A bar owner used a customer’s phone number she provided for Covid tracking and tracing to send a ‘scary’ message telling her she has a ‘very pretty face’.
The woman, who is in her early 20s, visited St. Cana’s home in Cardiff last month.
Owner James Karan sent her to her just before 8:20pm on November 19 while she was still on the premises, having handed over her name and phone number to comply with government rules to track any local spread of Covid.
The owner, who is in his early forties, wrote in the text: “Just so you know you have a super pretty face, so you’re allowed not to wear a mask in the bar. Everyone should wear one.”
The next day, the woman’s partner posted on Facebook a screenshot of the WhatsApp message Mr Karan had sent her.
The woman’s partner wrote on the pub’s Facebook page: «St. Thank you Canna’s Ale House for deleting my review on your page. Last night my partner was a victim of a GDPR breach.
“I went to this establishment, and filled in Track and Trace without thinking of anything.
She proceeded to order a drink at the bar, but the waiter/owner James told her to remove the mask because he apparently couldn’t hear it, but just to let this guy see what she looked like.
«then [he] She took her details from the Track and Trace newspaper and illegally sent her messages.
“Then my partner left the establishment as soon as she received this dreaded text from the owner/manager, scared and worried that anything would happen to her. Thankfully nothing happened.
“After being told of this, I proceeded to text James right away telling him I would continue this and would call the police. He responded with his ‘deep apologies’ and said he wouldn’t take it any further.
«But I think he’s just sorry he got caught doing this. Embarrassing you.»
The client partner also posted screenshots of messages he sent to Mr Karan, accusing him of «absolutely egregious behaviour» and illegal data breach.
Mr. Karan replied: “My deepest apologies. No excuse, but I [sic] So sorry for doing this to you and your girlfriend. I promise it won’t happen again, but may I ask if you won’t take it any further. I am very very sorry.»
On Friday morning, the pub posted a statement on Twitter, which was followed by another apology.
She said: «St Canaan Church has always been known as a safe place to be, but that reputation has been tarnished in recent times.
“To grow and improve for the future, we will launch a series of positive initiatives aimed at re-establishing our reputation for safety and welcoming for all.
This will include: gaining accreditation through the Good Night Out campaign; implementation of the «Safer Spaces» policy; reforming our business practices around the management and prevention of Covid; Support the Women’s Aid Charity throughout 2022, including an initial donation of one full proceeds on Saturday night.
«We cannot change the past but we hope that people will see the actions we have taken, and continue to support this small business as it plays its part in the local community.»
After being criticized for the message’s «negative» wording, the publisher’s Twitter account posted another message later that day saying, «I’m so sorry. I’m sorry to the person I hurt directly by breaching their trust with gdpr and sorry for our community for letting you down.»
«I’m sorry I didn’t say this earlier, I didn’t know what was the best thing to do. I’m so ashamed. Please forgive me.»
«Lector profesional. Jugador galardonado. Aficionado a los zombis. Adicto a las redes sociales. Experto en tocino. Erudito en Internet»