The following Privacy Policy is presented by The Box Tree Restaurant and Box Tree Events to inform visitors to our websites, customers of our restaurant and clients of our event management service of our commitment to providing excellent service.

COVID 19 – As part of our existing GDPR policy in respect to Data collection, information may now be required to be shared with NHS Test and Trace.

When you provide us with your personal information by; visiting our websites, leaving your details on our websites or by email, telephone or in person we will draw your attention to this Policy as it tells you how we will protect your privacy. If you visit our websites and do not disable cookies you are accepting and consenting to the conditions described below. (To disable cookies see the Cookies section below.)

We therefore recommend that before submitting your personal information to us you read this Policy.

Who we are

The websites ( and are owned by The Box Tree Restaurant Limited and our registered office is at Church Street, Ilkley, West Yorkshire, LS29 9DR, United Kingdom.  We will take all appropriate steps to ensure compliance with the GDPR and any other legislation relating to our use of your personal data (‘Legislation’).  If you have any concerns or queries about our use of your personal data which are not addressed in this Policy please contact us.  (See Contact section below).

What information do we collect?

We collect personal information about you (such as your name, email address and telephone number), when you make an enquiry, make a booking with us or purchase gift vouchers or services from us whether by telephone or via our websites. 

We may receive information about you from third parties such as the on line reservation company, Open Table, or your friends or family who make a booking with us on your behalf.  We will use this information only to supply you with our services and to help us personalise our services.

We also collect information about you via cookies on our website. Please see details below. Please also note that before you click on a link from our site to Facebook or another third party you should check their privacy policy. We are not responsible for your privacy when you choose to link to a third party site. See more information below in the cookies section.

Personal information about other individuals

If you give us information on behalf of someone else, you confirm that either;

(1) the other person has a contractual relationship with you and knows that you will be transferring their personal data to us for specific purposes (e.g. Open Table); and/or

(2) s/he has appointed you to act on his/her behalf and has agreed that you can:

  • give consent on his/her behalf to the processing of his/her personal data
  • receive on his/her behalf any data protection notices

Do we share your information?  We only share your personal information with credit card service companies or Open Table.

How we use the Personal Information we collect

We use your personal information so that we can:

  • provide you with our services as requested
  • let you know about other products or services that may be of interest to you (see ‘Marketing’ section below)
  • customise our websites and the content to your particular preferences
  • notify you of any changes to our websites or to our services that may affect you
  • improve our services

Marketing and email newsletter

We use any information submitted to us by you to provide you with further information by email about the products and services we offer which you have requested and/or which may be of interest to you. Where you have not requested this information we do this on the basis of our legitimate business interest. You can choose to unsubscribe at any point by clicking on the link at the bottom of the email from us or by contacting us as set out below.

Email marketing campaigns published by us may contain tracking facilities within the actual email.  Subscribed activity is tracked and stored in a database for future analysis and evaluation.  Such tracked activity may include: the opening of emails, forwarding of emails, the clicking of links within the email consent, times, dates and frequency of activity (this is by no means a comprehensive list).

Keeping your data secure

We will take all reasonable steps to comply with the Legislation and use the appropriate technical and organisational measures necessary to safeguard your personal data.  We only share your personal data with third parties who also comply with the Legislation.

While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via email.

If you want detailed information on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit Get Safe Online is supported by HM Government and leading businesses.

We do not send your data outside of the European Economic Area.

Retention Periods

We store the following types of personal data on secure servers for the following periods of time or until you ask us to delete it in each case subject to any legal requirement that we keep it for longer::

  • in relation to your contact information, for 2 years from the date on which you last contacted us, and for 1 year from the date of your wedding with us.
  • personal data which HMRC requires us to keep for 7 years from that transaction with us;

What rights do you have?

The GDPR provides you with the following rights:

1. The right to be informed

2. The right of access

3. The right to rectification

4. The right to erasure

5. The right to restrict processing

6. The right to data portability

7. The right to object to processing

8. Rights in relation to automated decision making and profiling  (We do not carry out automated decision making and profiling)

Right to access, rectification, erasure, and to restrict or object to processing 

You can request a copy of your information which we hold or request that we amend it, erase it, only contact you for certain purposes or stop contacting you by emailing or writing to us (see the ‘contact’ section below).  Please let us have proof of your identity (a copy of your driving licence or passport) and let us know what information you want.

Right to lodge a complaint with the Supervisory Authority

If you have any concerns or complaints about how we use your personal data we hope you will alert us to these directly (see the Contact section below).  You are entitled to complain to the Information Commissioners Office (ICO) which is the supervisory authority in the UK. Their contact details and the procedure can be found at   

Use of cookies

We use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit for detailed guidance.

You can set your browser not to accept cookies however, some of our websites features may not function as a result.

The list below describes the cookies we use on our sites and why we use them. If you are not happy with providing us with your personal information via cookies, then you should either not use this site, or you should delete the cookies or you should browse the sites using your browser’s anonymous usage setting (called “Incognito” in Chrome, “InPrivate” for Internet Explorer, “Private Browsing” in Firefox and Safari etc.)

First Party Cookies: These are cookies that are set by the website directly.

WordPress: Our websites run the popular WordPress CMS and cookies are used to store basic data on your interactions with WordPress, and whether you have logged into WordPress. If these are disabled then various functionality on the site will be broken.  More information on session cookies and what they are used for at

Cookie Pop-Up Notification: This cookie (gdpr_popup.) is used to track who has already been shown the privacy policy when accessing our website. This cookie has been set never to expire unless there is a change in the privacy policy.

Third Party Cookies: These are cookies set on your machine by external websites whom you choose to link to from this site.  These are accessed by the sharing buttons on our sites which allow you to share content onto social networks. Cookies are currently set by LinkedIn, Twitter, Facebook, Google+ and Pinterest. You should be aware that these sites will collect information about what you are doing all around the internet, including on our websites. You should check the respective policies of each of these sites to see how exactly they use your information and to find out how to opt out, or delete, such information before you link to any of them. We are not liable for third party websites and their privacy policies and their use of cookies.

Google Analytics: We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. This Analytics data is collected via a JavaScript tag in the pages of our site and does not provide us with your personally identifiable information. We therefore do not collect or store your personal information (e.g. your name or address) so this information cannot be used to identify who you are. You can find out more about Google’s position on privacy as regards its analytics service at

Social Media

Any social media posts or comments are subject to the terms of the relevant social media platform. We are not responsible for this kind of sharing and encourage you to view the privacy policy and terms of use for each platform.

Contact Information

If after reading the Policy, you have any concerns or questions please send an e-mail to: or write to us at:-

The Box Tree, 35-37 Church Street, Ilkley, West Yorkshire, LS29 9DR

Please check our Privacy Policy frequently to view any recent changes.

This Privacy Policy was last updated in May 2018