Privacy Policy
Introduction
This is Privacy Policy of Camile Thai Group Holdings Limited of Unit 9, Northern Cross Business Park, Finglas Dublin 11, Finglas, Dublin (Company number 562526) as data controller along with its subsidiaries and affiliates: Camile Thai Operations Limited, Camile Thai Kitchen Limited, Sutton Central Production Limited, Camile Franchising Limited, Thindi Ireland Limited, and Camilie Thai Kitchen (Property) Limited who share resources for operational and commercial purposes.
Any reference to “Camile Thai” in this policy or our terms of business refers to Camile Thai Group Holdings Limited and its subsidiaries and affiliates as defined above (hereby referred to as “Camile Thai”, “us” and “we”). The purpose of this Privacy Policy is to ensure that individuals understand how we process their information.
Camile Thai endeavours to comply with the General Data Protection Regulation, Data Protection Acts and data protection best practices.
We will process any personal information provided to us by individuals, whether it be provided through our websites (www.camile.ie, www.thindi.ie & www.camile.co.uk), our App (Camile Thai Ireland), in person, via social media, via a form, correspondence, telephone, email or by any other means, or otherwise held by us in relation to you, in the manner set out in this policy.
By submitting your information to us and or by using our websites or app you confirm your consent to the use of your personal information as set out by this Privacy Policy. If you do not agree with the terms of this Privacy Policy please do not use our websites, app or provide us with any personal information.
Camile Thai is a franchisor that has a number of independent franchisees operating under the Camile Thai brand. This Privacy Policy only apply to Camile Thai (as defined above) and not to any independent franchisees, however, there are documented written terms in place with franchisees who are responsible for their own data protection compliance and data shared with same is only used for the purpose of fulfilling customer orders and for no other purposes (i.e. no marketing, no advertising, etc. ).
Information collected by us
The information about you that we may collect, use, and store (process) includes:
Information necessary in order to enter into, facilitate, process, comply with any contractual relationship, or relating to the billing of an agreed business transaction. Such personal data processed includes:
Name
Email address
Phone number
Billing address
Delivery address
Payment details (e.g. credit/debit card details for payment)
Dietary requests (e.g. extra chilli, no onion, etc.).
Order history.
Please note we do not retain/store any payment details.
Information necessary to make “reasonable accommodation'” under the Equal Status Acts, or Employment Equality Acts (as applicable), on a case-by-case basis.
Information you provide to us by filling out any forms on the website, email, via social media or our app.
Records of correspondences whether by email, telephone, through any form on our website, app, social media, or by any other means,
Information you provide to us in person.
Details of any business or commercial transactions you carry out with us, whether through email, the website, telephone, app, or by any other means.
Details of your visits to our website or our app including traffic data, location data, weblogs and other communication data in accordance with our Cookie Policy that may identify personal information (e.g. cookies) and non-personal information (e.g. information of an anonymised or technical nature.
Any other personal data not listed here for the purposes of protecting the vital interests of data subject on a case-by-case basis.
Any other personal data not listed here for the purposes of fulfilling the legitimate interests pursued by us on a case-by-case basis.
Any other personal data not listed here for the purposes of fulfilling a legal obligation to which we are subject to (e.g. PAYE returns for employees).
How we use your personal information
We may use your personal information for the purposes of:
Processing any enquiry initiated or requested by you.
Entering into and or completing any sales related request by you, including placing an order, delivering an order and payment for the order.
Setting up, operating and managing any marketing and or advertising services subject to your consent (please see Marketing & Advertising below).
Debt collection and the collection of outstanding monies.
Providing, monitoring, reviewing and supporting our online presence via our website and social media (please see our Cookie Policy).
Provision of security to, and ensuring the health and safety of, employees, visitors and customers to Camile Thai premises.
Complying with any legal obligation imposed on us.
Camile Thai does not routinely process special categories of personal data and only does so when necessary to make “reasonable accommodation” under the Equal Status Acts and or Employment Equality Acts. Any request for “reasonable accommodation” will be assessed on a case-by-case basis and the data will be held as confidential, secure, will be used only for the purposes for which it was collected and will be destroyed or deleted once it is no longer necessary (in accordance with our data retention policy).
Camile Thai does not engage in any automated decision-making processing or automated profiling, nor do we use any personal data as a basis for any such automated decisions or automated profiling.
Camile Thai does not routinely transfer personal data outside of the EU or EE, however, Camile Thai may use external service providers who are based outside of Ireland to provide business functions but we have the necessary measures in place to ensure GDPR compliance. For example, Camile Thai uses Steer 73, that creates and manages apps, for the Camile Thai app. Steer 73 is based in the UK but the European Commission ruled the UK as a safe country for GDPR via what is known as an “adequacy decision” which ensures GDPR compliance.
In addition, we may use service providers may be located within another EU member state, and any that are, are subject to the One Stop Shop Mechanism as identified by the Irish Data Protection Commission. At present we do not transfer any data to the US but if we were to do so, we would in compliance with the EU-US Privacy Framework to ensure GDPR safeguards are maintained.
For more information about the UK adequacy decision, EU-US Privacy Framework and the One Stop Shop Mechanism please visit the Data Protection Commission’s website at www.dataprotection.ie.
Marketing & Advertising
Camile Thai serves delicious food along with franchise opportunities. For more information on our franchising opportunities please visit www.camile.ie/franchising.
With the consent of a data subject, we may use personal data for the purposes of:
· Marking and Sales promotions.
· Providing you with information about promotional offers on our products and services.
· Carrying out customer research or customer feedback.
At some interactions with Camile Thai you may be asked to consent to your data being used for marketing purposes.
Camile Thai is committed to privacy by design and privacy by default. As such, you will never have to ‘opt-out’ of our marketing processes; you will only ever have the option of ‘opting in’ if you’d like to be included. We do not engage in ‘pre-ticked’ boxes nor do we ever assume you would consent to your data being processed. You are free to withdraw consent for any marketing or advertising related matters at any time you want.
Social Media
Camile Thai engages a number of social media services and we strive to uphold privacy rights online. However, sometimes members of the public may post something objectionable and beyond our control to Camile Thai’s social media pages/forums. In such cases, we will act to rectify any difficulties as soon as we are notified or become aware of the problem. We do not provide a continuous monitoring of social media sites/forums so there may be a delay from the initial post to when we become aware of a problem.
Camile Thai sometimes hold marketing or advertising events in which employees of Camile Thai and the general public may be present. Such events are often held at public locations. Sometimes we may wish to take a photograph at such events to promote our brand or event on social media. In such cases, it is our policy for our photographer/social media handler to announce their presence and provide additional instructions and assistance. However, we do not have any control over private individuals or their social media accounts and we cannot stop members of the public from posting pictures of events online without the consent of all participants.
For information relating to social media usages, cookies or widgets, please see our Cookie Policy.
Information Storage
We will take reasonable steps to ensure that your information is kept secure and protected, including but not limited to electronic data being protected using appropriate software, relevant networks safety and security checks, and, where applicable, any physical data records will be kept in an appropriately secure environment.
We have a general data retention policy that relates to the retention of relevant data for seven years. Personal data that is no longer required will be destroyed and or deleted in a secure manner.
Please note we do not store or retain any payment or financial data (i.e. we do not store any debit card or credit card details) as we use Stripe (www.stripe.com/ie/privacy) for processing payments.
Requesting your data
Any person has the right to find out whether an organisation has any personal data about them, what they use the personal data for and ask for copies of personal data held by that organisation.
If you wish to make a data access request in order to get a copy of any personal data we may process, please write a letter stating that you wish to make a data access request and address it to Camile Thai Group Holdings Limited, Unit 9, Northern Cross Business Park, Finglas, Dublin 11.
Alternatively, you can email us at [email protected].
In order to process your request, we may request that you send us a copy of your identification (passport, driver’s license, etc.). The reason we ask for personal identification is to ensure that you are the correct person making the request for your personal data.
Unfortunately, verbal access requests cannot be entertained.
In response to any data access request, you have the right to refer the matter to the Data Protection Commission if you are unhappy with the outcome, however, we ask that you notify us first of any issue so that we may help resolve it as quickly as possible.
Rectifying mistakes
You have the right to rectify any incorrect or inaccurate personal data processed by us at no cost to you. If you believe that we are incorrectly processing any of your personal data, please inform us by writing to the above address or email [email protected].
Queries or complaints
If you have any queries or complaints regarding our Privacy Policy or any data protection matter, please let us know by writing to the above address or email us at [email protected].
Data Subjects have the right to refer any matter to the Data Protection Commission by contacting them at www.dataprotection.ie or by writing to Data Protection Commission, 6 Pembroke Row, Dublin 2, D02 X963.
If you are, for whatever reason, considering contacting the Data Protection Commission about us we would ask that you inform us of your difficulty first so that we can try to resolve it to your satisfaction.
Changes to our Privacy Policy
Any changes we may make to our Privacy Policy in the future will be posted on our website and any changes become effective immediately upon being posted to our website. Customers are requested to review our website, along with any changes to our Privacy Policy, on a regular basis.
Privacy Policy last reviewed: May 2025