top of page

PRIVACY POLICY

Privacy Policy — Trevi

(Last updated: 1 Sep, 2025)

We respect your privacy and comply with UK GDPR and the Data Protection Act 2018. This short notice explains what we collect, why we use it and how you stay in control.

1) Who controls your data?

Trevi (Trevi Ristorante – Cafe & Pizzeria)
9 Lochleven Road, Glasgow G42 9JU
Email: treviitalian@gmail.com
 • Tel: 0141 649 3802
We are the data controller for information collected through our website and at the restaurant (licensed and regulated under Scottish law).

2) What data we collect

Where / when — Examples

Table bookings (online or by phone): name, phone, email, party size, date/time, special requests (e.g. allergies).

Website & Wi-Fi: IP address, device/browser info, basic analytics, cookies (see §7).

Payments: card details processed securely by our payment provider; receipts and transaction records.

Marketing sign-ups: name, email, preferences.

Job applications: CV, contact details, work history.

CCTV in-venue: video only for safety and crime prevention.

Note: Our online reservations and site are powered by trusted providers (e.g., Wix and integrated apps). They act as our data processors.

3) Why we use it & legal bases

Confirm and manage reservations — Contract (you ask us to hold a table).

Take payments / issue refunds — Contract / Legal obligation.

Send booking reminders or service messages — Legitimate interests.

Email marketing (news/offers) — Consent (opt-in; you can unsubscribe anytime).

Improve our site & services (analytics, security) — Legitimate interests.

CCTV for guest/staff safety — Legitimate interests / Legal requirement.

Meet licensing, tax and accounting rules — Legal obligation.

4) How long we keep it

Booking records: 12 months after your visit.

Marketing list: until you unsubscribe (we keep a minimal suppression record to respect opt-outs).

CCTV: auto-deleted after ~30 days unless required for an investigation.

Financial records: 6 years (HMRC requirement).

5) Who we share it with

Our trained staff who need it to do their jobs.

Trusted service partners (reservations, website, payment processing, email) under strict contracts.

Authorities/regulators if the law requires it.
We never sell your personal data.

6) International transfers

Some providers may store/process data in the UK/EEA or in other countries with appropriate safeguards (e.g., ICO-approved Standard Contractual Clauses). We only use reputable vendors with suitable protections.

7) Cookies & analytics

Our site uses:

Essential cookies (security, reservations, basic site functions).

Analytics cookies (e.g., to understand visits and improve the site).
You can control cookies via your browser settings. Blocking non-essential cookies won’t stop the site from working, but certain features (like booking widgets) may be limited.

8) Your rights

You can ask us to: access your data, correct inaccuracies, delete data we no longer need, restrict or object to certain uses, and transfer data to another provider.
Email treviitalian@gmail.com
 and we’ll respond within one month. You also have the right to complain to the Information Commissioner’s Office (ico.org.uk).

9) Keeping your data safe

We use HTTPS/TLS encryption, access controls and password policies, regular software updates and staff training. Payment details are handled by secure, PCI-compliant processors—we don’t store full card numbers.

10) Changes to this notice

We may update this policy to reflect changes in law or how we operate. The latest version is always published on our website.

Questions?
Email treviitalian@gmail.com
 or speak to a manager in-venue—we’re here to help.

bottom of page