PRIVACY POLICY
Last Updated: Wednesday 16th July 2025
This Privacy Policy outlines how Ice & Slice Restaurants Ltd ("we", "us", or "our") collects, uses, and protects your personal information when you visit our website, make bookings, attend our events, use our services, or contact us.
We are committed to protecting your privacy in accordance with the UK GDPR, EU GDPR (for European residents), and the Data Protection Act 2018.
1. Who We Are
Company Name: Ice & Slice Restaurants Ltd
Company Registration Number: 14484995
Website: www.iceandslice.co.uk
Registered Office: [Insert full company address]
General Enquiries: info@iceandslice.co.uk
Data Protection Contact: yourdata@iceandslice.co.uk
2. What Personal Data We Collect
We may collect the following categories of personal data:
Booking & Communication Data
Full name
Email address
Phone number (if provided)
Date of birth or age verification (where required)
Booking history and preferences
Marketing Data (with your consent)
Email address
Subscription preferences
Interaction with our emails (opens/clicks)
Technical & Website Usage Data
IP address
Device, browser, and operating system
Website interactions and pages visited
Referral URLs
Cookie identifiers and analytics data
CCTV Footage
CCTV operates at our premises for safety, crime prevention, and staff security
We display appropriate signage where cameras are active
Images may be shared with law enforcement where required
Staff Wi-Fi
Wi-Fi access logs are collected for staff use only
These may include device MAC addresses, access timestamps, and bandwidth usage
Access is restricted, logged, and protected
3. How We Collect Your Data
We collect personal data via:
Restaurant reservations made via ResDiary™
Event and ticket purchases through OnTick
Subscription to marketing emails via website forms
Interaction with our website (hosted via Squarespace and integrated with Google Analytics)
CCTV systems at our venue (on entry and in communal spaces)
Staff devices connected to our internal Wi-Fi network
Direct communications via email or contact forms
4. Lawful Bases for Processing
We only use your data where we have a lawful reason to do so, including:
Consent – for marketing emails or newsletters (Article 6(1)(a))
Contractual Necessity – to manage your booking or event ticket (Article 6(1)(b))
Legal Obligations – for HMRC or safety compliance (Article 6(1)(c))
Legitimate Interests – including service improvement, analytics, security (Article 6(1)(f))
You can withdraw consent at any time via the “unsubscribe” link in our emails or by contacting us directly.
5. How We Use Your Data
Your data may be used to:
Confirm and manage bookings (via ResDiary™)
Issue tickets and event updates (via OnTick)
Send you promotional content (if subscribed)
Improve website usability and track marketing effectiveness
Ensure staff safety and property protection through CCTV
Manage secure staff access to our internal Wi-Fi network
Meet legal and regulatory obligations
6. Sharing Your Data
We do not sell your data. We only share it where necessary, with trusted GDPR-compliant processors:
Third Party Purpose:
ResDiary™ Restaurant Bookings
Bookings:
OnTick Ltd Event ticketing
Mailchimp:
Marketing emails
Squarespace:
Website hosting
Google Analytics:
Website performance tracking
Law enforcement or regulators:
Where required by law
IT or Security Providers:
Century Ltd
Maintenance and monitoring of CCTV, Wi-Fi, or analytics infrastructure
We ensure all third parties have a lawful basis and appropriate safeguards in place, including Data Processing Agreements (DPAs).
7. International Transfers
Where data is transferred outside the UK or European Economic Area (EEA), we ensure one of the following safeguards is in place:
Transfers to countries with an adequacy decision
Standard Contractual Clauses (SCCs) approved by the UK and EU
Binding Corporate Rules (BCRs), where applicable
8. How Long Do We Keep Your Data
Data Type
Marketing data: Until you unsubscribe or withdraw consent
Booking & ticketing records: 7 years (for legal/accounting compliance)
Enquiries and contact form messages: 12 months
Analytics and technical logs: 30–90 days
CCTV footage: Typically 30 days (unless required for investigation)
Staff Wi-Fi access logs: Up to 6 months (for technical audit & security)
9. Your Data Rights
You have the following rights under data protection law:
Access – receive a copy of your personal data
Rectification – correct inaccurate or incomplete data
Erasure – request deletion of your data
Restriction – request limited use of your data
Objection – object to processing based on legitimate interest or direct marketing
Data Portability – receive data in a transferable format
Withdraw Consent – where consent is the lawful basis
Lodge a Complaint – with the UK ICO or your EU Data Protection Authority
10. Cookies & Tracking
We use cookies and similar technologies on our website to improve performance, personalise content, and analyse usage.
For more details, please see our full Cookie Policy (link to be inserted).
You can manage cookies via your browser settings or device preferences.
11. How We Protect Your Data
We implement appropriate technical and organisational security measures, including:
SSL encryption on our website
Encrypted data storage for customer and staff data
Role-based access controls
CCTV camera access logs and security restrictions
Secure staff-only Wi-Fi with password protection and MAC address filtering
Routine audits, system patches, and vendor compliance reviews
12. Contact & Complaints
To exercise your rights or submit a data request:
yourdata@iceandslice.co.uk
General Enquiries:
info@iceandslice.co.uk
bookings@iceandslice.co.uk
Complaints:
complaints@iceandslice.co.uk
Supervisory Authorities:
UK: Information Commissioner’s Office (ICO) | Tel: 0303 123 1113
Policy Updates:
We may update this Privacy Policy occasionally. The latest version will always be available at www.iceandslice.co.uk and marked with the “Last Updated” date.