Privacy Notice

Escape Leamington Spa respects and values the privacy of all visitors to our website www.escape-leamingtonspa.co.uk and online booking system (Bookify). We are committed to respecting and protecting your private data and being transparent about what information we collect from you and how we use it.

Our privacy policy applies to your use of our website and online booking system, how we collect and use your personal data and how we ensure your privacy and legal rights are maintained.

Our postal and premises address is: Escape Leamington Spa, 27 Park Street, Leamington Spa, Warwickshire, CV32 4QN

T: 01926 257590

info@escape-leamingtonspa.co.uk

Our website is owned and operated by Escape Leamington Spa, which is a franchise of Escape Game Design, 1 St Colme St, Edinburgh, Scotland, EH3 6AA www.escape-gamedesign.co.uk

Please contact us if you have any questions about our privacy notice or information we hold about you.

Your rights

Under the General Data Protection Regulation you have a number of rights with regards to your personal data, which this policy and our use of your data has been designed to uphold.

You have the right to be informed about our use of your personal data and how we collect it.

Rights in relation to automated processing and profiling - You have the right to object to automated processing and profiling and not be subject to legal effects of this.

• Right of Access - You have the right to request a copy of the personal data that we hold about you. You can contact us using the details above.
• Right of Rectification - You have the right to correct any inaccurate or incomplete data we hold about you.
• Right to Erasure - You have the right to be forgotten and you can ask for the data we hold about you to be erased from our records.
• Right to Restriction of Processing - You have the right to ask us to restrict our processing of your information in certain circumstances.
• Right to Data Portability - You have the right to have the data we hold about you (given to us by you) to be transferred to another business or to you.
• Right to Object to Processing - You have the right to object to certain types of processing of personal data.

You have the right to complain to The Information Commissioner if you are not happy with any aspect of our processing of personal data.  The contact details are:

The Information Commissioner’s Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
www,ico.org.uk
T: 0303  123 1133

Your data

We may collect some or all of the following personal data from you:

• Name, address, telephone numbers, email
• IP Address, web browser type and version, operating system
• Information about your activity on our website.
• Team photos and publicly available information, including any you have shared via social media

How we use your data

All personal data is processed and stored securely within our booking system (Bookify) and emails. We do not keep your personal data longer than necessary in light of the reason for which it was first collected. .

All your personal data will be deleted if we have had no further contact with you in 12 months.

We may keep your data longer than 12 months if we are involved in a legal claim or dispute. In this circumstance we will delete it as soon as our legal obligation is discharged.

We may use your data for the following reasons:

• Providing and managing your access to our booking system (Bookify) and managing your account on there.
• Stripe for payment processing
• Mailchimp/Campaign Monitor for email marketing services
• Communicating with you such as phone calls and emails.
• To provide you with the service you ordered.
• Supplying you with information by email and/or post that you have opted-in to.
• Market research
• Analysing your use of our website and social media platforms to continually improve our service and your user experience.

You will be able to unsubscribe from this use of your data at any time.

Legal Basis

We will only process your data where we have legal basis under the GDPR to do so.

Our use of your personal data will always have legal basis because you have consented to our use of your personal data or we are complying with a legal obligation or it is necessary in pursuit of legitimate interests.

Where our processing of your data is based on our legitimate interests, we will ensure that processing is necessary and will not continue to do so where our interests are over-ridden by yours.

Our legitimate interests include: selling services to customers and potential customers. Handling customer complaints and disputes, queries and enquiries. Understanding our customers’ behaviour, activities and preferences. Improving our service and developing new ones. Marketing and advertising our services.

Storing Your Data

We take appropriate security measures to safeguard your data which is collected via our website and booking system.

We endeavour to keep all of your personal data in the European Economic Area. (All EU member states, plus Norway, Iceland and Leichtenstein) These third countries may not have data protection laws that are as strong as those in the UK and/or EEA. This means that we will take additional steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK.

In limited and necessary circumstances your information may be transferred outside  of the EEA. This will only happen where necessary. If this does happen we will put special protections in place. We will only move data to countries or organisations:

Where the EU Commission has deemed their data protection measures to be adequate or under a contract which enforces the EU Commission approved ‘standard data protection clauses’.

We will never sell, transfer or disclose your personal data to any third party except: We may sometimes contract with trusted service providers to provide goods and services on our behalf. This may include payment processing, delivery of goods, search engine facilities, advertising, marketing and IT systems. This will sometimes necessitate the transfer of your personal data to those trusted services providers.

Where we transfer your data to our trusted service providers we will have confirmed that they will apply data protection and security measures to the same standard we would. We would always impose contractual terms on all of our providers to ensure your data remains secure. In certain circumstances we may be legally required to share your personal data – if we were involved in legal proceedings, where complying with a court order, or government department with legal authority to compel us to do so.

Cookies

We use cookies, like many other websites. Cookies are small text files of information sent by an organisation to your computer or device and stored on your computer or device to allow a website to recognise you when you visit. Cookies help collect statistical data about your browsing actions but should not contain personal data. (Cookie itself is defined as personal data under GDPR).

All cookies used on our website are used in accordance with the current Cookie law.

By giving us your consent, you are allowing us to provide you the best experience of our website. You may refuse consent to cookies although this may cause certain parts of our website to not function correctly. You can alter your browser settings to refuse all cookies.

We use:

Performance cookies – Google Analytics

Performance cookies collect anonymous information about users for the purpose of tracking the performance of a website

Targeting / Advertising cookies – Facebook Pixels

Targeting/Advertising cookies track users’ behaviour, which is then used on a ‘per user’ basis to advertise products and services on the behavioural information gathered.

We may change this privacy policy from time to time (such as law changes or if we change our business in a way that effects personal data protection), Any changes will be posted on our website. This policy was last updated in May 2018. We recommend you check this page regularly to keep up-to-date.