Privacy & Cookie Policy

1. Who we are

Salt Shore is a restaurant and brasserie located at Southwold Harbour, Suffolk. We are operated by Goldthorpe Pubs Limited.

For the purposes of UK data protection law, we are the data controller of the personal information you provide to us. This means we decide how and why your data is used.

If you have any questions about this policy or how we handle your data, you can contact us at:

  • Email: hello@saltshore.co.uk

  • Post: Salt Shore, Blackshore, Southwold, Suffolk, IP18 6TA

2. What personal data do we collect?

We collect only the data necessary to run the restaurant and communicate with our guests. This may include:

Enquiries and bookings

  • Name, email address, and phone number when you contact us or make a booking

  • Dietary requirements or accessibility needs you share with us

  • Correspondence you send us by email or through our website

Marketing emails

  • Your email address and name if you sign up to hear from us

Website usage

  • Information collected automatically via cookies and analytics tools (see Section 6)

  • IP address, browser type, and pages visited

3. Why we use your data and our legal basis

Under UK GDPR, we must have a lawful basis for processing your personal data. The basis we rely on depends on the purpose:

Handling bookings and enquiries

Legal basis: Contract and legitimate interests. We need your details to respond to you, manage your reservation, and ensure your visit runs smoothly.

Dietary and accessibility requirements

Legal basis: Legitimate interests and, where health data is involved, your explicit consent. We use this only to ensure we can look after you properly during your visit. We do not store this data longer than necessary.

Marketing emails

Legal basis: Consent. We will only send you marketing emails if you have opted in. You can unsubscribe at any time using the link in any of our emails, or by emailing us directly.

Website analytics

Legal basis: Consent (for non-essential cookies). We use analytics tools to understand how visitors use our website so we can improve it. This only happens where you have accepted analytics cookies.

4. How long do we keep your data?

We do not keep personal data for longer than is necessary. As a guide:

  • Booking and enquiry records: up to 2 years after your last visit or contact

  • Marketing email lists: until you unsubscribe or ask us to remove you

  • Financial records (where applicable): 6 years, as required by HMRC

  • Dietary and health information: deleted after your visit, unless you ask us to retain it for future bookings

If you would like us to delete your data sooner, please contact us, and we will do so unless we have a legal reason to keep it.

5. Who we share your data with

We do not sell your personal data. We may share it with trusted third parties only where necessary:

  • Booking platform providers — if your reservation is made through an online booking system

  • Email marketing platform — where you have opted in to receive marketing emails from us (e.g. Mailchimp)

  • Website analytics providers — such as Google Analytics, where you have consented to analytics cookies

  • Legal and regulatory authorities — where we are required to do so by law

All third parties we work with are required to handle your data securely and in line with UK data protection law.

6. Cookies

Cookies are small text files stored on your device when you visit a website. They help the site function properly and allow us to understand how it is used.

Under the Privacy and Electronic Communications Regulations (PECR), we are required to ask for your consent before placing any non-essential cookies on your device.

Strictly necessary cookies

These are essential for the website to function. They cannot be switched off. They do not store any personally identifiable information.

  • Session cookies: keep you logged in or maintain your preferences during a visit

  • Security cookies: protect against fraud and cross-site request forgery

Analytics cookies

These help us understand how visitors use our site — which pages are popular, where people come from, and how long they stay. We use this information to improve the website experience. These cookies are only set with your consent.

  • Google Analytics: collects anonymised data on site usage. You can opt out via your cookie preferences or by installing the Google Analytics opt-out browser add-on at tools.google.com/dlpage/gaoptout

Functional cookies

These remember your preferences to improve your experience (for example, your language or location). They are set only with your consent.

Marketing cookies

If we run paid advertising campaigns, marketing cookies may be used to measure how effective those ads are and to show relevant content to people who have visited our site. These are only set with your consent.

  • Meta Pixel (Facebook/Instagram): used to measure the performance of advertising campaigns

  • Google Ads conversion tracking: used to understand which ads lead to enquiries or bookings

How to manage your cookie preferences

When you first visit our website, you will be asked to accept or decline non-essential cookies. You can change your preferences at any time using the cookie settings link in the footer of our website.

You can also control cookies through your browser settings. Please note that disabling certain cookies may affect how the website works. For guidance on managing cookies in your browser, visit:

www.allaboutcookies.org

7. Your rights under UK GDPR

Under UK data protection law, you have the following rights regarding your personal data:

  • Right to access: you can ask us for a copy of the personal data we hold about you

  • Right to rectification: you can ask us to correct any inaccurate or incomplete information

  • Right to erasure: you can ask us to delete your data where we no longer have a lawful reason to keep it

  • Right to restriction: you can ask us to limit how we use your data in certain circumstances

  • Right to data portability: you can ask for your data in a structured, commonly used format so you can transfer it elsewhere

  • Right to object: you can object to us processing your data where we rely on legitimate interests, or for direct marketing purposes

  • Rights related to automated decision-making: we do not use automated decision-making or profiling

To exercise any of these rights, please contact us using the details in Section 1. We will respond within one month. We will not charge a fee for reasonable requests.

We may need to verify your identity before we can action your request.

8. Transfers outside the UK

Some of the third-party services we use (such as Google Analytics and Mailchimp) may process your data outside the United Kingdom. Where this happens, we ensure appropriate safeguards are in place, such as relying on adequacy decisions or standard contractual clauses approved by the ICO.

9. How we keep your data secure

We take reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, or misuse. Our website uses HTTPS encryption to protect data in transit.

Where we use third-party services to process data on our behalf, we ensure they meet appropriate security standards.

10. Changes to this policy

We may update this policy from time to time. When we do, we will update the date at the top of this page. We recommend checking back periodically if you want to stay informed about how we handle personal data.

Significant changes will be communicated clearly on the website.

11. How to complain

If you are unhappy with how we have handled your personal data, please contact us first and we will do our best to resolve it.

If you remain dissatisfied, you have the right to lodge a complaint with the UK's data protection authority:

Information Commissioner's Office (ICO)

  • Website: ico.org.uk

  • Helpline: 0303 123 1113

  • Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Updated May 2026