
Privacy Policy
Privacy Policy
Last update: July 23rd, 2025.
This Privacy Notice is provided by The ONE Group Hospitality, Inc. and/or all or any of its subsidiaries and affiliates (collectively, “The ONE Group”, “we”, “us”, and “our”).
The ONE Group is committed to ensuring the privacy of your data. We are further committed to preventing unauthorized access to that data. Our Privacy Notice details what data is collected from our customers, users, business representatives, and others and explains how we use it, how it is stored, and your choices related to our use of your data.
This Privacy Notice applies to information we may collect from and about you during your visits to our websites (togrp.com ; stksteakhouse.com ; benihana.com ; konagrill.com ; rasushi.com ; samurairestaurant.com ; baoyum.com ; saltwatersocial.com) or mobile apps (as well as associated features or functions), social media channels or other digital channels, as part of your in-restaurant interactions, and as part of your interactions with in-restaurant devices that are owned or controlled by us (collectively the “Site(s)”).
This Privacy Notice does not apply to or describe the privacy practices of any franchisee or licensee, whether foreign or domestic.
We may revise this Privacy Notice from time to time in our sole discretion. If there are any material changes to this Privacy Notice, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the terms of the updated Privacy Notice if you continue to use our Sites after the new Privacy Notice takes effect.
Residents of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia have certain additional privacy rights, which are set forth in our State Specific Privacy Notice, referenced below and available at https://stksteakhouse.com/en-gb/supplemental-state-specific-privacy-notice/
WHO WE ARE
The ONE Group is a global leader in the hospitality industry that develops and operates upscale, high-energy restaurants and lounges and provides hospitality management services for hotels, casinos and other high-end venues both nationally and internationally. The ONE Group’s iconic restaurant brands include STK®, Benihana®, Kona Grill®, and RA® Sushi. The One Group also operates ONE Hospitality, a signature turn-key food and beverage service.
The ONE Group is based in the United States and holds an outstanding reputation in the industry and has received excellent reviews from food critics. The ONE Group respects your privacy and takes safeguarding personal information seriously. Please read the following to understand the privacy practices of The ONE Group.
WHAT PERSONAL INFORMATION DO WE COLLECT?
For purposes of this Privacy Notice, “personal information” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Under specific laws, personal information may include any information relating to a household.
We collect personal information:
- Directly from you when you actively provide it to us. When you reserve a table, place an online order, purchase a gift card, register an account with us, submit forms through our Sites, or engage in other interactions or communications with us, we will ask for information like your name, contact, billing, shipping and communication information. We may also request a form of payment such as a debit or credit card number. If you do not want us to collect or process this information, please do not provide it to us.
- From third parties. We may collect personal information about you from other sources. For example, some content or applications associated with our Sites may be provided by third parties, such as the reservations feature provided through OpenTable and other reservation service providers. Our Sites also connect with social media and like services such as Facebook, Twitter, LinkedIn and Instagram, where we may receive personal information in relation to your interactions.
Personal information collected from third parties may also include personal information obtained for marketing purposes for potential business partners, clients, franchisees and customers. We obtain marketing data that we use to reach out to inform representatives, potential business partners, clients, franchisees, and customers of The ONE Group, and to advance business opportunities. This type of personal information may include the individual’s name, email address, phone number, job title, and the name of the organization they represent.
We take steps to confirm that information we receive from third parties has been collected with appropriate consents or that these parties are otherwise legally permitted to disclose your personal information to us. We might also obtain information through a partner, or co-create datasets with a partner, as part of our business operations. In some cases we may combine personal information about individuals that we receive from multiple sources, including directly collected from you or through your use of the Sites.
- Automatically when you use or navigate through the Sites. We automatically collect personal information when you access and use the Sites, or navigate through the Sites, through the use of cookies, web beacons, pixels and similar technologies. That information may include:
- Identifiers such as your IP address, Internet service provider (ISP), mobile advertising ID, media access control (MAC) address, and identifiers associated with browser cookies, web beacons and similar technologies we deploy on our Sites.
- Information about the devices and computers you use to access the Sites such as browser type, language, operating system, the referring web page, pages visited, and hyperlinks clicked. When you visit the Sites, we collect usage information sent to us by your computer, mobile, or other access device that tells us how you are using the Sites and other information about your Internet activity.
- We may collect your IP address when you use a device to access our Site and use it to estimate your approximate location.
Please see the section entitled “Use of Cookies, Web Beacons, Pixels, and Similar Technologies” for more information on our use of cookies and similar technologies, and how you can manage cookies.
USE OF COOKIES AND OTHER TRACKING TECHNOLOGIES
As previously noted, we (or service providers acting on our behalf) may use technologies, including “cookies,” “web beacons,” and “pixels” to automatically collect information from you when use the Sites. We use these technologies to help us provide you with a more personalized experience and to improve the Sites and/or our products or services.
Cookies
“Cookies” are files that can identify you as a unique user and store your personal preferences as well as technical information (including click through and click stream data). Cookies can either be permanent (i.e., they remain on your computer until you delete them) or temporary (i.e., they last only until you close your browser). Cookies may also be set within emails in order to track how often our emails are opened.
The following cookies may be used on the Sites:
First-Party Cookies: We may place our own first-party cookies based on the pages that you visit on our Sites.
Third Party Cookies: Third party cookies may also be placed by others when you visit our Sites.
Session Cookies: We may use session cookies to make it easier for you to navigate our Sites. A session ID cookie expires when you close your browser.
Persistent Cookies: We may also use persistent cookies that remain on your hard drive for an extended period of time, and which can be used to store a password or track and target the interests of users navigating the Sites.
Our uses of cookies include, but are not limited to, the following purposes:
User input cookies (session-id) such as first party cookies to keep track of the user’s input when filling online forms, shopping carts, etc., for the duration of a session or persistent cookies limited to a few hours in some cases;
Authentication cookies, to identify the user once they have logged in, for the duration of a session;
User centric security cookies, used to detect authentication abuses, for a limited persistent duration;
Multimedia content player cookies, used to store technical data to play back video or audio content, for the duration of a session;
Load balancing cookies, for the duration of session;
User interface customization cookies such as language or font preferences, for the duration of a session (or slightly longer); and
Third party social plug in content sharing cookies, for logged in members of a social network.
Pixels/Beacons
Tracking pixels (also known as web beacons) are small strings of code that provide a method for delivering a graphic image on a webpage for the purpose of transferring data, such as the IP (Internet Protocol) address of the computer that downloaded the page on which the web beacon appears, the URL (Uniform Resource Locator) of the page on which the pixel or web beacon appears, the time the page containing the pixel or web beacon was viewed, the types of browser that fetched the pixel or web beacon and the identification number of any cookie on the computer previously placed by that server. When corresponding with you via HTML capable e-mail, pixels or web beacons let us know whether you received and opened our email.
Clear GIFs
A clear GIF is a transparent graphic image placed on a website. The use of clear GIFs allows us to monitor your actions when you open a web page and makes it easier for us to follow and record the activities of recognized browsers. Clear GIFs are used in combination with cookies to obtain information on how visitors interact with our Sites.
Blocking or Deleting Cookies and Pixels/Beacons
You may adjust your browser to reject cookies from us or from any other site. Additionally, by setting your web browser to display HTML emails as text only, you may be able to prevent the use of some web beacons.
If you do not agree to the use of cookies or similar technologies, please disable or delete them by following the instructions for your browser set out here: http://www.allaboutcookies.org/, or use automated disabling tools where available. However, if you reject or disable cookies, you may still use the Sites, but your ability to use some features of the Sites may be limited.
SMS Communications
Please select this link to read these SMS Terms and Conditions (the “SMS Terms”) carefully. By opting in, enrolling, or otherwise agreeing to receive text messages from The ONE Group, you agree to these SMS Terms, in addition to The ONE Group’s Terms of Use and Privacy Notice, which are incorporated herein by this reference. For purposes of these SMS Terms, “The ONE Group” refers to The ONE Group Hospitality, Inc. and/or all or any of its subsidiaries and affiliates.
You can opt out of receiving these messages at any time by replying “STOP” to any SMS or contacting us at [email protected].
Guest Wireless Access
Certain of our restaurant locations may offer guest wireless Internet service. If you connect to guest wireless internet service when visiting one of our locations offering that service, we may automatically log your activity on that connection, including the timer, date and duration of your connections and the information that identifies your device.
Ad Targeting; Analytics
We use business tools from Meta, including pixels. Third parties, including Meta, may use cookies, web beacons, and other storage technologies to collect or receive information from our Sites and elsewhere on the Internet and use that information to provide measurement services, target and deliver ads. For more information about the privacy practices of Meta, please visit the Meta Privacy Policy web page: https://www.facebook.com/privacy/policy/.
This means that you may see advertising on our Sites tailored to how you browse or shop, or you may see advertising for The ONE Group on other websites based on your browsing behavior across websites. Some websites where we may advertise belong to ad networks that use your web browsing history to choose which ads to display on their network websites; these ads include advertising for The ONE Group, but no personal information about you is shared with those third party ad networks.
We also use Google Analytics, a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Sites. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
You can opt-out of having made your activity on the Sites available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy.
We also use the TikTok pixel to track conversions from TikTok ads, optimize our ad campaigns, and build targeted audiences for future ads. For more information about how TikTok handles your data, please review TikTok’s Privacy Policy at https://www.tiktok.com/legal/privacy-policy.
You can use Google ad settings (https://www.google.com/settings/ads) to manage the Google ads you see and turn off personalized ads. You can also opt-out using Meta’s opt-out tools at https://www.facebook.com/settings/?tab=ads, and by using TikTok’s privacy settings at https://www.tiktok.com/setting. Even if you turn off personalized ads, you may still see ads based on factors such as your general location derived from your IP address, your browser type, and your search terms.
We do not control third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.
Other websites where you see our ads, such as Facebook, may use interest preferences that you have chosen on those sites, as well as registration and other information about you, to choose which ads to display to you. Some Internet browsers, websites such as Facebook and mobile devices offer opt-outs for interest-based advertising. Please refer to the website that you are visiting, your browser and/or your device settings for additional information.
You can also opt-out of receiving interest-based ads from third parties who are members of the Network Advertising Initiative (NAI) or who follow the Digital Advertising Alliance’s (DAA) Self-Regulatory Principles for Online Behavioral Advertising by using tools provided by the DAA and the NAI. To opt-out of sharing your information with such participating third parties for targeted advertising, please use the following tools:
- For websites: the DAA WebChoices Tool, available at http://optout.aboutads.info/?c=2&lang=EN, and the NAI Consumer Opt-Out Tool, available at http://optout.networkadvertising.org/?c=1.
- For mobile apps: the DAA AppChoices Tool, available at http://www.aboutads.info/appchoices.
Lastly, you may be able to opt-out of the collection and use of information for ad targeting by contacting us using the contact methods specified in the “How to Contact Us” section below.
HOW WE USE THE PERSONAL INFORMATION THAT WE COLLECT
We use the personal information that we collect for a variety of business and commercial purposes, such as:
- To provide our Sites and our other products and services to you. We may use personal information to provide the Sites and our other products and services to you. Such use may include, without limitation, to enable restaurant reservations, process online orders, and to operate gift card and rewards programs.
- For functionality and development of the Sites. We may use personal information to provide, offer, and personalize the Sites provided to you. Some information, like your IP address, is used to communicate with your device to provide network connectivity, measure usage levels of the Sites, diagnose server problems and provide security features. Other business purposes that depend on use of your information include data analysis related to testing, modifying, improving or developing new products, services and technologies, and to identify trends.
- For customer support and site updating and reporting. Our Sites may use personal information to provide us with updates and reports, and to check that the Sites are working properly. Update functions may automatically check your system to see whether files need to be refreshed, updated, or modernized, in order to provide you with the up-to-date security, versions, features, options and controls associated with your systems or devices. We rely on information to analyze performance and improve and maintain our Sites. We also rely on personal information you provide to us to provide you with customer support for the Sites and our other products and services, and to verify eligibility for promotional offers.
- For business operations. We use personal information to operate our business. Such use may include, without limitation, use for sales leads, subscription services, payments, employee training, marketing, data analysis, security monitoring, auditing, research, to exercise legal rights, and to meet tax and other regulatory requirements. Other business purposes that depend on use of your personal information include crime or fraud monitoring and prevention, protecting our legal rights, and performing contractual obligations.
- To communicate. We use contact information to send messages; to respond to customer service requests; to provide alerts such as security updates or changes in our policies or about subscriptions that are ending; and to send marketing or informational materials like newsletters, in accordance with your communication preferences. We occasionally conduct surveys, or do focused research or studies which may require you to voluntarily share personal information in order to participate. These activities typically have additional notices that provide more information about the use of your personal information and to which you may be asked to consent.
- For advertising and marketing. We may use personal information collected from you, combined with information about what advertisements you viewed and other information we collect, to enable us to provide personalized content and to study the effectiveness of advertising and marketing campaigns. You may choose whether to allow or deny uses or sharing of your device’s location by changing your device settings, but if you choose to deny such uses or sharing, we may not be able to provide you with certain personalized services and content on the Sites.
- For Statistical Purposes and to Improve the Sites. We may compile statistics regarding the use of the Sites into traffic reports, which help us understand, anticipate, and respond to user needs. If we learn, for example, of heightened interest in certain aspects of the Sites or products or services that we offer, we are likely to highlight that information on our Sites.
Legal basis or justification four our use (applicable only to EEA, UK, and Swiss Visitors). Our legal basis (for visitors in the EEA or UK) or justification (for visitors in Switzerland) for collecting and using your personal information as described in this Privacy Notice will depend on the personal information concerned and the specific context in which we collect it.
However, we will collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, where we have a legal obligation to do so, or where the processing is in our legitimate interests (such as processing for administrative purposes, direct marketing, product development or improvement, preventing fraud or criminal acts and in support of information security) and not overridden by your data protection interests or fundamental rights and freedoms.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the time of collection. We will also tell you whether the requirement for that information is mandatory and explain any consequences to you if you do not provide the information.
Similarly, if we collect and use your personal information based on our legitimate interests (or those of any third party), we will take reasonable steps to provide clear notice and describe our legitimate interests.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information for any specific processing activity, please contact us using the contact details provided under the “How to Contact Us Section” below.
HOW WE SHARE YOUR PERSONAL INFORMATION WITH THIRD PARTIES
We may share the personal information we collect with third parties in the following circumstances:
- Affiliates and Franchisees. We may share some or all of your personal information with a parent company, franchisees, subsidiaries, joint venturers, or other companies under common control with us.
- Third Party Service Providers. We may share personal information we collect about you with third party service providers who perform tasks or provide services to us or on our behalf, such as operating and supporting the Sites. The types of service providers, or subprocessors, to whom we entrust personal information include: (i) providers of reservation services; (ii) providers of online order and checkout services; (iii) payment providers; (iv) providers of hosting services; (v) sales and marketing providers; (vi) providers of security services; (iv) providers of analytic data services; and (v) providers of survey services.
- With Partners. We occasionally have relationships with third parties that are not suppliers or vendors but are working with us to offer certain opportunities such as marketing and similar promotions, to enable joint products or research studies, or to facilitate services on our Sites. In these cases, additional terms or privacy policies may be provided.
- Social Media and Similar Services. The Sites may include functionality that allows integration with social media features. This includes the Facebook “Like” button and other widgets, such as the “Share” button or interactive mini-programs provided by third parties. Information is shared when you interact with these social media and similar services.
- Regulatory Bodies, Public Authorities and Law Enforcement. We may access and disclose your personal information to regulatory bodies and governmental authorities if we have believe in our sole discretion that doing so is required under applicable laws. This may include submitting personal information required by tax authorities. We may disclose your personal information in response to lawful requests by public authorities or law enforcement, including to meet national security or law enforcement requirements.
- Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, then your information may be sold or transferred as part of such a transaction as permitted by law and/or contract.
- Other Disclosures. We may also disclose your personal information to exercise or defend legal rights; to take precautions against liability; to protect the rights, property, or safety of the resource, of any individual, or of the general public; to maintain and protect the security and integrity of Sites or their infrastructure; to protect ourselves and our services from fraudulent, abusive, or unlawful uses; or to investigate and defend ourselves against third party claims or allegations.
- With Your Consent. We may disclose your personal information to any other person or entity where you consent to the disclosure.
PERSONAL INFORMATION FROM CHILDREN
We do not knowingly collect, use, or disclose personal information from children under 16. If we learn that we have collected the personal information of a child under 16 – or the equivalent minimum age depending on the jurisdiction, such as 13 in the United States per the Children’s Online Privacy Protection Act – we will take steps to delete the information as soon as possible. If you are under 16, do not provide any personal information about yourself to The ONE Group, including your name, address, telephone number or email address. If you become aware that personal information of a child under 16 years of age has been provided, please use one of the contact methods provided under the “How to Contact Us” section below.
LINKS TO OTHER WEBSITES
The Sites may contain links to third party websites or services that are not owned or controlled by The ONE Group. We have no control over the content, privacy policies, or practices of any such third party website or services. You are subject to the policies of those third party websites or services where applicable. We encourage you to review the privacy policies of these third party websites or services before you disclose your personal information.
SOCIAL FEATURES AND PUBLIC FORUMS
The Sites may include certain features that permit interactions between the Sites and certain third party services, such as third party social networks, including by way of example, features enabling the sharing of content between the Sites and the third party service, “liking” or “sharing” of The ONE Group’s content, or logging into the Site through the use of a third party service account.
If you use these features, the information your post or provide access to may be publicly displayed on the Sites or the respective third party service. If you post information on a third party service that references the Sites, The ONE Group, or its brands, your post may be used on or in connection with the Sites or by The ONE Group.
We may also offer public forums or similar features on the Sites. Unless otherwise stated, any information disclosed by you in these areas may become publicly available.
DATA SECURITY
The ONE Group uses technical and organizational measures to protect the personal information we store, transmit, or otherwise process, against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access. We regularly consider appropriate new security technology and methods as we maintain and develop the Sites. However, please keep in mind that no method of transmission over the Internet or electronic storage technology is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
RETENTION OF PERSONAL INFORMATION
The ONE Group retains personal information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying legal, regulatory, tax, accounting or reporting requirements and for the purposes described in this Privacy Notice. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
If you have registered an account with us, we retain your account information for your future use as long as your account is active. If you have not used your account for an extensive time period, we reserve the right to deactivate and delete that account. You will have an option to register a new account with us at your convenience.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
We regularly review our retention policies to ensure compliance with our obligations under data protection laws and other regulatory requirements. We regularly audit our databases and archived information to ensure that personal information is only stored and archived in alignment with our retention policy.
DO NOT TRACK REQUESTS
Your Internet browser and mobile device may allow you to adjust your browser settings so that “do not track” requests are sent to the websites you visit. IF YOU DO NOT WANT US TO AUTOMATICALLY COLLECT INFORMATION FROM YOU WHEN YOU USE THE SERVICE, EITHER NOW OR FOR FUTURE BROWSING SESSIONS, REFRAIN FROM USING THE SERVICE. WE DO NOT CURRENTLY RESPOND TO DO NOT TRACK (“DNT”) SIGNALS.
DATA STORAGE AND INTERNATIONAL TRANSFER
Your personal information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide your personal information to us, we may transfer your personal information to the United States and process it there. Where we transfer your personal information, we will take all reasonable steps to ensure that your privacy rights continue to be protected.
Whenever The ONE Group transfers personal information beyond the country of origin, we will do so in accordance with applicable laws. In the case of transfers of personal information obtained or sourced by The ONE Group from within the EEA, the UK, or Switzerland to countries outside of those jurisdictions without an adequacy decision from a governing regulatory authority, The ONE Group will only transfer your personal information pursuant to a valid data transfer mechanism.
YOUR LEGAL RIGHTS
The ONE Group respects your rights in how your personal information is used and shared. Depending on where you live, you may have rights to request access or corrections to your personal information.
European privacy rights. Individuals in the EEA, UK, and Switzerland have certain rights which may be subject to limitations and/or restrictions. These rights include the right to: (i) request access to and rectification or erasure of their personal information; (ii) obtain restriction of processing or to object to processing of their personal information; and (iii) ask for a copy of their personal information to be provided to them, or a third party, in a digital format. If you wish to exercise one of the above-mentioned rights, please send us your request to the contact details set out below. Individuals also have the right to lodge a complaint about the processing of their personal information with their local data protection authority.
State specific privacy rights. Residents of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Virginia, and Utah have additional privacy rights under the California Consumer Privacy Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Delaware Personal Data Privacy Act, the Iowa Data Protection Act, the Montana Consumer Data Privacy Act, the Nebraska Data Privacy Act, New Hampshire Data Privacy Act, the New Jersey Data Protection Act, the Oregon Consumer Privacy Act, the Texas Data Privacy and Security Act, the Utah Consumer Privacy Act, and the Virginia Consumer Data Protection Act, respectively. This information is available at the following link: https://stksteakhouse.com/en-gb/supplemental-state-specific-privacy-notice/
Other inquiries and requests.
If you have an account with us, you may edit your profile information and may also choose to disable your account at any time through your account settings.
If you use mobile apps that collect precise location, you can change preferences on your mobile device to prevent the mobile apps from collecting that information using your device settings.
We also provide the opportunity to opt out of receiving communications from us and our partners at the point where we request information about you. In addition, you may unsubscribe or opt out of receiving communications from us by clicking the unsubscribe link on any email marketing communication you receive
You may also contact us with your personal information inquiries or for assistance in modifying or updating your personal information and to exercise additional applicable statutory rights. We respect the privacy of all individuals and invite you to submit your requests, irrespective of where you reside. Our contact details are provided at the end of this Privacy Notice.
EFFECTIVE DATE AND AMENDMENTS
This Privacy Notice is effective as of the date indicated at the top of this page. This Privacy Notice may be amended from time to time.
HOW TO CONTACT US
If you would like to contact us with questions or concerns about this Privacy Notice, our privacy practices, or would like to exercise your privacy rights, you may contact us via any of the following methods:
Email: [email protected]
Phone: +1 (646) 624-2400
Mailing Address:
Attn: Privacy Officer
STK Steakhouse
1624 Market Street, Suite 311
Denver, CO 80202