’d like to participate in certain interactive features on our Service, we’ll ask you to provide us with certain information, such as your email address and age. Nando’s will not send any marketing communications to anyone who has disclosed that they are aged under 16.
12. How can I contact Nando’s?
Nando’s Customer Experience, Erico House, 93-99 Upper Richmond Road, Putney, London SW15 2TG.
If you’re reading this and you made it through all that, we’re pretty impressed right now.