Sushi Garden Restaurants — Privacy Policy
Updated: 6 September 2025
Website: https://www.sushigardenrestaurants.com/
Address: 103 Dartmouth Road, SE23 3HT, London, UK
Phone: 020 8291 5744
Email: info@sushigardenrestaurants.com
At Sushi Garden Restaurants (“Sushi Garden”, “we”, “us”, “our”), protecting and respecting your privacy is important to us. This policy explains when, why, and how we collect, use, share, and safeguard personal information about people who dine with us, visit our website, use our booking or ordering services, interact with us on social media, or otherwise communicate with us.
This policy applies to customers, website visitors, newsletter recipients, job applicants, suppliers, and other individuals we interact with. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1) Who we are (Data Controller)
The data controller is Sushi Garden Restaurants, 103 Dartmouth Road, SE23 3HT, London, UK.
If you have questions or wish to exercise your data rights, please contact: info@sushigardenrestaurants.com or call 020 8291 5744.
2) What we collect, how we collect it, and why
2.1 Customers (reservations, orders, enquiries)
What we collect:
Identification and contact details (name, email, phone, address where relevant).
Booking/order details (party size, date/time, seating preferences, transaction history).
Account details for any account you create with us (username, password).
Payment information (processed securely by our payment provider; we do not store full card details).
Dietary preferences and allergy information (only if you choose to tell us).
Correspondence (emails, calls, messages, feedback/complaints).
Why we collect it (legal bases):
To take and manage reservations, orders, and provide services you request (performance of a contract, UK GDPR Art. 6(1)(b)).
To comply with legal obligations (e.g., tax and accounting) (legal obligation, Art. 6(1)(c)).
To improve our products, services, and customer experience; to communicate with you (legitimate interests, Art. 6(1)(f)).
Allergy/dietary data is special category data processed only with your explicit consent and for your safety (Art. 6(1)(a), 9(2)(a)).
2.2 Website & cookies
We use cookies and similar technologies to:
make the site work (strictly necessary),
remember preferences (functional),
understand usage (analytics), and
tailor offers (marketing).
Non-essential cookies run only with your consent (Art. 6(1)(a)); necessary cookies run under our legitimate interests in operating the website (Art. 6(1)(f)). See Section 8 (Cookie Policy) for details and your choices.
2.3 Newsletters & marketing
If you sign up, we process your name, email, and preferences to send updates and offers.
Legal basis: consent (Art. 6(1)(a)) or, where permitted, our legitimate interests in promoting our services (Art. 6(1)(f)).
You can unsubscribe at any time via the link in our emails or by contacting us.
2.4 CCTV (in-restaurant)
We may operate CCTV to help ensure the safety of guests, staff, and property, and to prevent or detect crime.
Legal basis: legitimate interests (Art. 6(1)(f)); where relevant, establishment/exercise/defence of legal claims (Art. 9(2)(f)).
Footage may be shared with law enforcement upon lawful request.
2.5 Social media interactions
If you interact with us on platforms like Facebook, Instagram, TikTok, or LinkedIn, we may see profile information you make public and your interactions (likes, comments, messages). We use this to respond to you and improve our services.
Legal basis: legitimate interests (Art. 6(1)(f)).
We and each platform may be joint controllers for certain insights data. Please also review each platform’s own privacy and cookie policies.
2.6 Suppliers & partners
We process business contact details, communications, and contractual information to manage our relationships, orders, and compliance.
Legal basis: contract (Art. 6(1)(b)); legal obligation (Art. 6(1)(c)); legitimate interests (Art. 6(1)(f)).
2.7 Job applicants
We process CVs, cover letters, references, and interview notes to assess applications and make hiring decisions.
Legal basis: steps prior to a contract (Art. 6(1)(b)); legitimate interests (Art. 6(1)(f)).
3) Sharing your information
We do not sell your personal data. We share it only as needed with:
Service providers/processors (e.g., website hosting, booking platforms, delivery partners, email and SMS providers, payment processors, analytics and security providers). They act on our instructions and must protect your data.
Professional advisers (legal, accounting) where necessary.
Authorities and law enforcement where required by law or to protect legal rights.
Another organisation in connection with a business reorganisation, merger, or acquisition, subject to appropriate safeguards.
4) International transfers
Some providers may process data outside the UK. Where that happens, we ensure appropriate safeguards, such as the UK International Data Transfer Agreement/Addendum or EU Standard Contractual Clauses with the UK Addendum, plus additional measures where needed, to maintain an adequate level of protection.
5) How we protect your information
We use technical and organisational measures to protect personal data, including encryption in transit, access controls, training, and risk-based security practices. Access is limited to staff and providers who need it to perform their duties and who are bound by confidentiality.
6) How long we keep your information
We retain personal data only as long as necessary for the purposes set out above and to meet legal, accounting, or reporting obligations. Typical periods include:
Reservations/orders & related communication: normally up to 24 months after your last interaction, unless needed longer for queries or disputes.
Financial/transaction records: retained for 6 years (plus current year) to meet accounting and tax obligations.
Newsletter data: until you unsubscribe or your address bounces/appears inactive for a sustained period.
Allergy/dietary data: held in relation to the specific booking/order and deleted earlier if you withdraw consent.
CCTV: typically retained for up to 30 days unless required longer for an incident or investigation.
Job applications: usually 6 months after the process ends unless you consent to longer retention.
If you create an online account with us, you can request deletion at any time; we will delete or anonymise your account data unless retention is required by law or for legitimate dispute handling.
7) Your rights
Subject to legal limits, you have the right to:
Access your personal data;
Rectify inaccurate or incomplete data;
Erase your data (“right to be forgotten”);
Restrict how we process your data;
Object to processing based on legitimate interests or direct marketing;
Data portability (receive your data in a usable format);
Withdraw consent where processing relies on consent (this won’t affect past lawful processing).
To exercise these rights, contact info@sushigardenrestaurants.com. We may need to verify your identity. If you are dissatisfied, you can complain to the UK Information Commissioner’s Office (ICO): https://ico.org.uk/
8) Cookie Policy (summary)
8.1 What are cookies?
Cookies are small files placed on your device by your browser. They can be session (deleted when you close the browser) or persistent (remain until they expire or you delete them).
8.2 How we use cookies
Strictly necessary: to run the site and manage cookie preferences.
Functional: to remember settings (e.g., language).
Analytics: to understand site usage and improve performance.
Marketing/advertising: to show relevant offers and measure campaigns.
We use non-essential cookies only with your consent. You can manage your preferences via our cookie banner or your browser settings.
8.3 Managing cookies
Most browsers let you block or delete cookies. Doing so may affect site functionality. For guidance, see your browser’s help pages or visit independent guidance resources (e.g., the ICO’s cookie advice).
9) Children
Our services are intended for general audiences. We do not knowingly collect personal data from children under 13 without appropriate consent. If you believe a child has provided us data, please contact info@sushigardenrestaurants.com so we can delete it.
10) Links to other websites
Our site may contain links to third-party websites or services. We are not responsible for their content or privacy practices. Please review their policies before providing personal data.
11) Changes to this policy
We may update this policy from time to time. Changes take effect when posted on this page with an updated “Updated” date above. We encourage you to review it periodically.
12) Contact us
Questions, requests, or complaints about this policy or your personal data:
Sushi Garden Restaurants
103 Dartmouth Road, SE23 3HT, London, UK
Phone: 020 8291 5744
Email: info@sushigardenrestaurants.com
Social Media Notice (supplement)
For our pages on platforms such as Facebook, Instagram, TikTok, and LinkedIn, Sushi Garden and the platform may be joint controllers for aggregate insights (e.g., page analytics). Each platform also processes your data independently under its own terms. To exercise rights regarding platform-held data (ad preferences, privacy settings), please use the platform’s privacy controls. You can also contact us, and we’ll help where we’re able.
