Privacy Policy

At Neyba Notting Hill, we are committed to protecting the privacy and security of our guests and online visitors. This policy explains how we collect, use, disclose, and safeguard your personal data in accordance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Information We Collect

We collect personal data that you provide directly when using our services, such as making reservations via platforms like OpenTable, signing up for newsletters, or contacting us. This includes your name, contact details, dietary preferences, and payment information. Automatically, we collect technical data like IP address, browser type, device information, and usage patterns through cookies and log files. We may also receive information from third-party partners, such as affiliated dining and entertainment venues, to coordinate bookings or offer integrated experiences.

Use of Cookies and Tracking Technologies

Our website uses cookies and similar technologies to ensure functionality, analyse performance, and support advertising. Essential cookies are necessary for core operations like security and session management. Analytics cookies, including from Google Analytics, help us understand visitor behaviour and improve content. Advertising cookies enable targeted ads based on your interests and measure campaign effectiveness. You can manage cookies through your browser settings, but disabling essential cookies may affect site functionality.

Analytics and Performance Data

We utilise analytics services like Google Analytics 4 to gather insights on website traffic, user demographics, and engagement trends. This data is typically aggregated and anonymised to protect privacy, helping us evaluate content performance, tailor services to audience interests, and optimise the user experience. We adhere to UK GDPR principles by minimising personal data processing in analytics.

Third-Party Services and Data Sharing

We share data with trusted third-party service providers to operate our business, including reservation systems, payment processors, email marketing platforms, and IT hosts. These parties are contractually bound to handle data securely and only for specified purposes. Data may also be shared with business partners, such as those in the dining and entertainment sector, for collaborative offerings. Disclosure may occur when legally required, such as to comply with law enforcement requests or protect our legal rights.

Your Data Protection Rights Under UK GDPR

Under UK GDPR, you have rights including access to your personal data, correction of inaccuracies, deletion under specific conditions, objection to processing (e.g., for direct marketing), and restriction of processing. You also have the right to data portability, allowing you to obtain and reuse your data across services. To exercise these rights, please contact us with details of your request; we will respond within one month after verifying your identity.

Data Retention and Security

We retain personal data only as long as necessary to fulfil the purposes for which it was collected, such as service provision, legal compliance, or dispute resolution. Retention periods vary; for example, reservation data may be kept for up to three years for customer service, while marketing data is retained until you unsubscribe. We implement robust security measures, including encryption, access controls, and staff training, to protect against unauthorised access, alteration, or disclosure. In the event of a data breach, we have procedures to assess, mitigate, and notify affected individuals and the Information Commissioner’s Office (ICO) as required by UK GDPR.

Contact Information and Complaints

For questions about this policy or to exercise your data rights, contact our Data Protection Officer at [email protected] or write to Neyba, Notting Hill, London. We aim to respond promptly to all legitimate inquiries. If you have concerns about our data handling, you have the right to lodge a complaint with the UK’s supervisory authority, the ICO.

We regularly review and update this privacy policy to reflect changes in our services, partnerships, and data protection laws.