top of page

Privacy policy

Who We Are

Milk (Reading) Limited ("we", "us", "our") is a cocktail bar based in the United Kingdom with an online presence at www.milkreading.com & www.milkreading.co.uk (the "Site"). Our registered office is 65 Peach Street, Wokingham, Berkshire, United Kingdom, RG40 1XP and our trading address is Milk Reading, 8 Merchants Place, Reading,  Berkshire, RG1 1DT and our contact email is hello@milkreading.co.uk.

​

We are the “controller” of the personal data we collect. This policy explains how we collect, use, disclose and protect your information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR).

 

What Personal Data We Collect

​​

  • Identity Data

    • Examples - name, title, date of birth

    • Purpose - to verify bookings & service provision

    • Lawful Basis* - contract performance (Art 6 (1)(b))

  • Contact Data

    • Examples - email, phone number, postal address

    • Purpose - communicate with you; send confirmations

    • Lawful Basis* -contract performance; legitimate interest

  • Transaction Data

    • Examples - booking details, tickets purchased, amounts, partial payment card data (tokenised)

    • Purpose - process and confirm payments & orders

    • Lawful Basis* -contract performance; legal obligation

  • Marketing Preferences

    • Examples - newsletter opt‑in/opt‑out status

    • Purpose - send promotional emails

    • Lawful Basis* -consent (Art 6 (1)(a))

  • Technical Data

    • Examples - IP address, browser type, device, operating system, referring URLs

    • Purpose - security, analytics, improve Site

    • Lawful Basis* -legitimate interest

  • Usage Data

    • Examples - page interactions, time spent, clicks

    • Purpose - understand how visitors use our Site

    • Lawful Basis* -legitimate interest

  • Cookie Data

    • Examples - unique IDs set by Wix & Google Analytics/Ads

    • Purpose - remember preferences, measure traffic

    • Lawful Basis* -consent (non‑essential cookies)​

​​​​​

CCTV Use in the Bar

We use closed-circuit television (CCTV) within our premises for the purposes of:

  • Ensuring the safety and security of our customers, staff, and property

  • Preventing and detecting crime or anti-social behaviour

  • Supporting investigations of incidents that occur on-site

  • Footage is stored securely and retained for a maximum of X days, unless it is required longer for investigation purposes, in which case it may be retained until resolution.

  • Access to CCTV recordings is restricted to authorised personnel only and may be shared with law enforcement authorities if required by law.

 

How We Collect Your Data

  • Direct interactions – when you complete our online forms (newsletter sign‑up, event purchase, table reservations), call, email or visit the bar.

  • Automated technologies – cookies and similar technologies collect Technical and Usage Data.

  • Third‑party sources – payment processors (e.g. Stripe, PayPal) send us transaction confirmations; reservation platforms (e.g. Wix Bookings) forward booking information.
     

 

Lawful Bases for Processing

We rely on the following lawful bases under UK GDPR:

  1. Consent – for sending marketing communications and setting non‑essential cookies. You may withdraw consent at any time.

  2. Contract performance – to process bookings, ticket purchases and provide requested services.

  3. Legal obligation – to maintain accounting records (minimum 6 years) and comply with food & licensing regulations.

  4. Legitimate interests – to secure our Site, prevent fraud and understand customer behaviour (analytics). We balance these interests against your rights.
     

​

Cookies and Similar Technologies

Our Site is hosted on Wix.com, which sets first‑party cookies required for core functionality (e.g. session management, CSRF protection). We also use:

  • Google Analytics – to measure traffic and interactions.

  • Google Ads (Conversion Tracking & Remarketing) – to assess the effectiveness of advertising campaigns.

Non‑essential cookies are deployed only after you grant consent via our cookie banner. You can withdraw consent at any time by adjusting the banner settings or your browser.

Cookie lifespans range from session‑only to up to 24 months (Google Analytics _ga). Full details are listed in our Cookie Notice.

 

How We Use Your Data

  • Manage table reservations and event tickets.
    Process payments (we never store full card details; these are handled securely by Stripe under PCI‑DSS).

  • Send booking confirmations, service updates and requested marketing.

  • Handle customer service enquiries and resolve disputes.

  • Analyse Site usage to improve content, layout and marketing effectiveness.

  • Maintain business records and comply with legal or licensing requirements.

We do not use automated decision‑making that produces legal or similarly significant effects.

 

Sharing Your Data

  • Wix.com Ltd. - Site hosting, reservation forms - Adequacy decision 

  • Google LLC (USA) - Analytics & Ads - UK Addendum to SCCs

  • Email marketing provider (e.g. Wix.com, Mailchimp) - Newsletter distribution - UK Addendum to SCCs

  • Payment processor (e.g. Stripe Payments UK Ltd.) - Payment collection - Data Processing Agreement

  • Professional advisers (accountants, lawyers) - Regulatory compliance - Confidentiality contracts

  • Law enforcement / regulators - When legally required - Statutory obligation

​

 

International Transfers

Some providers (e.g. Google, Mailchimp) are located outside the UK. Where we transfer data internationally we implement appropriate safeguards such as the UK Addendum to the EU Standard Contractual Clauses or rely on adequacy decisions.

 

Data Retention

We keep personal data only as long as needed:

  • Booking & transaction records - 6 years after end of financial year

  • Marketing list (email) - Until you unsubscribe

  • Enquiry emails - 12 months

  • Analytics data - 26 months (Google default)

  • Cookies - see Section 5

Records may be retained longer if required for legal claims.

 

Your Rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.

  • Request correction of inaccurate data.

  • Request erasure (the "right to be forgotten").

  • Object to or restrict processing.

  • Data portability (receive data in a structured, machine‑readable format).

  • Withdraw consent at any time (for marketing or cookies).

  • Complain to the Information Commissioner’s Office (ICO).
     

To exercise any right, contact us at [email address]. We will respond within one month.

 

Security

We implement appropriate technical and organisational measures including HTTPS, regular security patches, access controls and staff training. However, no online service is 100 % secure.

 

Links to Other Websites

Our Site may contain links to third‑party sites. We are not responsible for their privacy statements. We encourage you to read the privacy policies of every site you visit.

 

Changes to This Policy

We may update this policy from time to time; any significant changes will be posted on this page and, where appropriate, notified to you by email. The most recent version is indicated by the date at the top.

 

Contact

For queries, data requests or complaints please contact:

  • Owner - Tim Hooper

  • Milk Reading 

  • 8 Merchants Place, Reading,  Berkshire, RG1 1DT

  • Email: hello@milkreading.co.uk 

If you remain dissatisfied you may complain to the ICO at ico.org.uk or by phone 0303 123 1113.

CONTACT

Milk Reading
8 Merchants Place, Reading,  Berkshire, RG1 1DT

hello@milkreading.co.uk

Connect

Follow us on social media

  • Instagram
  • Facebook
  • Spotify

Mailing list

Keep up to date with events & promotions

© Milk (Reading) Limited 
www.drinkaware.co.uk  |  Privacy Policy 
 

Monday - Saturday 17:00 - 00:00
Sunday 17:00 - 23:00

Happy Hour(s)
17:00 - 19:00 Sunday - Friday

Super Discount Club
17:00 - 00:00 Every Wednesday

bottom of page