Privacy Policy

Cafe GPO Leith, 57 Consitution Street, Edinburgh, EH6 7AF (“we”, “our”, “us”) are committed to protecting and respecting your privacy and confidentiality.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, which will be processed by us via Cafe GPO Leith, ( our “website”. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the Data Protection Act 1998 (DPA) up to and including 24 May 2018 and the EU General Data Protection Regulation 2016/679 (GDPR) thereafter (the Data Protection Legislation), we are the data controller, the company who is responsible for, and controls the processing of, your personal data. All enquiries regarding the collection of your data should be addressed to:

The Data Controller,Cafe GPO Leith, 57 Consitution Street, Edinburgh, EH6 7AF

We do not share, sell or disclose to a third party, any information collected through our website or during the course of doing business.

Personal information we collect

We collect personal data on our website only if it is directly provided to us by you when you visit our website and share your personal information with your consent when you contact us or use the following services on our website:

Complete a contact form

Contact us by email or telephone

Make a reservation with us

Via social networks i.e. Facebook, Twitter, Google plus

Submit a review, comments

Submit a job application

Personal Information includes:



Email address

Contact telephone number

Payment card information (only when you make a reservation)

We also use statistical tools that monitor details of your visits to our website and the resources that you access, including, but not limited to, traffic, location information and other communication data. This data will not identify you personally.

How we use your information

We may hold and process personal data that you provide to us in accordance with the DPA and GDPR. The information that we collect and store relating to you is used for us to provide you with our services, and to meet our contractual commitments to you. In addition, we may use the information for the following purposes:

Process your reservation

Manage your account

Provide you with the services you have requested through the Website

Respond to complaints or account enquiries

To respond to requests for information submitted by you on the website.

For research purposes and to improve the services we offer.

In order to protect Our contractual and other rights. For example, we may pass your details onto a third party should We believe that you have used another person’s credit card fraudulently.

To notify you about any changes to our website, such as improvements or service/product changes, that may affect our service

If you are an existing customer, we may contact you with information about goods and services similar to those that were the subject of a previous sale to you.

We collect the data you have given to us in order to reply with the information you need. We record your request and our reply in order to increase the efficiency of our business as when you send us a message by e-mail to which you would expect us to reply. We keep personal information associated with your message, such as your name and email address so we can track our communications with you to provide a high level of customer service.

Information we may disclose

We may disclose your information to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk.

If you do not want us to use your data for our use, you will have the opportunity to withhold your consent to this when you provide your details to us on the form on which we collect your data, or you can do so by writing to us at the address detailed in at the top of this page or by sending us an email to:

XXXX or in writing to the address above at any time.

Where we store your data

We will not sell your information or share it with third parties for marketing purposes.

We are committed to protecting your personal details and information when you register with us. Unless otherwise stated by yourself, you give us permission to share your details with carefully chosen third parties, and companies who are involved in:

Services offered to you through our website, the personal data that you provide to us may be transferred to and stored with our third party hosting company with servers located within the European Economic Area (“EEA”).

Analytics and search engine providers that assist us in the improvement and optimisation of our website.

You have the right to opt out of processing your personal data for marketing purposes by contacting us by email or in writing to the address above at any time.

Security of your personal data

We will take reasonable technical and organisation precautions to prevent the loss, misuse or alteration of your personal information in compliance with current DPA & GDPR regulations. We will store all personal information you provide to us on secure (password- and firewall- protected) servers. We will establish that all data processors are compliant with DPA & GDPR Regulations.

Our website has a security certificate so your data is protected. Having an SSL certificate shows we have a trustworthy online presence. For example, we may disclose your data to a credit card company to validate your credit card details and obtain payment when you make a reservation or purchase.

We may be obliged to disclose personal data to a third party if we have a legal or regulatory obligation to do so, for example to comply with a court order, or meet obligations in accordance with applicable law.

Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

Third party links

You may find links to third party websites on our website such as social media links Facebook, Twitter, Google +, TripAdvisor. These websites have their own privacy policies. We have no control over their policies and we do not accept any responsibility or liability for their policies whatsoever.

Use of cookies

Our Website uses cookies. We use cookies to gather information about your computer for our services and to provide statistical information regarding the use of our website. Such information will not identify you personally – it is statistical data about our visitors and their use of our website. We may also gather information about your general internet use by using a cookie file. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer, as cookies contain information that is transferred to your computer’s hard drive. They help us to improve our website and the service that we provide to you. All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our website. Please read our cookie policy for more detailed information.

How long we keep your information

To make sure we meet our legal data protection and privacy obligations, we only hold on to your information for as long as we actually need it for the purposes we acquired it for in the first place.

In most cases, this means we will keep your information for as long as you continue to use our services and are deemed a client, and for a reasonable period of time afterwards if you stop doing so, to see if we can persuade you to come back to us.

After that, we will delete it other than where we lawfully can keep any data for audit or legal reasons.

We shall keep your personal information on our database for not longer than 1 year from receipt, subject to an individual’s right to unsubscribe or exercise your right to be forgotten at any time.

Your rights

The DPA and GDPR give you the right to access information held about you by us. Please write to us or contact us by email if you wish to request confirmation of what personal information we hold relating to you. You can write to us at the address detailed at the bottom of this page or by email. There is no charge for this request. We will provide this information within one month of you requesting the data.

Changes to this policy

We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data.

We welcome any queries, comments or requests you may have regarding this Privacy Policy. Please do not hesitate to contact: The Data Controller, Cafe GPO Leith, 57 Consitution Street, Edinburgh, EH6 7AF or by email:


You can find out more about your rights from the Information Commissioner, who regulates data protection and privacy. The Information Commissioner’s website is

Last Update May 2018