Book Now

EALING OAK – PRIVACY POLICY
Effective date: 14 November 2025

  1. Introduction
    Welcome to Ealing Oak. We respect your privacy and are committed to protecting your personal data. This policy explains what personal data we collect, why we collect it, how we use it, who we share it with, how long we keep it, and your rights under UK data protection law (UK GDPR and the Data Protection Act 2018).

  2. Data controller
    Ealing Oak
    Address: Popes Lane, London W5 4NT
    Email: privacy@ealingoak.co.uk

  3. Scope
    This policy applies to personal data we collect about customers, guests, job applicants, employees, contractors, suppliers, and website visitors. It covers data collected in person, by phone, by post, via our website, and by CCTV on our premises.

  4. Personal data we collect
    We collect only the data we need to run the business and deliver services. Typical categories include:

  • Contact information – name, email, phone number, billing address.

  • Booking and event data – booking dates and times, number of guests, special requests, dietary or accessibility requirements, payment status.

  • Transaction data – order history, receipts, payment confirmations. We do not retain full card numbers; card processing is handled by our payment provider.

  • Marketing preferences – newsletter subscriptions, consent records, communication preferences.

  • Technical and website data – IP address, device and browser type, cookie identifiers, pages visited, form submissions, analytics data.

  • CCTV footage and incident reports from our premises for safety and loss prevention.

  • Job applicant and staff data – CVs, references, right to work checks, payroll and HR records where applicable.

  1. How we collect personal data
    We collect data when you:

  • Make a booking or purchase in person, by phone, or online.

  • Sign up for our newsletter or marketing.

  • Contact us by email, phone, social media, or website form.

  • Use our website, where cookies and analytics may collect technical data.

  • Visit our premises where CCTV operates.

  • Apply for a job or provide information for employment purposes.

  1. Lawful bases for processing personal data
    We rely on one or more lawful bases to process personal data:

  • Contract – processing necessary to perform a booking, sale, or service you requested.

  • Consent – where you opt in to newsletters, marketing, or non-essential cookies. You can withdraw consent at any time.

  • Legitimate interests – for business operations such as improving services, preventing fraud, security, customer relationship management, and marketing analysis, balanced against your rights.

  • Legal obligation – where processing is required by law, for example tax, health and safety, licensing, or disclosure to authorities.

  1. How we use personal data
    We use personal data for clear operational purposes, including:

  • To provide bookings, services, tickets, and on-site hospitality.

  • To process payments, issue receipts, and manage refunds.

  • To communicate about bookings, events, offers, surveys, and service updates when permitted.

  • To manage dietary, accessibility, and special requirements.

  • To maintain site safety and security through CCTV and incident recording.

  • To recruit, onboard, and manage staff and contractors.

  • To analyse and improve our website, services, and guest experience using analytics tools.

  • To comply with legal, licensing, tax, and regulatory obligations.

  1. When we share personal data
    We only share the minimum personal data necessary with trusted third parties to deliver services or meet legal obligations. Typical recipients include:

  • Payment processors and banks for payment handling and refunds.

  • Booking and reservations platforms we use.

  • Email and marketing service providers for newsletters and campaigns where you have consented.

  • Website analytics and hosting providers for site performance and security.

  • IT and cloud service providers who store or process data on our behalf.

  • Law enforcement, regulators, or other public authorities where required by law.

  • Professional advisers, auditors, and insurers when necessary for legal, tax, or compliance reasons.

We require all processors to protect data and act only on our instructions.

  1. International transfers
    Some service providers we use may process or store data outside the UK. Where transfers occur we will put appropriate safeguards in place, such as standard contractual clauses or other lawful transfer mechanisms. Contact us if you want details of safeguards for a specific transfer.

  2. Cookies and tracking
    We use cookies and similar technologies to operate our website, remember user preferences, and gather analytics. Where required by law we obtain consent for non-essential cookies. You can control cookie settings through our cookie banner and via your browser settings. For more detail see our cookie notice on the website.

  3. CCTV and on-site monitoring
    We operate CCTV on the premises for safety, security, and loss prevention. Footage is retained for up to 30 days unless needed longer to investigate an incident, complaint, or legal matter. Signage notifies visitors where CCTV is in operation.

  4. Data retention
    We keep personal data only as long as it is necessary for the purposes outlined or to meet legal obligations. Typical retention periods:

  • Booking and transaction records – up to 6 years for tax and accounting.

  • Marketing consents and preference logs – until consent is withdrawn or for audit purposes.

  • CCTV footage – typically up to 30 days unless retained for an incident.

  • Job applicant data – up to 6 months to 1 year unless retained with consent for future roles.
    If you require a specific retention detail, contact privacy@ealingoak.co.uk.

  1. Your rights
    Under UK data protection law you have rights in relation to your personal data, including:

  • The right to access personal data we hold about you.

  • The right to request correction of inaccurate or incomplete data.

  • The right to request erasure of data in certain circumstances.

  • The right to request restriction of processing in specific situations.

  • The right to object to processing based on legitimate interests or direct marketing.

  • The right to data portability where processing is based on consent or contract and is automated.

  • The right to withdraw consent where processing is consent-based.

To exercise any of these rights contact privacy@ealingoak.co.uk. We may need to verify your identity before responding. You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe your rights have not been respected.

  1. Security measures
    We use appropriate technical and organisational measures to protect personal data against accidental or unlawful loss, alteration, disclosure, or access. Measures include access controls, staff training, secure contracts with third-party processors, and regular security reviews. No system is 100 percent secure, but we take reasonable steps to keep data safe.

  2. Children
    Our services are not aimed at children under 16. If we become aware we have collected personal data from a child under 16 without parental consent we will take steps to delete that information.

  3. Changes to this policy
    We may update this policy from time to time. Material changes will be published on our website with an updated effective date.

  4. Contact and complaints
    If you have questions, requests, or concerns about how we handle personal data contact:
    Email: privacy@ealingoak.co.uk
    Address: Popes Lane, London W5 4NT

If you remain unhappy after contacting us you have the right to complain to the Information Commissioner’s Office.

Scroll to Top

Get Your 25% Voucher

This voucher can be used once and is valid on all food purchases Monday to Thursday , Cannot be Used in conjuntion with any other offers.