Privacy Policy

Bombay Grays Restaurant
55 Lodge Lane, Grays, Essex RM17 5RZ
Telephone: 01375 383555 / 01375 383425

Effective Date: 01 January 2026

1. Introduction

Bombay Grays Restaurant (“we”, “our”, “us”) is committed to protecting and respecting your privacy.

This Privacy Policy explains how we collect, use, store and protect your personal data when you:

  • Visit our website

  • Make a table reservation

  • Contact us by phone, email or via our website

  • Place an order directly with us

  • Interact with us on social media

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are

Bombay Grays Restaurant is the data controller responsible for your personal data.

If you have any questions regarding this Privacy Policy or your personal data, please contact us at:

Bombay Grays Restaurant
55 Lodge Lane
Grays
Essex RM17 5RZ
Telephone: 01375 383555

3. What Personal Data We Collect

We may collect and process the following categories of personal data:

a) Reservation Information

  • Full name

  • Contact telephone number

  • Email address

  • Booking date and time

  • Number of guests

  • Special requests (including dietary requirements)

b) Order Information (Direct Orders)

  • Name

  • Contact details

  • Order details

  • Payment confirmation information (we do not store card details)

c) Website Data

  • IP address

  • Browser type

  • Device information

  • Pages visited

  • Cookies and usage data

d) Marketing (if applicable)

  • Email address (where you have opted in)

4. How We Use Your Data

We use your personal data for the following purposes:

  • To manage and confirm table reservations

  • To process takeaway or collection orders

  • To respond to enquiries

  • To improve our website and customer experience

  • To comply with legal obligations

  • To send marketing communications where you have given consent

We will only process your personal data where we have a lawful basis to do so, including:

  • Performance of a contract

  • Legitimate interests

  • Legal obligation

  • Consent (where required)

5. Online Orders via Delivery Partners

If you place an order through:

  • Deliveroo

  • Just Eat

  • Uber Eats

Please note that these platforms act as independent data controllers. Your personal data is processed according to their own privacy policies. We only receive the order information necessary to fulfil your order.

We encourage you to review their privacy policies separately.

6. Book Now Functionality

If you use our online reservation system, your booking details will be processed either:

  • Directly by us; or

  • Through a third-party booking provider acting on our behalf

Where a third-party provider is used, they will process data in accordance with a data processing agreement and applicable data protection laws.

7. Cookies

Our website may use cookies to:

  • Ensure the website functions properly

  • Analyse website traffic

  • Improve user experience

You can control or disable cookies through your browser settings.

Where legally required, we will obtain your consent before placing non-essential cookies.

8. Data Sharing

We do not sell your personal data.

We may share your data with:

  • IT service providers

  • Website hosting providers

  • Booking system providers

  • Professional advisers (accountants, legal advisers)

  • Regulatory authorities where required by law

All third parties are required to respect the security of your personal data and treat it in accordance with the law.

9. Data Retention

We retain personal data only for as long as necessary to:

  • Fulfil the purpose for which it was collected

  • Meet legal, tax and regulatory obligations

  • Resolve disputes

Reservation data is typically retained for operational and audit purposes for a reasonable period.

10. Data Security

We have implemented appropriate technical and organisational measures to protect your personal data from:

  • Unauthorised access

  • Loss

  • Misuse

  • Disclosure

However, no online transmission can be guaranteed to be completely secure.

11. Your Legal Rights

Under UK data protection law, you have the right to:

  • Request access to your personal data

  • Request correction of inaccurate data

  • Request erasure (in certain circumstances)

  • Object to processing

  • Request restriction of processing

  • Request data portability

  • Withdraw consent (where processing is based on consent)

To exercise your rights, please contact us using the details above.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been handled unlawfully.

12. Children’s Data

Our services are not directed at children under 16. We do not knowingly collect personal data from children without parental consent.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date.