Privacy & Cookies Policy
Lock 13 Brewpub, Sallins, Co. Kildare
Last updated: 27.11.25


This Privacy & Cookies Policy explains how we collect, use, store, and protect your personal data when you visit our website www.lock13.ie, make a booking, contact us, sign up to our newsletter, or interact with us online. We are committed to respecting your privacy and complying with the General Data Protection Regulation (GDPR).

If you have any questions, contact us at:
 info@lock13.ie


Lock 13 Brewpub, Canal View, Sallins, Co. Kildare.

  1. Who We Are
    Lock 13 Brewpub is operated by Castlewood Taverns Ltd, registered in Ireland. We act as the Data Controller for the personal data collected through our website and services.



What Personal Data We Collect

A. Information you provide
• Name
• Email address
• Phone number
• Booking details (date, time, party size)
• Payment information (processed securely by our payment provider – we do not store card details)
• Messages or enquiry details
• Newsletter sign-up information (Toast)

B. Information collected automatically
• IP address
• Browser type and device information
• Pages visited and time spent on the site
• Cookies and tracking data


C. Information from third parties
• Reservation systems (e.g. ResDiary)
• Email marketing tools
• Social media platforms when you interact with our content

  1. Why We Collect This Data (Legal Bases)

We process your personal data under the following legal bases:

• Managing bookings – Performance of a Contract
• Responding to enquiries – Legitimate Interest
• Sending marketing emails – Consent
• Improving website performance and customer experience – Legitimate Interest
• Complying with legal obligations – Legal Obligation
• Website analytics and tracking – Consent via cookie banner


  1. How We Use Your Data

We use your personal information to:

• Process and manage bookings
• Send booking confirmations and updates
• Respond to enquiries
• Run our newsletter
• Improve our website and customer experience
• Analyse website performance
• Provide customer service
• Deliver targeted advertising (only if you have given marketing consent)

  1. How Long We Keep Your Data

• Booking information – up to 2 years
• Newsletter subscriber information – until you unsubscribe
• Enquiry emails – up to 12 months
• Cookie data – based on your cookie preferences
• Financial records – up to 7 years as required by Irish law

After these periods, data is securely deleted or anonymised.



  1. Who We Share Your Data With

We only share your personal information with trusted partners who support the running of our business:

• ResDiary (reservation system)
• Payment processors
• Email newsletter providers
• Website analytics providers
• IT and website hosting companies
• Legal or regulatory bodies when required

We do not sell your personal data.

  1. Cookies & Tracking Technologies

Our website uses cookies to:

• Ensure the website works correctly
• Remember your preferences
• Analyse website traffic and performance
• Improve user experience
• Support advertising and marketing (only if you consent)

Types of cookies:

• Strictly necessary – always active
• Analytics cookies – require your consent
• Marketing & tracking cookies – require your consent

When you first visit the website, a Cookie Consent Banner will ask you which cookies you want to allow. You can change these choices at any time by selecting “Cookie Settings” on the site.


  1. Your Rights Under GDPR

You have the right to:

• Access your personal data
• Request corrections to inaccurate information
• Request deletion (right to be forgotten)
• Restrict or object to processing
• Withdraw consent at any time
• Request a copy of your data (data portability)

To exercise these rights, contact info@lock13.ie.


We will respond within 30 days.


  1. How We Protect Your Data

We use strong technical and organisational measures to keep your data safe, including:

• Secure, encrypted website hosting
• Access controls and password protection
• Secure booking and payment systems
• Staff training on data protection
• Regular internal reviews of data handling practices


  1. International Data Transfers

Some service providers may process data outside the EU. In these cases, your data is protected using:

• Standard Contractual Clauses (SCCs)
• Approved certifications
• GDPR-equivalent protection levels


  1. Children’s Data

Our website and services are not intended for children under 16. We do not knowingly collect children’s personal data.


  1. Updates to This Policy

We may update this Privacy & Cookies Policy from time to time. Any changes will be published on this page with an updated 27.11.25.