The Teepover Club
This notice is provided by The Teepover Club (Franchising) Ltd but it applies to your relationship with our The Teepover Club franchisees, and "The Teepover Club" therefore applies to whichever franchisee you provide your personal data.
The Teepover Club (“we”, “us”, “our”) is a “Controller” under the General Data Protection Regulation ((EU) 2016/679) (“GDPR“) in respect of certain Personal Data you give to us. This Privacy Notice is intended to help you understand what Personal Data The Teepover Club collects about you, why we collect it, and what we do with it.
What is Personal Data?
“Personal Data” is any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier such as a user IP addresses or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person and includes Special Categories of Personal Data;
Personal Data Collected and Processed
Most of the personal information we process is provided to us directly by you. When you book a sleepover party with The Teepover Club, we ask you to fill out a Booking Form to enable us to fulfil your booking. The booking form requires the following personal information, along with the requirements of your booking (non-personal information): Name, Address, Email Address, Phone Number and where applicable name of Lead Child and other guests attending.
From time to time, we also receive personal information indirectly, from the following sources in the following scenarios:
Referrals from other sleepover suppliers who may be unable to fulfil your booking
Referrals from existing customers or suppliers
In both cases listed above, we will only take your personal details when we have received confirmation that you have explicitly agreed to the sharing of your data in this manner
Technical Data Collected
When you visit The Teepover Club website, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. This non-personal data comprises information that cannot be used to identify or contact you, such as demographic information regarding, for example, user IP addresses where they have been clipped or anonymised, browser types and other anonymous statistical data involving the use of our website.
Purposes for which we hold your Personal Data
The Personal Data that is referred to above will be processed for the purposes of:
Processing your party booking and keeping you updated on your enquiry or booking
Fulfilling your booking
Contacting you if there is a query regarding your event or booking
Contacting you in relation to social media and/or website reviews
Providing you with information about events, special offers and news where you do not object to receiving such information
Sharing with third parties used to process payments who are under also strict obligation to ensure your personal information is kept private
Complying with our legal obligations
OUR LEGAL BASIS FOR COLLECTING AND USING THIS INFORMATION IN ACCORDANCE WITH THE PROVISIONS OF THIS DATA PRIVACY NOTICE IS:
·That it is necessary for the performance of a contract with you
·That it is in our legitimate interest to do so; or
·That you have provided consent to us for the use of your Personal Data
Where you have provided consent for the use of your Personal Data, you can withdraw it at any time by informing firstname.lastname@example.org however, this will not affect the lawfulness of processing which was carried out based on your consent prior to its withdrawal.
Disclosure of your Personal Data to third parties
We will not trade, rent or sell your personal details with third parties. We may disclose your Personal Data to various recipients in connection with the above purposes, including:
Any The Teepover Club (Franchising) Ltd service providers, sub-contractors or agents that we may appoint to perform functions on our behalf and in accordance with our instructions (for example but not limited to balloon suppliers, Character Visits)
Payment providers, event ticketing providers, email communication providers, IT service providers, accountants, auditors, and lawyers.
To comply with any applicable law or regulation, a summons, search warrant, court or regulatory order, or other statutory requirement.
How we secure your Personal Data
We have taken measures to protect the security of your personal information. We limit access to your personal information to those employees, contractors and other third parties who have a business need to know such information to perform their job duties and responsibilities.
Where your personal information is shared with third parties, we require all third parties to take appropriate technical and organisational security measures to protect your personal information and to treat it subject to a duty of confidentiality and in accordance with data protection law. We only allow them to process your personal information for specified purposes and in accordance with our written instructions and we do not allow them to use your personal information for their own purposes.
We also have in place procedures to deal with a suspected data security breach and we will notify the Information Commissioner’s Office and you of a suspected breach where we are legally required to do so.
As you use this website, technical details in connection with visits to this website are logged by our internet service provider for statistical purposes. No information is collected that could be used by us to identify website visitors. The technical details logged are confined to the following items:
The IP address of the user’s webserver
The top-level domain name used (for example .ie, .com, .net, .biz)
The previous website address from which the user reached us, including any search criteria used
Click screen data which shows the traffic of users around this website (for example pages accessed and documents downloaded)
The type of web browser used by the website user
Transfers of personal data outside the European Union
In order for the purposes outlined and particularly for technical support, from time to time, we might have to transfer your Personal Data outside the European Economic Area (EEA) to a country that has not been confirmed by the European Commission to provide an adequate level of protection for Personal Data.
What this means is that, where we do not have the assurance of the destination for your data having been subject to a review by the European Commission, we will use other approved controls to ensure we can protect your data adequately and to ensure that those third parties who may process your personal data on our behalf meet the highest standards of privacy practices and comply with applicable data protection law.
You have the following rights, in certain circumstances and subject to certain restrictions, in relation to your Personal Data:
RIGHT OF ACCESS: The right to access your Personal Data
RIGHT TO RECTIFICATION: The right to request the rectification and/or erasure of your Personal Data in certain circumstances
RIGHT TO ERASURE (‘RIGHT TO BE FORGOTTEN’): The right to be forgotten in certain circumstances
RIGHT TO RESTRICTION OF PROCESSING: The right to restrict the use of your Personal Data in certain circumstances
RIGHT TO OBJECT: The right to object to the processing of your Personal Data
RIGHT TO DATA PORTABILITY: The right to receive your Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller, in certain circumstances
In addition to these rights, you also have the right to lodge a complaint with the ICO, and the right to pursue a remedy through the Courts if we fail to meet the required standards of data protection.
How you can exercise your rights
In order to execute any of the rights set out above, please contact us at email@example.com.
How long we retain your Personal Data
We will not hold your Personal Data for longer than is necessary. We retain your Personal Data for as long as we need it for the purposes described in this Privacy Notice (including but not limited to section 5 (Disclosure of your Personal Data to third parties), or to comply with any applicable statutory requirement.
Changes to this Privacy Notice and our Policies
We reserve the right to make changes to this Privacy Notice at any time without prior consultation. Any changes to this Privacy Notice will be posted on the The Teepover Club website so that you are always aware of what Personal Data we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use Personal Data in a manner significantly different from that stated in this Privacy Notice, or otherwise disclosed to you at the time it was collected, we will notify you by e-mail.
Questions and Complaints
If you have any questions regarding this Privacy Notice, you can contact us using firstname.lastname@example.org