Subscribe to our newsletter
Sign up to our newsletter to be the first to know about new dish drops, recipe content, and exclusive events. As a thank you for subscribing, you’ll be entered into a monthly prize draw to win a £100 gift card.
Sign up to our newsletter to be the first to know about new dish drops, recipe content, and exclusive events. As a thank you for subscribing, you’ll be entered into a monthly prize draw to win a £100 gift card.
We are the Black Rock Restaurants group (“the Group”). Companies within our group operate our restaurants, The Salt Room Brighton, The Coal Shed Brighton, The Coal Shed London and Burnt Orange. Your personal data may be obtained and used from time to time by one of the Group companies, and some personal data held by Group companies will be shared with other Group companies for the purposes and on the terms set out in this Privacy Policy (“Policy”)
The companies forming part of the Group are as follows:
Black Rock Restaurant Group Ltd,
88 Boundary Road
Hove
East Sussex
BN3 7GA
COMPANY NO: 10676136
VAT NO:
The Coal Shed Brighton
8 Boyces Street
Brighton
BN1 1AN
BN3 7GA
COMPANY NO: 07636495
VAT NO: 116 2826 28
The Salt Room
106 Kings Road
Brighton
BN1 2FU
COMPANY NO: 09188061
VAT NO: 199955913
The Coal Shed One Tower Bridge
Crown Square
London
SE1 2SE
COMPANY NO: 10537198
VAT NO: 263051824
Burnt Orange Bars Limited
59 Middle Street.
Brighton
BN1 1AL
COMPANY NO: 12108851
VAT NO: 263051824
This Policy aims to ensure compliance with the GDPR. The GDPR sets out the following principles with which any party handling personal data must comply. All personal data must be:
Under the Data Protection Act 1998, the General Data Protection Regulation (from 25 May 2018) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (and any laws which amend or replace these) (“Data Protection Law”), you have certain legal rights associated with information about you (“personal data”) and organisations which use (or “process”) your personal data have certain obligations.
More specifically, “Personal data” means information about a living individual which allows them to be identified, either from the data by itself or when the data is combined with other information held by the person who has it.
Each of our Group companies is a data controller under the Data Protection Law. We will use personal data we obtain about you in accordance with this Policy.
We are committed to ensuring that your privacy is protected, and your personal data is handled in a safe and responsible way.
This Policy is provided to aid you in understanding what we do with any personal data that is obtained from you. We endeavour to protect your privacy and any information we hold on you will be used only (i) for the purposes we originally collect it for (as explained in this Policy) and (ii) for other purposes which are compatible with those original purposes. We will update this Policy from time to time to explain how we use your personal data, including any new “compatible” purposes we decide to use your data for.
If you have any questions about this Policy, wish to correct any information we may hold on you, or want to exercise any of your rights under Data Protection Law, please contact the Group’s Data Protection Manager:
[info@coalshed-restaurant.co.uk/ info@coalshed-restaurant.co.uk/ towerbridge@coalshed-restaurant.co.uk/info@burnt-orange.co.uk]
Or write to us at the address of the Group company (or restaurant) you have been dealing with. Our addresses are set out above.
You have the right to make a complaint about our use of your personal data at any time to the Information Commissioner’s Office (“ICO”). The ICO is the UK’s supervisory authority for data protection issues (www.ico.org.uk).
If you do have a problem, question or concern about our use of your personal data, we would appreciate the chance to try to help you before you approach the ICO. Please feel free to contact us in the first instance using the Data Protection Manager’s contact details above.
We may collect personal data about you in the following ways:
you provide us with information when you visit the restaurant, which may include your name and contact details, or information about your preferences
We may collect the following information:
If you work with us or apply to work with us, we may collect:
You may submit your CV if you’re interested in working for us to jobs@burnt-orange.co.uk
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested:
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for (or any purpose which is not incompatible with those purposes), including for the purposes of satisfying any legal, accounting, or reporting requirements.
Purpose/Activity | Type of Data | Lawful basis for processing including basis of legitimate interest |
---|---|---|
To make a reservation or arrange a booking for an event. | (a) Identity data (b) Contact data (c) Financial data (for credit and/or deposit purposes when arranging events) |
(a) Performance of a contract with you (b) Necessary for our legitimate interests (c) Your consent |
To fulfil our contractual obligations to and enforce our contractual rights with our customers and suppliers, including to (a) Manage payments, fees and charges; (b) Collect and recover money owed to us; (c) Obtain goods and services from our suppliers; (d) Provide goods and services to our customers |
(a) Identity data (b) Contact data (c) Financial data (d) Transaction data |
(a) Performance of a contract with you (b) Necessary for our legitimate interests (to recover debts due to us) |
To manage our relationship with you which will include: (a) Notifying you about changes to our terms or Privacy Policy (b) Contacting you about products or services we obtain from or provide to you or your employer |
(a) Identity data (b) Contact data |
(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how our products/services are used and received) |
To administer and protect our business | (a) Identity data (b) Contact data |
(a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how our products/services are used and received) |
To administer a contract for services or contract of employment between us –we will provide you with further information about this when we collect information from you and during the course of our relationship) | (a) Identity data (b) Contact data (c) Financial data |
(a) Performance of a contract with you (b) Necessary for our legitimate interests (to administer the economic relationship between us) (c) Necessary to comply with a legal obligation (related to your work or workplace or our obligations under the law in relation to these) |
To ensure that our diners’ health, religious and dietary preferences are respected | (a) Identity data (b) Contact data (c) Special category data |
a) Performance of a contract with you (b) Necessary for our legitimate interests (to ensure a great dining experience) (c) Necessary to comply with a legal obligation (protecting your health and welfare on our premises) (d) Protecting your vital interests (e) your consent (where we ask you for this in relation to special category data) |
To make suggestions and recommendations to you about products or services that may be of interest to you | (a) Identity (b) Contact (c) Technical (d) Usage (e) Marketing and Communications |
Necessary for our legitimate interests (to develop our products/services and grow our business) |
We do not use any form of fully automated decision-making.
We do not transfer your personal data outside of the European Economic Area(“EEA”)in the ordinary course of our business. Should we need to do so in exceptional circumstances, or should our practices change (for example, should we host data outside the EEA or should we obtain data from an application or website you use for bookings which keeps data outside the EEA) we’ll only transfer personal data outside the EEA in accordance with Data Protection Law.
You have rights under Data Protection Law in relation to your personal data. These are the rights to:
More details are set out below. If you wish to exercise any of the rights set out above, please contact our Data Privacy Manager.
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you in order to verify it is correct and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where we have no lawful basis under Data Protection Law for continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data. You have a limited right under the Data Protection Law to object to use of your personal data where we are relying on our legitimate interests (or those of a third party) as the lawful basis for using your personal data, and there is something about our use of personal data in your particular situation which you feel is contrary to your fundamental rights and freedoms. If you wish to exercise this right, you will need to explain why this is and we are not obliged by the Data Protection Law to stop using your data simply because you object. We may, for example, have another valid lawful basis for using your personal data. Even if we do not, we may determine that our legitimate interests or those of a third party give us compelling legitimate grounds to process your information which allow us to continue using it.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish your personal data’s accuracy; (b) where our use of the personal data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it because you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. If you work with us, it may also make it difficult for us to administer the relationship between us. We will advise you if this is the case at the time you withdraw your consent.
We take security seriously and we take precautions to keep your personal data secure. We have put in place appropriate physical, electronic and managerial procedures to safeguard the information we collect.
We have no control over the privacy of any communications while in transit to us. We recommend that you not include confidential, proprietary or sensitive information in paper or electronic communications.
In the unlikely event that we believe that the security of your personal data in our possession or control may have been compromised, we may seek to notify you of that development. If a notification is appropriate, we would endeavour to do so as promptly as possible under the circumstances, and, to the extent we have your e-mail address, we may notify you by e-mail.
You are reminded that, in accordance with the Terms and Conditions for our websites, which refers to and incorporates our Policy (as updated from time to time), you are responsible for maintaining the strict confidentiality of any password, and you are responsible for any activity under any account and password associated with our websites or any third party service you use to book a table or event with us. It is your sole responsibility to control the dissemination and use of your password, control access to and use of your account, and notify us (in the case of accounts on our own websites) when you desire to cancel your account. We will not be responsible or liable for any loss or damage arising from your failure to comply with this obligation.
In common with many websites, we use “cookies” to help us gather and store information about visitors to our websites. A cookie is a small data file that our server sends to your browser when you visit the site. The use of cookies helps us to assist your use of certain aspects of the site. You can delete cookies at any time, or you can set your browser to reject or disable cookies.
We primarily use information from cookies for the following purposes:
We may also use clear gifs (also known as web bugs or web beacons), which are tiny graphics embedded in web pages and email messages that we use, in connection with cookies, to collect non-personal information from users to analyse site usage, manage content on the site, track visits to other related sites, and track the performance of online advertising.
We may also connect the information that we collect through cookies and clear gifs with other personal data that you provide to us in order to: customise or personalise your experience of the site; for example, so that we can greet you on the site by name; conduct transactions, such as credit card sales; monitor your use of our website(s) in order to make our communications to you as relevant as possible and for other marketing and advertising research purposes.
We value the security of your personal data and only share such information with third parties that provide adequate protection for such data. From time to time, we may disclose personal data to:
Our websites may contain links or references to other websites outside of our control. Please be aware that we have no control over these websites and our Policy does not apply to these sites. We encourage you to read the privacy information and terms and conditions relating to any linked or referenced websites you enter.
We keep our Policy under regular review and will occasionally update this policy to reflect company and customer feedback. We will place any updates on this web page. This privacy policy was last updated on 12th April 2021.
This website uses cookies so we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful. You can adjust your preferences below.
Essential Cookies are enabled at all times so that we can save your preferences for cookie settings. These cookies do not collect any personal or sensitive information or IP addresses. Furthermore, the information they store is not sent to any 3rd parties.
This website uses third party cookies such as Google Analytics to collect anonymous information, for example the number of visitors to the site, and the most popular pages. Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!
More information about our Cookie Policy