1. Terms and Conditions (T&Cs)

Your T&Cs form the legal contract between your company (“Simo’s Hospitality”) and the customer using your website.

Key Sections to Include:

  • 1. Introduction:
    • Identify the legal entity operating the website (e.g., “Simo’s Hospitality,” its registered company number, and address).
    • State that by using the website and placing an order, the user agrees to be bound by these T&Cs.
  • 2. Definitions:
    • Define key terms like “We,” “Us,” “Our” (Simo’s Hospitality), “You,” “Customer” (the user), “Website,” “Order,” “Products.”
  • 3. Use of the Website:
    • Rules for using the site (e.g., users must be over 18 to place an order).
    • Rules regarding user accounts, if you have them (responsibility for password security, etc.).
  • 4. Placing an Order:
    • How an order is placed (offer and acceptance).
    • When the contract is formed (e.g., upon sending a confirmation email).
    • Your right to refuse an order (e.g., if an item is unavailable, payment fails, or the delivery address is outside your service area).
  • 5. Products, Pricing, and Payment:
    • State that all prices are in Euros (€) and include VAT, if applicable.
    • List the payment methods you accept.
    • Confirm how payment is processed (e.g., securely via a third-party processor like Stripe or PayPal).
  • 6. Delivery and Pickup:
    • The user’s responsibility to provide an accurate delivery address and contact number.
    • Your policy on delivery times (e.g., they are estimates and not guaranteed).
    • What happens if a customer is not available to receive the delivery.
    • Terms for “Pickup” orders (e.g., collection times, what the customer needs to bring).
  • 7. Allergen Information:
    • This is critical for a food business.
    • State that you provide allergen information (as seen on your site, e.g., “Allergens: 1(Wheat), 7”).
    • Include a strong disclaimer that while you take steps to minimise cross-contamination, you cannot guarantee that any product is 100% free from specific allergens.
    • Urge customers with severe allergies to contact the restaurant directly before placing an order.
  • 8. Cancellations, Returns, and Refunds:
    • Your policy on order cancellations (e.g., can a user cancel before cooking has started?).
    • Given the perishable nature of food, you likely will not accept returns.
    • Your policy on refunds for incorrect or poor-quality orders (e.g., customer must contact you within a specific timeframe, provide photo evidence, etc.).
  • 9. Limitation of Liability:
    • A clause that limits your financial and legal liability, to the extent permitted by Irish law. Your lawyer will be essential for drafting this.
  • 10. Intellectual Property:
    • State that all content on the website (logos, text, images, “Pesto Kitchen” brand) is owned by Simo’s Hospitality and cannot be used without permission.
  • 11. Governing Law and Jurisdiction:
    • State that these terms are governed by the laws of Ireland and that any disputes will be handled in Irish courts.

2. Privacy Policy (Incorporating GDPR)

This document explains what personal data you collect, why you collect it, how you use it, and how you protect it. This is a legal requirement under the General Data Protection Regulation (GDPR).

Key Sections to Include:

  • 1. Introduction:
    • State your commitment to protecting user privacy and complying with GDPR.
  • 2. Who We Are (Data Controller):
    • Clearly state the legal entity responsible for the data: Simo’s Hospitality, including its registered address. This is your “Data Controller.”
  • 3. What Personal Data We Collect:
    • Be specific. Based on your site, this will include:
      • Identity Data: Name.
      • Contact Data: Delivery address, billing address, email address, phone number.
      • Location Data: Postcode/Zip code (to find a location).
      • Transaction Data: Details of orders placed, payment details (though you likely only see partial details if you use a processor).
      • Technical Data: IP address, browser type, device type.
      • Usage Data: How users navigate your website.
      • Marketing Data: User preferences for receiving marketing (if you offer a newsletter).
  • 4. How We Collect Your Data:
    • Directly: When a user places an order, fills in a contact form, or enters their postcode.
    • Automatically: Through cookies and similar technologies (as your site’s cookie banner indicates).
  • 5. How and Why We Use Your Personal Data (Legal Basis for Processing):
    • You must link every data use to a legal basis under GDPR.
    • To Perform a Contract:
      • Processing an order (name, address, phone, order details).
      • Delivering an order (name, address, phone).
      • Taking payment (payment details).
    • For Our Legitimate Interests:
      • Improving your website and services (analysing usage data).
      • Customer service (using contact details to resolve an issue).
    • With Your Consent:
      • Sending marketing emails or newsletters (if you have an opt-in checkbox).
      • Placing non-essential cookies (as per your cookie banner).
  • 6. Data Sharing (Third Parties):
    • List who you share data with:
      • Delivery Drivers/Staff: To get the food to the customer.
      • Payment Processors (e.g.,revolut, Stripe, PayPal): To process payments securely.
  • 7. Data Security:
    • Describe the measures you take to protect user data (e.g., SSL encryption on your website, secure servers, limiting internal access).
  • 8. Data Retention:
    • Explain how long you keep personal data (e.g., “We will only retain your personal data for as long as necessary… for example, for 6 years to comply with Irish tax and accounting requirements.”).
  • 9. Your Legal Rights under GDPR:
    • List the user’s rights:
      • The right to access their data.
      • The right to rectification (correct errors).
      • The right to erasure (“right to be forgotten”).
      • The right to restrict processing.
      • The right to data portability.
      • The right to object to processing.
    • Provide a clear way for users to exercise these rights (e.g., an email address like privacy@pestokitchen.ie).
  • 10. Cookie Policy:
    • This can be part of the Privacy Policy or a separate page.
    • Explain what cookies are.
    • List the specific cookies your site uses (e.g., woocommerce_cart_hash, _ga for Google Analytics, etc.).
    • Explain why you use them (e.g., “Essential” for the basket to work, “Analytics” to improve the site).
    • Explain how users can manage or disable cookies (linking to their browser settings).
  • 11. Contact Us:
    • Provide clear contact details (email, address) for your Data Controller (Simo’s Hospitality) for any privacy-related questions.
    • Mention the user’s right to complain to the Irish Data Protection Commission (DPC).

Please take this framework to your legal advisor to get started. Good luck with your business.