Yakitori House – Privacy Policy

Last Updated: 22 December 2025

Yakitori House (“we”, “us”, “our”) is committed to protecting your personal information and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, make a booking, purchase a gift card, or contact us.

By using our website, you agree to this Privacy Policy.

1. Who We Are

Yakitori House
5 St Bryde Street, East Kilbride, Glasgow, G74 4HQ
Email: admin@yakitorihouse.co.uk
Phone: 01355 234148

We are the Data Controller for all personal data collected through this website and our booking and gift card systems.

2. What Personal Data We Collect

A. Information You Provide Directly

Bookings (ResDiary, DishCult, Google, Meta platforms)

When you make a booking using our embedded ResDiary widgets, DishCult, Google, or Meta (Facebook/Instagram) booking tools, you may provide:

  • Full name
  • Email address
  • Phone number
  • Booking details (date, time, party size, occasion, dietary notes, special requests)

These platforms collect your information as independent data controllers and share reservation details with us so we can manage your booking.

Gift Card Purchases (WooCommerce & PW WooCommerce Gift Cards Pro)

When you purchase a gift card through our website, we collect:

  • Your name
  • Your email address
  • Billing details (address, postcode, etc.)
  • Order details (items purchased, value, date and time)
  • Gift card amount and currency
  • Recipient name (if provided)
  • Recipient email address (for digital delivery)
  • Personal message written to the recipient

The PW WooCommerce Gift Cards Pro plugin stores the gift card code, balance, expiry date and redemption history in our website database.

Contacting Us (Email, Social Media)

When you contact us directly, for example by email or via social media, we may collect:

  • Your name
  • Your email address or social media handle
  • The contents of your message and any information you choose to include

B. Information Collected Automatically

When you use our website, we and our service providers may automatically collect certain information using cookies and similar technologies, such as:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and actions taken on the site
  • Referring website
  • Cookie preferences
  • WooCommerce session and cart cookies
  • Cookies set by payment providers such as Stripe
  • Cookies set by embedded services (e.g. YouTube, Google services)

C. Data from Embedded or Third-Party Services

ResDiary, DishCult, Google & Meta Booking Integrations

Our booking functionality may be provided by ResDiary (including DishCult), Google and Meta platforms (for example, Facebook or Instagram booking tools). These services collect booking data and share it with us so we can confirm and manage your reservations. Their own privacy policies also apply to your use of those services.

YouTube Embedded Videos

We embed YouTube videos on some pages. When you play a video, YouTube may collect information about your device and usage, including:

  • IP address
  • Browser and device details
  • Video views and interactions

YouTube may set cookies on your device, depending on the preferences you select in our cookie consent banner.

Google Reviews Widget (TrustIndex)

We display Google reviews using a third-party widget (TrustIndex). This widget pulls data directly from Google, which may include:

  • The reviewer’s public Google name
  • Profile image (if public)
  • Review text and rating

We do not control what reviewers choose to publish on Google and do not store those review details in our own database beyond what is necessary to display the widget.

3. How We Use Your Personal Data

We use your personal data for the following purposes and legal bases under UK GDPR:

  • To manage bookings – confirming, amending and cancelling reservations, and contacting you if necessary.
    Legal basis: Performance of a contract.
  • To process gift card purchases – issuing gift cards, recording the balance, expiry and redemptions, and sending confirmation emails.
    Legal basis: Performance of a contract.
  • To process payments – through Stripe and other payment services, including fraud prevention.
    Legal basis: Performance of a contract and legitimate interests.
  • To respond to enquiries – when you contact us by email or social media.
    Legal basis: Legitimate interests.
  • To operate and improve our website – including monitoring performance, diagnosing problems and optimising the user experience.
    Legal basis: Legitimate interests and, where applicable, your consent for cookies/analytics.
  • To send marketing communications (if you opt in) – such as news, offers or updates.
    Legal basis: Consent.
  • To comply with legal obligations – including tax, accounting and regulatory requirements.
    Legal basis: Legal obligation.
  • To protect our business – including fraud detection, security monitoring and enforcing our terms.
    Legal basis: Legitimate interests.

4. WooCommerce & Gift Cards (PW WooCommerce Gift Cards Pro)

Our online store uses WooCommerce to manage orders and PW WooCommerce Gift Cards Pro to handle gift card functionality. When you purchase or receive a gift card, we store the following information in our WordPress database:

  • Gift card code
  • Gift card balance and top-up history
  • Gift card expiry date
  • Sender name and email address
  • Recipient name and email address (if provided)
  • Personal message from the sender to the recipient
  • Associated order details

This information is required to issue, manage and redeem gift cards, and to prevent fraud. We also keep certain records for accounting and tax purposes for up to six years.

Gift card personal messages are only used to deliver the gift and are not used for marketing.

5. Payments (Stripe)

We use Stripe to process payments securely. When you make a payment, Stripe will collect and process certain personal data, including:

  • Your name
  • Billing address
  • Email address
  • Payment method details (such as card type and last four digits of your card number)
  • Transaction amount and date

Stripe may also use cookies or similar technologies on the checkout pages. We do not store your full card details on our servers. Stripe acts as an independent data controller for payment processing and has its own privacy policy.

6. Email Delivery (FluentSMTP & Mailjet)

Our website uses FluentSMTP to route outgoing emails and Mailjet as our third-party email delivery service. This may include:

  • Order confirmations
  • Gift card emails
  • Booking-related notifications
  • Responses to contact emails (if sent via the website)

Mailjet processes the following data to deliver these emails:

  • Sender email address
  • Recipient email address
  • Email content
  • Technical metadata (such as IP address, device data, timestamps, and delivery status)

Mailjet may retain email logs for a period of time to monitor deliverability, prevent abuse, and debug technical issues. We do not use email content processed via Mailjet for marketing unless you have opted in to receive marketing communications.

7. Social Media & Messaging

If you contact us via social media platforms such as Facebook or Instagram, or through messaging services like WhatsApp (now or in future), we may receive:

  • Your profile name and public profile information
  • Your message content and any information included by you

These platforms operate as independent data controllers under their own privacy policies. We use information received from these platforms only to respond to your enquiries and manage bookings or customer service requests.

8. Future Automated Messaging & AI Tools

We may in future implement automated or AI-assisted messaging tools to help respond to customer enquiries and manage bookings across channels such as Instagram, Facebook, WhatsApp or a website chat system.

Any such tools will only be used to:

  • Answer questions and assist with bookings or orders
  • Improve the speed and consistency of our customer service

We will not use these tools for automated decision-making that has legal or similarly significant effects on you. If we introduce such tools or expand their use, we will update this Privacy Policy and, where required, seek your consent.

9. Cookies

Our website uses cookies and similar technologies to operate effectively and provide certain features. We use the CookieYes plugin to manage your consent and allow you to control which cookies are enabled.

Cookies on our site can include:

Essential Cookies

  • WordPress and WooCommerce cookies needed for basic site functionality, such as keeping items in your cart and maintaining your session.
  • Security and performance-related cookies.
  • CookieYes consent cookies, which remember your cookie preferences.

Analytics and Performance Cookies (if you consent)

  • Cookies that help us understand how visitors use our website so we can improve our services.

Marketing and Third-Party Cookies (if you consent)

  • YouTube cookies related to embedded videos.
  • Stripe cookies associated with payment processing.
  • Cookies used by Google and Meta booking tools or widgets, where applicable.
  • Cookies used by the Google Reviews widget provider (TrustIndex) to display reviews.

You can control and manage your cookie preferences at any time through the cookie banner or your browser settings. For more detailed information, please refer to our separate Cookie Policy.

10. Data Retention

We retain your personal data only for as long as reasonably necessary to fulfil the purposes outlined in this Privacy Policy and to comply with legal, tax and accounting requirements.

Typical retention periods include:

  • Booking information: up to 24 months after your visit, unless a longer period is required by law or for dispute resolution.
  • Gift card information: up to 6 years for accounting and tax compliance.
  • Order and transaction records: up to 6 years.
  • Email enquiries: up to 12 months after our last interaction.
  • Cookies and analytics data: according to cookie lifespan and consent.

11. Data Sharing

We will only share your personal data with third parties when necessary for our business operations, to provide our services, or when required by law. These third parties include:

  • ResDiary, DishCult, Google and Meta booking platforms.
  • Stripe (payments).
  • Mailjet (email delivery).
  • Hosting and technical service providers.
  • Plugin and service providers used on our website.
  • Professional advisers and regulators where required.

We do not sell personal data.

12. International Data Transfers

Some service providers may process personal data outside the UK. Where this occurs, we ensure appropriate safeguards are in place in line with UK GDPR.

13. Your Rights Under UK GDPR

You have the right to access, correct, erase, restrict, object to processing, request portability, and withdraw consent. To exercise these rights, contact us at admin@yakitorihouse.co.uk.

14. Security & Fraud Prevention (Wordfence)

We use Wordfence Security to protect our website from unauthorised access, malicious activity, and abuse.

Wordfence may collect and process technical information including IP addresses, browser details, device information, login attempts, pages accessed, and timestamps. This data is used solely for security and fraud prevention purposes.

Some data may be processed outside the UK using appropriate safeguards. The lawful basis for this processing is our legitimate interests in protecting our website and users.

15. Security

We use appropriate technical and organisational measures including SSL encryption, secure hosting, access controls, and regular updates to protect personal data. However, no system can be guaranteed to be completely secure.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Last Updated” date will be revised accordingly.

17. Contact Us

Email: admin@yakitorihouse.co.uk
Address: Yakitori House, 5 St Bryde Street, East Kilbride, Glasgow, G74 4HQ
Phone: 01355 234148

You also have the right to contact the Information Commissioner’s Office (ICO).