Introduction

Welcome to the ETM Group privacy policy.

ETM Group respects your privacy and is committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data, tell you about your privacy rights and how the law protects you.

1. Important information and who we are

Purpose of this privacy policy

This privacy policy aims to give you information on how ETM Group collects and processes your personal data through your use of this website as well as through third parties that we work with.

Our services and website are not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.

Controller

This privacy policy is issued on behalf of the ETM Group Limited so when we mention “ETM Group”, “we”, “us” or “our” in this privacy policy, we are referring to ETM Group Limited. We will let you know which entity will be the controller for your data if it is an entity other than ETM Group Limited. ETM Group Limited is the controller and is responsible for this website.

Our details are below:
ETM Group Limited
10 Queen Street Place,
London,
United Kingdom,
EC4R 1AG
Company number: 05908632
ICO registration number: ZA434225

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.

Contact details

If you have any questions about this privacy policy or our privacy practices, please contact our data privacy manager in the following ways:

Full name of legal entity: ETM Group Limited

Email address: privacy@etmgroup.co.uk

Postal address:
Privacy Team
ETM Group Limited,
40 Clifton Street,
London
EC2A 4DX

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Changes to the privacy policy and your duty to inform us of changes

We keep our privacy policy under regular review. This version was last updated on 17.11.2022.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

2. Your data

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you in different circumstances and for different reasons.

The types of data we process are as follows:

  1. Identity Data includes first name, last name, date of birth.
  2. Contact Data includes email address and telephone numbers.
  3. Payment Data includes bank account and payment card details.
  4. Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  5. Usage Data includes information about how you use our website.
  6. Marketing and Communications Data includes your preferences in receiving marketing from us when you sign-up to receive emails from us.

More details on the circumstances which we process your data and how we handle it are as follows:

3. Lawful Bases

We have set out in a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so in each section where we describe how and when we process your data. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

4. Disclosures of your personal data

Sharing with companies within the ETM Group

Sometimes we will need to share your data with other companies in the ETM group to enable us to provide our services. These companies are:

Entity name Role Company number ICO registration number
ETM Group Limited Group Company

Operating The Botanist Broadgate and The Hat and Tun venues and Head Office

05908632 ZA434225
ETM Concessions Limited Operating Aviary, Burdock, Long Arm Pub, The Jugged Hare, Chiswell Street Dining Room, Marlowe 12210849 ZB407048
ETM Premium Sports Bars Limited Operating Greenwood, Redwood, Westwood, Broadleaf 12444519 ZB374200
The Botanist Sloane Square Limited Operating The Botanist Sloane Square 10046716 ZB374231

Each of these companies is either bound by the terms of this privacy notice or have entered into binding agreements with us to protect and safeguard your personal data.

Sharing with companies outside of the ETM Group

We work with a number of companies that we affiliates of or have partnered with in providing our services. These companies are:

Entity name Role Company number ICO registration number
Maven Leisure Limited Overall management of Maven group companies (listed below) 13278320 ZB407027
Maven Premium Sports Bars Limited Operating the Beechwood, Goldwood and Northwood venues 13457731 ZB374200
Maven Premium Bars and Restaurants Limited Operating the Wagtail venue 13457691 ZB394224

We have entered into binding agreements with these companies to protect and safeguard your personal data. Maven Leisure privacy policy can be viewed here

Sharing with our suppliers and other third-parties

We also work with a number of third-party suppliers, in doing so these third parties may be required to process your personal data in order to provide their services to us or on our behalf. These organisations are required to comply with our data protection policies, must only process personal data in accordance with our instructions and they are not permitted to use your personal data for their own purposes.

Role/Purpose Data Shared Reason for sharing
Wireless Social First name, email address, date of birth, venue Use of Wi-Fi service
The Access Group – Acteol – Atreemo First name, Surname, Phone number, Email, Date of Birth, venue Marketing communications following opt in confirmation
FeedItBack First name, Surname, Phone number, Email, venue, information about the visit Customer feedback survey
The Access Group – DesignMyNight.com First name, Surname, Phone number, Email, venue Booking tables
OpenTable First name, Surname, Phone number, Email, venue Booking tables
Ignite First name, Surname, Email, venue, date of birth Website hosting and contact us details
Your Site Here (Part of DG Group) First name, Surname, Email, venue, date of birth Website hosting and contact us details

We will share your personal data if it is necessary to do so to comply with a legal requirement, such as to HMRC, the Police or to comply with a condition attached to a premises license by a licensing authority.

We will share your personal data if it is necessary to protect our business interests, such as to enforce the terms of a contract, pursue an overdue debt or defend other legal rights.

We may also share your personal data with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

We may share your personal data where there is a legitimate interest to do so, for example, for the detection or prevention of crime, fraud or money laundering; to allow a regulator or ombudsman to investigate a complaint you have submitted to them; or to protect the rights of other people or organisations.

5. International transfers

Some of our external third parties are based outside the UK so their processing of your personal data will involve a transfer of data outside the UK.

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring we only transfer your personal data to third parties based within the European Economic Area (EEA) which has been deemed to provide an adequate level of protection for personal data.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.

6. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any actual or suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

7. Data retention

How long will you use my personal data for?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Details of retention periods for different aspects of your personal data are set out in the table here

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

8. Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with this policy and where this is required or permitted by law.

9. Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. If you wish to exercise any of the rights set out below, please contact us using the details here.

No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

YOUR LEGAL RIGHTS

You have the right to:

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:

  • If you want us to establish the data’s accuracy.
  • Where our use of the data is unlawful but you do not want us to erase it.
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
  • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

BOOKING A TABLE OR CORPORATE EVENT WITH US

  1. By phone or in person:
    1. For reservations by phone or in person we will collect your Identity Data and Contact Data so that we can contact you regarding your booking.
    2. Where you are booking group dining or private events, we will also request information about payment and invoicing details.
  1. Via Open Table or Book a Table (website and app):
    1. You might also use the Open Table, or Book a Table website and applications (we have linked their privacy policies for you here). For each of these the companies, they will take your Identity and Contact Data (usually a tick box) to share your information with us to complete the booking.
    2. They will also ask you if you wish to consent to receiving further information from them as well as us with information regarding special offers and news.
  1. Via Collins (Design My Night) (website and app):
    1. You might also use the Collins (Design My Night) website and application. Collins (Design My Night) will collect your Identity, Contact and Payment Data as required and provide it to us so that we can facilitate your enquiry/booking and so we can contact you regarding your enquiry.
    2. They will also ask you if you wish to consent to receiving further information from them as well as us with information regarding special offers and news.
    3. Please note that we are not responsible for the data held by the above third-party booking platforms. We are only responsible for the information that they pass on to us (your name, email address and phone number) and on the understanding that such information is provided to us further to your request for a booking or enquiry. Please contact them directly and refer to their privacy policies for more information on how they process your personal data.
  1. Corporate Bookings
    1. For corporate bookings we will take the Identity and Contact Data of the person making the booking and information about payment and invoicing details.
    2. The email address of the individual will be added to our corporate register and we will ask you if you wish to consent to receiving further information from us regarding special offers and news.
  1. If you provided consent to receive news and offers from us:
    1. When we send you information regarding our latest news and offers we will always provide you with the option to unsubscribe.
    2. We will only send this information to you until you unsubscribe or if at the end of our retention period you have not interacted with us or any marketing material further (for more info on our retention periods, click here).
    3. We will only use your information for to send you these offers, and news items and we don’t share the information with anyone else.
    4. You can exercise your right to access, rectify, erase, restrict or object to our use of your information in this way, please see our Your Rights section for further information.
  1. Legal Basis for Processing

We rely on the legal basis of legitimate interest to process your personal data when you make a booking with us. The legitimate interest we pursue is to provide a system of booking to our customers and enable us to run our business efficiently.

USING WI-FI IN ONE OF OUR VENUES

  1. How is your personal data collected?
    1. When you use our free Wi-Fi access whilst at one of our venues. We use a company called Wireless Social to provide Wi-Fi and they collect your personal data for us. You are able to log in to use Wireless Social’s system with a social media account such as Facebook or sign up manually using a form.
    2. We will receive personal data about you from Wireless Social as set out below:
      1. Your Identity Data (name and date of birth);
      2. Your Contact Data (email address); and
      3. Information about which of our venues you visited.
  1. Promotional offers from us
    1. When registering to use our Wi-fi, Wireless Social will ask you if you wish to receive news and exclusive offers from us. We will use this information to contact you about our latest news and offers for all venues within the ETM Group and our affiliated venues (for more information on this click here).
    2. We will only send this information to you until you unsubscribe or if at the end of our retention period you have not interacted with us or any marketing material further (for more info on our retention periods, click here).
    3. We will only use your information for to send you our news and latest offers, we may share your information within the ETM Group and with our affiliates venues regarding news and offers in relation to them, we don’t share your information with anyone else.
  1. Legal Basis for Processing
    1. We rely on the following legal bases to process your data when you use our Wi-Fi and want to receive information about our latest news, promotional offers as well as when we make suggestions and recommendations to you about our venues:
      1. We process your data in order to provide Wi-Fi services to our customers and to send marketing information to people who consent to receive it.
      2. We may also send marketing to customers who, when informed that we want to do so, choose not to opt out (soft opt-in).

PROVIDING US WITH FEEDBACK

  1. How is your personal data collected and processed?
    1. When you visit one of our venues and provide us with your personal data for example by using our free Wi-Fi service (click here to learn more about what information this includes), a company called Feed It Back may contact you on our behalf after your visit to invite you to send us feedback about your recent visit.
    2. All feedback provided by you is collected by Feed It Back, a research company commissioned to collect this information on ETM Group’s behalf. All information collected by Feed It Back will be shared with us.
    3. You can also contact us directly with any queries, complaints or compliments via info@etmgroup.co.uk. In dealing with any queries you may have we may need you to provide personal data to us in order for us to assist. Any personal data provided will be processed in accordance with this privacy policy.
  1. Legal Basis for Processing

We rely on the following legal basis of legitimate interest to process your data when you provide us with feedback, the legitimate interest we are pursuing is for us to receive and analyse customer feedback in order to improve our services.

USING OUR WEBSITE

  1. The data we collect about you
  • We may collect, use, store and transfer your personal data when you visit our website (etmgroup.co.uk) which we have grouped together as follows:
    1. Identity Data;
    2. Contact Data;
    3. Technical Data;
    4. Usage Data; and
    5. Marketing and Communications Data.
  1. How is your personal data collected?
  • We use different methods to collect data from and about you including through:
    1. Direct interactions. You may give us your Identity and Contact Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you sign-up to receive marketing from us.
    2. Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies.
  1. How we use your personal data
    1. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
    2. Generally, we do not rely on consent as a legal basis for processing your personal data when collected through your use of our website. Although, we will get your consent before sending marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us.
  1. Marketing
    1. We will use your personal data to send you updates by email about our venues including exclusive offers, and promotions. We do this using the Identity data and Contact data you provide to us when signing up to our news and offers via our website.
    2. We rely on you providing your consent for us to use your personal data for marketing purposes. If we change our marketing approach in the future, we will update you separately and clearly.
    3. You have the right to opt out of receiving marketing communications at any time by:
      1. contacting us at etmgroup.co.uk/contact-us; or
      2. using the ‘unsubscribe’ link in emails.
    4. We may ask you to confirm or update your marketing preferences if there are changes in the law, regulation, or the structure of our business.
  1. Third-party marketing
    1. We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
    2. This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
  1. Legal Basis for Processing
    1. We rely on the legal basis of legitimate interest when we process your data when you use our website, the legitimate interests we are pursuing include:
      1. to study how customers use our website, to develop and grow our business and to inform our marketing strategy; and
      2. to define types of customers for our venues, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.

CAPTURED ON ANY OF OUR CCTV CAMERAS

  1. If you appear on any of our CCTV cameras
    1. We use CCTV technology in our venues to help keep our customers and staff safe and to help us investigate any potentially criminal or unsafe incidents which occur. We are obligated to maintain a CCTV system under the terms of our premises licence.
    2. Where we have placed CCTV cameras this is to assist in the safety of our customers and staff. Signs will be displayed to show when this is in use and will also display our contact number for any enquiries.
    3. If you have any questions in relation to our collection of personal data via our CCTV system, please contact us.
  1. Legal Basis for Processing
    1. We rely on the following legal bases when we record CCTV images when you visit one of our venues:
      1. We may be required to do so by a licensing authority (legal obligation); and
      2. We choose to do so for the safety of our customers and staff (legitimate interest).

OTHER WAYS WE COLLECT YOUR DATA

Other than in the circumstances and the ways set out in elsewhere in our privacy policy, we will also process your personal data in the following ways:

  1. To verify your age – We are required by law to ensure we do not sell alcohol to anyone under the age of 18 so we must carry out age checks as and when they are necessary.

We process this data to satisfy our legal obligation to not sell alcohol to anyone under the age of 18. Also, it is in our legitimate interests to ensure that we do not market alcohol to anyone under the age of 18.

  1. When we hold competitions, special events and prize draws at our venues – In order to hold these events, we will need to collect and store your Identity Data (name and date of birth) as well as your Contact Data (email address) so we can identify and contact you regarding these events and ensure we fulfil our obligations under the contract (in relation to the relevant event) with you.

We process data to set up the contract, provide the services to you and notify you of any important changes to them.

  1. When we record promotional videos or interviews or take photos – We may from time to time take photos or record videos at our venues for marketing purposes. This content may include the images of our customers, but we will only use this personal data if we have first obtained your permission.

We only record promotional videos or take photos of people that consent to it. If you change your mind, you may withdraw your consent at any time by contacting us.

APPLYING FOR A JOB OR ARE EMPLOYED BY US

  1. If you apply for a job with us
    1. In connection with your application for work with us, we will collect, store, and use the following categories of personal information about you:
      1. The information you have provided to us in your curriculum vitae and covering letter.
      2. The information you have provided on our application form, including name, title, address, telephone number, personal email address, date of birth, gender, employment history, qualifications.
      3. Any information you provide to us during an interview.
    1. We may also collect, store and use the following types of more sensitive personal information:
      1. Information about your race or ethnicity, religious beliefs and sexual orientation.
      2. Information about your health, including any medical condition, health and sickness records.
      3. Information about criminal convictions and offences.
    1. Where do we collect your personal data from:
      1. You, the candidate.
      2. recruitment agencies.
      3. background check provider.
      4. Disclosure and Barring Service in respect of criminal convictions.
      5. Your named referees.
    1. We will use the personal information we collect about you to:
      1. Assess your skills, qualifications, and suitability for the role.
      2. Carry out background and reference checks, where applicable.
      3. Communicate with you about the recruitment process.
      4. Keep records related to our hiring processes.
      5. Comply with legal or regulatory requirements.
    1. We will use your particularly sensitive personal information in the following ways:
      1. We will use information about your disability status to consider whether we need to provide appropriate adjustments during the recruitment process, for example whether adjustments need to be made during an interview.
      2. We will use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation, to ensure meaningful equal opportunity monitoring and reporting.
    1. It is in our legitimate interests to decide whether to appoint you to a role since it would be beneficial to our business to appoint someone to that role.
    2. We also need to process your personal information to decide whether to enter into a contract of employment with you.
    3. In certain circumstances, we will collect information about your criminal convictions history if we would like to offer you the role (conditional on checks and any other conditions, such as references, being satisfactory). We are sometimes required to carry out a criminal records check in order to satisfy ourselves that there is nothing in your criminal convictions history which makes you unsuitable for the role. We may be legally required the Home Office (or other relevant alcohol licensing authority) to carry out criminal record checks for those carrying out role.
  1. If you are employed by us
    1. This notice applies to current and former employees, workers and contractors. This notice does not form part of any contract of employment or other contract to provide services. We may update this notice at any time but if we do so, we will provide you with an updated copy of this notice as soon as reasonably practical.
    2. We will collect, store and use the following categories of personal information about you:
      1. Personal contact details such as name, title, addresses, telephone numbers and personal email addresses.
      2. Date of birth.
      3. Gender.
      4. Marital status and dependants.
      5. Next of kin and emergency contact information.
      6. National Insurance number.
      7. Bank account details, payroll records and tax status information.
      8. Salary, annual leave, pension and benefits information.
      9. Start date and, if different, the date of your continuous employment.
      10. Leaving date and your reason for leaving.
      11. Location of employment or workplace.
      12. Copy of driving licence.
      13. Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process).
      14. Employment records (including job titles, work history, working hours, holidays, training records and professional memberships).
      15. Compensation history.
      16. Performance information.
      17. Disciplinary and grievance information.
      18. CCTV footage and other information obtained through electronic means such as swipe card records.
      19. Information about your use of our information and communications systems.
      20. Photographs.
      21. Results of HMRC employment status check, details of your interest in and connection with the intermediary through which your services are supplied.
    1. We may also collect, store and use the following more sensitive types of personal information:
      1. Information about your race or ethnicity, religious beliefs, sexual orientation, and political opinions.
      2. Information about your health, including any medical condition and sickness records, including:
        1. details of any absences (other than holidays) from work including time on statutory parental leave and sick leave; and
        2. where you leave employment and the reason for leaving is related to your health, information about that condition needed for pensions.
      3. Information about criminal convictions and offences.
    1. We collect personal information about employees, workers and contractors through the application and recruitment process, either directly from candidates or sometimes from an employment agency or background check provider. We may sometimes collect additional information from third parties including former employers, credit reference agencies or other background check agencies.
    2. We will collect additional personal information in the course of job-related activities throughout the period of you working for us.
    3. How we will use information about you: We need all the categories of information in the list above primarily to allow us to perform our contract with you and to enable us to comply with legal obligations. In some cases we may use your personal information to pursue legitimate interests, provided your interests and fundamental rights do not override those interests. The situations in which we will process your personal information are listed below. Please contact us for more information on which legal bases we rely on when processing your data.
    4. When will we use sensitive personal information: In general, we will not process particularly sensitive personal information about you unless it is necessary for performing or exercising obligations or rights in connection with employment. On rare occasions, there may be other reasons for processing, such as it is in the public interest to do so. The situations in which we will process your particularly sensitive personal information are listed below.
      1. We will use information about your physical or mental health, or disability status, to:
      2. ensure your health and safety in the workplace;
      3. assess your fitness to work;
      4. provide appropriate workplace adjustments;
      5. monitor and manage sickness absence; and
      6. administer benefits including statutory maternity pay, statutory sick pay, and pensions.
      7. We need to process this information to exercise rights and perform obligations in connection with your employment.
      8. If we reasonably believe that you or another person are at risk of harm and the processing is necessary to protect you or them from physical, mental or emotional harm or to protect physical, mental or emotional well-being.
      9. We will use information about your race or national or ethnic origin, religious, philosophical or moral beliefs, or your sexual life or sexual orientation to ensure meaningful equal opportunity monitoring and reporting.
    1. Criminal convictions: We will only collect information about criminal convictions if it is appropriate given the nature of the role and where we are legally able to do so. Where appropriate, we will collect information about criminal convictions as part of the recruitment process or we may be notified of such information directly by you in the course of you working for us.

OUR RETENTION PERIODS

Information we collect We keep this for
To make a booking Indefinitely, unless you exercise your rights of erasure
To conduct customer surveys and receive customer feedback 6 months, after which the data is hashed and anonymised
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you 12 months, after which the data is hashed and anonymised
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences 12 months, after which the data is hashed and anonymised
To contact you about the latest news, promotions and events as well as make suggestions and recommendations to you about our venues. 3 years, after which the data is hashed and anonymised
To record CCTV images At least 39 days but no longer than 60 days from the date of recording, we may retain this data longer if required to do so as a result of an investigation or claim or if we are required to do so by the licensing authority
To verify your age No information retained or recorded unless otherwise needed for another purpose in this policy.
To provide competitions, special events and prize draws 3 years, after which the data is hashed and anonymised
To record promotional videos or take photos Indefinitely, unless you withdraw your consent and request us to remove the content
When you apply for a job with us 12 months, after which it is erased
When you are employed by us or otherwise work for us 6 years, after which it is erased

Return to home page