Privacy Policy

Effective Date: 4 June 2025

Introduction
Dragons Estate Pubs Limited (“we,” “us,” or “our”) operates The George & Dragon Pub in Shipley, Horsham, and the website dragonpub.co.uk (the “Site”). We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, disclose, and secure your personal information when you:

• Make a table booking via Table Agent (in person, by phone, or through our email form).
• Book a room via Booking.com or by phone.
• Use our online booking/enquiry form (emails to [email protected]).
• Make payments on-site via Clover.
• Browse or interact with our Site.

By using our Site or providing us with your personal data (e.g., to make a booking, inquiry, or payment), you consent to the practices described in this Privacy Policy.

1. Data Controller & Contact

The data controller responsible for your personal data is:
Dragons Estate Pubs Limited
Registered Address: Hoes Farmhouse, Coolham Road, Shipley, Horsham, England, RH13 8PF
Operational Address: The George & Dragon, Dragons Lane, Shipley, RH13 8GE
Company No: 15872337
Email: [email protected]
Telephone: 01403 741320

For all data protection inquiries—including requests to exercise your rights under UK GDPR—please contact us at [email protected].

2. Information We Collect

2.1 Table Bookings (Table Agent)

When you make or request a table booking (in person, by phone, or via our email form to [email protected]), we enter your details into Table Agent on your behalf. We collect:

• Full name
• Mobile telephone number
• Email address
• Number of guests
• Date and time of booking
• Any special requests (e.g., dietary requirements)

We store your mobile number and email address in Table Agent in order to confirm your reservation, send notifications/reminders, and—if you opt in—request a review after your visit.

2.2 Room Bookings (Booking.com & Phone)

If you book a bed & breakfast room via Booking.com, Booking.com acts as a separate data controller for your reservation details in accordance with their Privacy Policy. We receive only the minimum information necessary (name, contact details, booking dates, payment confirmation) to fulfil your room reservation. If you book by phone, we collect:

• Full name
• Mobile telephone number
• Email address
• Check-in and check-out dates
• Any special requests

2.3 Online Booking/Enquiry Form (Email to [email protected])

Our Site’s “Book a Table,” “Book a Room,” or general enquiry form submits to [email protected]. We collect:

• Full name
• Mobile telephone number
• Email address
• Booking type (table or room) or enquiry topic
• Preferred date/time or stay dates
• Special requests or messages

2.4 Payments (Clover)

When you pay for food, drinks, or accommodation on-site, we use Clover as our payment processor. We do not store your full payment card details—these are processed securely by Clover. We may store:

• Last four digits of your payment card
• Transaction date, amount, and location (The George & Dragon Pub)
• Billing name and email (if provided for receipts)

2.5 Marketing & Notifications

If you opt in to receive marketing communications, we collect your:

• Email address
• Mobile telephone number (for SMS updates)

We may use your email and/or mobile number to notify you about:

• Booking confirmations, reminders, cancellations
• Post-visit review requests
• Special events at the pub (e.g., live music nights, quiz nights)
• New menu launches, seasonal promotions, or limited-time discounts
• General newsletters (subject to your consent)

You can unsubscribe from marketing emails at any time by clicking the “unsubscribe” link in the footer of our emails. To stop SMS notifications, reply “STOP” to any message or contact us at [email protected].

3. How We Use Your Information

• Booking Management: To confirm, modify, or cancel your table or room reservation.
• Notifications & Reminders: To send SMS or email confirmations, reminders, and post-visit review requests.
• Marketing Communications: If you opt in, to send you emails and/or SMS about special events, menu launches, seasonal promotions, discounts, and newsletters. You can unsubscribe at any time (emails) or reply “STOP” to SMS messages.
• Payment Processing: To process on-site payments via Clover and send electronic receipts.
• Customer Service: To respond to your enquiries, feedback, or complaints submitted via [email protected] or on-site.
• Legal Compliance: To comply with applicable laws, accounting requirements, or lawful requests by public authorities (e.g., tax or regulatory bodies).

4. Legal Basis for Processing

Under UK GDPR, we rely on the following legal grounds to process your personal data:

• Contractual Necessity: Processing is necessary to fulfil our contract with you (e.g., booking, payment).
• Consent: Where you have explicitly opted in (e.g., for marketing communications). You can withdraw consent at any time.
• Legitimate Interests: To manage reservations, send essential booking notifications, prevent fraud, and improve our services (provided this does not override your rights).
• Legal Obligation: To comply with UK financial, tax, or health & safety regulations (e.g., retention of payment records for accounting).

5. Third‐Party Services & Disclosures

5.1 Table Agent

Table Agent holds your reservation data (name, mobile, email, booking details) on our behalf. Their Privacy Policy is available at tableagent.co.uk/privacy-policy.

5.2 Booking.com

If you book a room via Booking.com, they collect and process your personal data in accordance with their Privacy Policy (booking.com/content/privacy.html). We receive only the details necessary to manage your stay; Booking.com remains the data controller for your reservation.

5.3 Clover

Clover processes payment card information on our behalf. For details on how Clover handles your data, please refer to Clover’s Privacy Policy at clover.com/privacy-policy.

5.4 Other Disclosures

We may share personal data with:

• Our accountants, auditors, or legal advisors (for compliance and reporting).
• Law enforcement or regulatory authorities if required by law.
• Marketing platforms (only if you consent to receive promotional materials).

6. Data Retention

We retain your personal data only as long as necessary to fulfil the purposes outlined in this Privacy Policy or to comply with legal obligations. In particular:

• Booking Data (Table Agent): Retained in Table Agent for up to 2 years from last booking, unless you request earlier deletion.
• Payment Records (Clover): Retained for 6 years for tax and accounting purposes (UK law).
• Marketing Consents & Preferences: Retained until you withdraw consent or request deletion.
• Customer Service Communications: Retained for up to 3 years to resolve any disputes, unless a longer retention is required by law.

7. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure (“Right to be Forgotten”): Request deletion of your data where there is no legal basis for us to retain it.
• Right to Restrict Processing: Request that we limit processing of your data where accuracy is contested or you object to processing.
• Right to Data Portability: Request a machine-readable copy of your data in a structured format.
• Right to Object: Object to processing based on legitimate interests or direct marketing (e.g., email/SMS promotions).
• Right to Withdraw Consent: If processing is based on consent (e.g., marketing), you can withdraw consent at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond within one month unless an extension is necessary (up to two additional months if requests are complex).

You may be asked to verify your identity before we act on certain requests.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorized access, loss, misuse, or alteration:

• Secure (HTTPS) encryption on our Site.
• Access controls and role-based permissions for staff.
• Regular security assessments and data backups.
• Secure servers with firewalls and intrusion detection.

Despite our best efforts, no data transmission over the internet can be guaranteed to be 100% secure. If you suspect a security breach, please contact us immediately at [email protected].

9. International Data Transfers

Some of our third-party providers (e.g., Booking.com, Clover, Table Agent) may process or store your data outside the UK. In such cases, we ensure that appropriate safeguards are in place (e.g., Standard Contractual Clauses approved by the UK Information Commissioner’s Office) to protect your data.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on this page with a revised “Effective Date.” If changes are material, we will notify you by email (if you have opted in) or via a notice on our Site.

11. Contact & Complaints

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Data Protection Contact
Dragons Estate Pubs Limited
Hoes Farmhouse, Coolham Road, Shipley, Horsham, RH13 8PF, United Kingdom
Email: [email protected]
Tel: 01403 741320

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): ico.org.uk/make-a-complaint.

Back To Home