Privacy Notice

Last updated: 27/02/2026

Important: The Farmer’s Dog is a trading name of Baobab Operations Ltd (registered in England and Wales). Baobab Operations Ltd is the data controller for all personal data collected and processed in connection with The Farmer’s Dog. We are not affiliated with, and have no connection to, any other business trading under a similar name. If you have any doubt about the identity of the organisation handling your personal data, please contact us directly at info@thefarmersdogpub.com before providing any information.

Baobab Operations Ltd, doing business as The Farmer’s Dog (“The Farmer’s Dog,” “we,” “us,” or “our”), is committed to protecting your personal information and your right to privacy. This privacy notice explains what personal data we collect, why we collect it, how we use it, and what rights you have in relation to it.

If you have any questions or concerns about this privacy notice or our data practices, please contact us at info@thefarmersdogpub.com.

This privacy notice applies when you:

  • Visit our website at www.thefarmersdogpub.com
  • Visit our premises, including use of our guest Wi-Fi or CCTV-monitored areas
  • Make a reservation with us
  • Engage with us in other related ways — including any sales, marketing, or events

In this privacy notice, if we refer to:

  • “Website,” we are referring to any website of ours that references or links to this policy
  • “Services,” we are referring to our Website, and other related services, including any sales, marketing, or events

If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.

1. What Information Do We Collect?

In Short: We collect personal information that you provide to us directly, information collected automatically when you use our Website or visit our premises, and data generated through your reservations and interactions with us.

We collect personal information that you voluntarily provide to us when you register on the Website, express an interest in obtaining information about us or our products and Services, when you make a reservation, when you participate in activities on the Website, or otherwise when you contact us.

Personal Information Provided by You. We collect names; email addresses; mailing addresses; job titles; usernames; passwords; contact preferences; billing addresses; contact or authentication data; debit/credit card numbers; phone numbers; and other similar information.

Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. All payment data is stored by either Stripe, PayPal or Shopify. You may find their privacy notices here:

https://stripe.com/en-gb/privacy

https://www.shopify.com/legal/privacy

https://www.paypal.com/myaccount/privacy/privacyhub

Booking Data. When you make a reservation, we collect information necessary to manage your booking, such as your name, contact details, party size, date and time of visit, dietary requirements, and any special requests. The lawful basis for this processing is the performance of a contract (Article 6(1)(b) UK GDPR). Reservations are managed through SevenRooms, who process this data on our behalf as a data processor. You may find their privacy notice here: https://sevenrooms.com/privacy-policy/

CCTV Data. We operate CCTV cameras on our premises for the purposes of security, crime prevention, and the safety of our staff and guests. CCTV footage may capture images of individuals on or near our premises. The lawful basis for this processing is our legitimate interests (Article 6(1)(f) UK GDPR) in maintaining a safe and secure environment. CCTV footage is retained for a maximum of 31 days, after which it is automatically overwritten, unless it is required in connection with an incident, complaint, or legal proceeding. Access to CCTV footage is restricted to authorised personnel and, where required, law enforcement agencies.

Wi-Fi Data. We offer complimentary guest Wi-Fi on our premises. If you connect to our Wi-Fi network, we may collect your device’s MAC address and connection data for network security and operational purposes. The lawful basis for this processing is our legitimate interests (Article 6(1)(f) UK GDPR) in providing and maintaining a secure network. We do not use Wi-Fi connection data for marketing purposes.

All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information Automatically Collected

In Short: Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Website.

We automatically collect certain information when you visit, use or navigate the Website. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, and location. This information is primarily needed to maintain the security and operation of our Website, and for our internal analytics and reporting purposes.

  • Log and Usage Data. Service-related, diagnostic, usage and performance information our servers automatically collect, including IP address, device information, browser type and settings, date/time stamps, pages and files viewed, searches, and device event information.
  • Device Data. Information about your computer, phone, tablet or other device, including IP address, device and application identification numbers, location, browser type, hardware model, internet service provider and/or mobile carrier, operating system and system configuration information.
  • Location Data. We may use GPS and other technologies to collect geolocation data based on your IP address. You can opt out by disabling your Location setting on your device, though this may affect certain features of the Services.

2. How Do We Use Your Information?

In Short: We process your information only where we have a clear legitimate reason to do so. For each purpose below we set out both the underlying reason (our interest or obligation) and what we actually do with your data as a result.

For each processing activity below, we state: (1) the lawful basis under UK GDPR, (2) our legitimate interest or reason where applicable, and (3) what we do in practice.

  • Account creation and logon (Lawful basis: Contract). Why: To provide you with access to our online services and ensure your account functions correctly. What we do: Facilitate account creation, logon, and account administration.
  • Reservation management (Lawful basis: Contract). Why: To fulfil our obligation to honour your booking and ensure your visit meets your requirements. What we do: Manage your reservation, communicate confirmations, reminders and updates, and accommodate any special requirements you have provided.
  • Order fulfilment (Lawful basis: Contract). Why: To deliver the products or services you have purchased. What we do: Process and manage your orders, payments, returns, and exchanges.
  • Testimonials (Lawful basis: Consent). Why: To share genuine customer experiences on our Website with your permission. What we do: Post testimonials using your name and feedback. You may request removal at any time by contacting info@thefarmersdogpub.com.
  • Feedback and surveys (Lawful basis: Legitimate interests). Why: To understand customer satisfaction and continuously improve the quality of our food, service, and overall guest experience. What we do: Request feedback following your visit or interaction and contact you about your experience.
  • Account management (Lawful basis: Contract / Legitimate interests). Why: To ensure your account remains accurate, secure, and functional. What we do: Maintain and administer your account, including resolving technical issues.
  • Administrative communications (Lawful basis: Contract / Legal obligation). Why: To keep you informed of changes that affect your use of our Services or your legal rights. What we do: Send you service-related emails about updates to our terms, conditions, policies, or features.
  • Security and fraud prevention (Lawful basis: Legitimate interests / Legal obligation). Why: To protect the safety of our staff and guests, prevent crime, and maintain the integrity of our premises and digital services. What we do: Operate CCTV, maintain network security for our Wi-Fi, monitor for fraudulent activity, and take action where threats are identified.
  • Legal compliance (Lawful basis: Legal obligation). Why: To meet our obligations under applicable law and regulation. What we do: Retain records as required, respond to lawful requests from authorities, and co-operate with regulatory investigations.
  • Prize draws and competitions (Lawful basis: Consent / Contract). Why: To administer promotions you have chosen to enter. What we do: Manage your entry, contact winners, and fulfil prizes.
  • Customer support (Lawful basis: Contract / Legitimate interests). Why: To resolve issues and ensure a positive experience with our Services. What we do: Respond to your enquiries, investigate complaints, and provide assistance.
  • Marketing communications (Lawful basis: Consent). Why: To keep you informed of news, offers, and events that may interest you, but only where you have agreed to receive them. What we do: Send you marketing and promotional emails in accordance with your preferences. You can opt out at any time (see Section 9).
  • Targeted advertising (Lawful basis: Consent). Why: To show you relevant content and offers based on your interests, and to measure the effectiveness of our advertising. What we do: Develop and display personalised advertising tailored to your interests and/or location.
  • Profiling and personalisation (Lawful basis: Consent / Legitimate interests). Why: To better understand our guests’ preferences and improve the relevance of our communications and offers. What we do: Analyse your visit history, preferences, and interactions with us to personalise your experience and tailor offers. Where profiling involves automated decision-making that produces a significant effect on you, we will notify you separately and obtain your consent. You have the right to object to profiling and to request human review of any automated decisions (see Section 9).

3. Will Your Information Be Shared With Anyone?

In Short: We share your personal data with third parties only where there is a clear reason to do so. Below we explain who we share with, why, and on what legal basis.

We share relevant personal data with third parties for the following purposes, who act as data processors on our behalf under written data processing agreements:

  • Payment processing: To support transactions made online and on location, we share relevant payment data with payment processors (such as Stripe, Shopify, or PayPal). The lawful basis is the performance of a contract.
  • Reservation and venue management: To handle restaurant operations including bookings, guest management, and table planning, we share relevant booking data with reservation management platforms (such as SevenRooms, Stampede, or OpenTable). The lawful basis is the performance of a contract.
  • Order fulfilment: To ensure correct and timely delivery of online orders, we share relevant order and address data with fulfilment partners. The lawful basis is the performance of a contract.
  • Website analytics: To understand how visitors use our Website and improve our online presence, we share anonymised usage data with analytics providers (such as Google Analytics). The lawful basis is our legitimate interest in improving our Services. This processing is subject to your cookie consent.
  • Email and marketing communications: To deliver marketing emails and promotional communications, we may share contact details with email delivery platforms. The lawful basis is your consent.
  • Hosting and technical services: To operate and maintain our Website and digital infrastructure, we share data with hosting and technology service providers. The lawful basis is our legitimate interest in maintaining reliable and secure services.
  • Business transfers: In the event of a merger, acquisition, or sale of all or part of our business, your information may be transferred as part of that transaction. We will notify you in advance of any such transfer where required by law.
  • Affiliates: We may share your information with our affiliates, including our parent company and any subsidiaries or joint venture partners, all of whom are required to honour this privacy notice.
  • Law enforcement and regulatory authorities: We may disclose personal data (including CCTV footage) to law enforcement agencies, regulatory bodies, or other authorities where required by law, pursuant to a court order, or where we believe it is necessary to prevent crime or protect the safety of individuals.

International data transfers: Some of our third-party service providers are based outside the United Kingdom. Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR, including use of the International Data Transfer Agreement (IDTA) or equivalent standard contractual clauses approved by the ICO. You may request further information about transfer safeguards by contacting us at info@thefarmersdogpub.com.

Legitimate Interests Assessments: Where we rely on legitimate interests as our lawful basis for sharing data, we have carried out a Legitimate Interests Assessment (LIA) to ensure our interests are not overridden by your rights and freedoms. You have the right to request information about these assessments by contacting us.

4. Cookies and Tracking Technologies

In Short: We use cookies and similar technologies on our Website. We use Cookiebot to manage your consent preferences in a transparent and granular way.

We use cookies and similar tracking technologies (such as web beacons and pixels) to operate our Website and understand how it is used. Under the Privacy and Electronic Communications Regulations (PECR) and UK GDPR, we are required to obtain your consent before placing non-essential cookies on your device.

How we manage cookie consent. We use Cookiebot (provided by Usercentrics) as our cookie consent management platform. When you first visit our Website, Cookiebot will present you with a consent banner allowing you to accept all cookies, deny non-essential cookies, or customise your preferences by category (such as necessary, analytics, and marketing).

Reviewing or changing your preferences. You can revisit and update your cookie preferences at any time by clicking the cookie control icon displayed on our Website. This will reopen the Cookiebot preference centre, where you can review the full list of cookies in use, see what each one does, and adjust your consent choices.

Cookie categories. Cookiebot categorises cookies into Necessary, Preferences, Statistics, and Marketing. A full and up-to-date list of the cookies we use, including their names, providers, purposes, and retention periods, is available within the Cookiebot preference centre on our Website. We recommend reviewing this directly, as the specific cookies in use may change over time as we update our Website and services.

You may also control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling certain cookies may affect the functionality of our Website.

For more information about how Cookiebot processes data in connection with its consent management service, please see the Cookiebot / Usercentrics privacy policy.

5. How Long Do We Keep Your Information?

In Short: We keep your information only for as long as necessary, in line with our retention schedule below.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law. Our standard retention periods are as follows:

  • Account and customer data: Retained for the duration of your account, plus 2 years following account closure or last interaction.
  • Booking and reservation data: Retained for 2 years from the date of your visit, to allow us to handle any follow-up queries or disputes.
  • Financial and transaction records: Retained for 7 years from the date of transaction in accordance with HMRC requirements.
  • Marketing data: Retained until you withdraw your consent or opt out, after which your preferences will be updated within 30 days.
  • CCTV footage: Retained for a maximum of 31 days, unless required for an ongoing incident, complaint, or legal proceeding.
  • Wi-Fi connection data: Retained for up to 90 days for network security purposes.
  • Website analytics data: Retained in accordance with Google Analytics’ standard retention settings (up to 26 months).
  • Legal and compliance records: Retained for as long as required by applicable law or regulation.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or securely store and isolate it from further processing until deletion is possible.

6. How Do We Keep Your Information Safe?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate technical and organisational security measures designed to protect the security of any personal information we process. These include access controls, encryption where appropriate, and restricted access to CCTV systems and personal data.

However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Transmission of personal information to and from our Website is at your own risk. You should only access the Website within a secure environment.

7. Do We Collect Information From Under 18s?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Website, you represent that you are at least 18, or that you are the parent or guardian of a minor and consent to such minor dependent’s use of the Website. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data. If you become aware of any data we may have collected from children under age 18, please contact us at info@thefarmersdogpub.com.

Please note that our premises are licensed and some areas may be restricted to adults. CCTV cameras operate throughout the premises regardless of age.

8. What Are Your Privacy Rights?

In Short: Under UK GDPR and the Data Protection Act 2018, you have a number of rights in relation to your personal data. You may exercise these rights at any time by contacting us.

As a UK resident, you have the following rights:

  • Right of access: You may request a copy of the personal data we hold about you (a Subject Access Request).
  • Right to rectification: You may request that we correct any inaccurate or incomplete personal data.
  • Right to erasure (“right to be forgotten”): You may request that we delete your personal data in certain circumstances.
  • Right to restrict processing: You may request that we limit how we use your personal data in certain circumstances.
  • Right to data portability: You may request your personal data in a structured, machine-readable format, and have it transferred to another controller where technically feasible.
  • Right to object: You may object to processing where we rely on legitimate interests, including profiling. You have an absolute right to object to your data being used for direct marketing.
  • Rights in relation to automated decision-making and profiling: You have the right not to be subject to a decision based solely on automated processing that produces a legal or similarly significant effect on you. You may request human review, express your point of view, and contest the outcome. To exercise this right, contact us at info@thefarmersdogpub.com.
  • Right to withdraw consent: Where we rely on consent as our lawful basis, you may withdraw it at any time. This will not affect the lawfulness of processing carried out before withdrawal.

To exercise any of the above rights, please contact us at info@thefarmersdogpub.com or by post to the address in Section 11. We will respond within one calendar month. We may need to verify your identity before processing your request. There is no fee for making a request unless it is manifestly unfounded or excessive.

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the UK’s supervisory authority:

Information Commissioner’s Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Tel: 0303 123 1113

https://ico.org.uk/make-a-complaint/

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can log in to your account settings and update your user account, or contact us using the contact information provided below. Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with applicable legal requirements.

Opting out of email marketing: You can unsubscribe from our marketing email list at any time by clicking the unsubscribe link in any marketing email, or by contacting us at info@thefarmersdogpub.com. You will be removed from the marketing email list within 30 days. We may still contact you for service-related or administrative purposes.

Managing cookies: You can review and update your cookie preferences at any time by clicking the cookie control icon on our Website to reopen the Cookiebot preference centre. See Section 4 for full details.

9. Data Protection Officer

Baobab Operations Ltd has assessed its obligations under UK GDPR and has determined that the formal appointment of a Data Protection Officer (DPO) is not currently required. Responsibility for data protection compliance sits with our senior management team.

If you have any data protection queries or concerns, please contact us at info@thefarmersdogpub.com or by post to the address in Section 11.

10. Do We Make Updates To This Notice?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date and will be effective as soon as it is accessible. If we make material changes, we may notify you by prominently posting a notice or by sending you a direct notification. We encourage you to review this notice periodically.

11. How Can You Contact Us About This Notice?

If you have questions or comments about this notice, or wish to exercise your data protection rights, please contact us:

Baobab Operations Ltd (trading as The Farmer’s Dog)

71 Queen Victoria Street

London, England, EC4V 4BE

United Kingdom

Email: info@thefarmersdogpub.com

12. Controls For Do-Not-Track Features

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your preference not to have data about your online browsing activities monitored and collected. As no uniform technology standard for recognising and implementing DNT signals has been finalised, we do not currently respond to DNT browser signals. If a standard is adopted that we must follow in the future, we will update this privacy notice accordingly.

13. How Can You Review, Update, Or Delete the Data We Collect From You?

Based on UK GDPR and the Data Protection Act 2018, you have the right to request access to, correction of, or deletion of the personal information we hold about you. To make a Subject Access Request or any other data rights request, please contact us at info@thefarmersdogpub.com or by post to the address in Section 11. We will respond within one calendar month of receiving your request.