Privacy notice – The Four Stones Restaurant

Your privacy and data is extremely important to us here at the Four Stones Restaurant. That’s why we have this document, so you know exactly how we store your information, how we use it and how we get it.

This information applies to our website, bookings and table software and email marketing subscriptions. Who we are? Our management team acts as our data controller, If you have any queries regarding this notice or anything within it, you can contact us using the information below:

By phone: 01562 883260 By Email: By Post: Adam's Hill, Clent, Stourbridge DY9 9PS, UK

For contacting the information commissioner’s office: By Phone: 0303 123 1113 Online:

What information do we collect?

We collect and store various different types of information about our customers, which are as follows:

  • Names
  • Telephone numbers
  • Email addresses

We collect this information in the following circumstances:

  • You book a table with us, either online or by phone. But you are able to restrict or

withhold the information if you wish when you do this

  • If you subscribe to our mailing list online
  • If you connect to our free wifi on site

How do we use personal information?

We use the information you give us for the following reasons:

  • Marketing (with consent)
  • Informing you of changes that may affect a service you have requested (for example, the restaurant is closed due to weather conditions and you have booked a table)
  • To improve your experience at our establishment (for example, if we know you have specific dietary or disability needs, we can make preparations without you informing us again

Where do we store and process personal data?

This information is stored in a variety of platforms and all within the UK. All platforms are cloud based and backed-up but also cached locally on devices in the restaurant (for example, if our internet is down, we still have your booking information accessible to us)

How do we secure personal data?

We take the security of your data extremely seriously, so we have and continue to take the following steps to prevent loss, authorised access and/or distribution:

  • All data access points are only accessible using secure passwords that are regularly changed and stored securely
  • We only collect what we deem is necessary and nothing more
  • All data storage is cloud based and backed-up

How long do we keep your personal data for?

We only store data for as long as we need it or until a deletion request is made. We store this information in some cases for marketing purposes and others for example to make the booking process easier for you.

As soon as the data is no longer relevant to us or you request its removal, we securely delete it and also remove it from our back ups.

Your rights in relation to personal data

Under the GDPR, we must respect the right of data subjects to access and control their personal data. You have the rights to:

  • access to personal information
  • correction and deletion
  • withdrawal of consent
  • data portability
  • restriction of processing and objection
  • lodging a complaint with the Information Commissioner’s Office

Upon the exercising of some of these rights by yourselves we may rely on identity confirmation checks to verify the authenticity of the request. If you cannot pass these checks, we’re legally obliged to deny the request.

We also cannot adhere to any requests where the scope would expose the personal data of others or if we’re required to keep the information by law.

Use of cookies and other technologies

Our websites contains cookies, which are small packets of data that are placed on the device that you are browsing our sites on. These provide anonymous information about how you view our sites and on what devices so we can improve our service and your experience interacting with these systems.

We also use these for anylitics purposes, to track how well our marketing strategies are performing

Linking to other websites / third party content

Our site also links through various means to various third party services. All data transferred between the two is securely transferred via means of SSL/TLS certification and encryption.