Privacy Policy


We at Sonoma respect your right to privacy. This Privacy Notice describes the types of personal information that you may provide to us or which we may otherwise collect when you communicate with us, and how we may use your information, who we may share it with and how we protect it. We also tell you how you can update your information, unsubscribe from receiving marketing communications from us or change your preferences.

Sonoma is a brand of The Restaurant Group (UK) Limited, a company registered in England under company number 894426, with its registered office at 5-7 Marshalsea Road, London SE1 1EP. VAT number 340 3778 62 (“Sonoma”, “we” or “us”), which is the data controller of your personal information.

What this Privacy Notice covers

Whenever you communicate with us, including when you:

  • visit our website located at
  • use one of our apps or
  • use the Free Wi-Fi service in one of our restaurants

(whether you do this directly or through one of our partners or sub-contractors), we collect, store and use your personal data in various ways. Because at Sonoma, we know that your personal data is important to you, we want to be completely transparent with you so you know exactly what we are doing with it. So this Privacy Notice explains:

What information is collected and how do we obtain it?

Personal Information

In the normal course of our business, we will collect personal information relating to you, such as your name, address, phone number and e-mail address (“Personal Information”) whenever you communicate with us or one of our partners or sub-contractors, (including by email, phone, SMS, via the website, our apps or otherwise), for example, in the following situations:

  • when you book a table, order online or by telephone, dine in, pay a deposit, pay your bill or purchase a voucher for use in one of our restaurants. When you book or order through one of our partners, they may pass your Personal Information (including your name, email address, telephone number and details of your booking) onto us;
  • when, you register for Sonoma rewards, vouchers or other offers, subscribe for e-mail newsletters and update services (we may also ask you your age, whether you have children (but not their names), your postcode, your marketing preferences and other relevant information and may use this to tailor offers appropriate to you);
  • when you use our free Wi-Fi service (we may also ask you your age so we can ensure we meet any minimum legal age limits);
  • the Sonoma App (where available) provides services based on your location; if you wish to switch off location services, you will need to change the settings on your device;
  • if you choose to participate in market research initiatives or promotional events, complete a questionnaire or competition entry form.
  • we operate CCTV in all our restaurants - please consult the signage in the restaurant for more details.
  • if your submit a job application form and/or CV, or otherwise seek employment with us, we will collect your Personal Information (including employment history and qualifications, photo id, and reference contact details and, where required, criminal records checks). You may also choose to give us certain details about a medical condition or disability, religious belief or other sensitive data relevant to your application for employment. We also collect ethnicity data (on a voluntary basis) in order to monitor our adherence to equal opportunities and anti-discrimination laws.

Some of the personal information that you provide may include sensitive personal information, such as health-related information when you make a complaint or suffer an incident in one of our restaurants (see above). We need this information to investigate the complaint or incident and (if necessary) report it to health or other authorities, law enforcement agencies, our insurers and any suppliers who may be involved). We may also collect information about the names of others in your party, and any other information needed for the purposes of the investigation.

Information is also collected automatically using cookies and other similar tracking technologies. Whenever you interact with our website (including when you browse the website or download information from it) we collect and store certain types of information about your visit using cookies. We describe how we use cookies and how you can disable them below. The information we collect using cookies includes information which identifies the computer you use to access the website, the date and time of the visit and the pages visited.

Information may be collected automatically when you use the Free Wi-Fi service in one of our restaurants in order to produce aggregated and anonymous reports concerning the use of the Free Wi-Fi service. These reports will not personally identify you. Specifically, the information we collect automatically may include information like your IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g. country or city-level location) and other technical information.

Please note that Free Wi-Fi is not available for persons under 18 years old. If you are under 18 years old, you will need to ask a parent or other responsible adult to sign in for you.

Payment and card details and paying via the app or website

In order to pay your Sonoma bill using Pay My Bill or another app or website feature, where this service is available, you will need to input a valid email address and your credit or debit card details. Payment processing services are provided by Braintree, a division of PayPal (Europe) S.a.r.l. et Cie, SCA (“Braintree”), which will involve transferring your data to Braintree’s servers located within the United States. Braintree is self-certified to the US Department of Commerce under the EU-US Privacy Shield. The application will transfer payment details directly from Braintree to the operator’s point of sale system.

We will not store your card details on our system. Your personal and card details will be securely stored by Braintree and used only for the purpose of administering payment, verification of transactions, refunds and ease of use in future transactions using the service. However, your CSC/CVV number will not be stored and must be entered each time you use a card for authentication. We will also share your email address with Omnifi Limited who will generate and send you an electronic receipt on our behalf, following bill payment.

How do we protect your information?

We apply appropriate technical and organisational security measures to prevent unauthorized access to Personal Information we hold about you. All Personal Information about our guests is stored within a robust secure environment.

We never sell your data to a third party. Our practice is that no data is ever provided to third parties except in the circumstances described below under Sharing and Disclosure of Personal Information.

Please note that email correspondence with us is in free format text and cannot be encrypted. Accordingly please do not send any sensitive information such as credit card details or passwords via email. Please also note that perfect security does not exist on the Internet. You’ll know that you’re in a secure area of our website when a “padlock” icon appears on your screen and the “http” portion of our URL address changes to “https.” The “s” stands for “secure.”

We know how important your Personal Information is so we will only ever collect and use your Personal Information for a lawful reason relating to our business. Generally this means that we will use your Personal Information:

  • to carry out a contract with you or because you have asked us to take specific steps, for example booking a table, ordering food, arranging delivery or collection, processing payment of your bill, allowing you to connect to free wifi at our restaurants, investigating and handling complaints or considering you CV or employment application;
  • because we have to comply with the law and applicable regulations, for example reporting any health, safety or security incidents to the relevant authorities,
  • for legitimate legal purposes such as providing you with special offers, discounts, news and information about us which may be of interest to you (we think you’ll love receiving these but, if not, you can opt out at any time); updating and maintaining our records, retaining your details so you can log in quicker in the future, preventing or detecting fraud or abuses of our website or our Free Wi-Fi service, issuing vouchers for use in our restaurants, enabling third parties to carry out technical, logistical or other functions on our behalf to make our apps, website more useful to you; for personalised service and communications , targeted and online behavioural advertising: analytics and profiling of guests; monitoring website usage and offer performance / conversion; monitoring guest satisfaction and data analytics to understand how we are doing, whether we are meeting our guests’ needs and seeking ways we can improve our products, services, communications and offers;
  • where required by external parties we deal with such as our insurers (e.g. where there has been an accident or incident in one of our restaurants), suppliers (if there has been a food-related incident) or where necessary for the establishment, exercise or defence of any legal claims.

Special offers and promotions

We think you will love hearing about our special offers, discounts, news and information so you don’t miss out on our special deals so unless you have told us that you do not wish to be contacted for this purpose, we will send these to you by email or text. These may include joint promotions with our business partners.

If you no longer want to receive such offers special offers, discounts, news and information, you can either:

  • simply click on “unsubscribe” at the foot of the email or text and we will take you off our marketing and promotions list or
  • if you have registered for Sonoma offers or vouchers, simply log into your account on our website at and change your preferences on your profile tab at any time.

Sharing and disclosure of Personal Information

We want you to be clear on what we do with your Personal Information. We will keep your Personal Information secure and never sell your Personal Information to anyone. We do use sub-contractors to carry out certain functions on our behalf and, occasionally, have to disclose your Personal Information (for example, to provide specific services to you or dealing with insurers or public authorities like the police). This is described more fully below:

Sub-contractors, suppliers and agents:

From time to time we employ other companies to perform functions on our behalf including taking orders and fulfilling order deliveries, designing and sending guest communications, providing guest vouchers, analysing data, providing elements of our IT or back-up systems, providing marketing assistance, processing payments, improving our services and providing customer service. They may have access to Personal Information needed to perform their functions, but are not permitted to use it for other purposes and cannot modify, disclose or erase your data without our instructions.

Payment processing:

Payment processing services are provided by Braintree, a division of PayPal (Europe) S.a.r.l. et Cie, SCA. We will also share your email address with Omnifi Limited who will generate and send you electronic receipts and other payment confirmations on our behalf.

Legal reasons:

We may disclose information about you (i) if we are required to do so by law or regulation (e.g. food safety), (ii) in response to a request from law enforcement authorities or other government officials, or (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.

Fraud / Credit Risk:

Where necessary to prevent fraud or reduce credit risk, we may exchange your Personal Information with other companies and organisations.

Business transfers:

In any corporate transactions (e.g. buying or selling of businesses, stores or business units) Personal Information is generally one of the transferred assets. We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets, however that would always be under conditions of strict confidentiality and limited to the specific purpose.

Sending data outside of Europe:

We do not transfer your Personal Information to countries outside the European Union. However, some of our appointed carriers, sub-contractors, suppliers and agents may transfer, use or store data in other countries. Where this is the case, they are obliged to ensure that there is equivalent protection for your Personal Information as would be the case within the European Union.

We have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Notice. These safeguards may include implementing the European Commission’s Standard Contractual Clauses for transfers of personal information by a data controller established in the European Union to a processor established in a third country which does not offer adequate level of protection.

Analytics and profiling:

In order to offer you a more personalized experience in your interactions with us, information collected through one source may be combined with information we obtains through other sources. This may include information that allows us to identify you across multiple devices through which you access our websites. We may also supplement the information we collect with information obtained from other parties, including our business partners and other third parties to create customised profiles about you. Examples of how we may use this information include using your data to help us to improve your experience using our website, to present you with options tailored to your preferences and for targeted advertising purposes.

For more information about use of cookies and other similar tracking technologies, including how to opt out of them, please see “Cookies” below.

Collection of information by third party sites

Our website may contain links to other websites whose privacy practices may be different to ours. You should check the privacy notices of those third party sites as we have no control over information that is submitted to or collected by those third party sites. We are not responsible for the content of these sites, any products or services that may be offered through these sites, or any other use of these sites.

Your rights regarding your Personal Information

You have certain rights regarding your Personal Information. We summarise these below:

Right to access:

You have the right to access data about you that we use. If you have registered for Sonoma offers or vouchers, you can see and update your Personal Information by logging into your profile on our website at . If you want to access all your Personal Information or specific Personal Information not available on your Sonoma account, then you can make an access request by writing to us (see below). We will process your request without undue delay and, at the latest, within 1 month, unless your request is complex or numerous in which case we may take up to 3 months, but we will inform you within 1 month if this is the case.

Please note that there are certain limited exceptions to your right to access personal data such as if it would involve disclosing the personal information of another person who has not consent to such disclosure, if disclosing Personal Information would prejudice on-going negotiations with you, information relating to the prevention or detection of crime or apprehension or prosecution of offenders, management information and information covered by legal privilege.

Right to rectification:

When you log in to your account, you can also rectify or update any information on your account. If you are not able to do so, then you can make a rectification request by writing to us (see below).

Right to erasure:

When you log on to your account, you may also erase any data on your account with the exception of data that is required for you to keep your account open (such as your email address, name etc.). You also have the right request us to erase Personal Information which Sonoma holds about you by writing to us (see below).

Please note that there are exceptions such as where we need to retain Personal Information for legal reasons (e.g. where necessary for the establishment, exercise or defence of any legal claims) or where we have another legitimate business reason for retaining Personal Information.

Right to restrict or object to processing:

If you want to stop receiving special offers, discounts, news and information from us, either:

  • simply click on “unsubscribe” at the foot of the email or text and we will take you off our marketing and promotions list or
  • if you have registered for Sonoma offers or vouchers, simply log into your account on our website at  and change your preferences on your profile tab at any time.

You also have the right to request portability of your Personal Information which you have given us.

Right to complain to a data protection authority: You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.

To make a request concerning your Personal Information, as described above, please use the contact form on our website or write to: Guest Services, Sonoma, 5-7 Marshalsea Road, London SE1 1E.

Retention of Personal Information

We will keep your data for as long as necessary to carry out the purpose for which we collected it. If we have had no online contact from you (e.g. logging onto free Wi-Fi, using your Sonoma offers, ordering vouchers or taking up special offers and promotions) for 3 years, we may delete your Personal Information.

If at any time you wish to opt-out of receiving special offers and promotions, restrict our processing of your Personal Information, or ask us to erase your Personal Information, please see Your rights regarding your Personal Information above.


We, our service providers, and/or non-affiliated third parties, may use “cookies” or similar technologies on the Site. When you visit our website we serve cookies to your computer. Cookies may be used in the following ways:

  • to enable the personalisation features on our website (which give you the ability to recall recently viewed pages and see information which you have input on line);
  • to compile anonymous, aggregated statistics that allow us to understand how users use our website and to help us improve the structure of our website. We cannot identify you personally in this way and
  • for security, site and product integrity.

A cookie is a text-only string of information that a website transfers to the cookie file of the browser on your computer’s hard disk so that the website can recognise your computer when a user of your computer returns to a website previously visited by someone using your computer. A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a value, usually a randomly generated unique number that identifies your computer. Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the website.

There are two broad categories of cookies “first party cookies” and “third party cookies”. First party cookies are cookies that are served directly by the website operator to your computer, and are used only by the website operator to recognise your computer when it revisits that site. Third party cookies are served by a service provider on behalf of the website operator, and can be used by the service provider to recognise your computer when it visits other websites. Third party cookies are most commonly used for website analytics or advertising purposes.

The sorts of cookies we use may include:

User experience

Our website uses several cookies to improve your experience such as remembering preferences in your browser. This includes whether you have already closed our cookie notice (cookie-agreed) and whether your browser supports Javascript (has_js). This data is only used to remember your preferences and not collected or stored by us. Session cookies may also be used to remember where you are on a web site and other necessary functions.

Anonymous site usage statistics

We use Google Analytics cookies to record anonymous usage of the site and produce statistics such as the number of visitors to a page. These cookies include _ga, _gat, _gid.

We also use Hotjar web analytics to keep track of how people use our web site. It has no personal information stored and certainly cannot be used to contact you.

Third-party services

Some parts of our website are supplied by third parties and embedded within this site. When you use third party services they may also place cookies on end user browsers. An example of this is our table reservation system. These third parties may use additional cookies for service, performance, tracking and analytics purposes and the information practices of those third-parties are not covered by this Privacy Notice. We suggest you check these third party websites for more information about the cookies they use.

Restaurant pages

Table reservations

Marketing statistics

Gift vouchers / shopping cart

Disabling / Enabling Cookies

You can accept or decline cookies by modifying the setting in your browser. The “help” portion of the toolbar on most Internet browsers will tell you how to change your browser cookie settings, including how to have the browser notify you when you receive a new cookie, and how to disable cookies altogether For further details on how to do this please visit the educational sources and

Please note that if you disable cookies you may not be able to use all the features of our website.

Revisions to this Privacy Notice

We may update or revise all or any part of this Privacy Notice from time to time. A copy of the current Privacy Notice will be posted on our website and we encourage you to check it from time to time so you are aware of any changes or updates to the notice. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the bottom of this Privacy Notice.

How to contact us

Should you have any questions about this Privacy Notice or how we use your Personal Information, please write to us at:

Company Secretary
5 – 7 Marshalsea Road
London SE1 1EP

24th May 2018