At Vivify we are committed to protecting and respecting your privacy. This policy explains when and why we collect personal information about you; how we use it; the circumstances when we may disclose it to others; and how we keep it secure.
It does not cover third party websites to which we may provide links, nor does it cover advertisers. They may have their own privacy policies and/or terms and conditions of use which you should review and understand separately.
When we use the word ‘you’ or ‘your’ in this policy, it means you as a user of the www.vivifyvenues.com website, or as a person whose details we collect as part of our venue booking process.
The personal data we collect may include:
Identity data – including full name.
Contact data – including email address, home and billing address, email address and telephone number, including mobile.
Profile data – including your account password and past, preferences, current and future bookings information, your Public Liability insurance information, DBS checks if necessary and extra health and safety documents such as a risk assessment.
Transaction data – including the date and time you used our platform, details about all bookings, including whether you are part of an affiliated organisation, your team or group name, the purpose of your booking, how many people will attend your booking, your venue and facility choices and any special requests made.
Technical data - including IP address, browser, device, time zone setting and location, browser plug-in types and versions, operating system and other technology on the devices you use to access our website.
Usage data - including the pages you visited on our website and how long you visited for.
Financial data - we do not store financial data, payment card details are collected, used and stored by our payment processor Stripe. If a BACS refund is requested, we enter your bank details into our Starling bank account who store that data.
Marketing data – including your communication preferences in receiving marketing from us.
We may collect personal data about you from the following sources:
Direct interactions – including when you:
Contact us by telephone, email or livechat.
Fill out an enquiry form.
Make a booking.
Request to be sent marketing communications.
Enter a competition, marketing campaign or complete a survey.
Update your account information by logging in.
Third parties – including from:
A school, college, university, venue or similar organisation that provide us with your personal details as a current customer of theirs, after signing a contract with us to manage their community lettings service. This is in order for us to contact you to set your account up on our platform and enable you to continue your booking.
Analytics providers such as Google Analytics.
Search Engine providers such as Google, Bing and Yahoo.
Advertising networks such as Google and Facebook.
Our payment provider, Stripe such as contact, financial and transaction data.
We will only process your personal data as necessary for the purpose for which it has been collected or for purposes which are compatible with the original purpose. There are various ways in which we may use or process your personal data. Most commonly, we will use your personal data in the following circumstances:
Performance of a contract
To process your booking request.
To register you as a new customer and create your account.
We may use and process your personal data to carry out activities which, as a business, we have a legitimate interest in doing. These include:
To respond to any correspondence that you send to us and to fulfil your requests.
To send you news, updates, marketing material or information which we think may be of interest to you. You have the right to object to us sending you this information at any time.
To enable you to partake in a prize draw, competition or survey.
To monitor, develop and improve the website, our services and your overall experience.
To respond to any feedback or compliant made by or about you. We may contact you via telephone, mail or email.
To deliver relevant site content and advertisements to you and measure the effectiveness of these advertisements.
Whenever we seek to rely on legitimate interests to process your personal data, we will conduct an assessment taking into account:
Whether the processing is necessary for us to achieve a lawful and genuine interest.
The volume and nature of personal data involved.
Whether the processing would be within your reasonable expectations.
Any risk to your fundamental rights and interests which the processing may present.
The safeguards that we have in place to minimise any risk to you.
We may use and process your personal data as necessary to comply with any legal or regulatory obligation to which we are subject.
External Third Parties
We may disclose your information to third party companies or organisations in the UK or European Economic Area who assist us with the provision of our services. For example:
The school, college, University or other venue where your activities will be carried out, so that they know who will be onsite and when. In order to deliver the best service possible, they may need to contact you to discuss your booking or any last minute changes.
Our Content Management System, where we store customer data and communication records.
Our payment processor, Stripe who specialise in secure online capture and processing of credit/debit card transactions to ensure that when you use the online booking service on our website, your card information is collected and held securely.
Our bank, Starling who will store your information securely for any bank transfer refunds requested.
Professional advisors including our lawyers, bankers, auditors and insurers.
Whenever we share your information with third parties, we disclose only the personal information that is necessary for them to deliver the required services and have contracts in place that limit their ability to use your information for purposes other than providing the services and which ensure that they are subject to appropriate security and confidentiality obligations.
The personal data submitted by you and collected by us via the website is encrypted over TLS 1.1 or higher. Personal data is stored in a secure system, only accessible by our employees or data processors with the privileges appropriate to their role.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a booking you have, but we will notify you if this is the case at the time.
Except as otherwise permitted or required by applicable law or regulation, we only retain your personal data for as long as is necessary to fulfil the purposes that we collected it for, as required to satisfy any legal, accounting, or reporting obligations, or as necessary to resolve disputes.
To determine the appropriate retention period for your personal data we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for processing the personal data, whether we can fulfil the purposes of processing by other means and any applicable legal requirements.
If you are a customer who has a booking with us, we will retain your personal data for the duration of the booking and for a period of time after the end of the booking taking into account the limitation periods set out in the Limitation Act 1980.
If we have obtained your personal data following a request by you for information about our services but you do not subsequently book with us, we will hold your personal data for 18 months from the date that you provided it to us.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
You have various rights relating to your personal data, which we have summarised below.
Your right to be informed
Your right of access
Your right to correct your personal data
You have the right to ask us to rectify your personal data if it becomes inaccurate or incomplete.
Your right to erase your personal data
You have the right to ask us to erase your personal data if:
Consent was originally required and you subsequently withdraw your consent to our processing of your personal data.
Your personal data has been processed unlawfully by us.
Your personal data is no longer necessary for the purposes for which we collected it or there is no compelling reason for us to continue processing it.
Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Your right to restrict the processing of your personal data
You have the right to restrict, ‘block’ or suppress further use of your information if:
The accuracy of your personal data is contested.
Your personal data has been processed unlawfully by us, but you do not want to request erasure.
We no longer need your personal data for our original purpose, but it is required to establish, exercise or defend legal rights.
You have requested erasure of your personal data and verification of our grounds for continued processing is pending.
When processing is restricted, we can still store your information but may not use it further. We keep records of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in the future.
Your right to data portability
You have rights to obtain and reuse your personal data for your own purposes in a commonly used machine-readable format, and to have your personal data transferred to another data controller on your request.
Your right to object to processing
You have the right to object, on grounds relating to your situation at any time, to processing of personal data concerning you that is based on us exercising our legitimate interests. If we can show compelling legitimate grounds for processing your personal data which override your interests, rights and freedoms, or we need your personal data to establish, exercise or defend legal claims, we can continue to process it. Otherwise, we must stop using the relevant information. You also can object at any time to use of your personal data for direct marketing purposes.
Your right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
Your right to withdraw consent
If you have given your consent to allow us to process your personal data, you have the right to withdraw your consent at any time (although your withdrawal of consent does not mean the processing of your data up to that point was unlawful). Your rights, as summarised above, are subject to various exceptions. We usually act on requests to provide information within one month from receiving your request. However, if the request is going to take longer to deal with, we will advise you of this.
We may update this policy from time to time and will post any changes on our website at www.vivifyvenues.com. You should check back occasionally and read through it again. For your information, this policy was last updated 22nd January 2021.
Queries relating to this policy
If you have any questions about this policy or if you wish to access your personal data or make a complaint about how we have handled your information, please feel free to contact us at: firstname.lastname@example.org
To update your personal data
If you wish to make any changes to your personal data, you can do this by emailing us or by logging into your account online.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.