Privacy Policy

About Moores MP Ltd

This website is operated by Moores MP Ltd, a company registered in England and Wales.

We are the data controller for personal data collected through this website. Where you have any questions about this policy or how we handle your data, please contact us at hello@mooresmk.co.uk.

Personal Data We May Collect

We only collect personal data that you voluntarily provide to us, or that is automatically gathered during your use of this website. This includes:

• Catering and event enquiries — when you submit our enquiry form, we collect your name, phone number, event date, estimated number of guests, and any details you provide about your event.
• Email correspondence — if you contact us directly by email, we will retain a record of that correspondence.
• Technical data — standard server and network logs may include your IP address, browser type, and pages visited. This is collected automatically by Cloudflare, our infrastructure provider, as part of normal site operation and security monitoring.

We do not use analytics tracking, advertising pixels, or third-party cookies on this website. We do not collect payment information directly — all ordering and payments are handled by our third-party ordering platform.

Purposes and Legal Bases

We use the personal data you provide for the following purposes, each with the lawful basis we rely on under UK GDPR:

• To respond to catering and event enquiries — we process your name, phone, and event details to respond to your request. Legal basis: contract (Article 6(1)(b) UK GDPR) — processing is necessary to take steps at your request prior to entering a contract.
• To communicate with you — to follow up on your enquiry and provide information about our services. Legal basis: legitimate interests (Article 6(1)(f) UK GDPR).
• To maintain the security of our website and infrastructure — technical logs are processed to protect against malicious activity. Legal basis: legitimate interests.

We will never sell your personal data to third parties, use it for unsolicited marketing, or share it with anyone outside of what is described in this policy.

Retention Periods

We retain personal data only for as long as is necessary for the purposes described above:

• Catering enquiries that result in a booking — retained for 6 years from the date of the event for accounting and legal purposes.
• Catering enquiries that do not result in a booking — retained for no longer than 12 months from the date of enquiry, then securely deleted.
• General email correspondence — retained for up to 2 years.
• Infrastructure and security logs — retained by Cloudflare in accordance with their own data retention policies, typically 30 days.

Third-Party Processors

We use a small number of trusted third-party services to operate this website. Each acts as a data processor on our behalf and is contractually bound to handle your data securely:

• Cloudflare Inc. — provides our website hosting, content delivery, and security infrastructure. Cloudflare processes connection data as part of normal network operations. Cloudflare Privacy Policy.
• Resend Inc. — our email delivery provider. When you submit an enquiry form, your data is transmitted to Resend to facilitate delivery of your message to us. Resend does not use your data for any other purpose. Resend Privacy Policy.
• Google Fonts — fonts used on this website are loaded from Google's servers. This may involve Google receiving your IP address. Google Privacy Policy.

We do not share your data with any other third parties unless required to do so by law.

Our Use of Cookies

This website does not use cookies for analytics, advertising, or tracking purposes. We do not use Google Analytics, Facebook Pixel, or any similar tracking technology.

Cloudflare, our infrastructure provider, may set technical cookies (such as __cf_bm) for bot management and security purposes. These are strictly necessary for the site to function securely and do not require your consent under UK law.

Your Rights Under UK GDPR

You have the following rights regarding your personal data. To exercise any of these rights, contact us at hello@mooresmk.co.uk:

• Right of access — you can request a copy of the personal data we hold about you.
• Right to rectification — you can ask us to correct inaccurate or incomplete data.
• Right to erasure — you can ask us to delete your personal data where there is no legitimate reason for us to continue processing it.
• Right to restrict processing — you can ask us to suspend processing of your data in certain circumstances.
• Right to object — you can object to processing based on legitimate interests.
• Right to data portability — you can request your data in a structured, machine-readable format where technically feasible.

We will respond to all valid requests within 30 days. There is no charge for making a request.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection supervisory authority, at ico.org.uk or by calling 0303 123 1113.

How We Protect Your Data

We take the security of your personal data seriously. Measures we have in place include:

• All data transmitted to and from this website is encrypted via TLS (HTTPS).
• Our website is protected by Cloudflare's Web Application Firewall (WAF), DDoS mitigation, and bot protection.
• Security headers are applied to all pages, including Content Security Policy and HTTP Strict Transport Security.
• Form submissions are transmitted directly to our email service and are not stored in a database.
• API keys and credentials are stored as encrypted environment variables and are never exposed in client-side code.

While we take every reasonable precaution, no system is entirely immune to risk. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the ICO as required by UK GDPR.

Policy Updates

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we do, we will update the version date at the top of this page. We encourage you to review this page periodically.

Continued use of this website following any changes constitutes acceptance of the updated policy.

Get in Touch

For any questions, concerns, or requests relating to your personal data or this privacy policy, please contact us: