Som Saa Privacy Policy


som saa limited may, but is not limited to, collecting customer data in 4 major ways
1. When making a reservation..
2. When making a reservation for large groups using the ‘Sharing Menus’
booking form.
3. When signing up to the newsletter form on our website.
4. When purchasing a voucher through our website.
- The data collected is, in general, limited to the basic name, phone number, email
address and postal address of the subject, and in the case of voucher sales,
additionally, the name, email address and postal address of the intended voucher
- Other data relevant to the customer experience such as dietary information, special
requests, workplace, names of colleagues etc may also be included, if offered by the
- Card payment details may be taken by phone in the case of large parties.


Data may be collected by staff, particularly hosts and managers, during the course of
the business’ operations. It remains under the protection of som saa’s data officer and
ultimately the directors of som saa limited.


It will be collected, in general, by phone, email or website form. Additional notes made
on individual guests or reservations may be added by staff.
- Contact and reservation data is stored on Opentable’s servers or email
accounts which are hosted on Google’s G-suite servers. They may be stored
- Card payment details are held as an encrypted token by Braintree, a division of
Paypal. They are stored for one week after the reservation date and then automatically
- Newsletter sign up details are stored on Mailchimp’s servers and may be stored
- Voucher processing details are emailed to som saa and thus stored on som
email accounts which are hosted on Google’s G-Suite servers. They will be stored up
until one year after the expiry of the voucher unless the voucher has already been used
and the subject requests that the data be deleted sooner.


Data collected will be used, as we believe our customers would expect, to ensure that
reservations are claimed by the people who made them, that customers have a
positive experience, that deposits for large parties can be stored safely, that we can
send out newsletters to those who enjoy them and that vouchers are sent to, and
used by, the correct individuals.

And Then...

We do not share the data with any third parties unless requested to do so by the
subject, or if required to do so for legal reasons, for example, as part of a criminal
investigation. Data processing decisions are not made by automated systems.
som saa limited upholds data subjects right to access, object, amend and erase data
stored on them under the General Data Protection Regulation (GDPR) (EU) 2016/679.
We will be happy to answer any questions or requests. Please make enquiries
regarding data protection and privacy by post to the company’s registered address or
by email to ‘The Data Officer’ at