Privacy & Cookies

Privacy Notices and Cookie Policies

 

What is this notice for?

This notice explains what we do with your personal data and the steps we take to keep it secure. It explains when and how we collect personal data, who we share it with, how we process it and what your rights are in respect of the personal data processing we carry out.

 

The pub

The pub is the data controller in respect of this website and the services described in this notice.

 

When do we use your personal data?

We process your personal data when:

 

  • You use our website
  • You book a room or table
  • You make a payment or request a refund
  • You use our WiFi
  • You submit queries, compliments or complaints
  • We record CCTV images or emergency audio
  • An accident occurs
  • We impose a ban on visiting our pub

 

If we run any competitions or poker games, or record any promotional videos, photos or audio, we will provide a separate privacy notice for any personal data processing that this involves.

 

We don’t keep your personal data for any longer than we need it. See our retention periods for more details.

 

How we use your personal data

Most of our websites use cookies. Cookies are small text files which websites store on the device you use to access our websites. Some cookies contain personal data. In general, we use cookies to run our websites, monitor their use and understand how our customers use them. See our cookie policy for more details.

 

When you book a room, table or function

We will ask for your name, gender, address, telephone number and email address. We use this information to make and confirm your booking. If you book online, we will also record your IP address. We use this information to check that the booking is genuine.

 

If you’re making a booking on behalf of a work colleague, we will ask for information about your company and the guest, so that we can invoice and bill the correct party and welcome your colleague when they arrive at our venue.

Please also tell us about any preferences or specific needs you or anyone in your party has, especially dietary preferences, food allergies or access needs. We will use this information to make preparations for your visit and look after you whilst you stay with us.

 

When you make a payment or request a refund

If you want to pay for your purchases with a payment card, we will ask for your name and the card number, start and expiry date, verification code (CVC) and if prompted by the payment terminal, your personal identification number (PIN). We will also need these details to make any refunds.

We don’t normally record your payment card details. However, some booking agents transmit full credit card details by fax to whichever hotel you book. Whenever we are sent this information, we store it securely until the end of your stay with us.

 

When you use our Wi-Fi service (Sky)

We will ask for your name, email address, date of birth, gender, home address and mobile number so that we can register you for the service.

When you first register, and then each time you connect to the Wi-Fi service, we get information directly from your device and from the equipment used to provide the Wi-Fi service that describes where, when and how you registered, or where when and how you connected to the service. We use the date, the time, the name and location of the venue you are at and your device’s MAC address to provide the Wi-Fi service and to make the service as reliable as possible.

 

When you submit queries, compliments or complaints

We will ask for your title, name, address telephone number and email address so that we can identify you and discuss your enquiry with you. We will also ask for any other relevant information, such as further information about you, other members of your party, the pub or restaurant you visited and when, or your purchases. We will use this information to take your enquiry and respond appropriately to it.

 

When we record CCTV images or emergency audio

We use CCTV to help keep our guests and staff safe, so your image may be recorded when you visit us. We display signs at our venues to tell you when CCTV is being used. If no incidents take place, the CCTV images will not be looked at before they are deleted. However, if an incident occurs, we will review the CCTV images to see if they contain footage that relates to the incident.

 

In the event of an emergency at one of our venues, our staff may activate an emergency phone link which will automatically make an audio recording of what takes place during the call. Depending on the incident and the information that is recorded, these recordings may be used in any legal or insurance claim-related proceedings that follow.

 

When an accident occurs

If you are unfortunate enough to be involved in an accident on our premises, we will ask for your name, address, phone number, age and any other details that relate to the accident, such as information about any relevant health conditions you have or any injuries or treatments you received.

 

When we are a member of Pubwatch

Our venue is a member of a local Pubwatch scheme. General information about Pubwatch schemes can be found on the national Pubwatch web

 

 

site. You can find out more about a local Pubwatch scheme by asking a member of our staff at a participating venue, or visiting the relevant local Pubwatch scheme website.

We don’t ban people from our venues unless it’s absolutely necessary to do so. Sometimes we have to impose a ban after serious anti-social, dangerous or criminal behaviour has taken place. If you are banned from any of our venues or from any other venues that are members of a local Pubwatch scheme, we will use your name, photos of you and any other personal data that we need to identify you and which we can use lawfully, to enable our staff to record and enforce the ban and to let other Pubwatch members know about it.

 

Data retention

When you use our websites

Data is kept 25 months from your last known interaction with us

 

When you book a room, table or function

Booking information that you provide directly to a venue is normally held for 1 year from the end date of the booking. However, some of our venues use a booking diary and these diaries are kept for 2 years after they have been withdrawn from use. Contractual paperwork relating to bookings is kept for 2 years after the contract has concluded. When you make a booking online, we keep booking information for 13 months from the date of your last booking. However, if you ever opt in to receive direct marketing, this period is extended.

 

When you make a payment or request a refund

6 years from the date of the transaction. Payment card details are not retained unless they are faxed to us by your booking agent, in which case they are held until the booking has been completed and paid for

 

When you use our Wi-Fi service

13 months from the date you last used our Wi-Fi. However, if you ever opt in to receive direct marketing, this period is extended.

 

When you enter any of our competitions

Data is kept normally 4 months after the end of the competition, but please check the rules for each competition before you enter.

 

When you play pub poker in our pubs

Please check the privacy notice for the tournament you want to play in.

 

When you submit queries, compliments or complaints

Data is kept 1 year from the date of the last correspondence on the matter.

 

When we record CCTV images or emergency audio

CCTV is kept for 31 days and emergency audio is kept for 6 years, both measured from the date of the recording. However, in some situations, these periods may be extended.

 

When an accident occurs

Data is kept 6 years from the date of the accident, or 3 years from the age at which a child becomes an adult, or 3 years from the date of settlement of a claim, whichever occurs last.

 

When we impose a ban on visiting our venues

Please refer to the information sent to you when the ban was imposed or to the local Pubwatch scheme rules on the Pubwatch scheme website.

 

When you make a request to exercise your data protection rights

Information about your request and our response will be kept for 12 months from the date of our final response to you.

 

Data sharing

Other situations that may require us to share your personal data

We will share your personal data if we are required to do so by law or by a regulatory authority. For example, we may have to share your personal data for the detection or prevention of crime, fraud or money laundering, or to allow a regulator or ombudsman to investigate a complaint you have submitted to them.

We will share your personal data if we need to do so to protect our business interests, such as to enforce the terms of a contract, pursue an overdue debt or defend our legal rights.

 

Complying with DP Law

How do we comply with data protection law?

We have adopted the measures that we believe are necessary to comply with the Data Protection Act 2018. We have also adopted the measures that we believe are necessary to comply with the Privacy and Electronic Communications Regulations 2003. This law sets out an additional set of rules that we must follow whenever we communicate with you via any of our websites and apps, or by telephone, fax, email or text message.

 

 

Protecting your data

We protect the personal data we hold from theft, accidental loss, corruption and other threats that would have a negative impact on our customers. These protective measures include:

 

  • Not collecting personal data that we don’t really need
  • Destroying or anonymising personal data securely when we don’t need it any more
  • Only allowing our staff and our suppliers to process the personal data they need to carry out their duties
  • Encrypting personal data to render it useless to anyone who is not authorised to access it
  • Making sure that staff are trained on how to handle personal data safely and securely and are fully aware of their personal responsibilities
  • Binding our suppliers to the same standards and duties of care that we hold ourselves to
  • Protecting our websites, networks and IT systems from unauthorised access and from threats such as denial of service attacks, viruses and malware
  • Making periodic checks that all of these measures are working well and making improvements to them when we think we can do better

 

Making sure our processing respects the law

The ICO have published a helpful guide to lawful bases for the general public which you can find here. The lawful bases we rely on for the processing we do are shown in bold typeface:

 

When you use our websites

We process this personal data because it is in our legitimate interests to provide a fully-functioning, accessible and useful website to our customers.

 

When we need to verify your age

We process this data to satisfy our legal obligation to not sell alcohol to anyone under the age of 18. We also do so because it is in our legitimate interests to ensure that we do not market alcohol to anyone under the age of 18.

 

When you make a booking, payment, request a refund, use a loyalty card or  gift card, use our Wi-Fi, enter one of our competitions or when we send you service-related communications

We process personal data for these core business activities firstly to set up the contract that commits us to providing you with the services you want, and secondly to provide the services to you, as agreed

 

When you submit queries, compliments or complaints and when you participate in guest surveys

We receive and respond to lots of different types of enquiry. Sometimes our processing will be necessary for us to meet the terms of the contract we have with you. Otherwise we do so because it is in our legitimate interests to allow you to tell us what you think of our service, what we do well and what you think we can improve on

 

When we record CCTV images, emergency audio or telephone calls, when an accident occurs and when we impose a ban

We record accidents primarily for compliance with our legal obligations.

We use CCTV monitoring, emergency audio recording and record some of the telephone calls we receive because we think this is a proportionate approach to deterring the types of situations that present a safety risk to our guests and staff. If these deterrents are unsuccessful, we may impose a ban on visiting our premises, to protect our customers and staff. This processing is carried out because it is in our legitimate interests to do so.

 

Your rights

Data protection laws give you certain rights and as a responsible data controller, we are committed to uphold these for you:

 

Information

You have the right to know what we want your personal data for, what we will do with it, who we share it with and how long we keep it for. This is the primary reason for publishing this notice.

 

Access

You have the right to be sent information about the personal data we have about you and a description of what we are using it for. This is also known as a ‘subject access request’, ‘SAR’ or ‘DSAR’.

 

Rectification

You have the right to ask us not to process inaccurate personal data or to ask us to correct it.

 

Erasure (‘right to be forgotten’)

You have a right in certain situations to ask us to delete your personal data.

 

Restriction processing

You have a right in certain situations to ask us not to process your personal data.

 

Object to processing

You have the right in certain circumstances to object to the fact that we are processing some of your personal data.

 

Portability

You have the right in certain circumstances to ask us to pass some of your personal data to another data controller on your behalf.

 

Complain

You have a right to lodge a complaint with the UK Information Commissioner’s Office or in some situations, another European Union data protection authority.

 

Withdraw consent

Most of the personal data processing we do does not rely on your consent to make it lawful but any consent that we are relying on can be withdrawn by you if you decide you wish to do so.

 

How to control and delete cookies

We know that people have concerns about cookies, but we believe that the benefit that you and we gain from their proper use is worthwhile. You can delete the cookies – those files are stored as part of your internet browser. If you wish to restrict or block the cookies which are set by this website, or indeed any other website, or if you wish to receive notification of cookie placement requests or decline cookies completely, you can do this through your browser settings.

 

The Help function within your browser should tell you how. Please be aware that declining or denying cookies may prevent you from being able to use the website to its highest capability. If you would like more information about how cookies work, you may wish to visit www.aboutcookies.org which contains comprehensive information on how to disable cookies on a wide variety of browsers. You will also find details on how to delete cookies from your computer as well as more general information about cookies. For information on how to do this on the browser of your mobile device you will need to refer to your manual.

 

Detailed information about all of these rights can be found on the ICO website. For more information, please contact us using the details on the home page.