- Who we are
- Our website
- Our collection and use of your personal information
- Our legal basis for processing your personal information
- Further information—the personal information we collect, when and how we use it
- Who we share your personal information with
- Whether information has to be provided by you, and if so why
- Data retention
- International transfers of your personal information
- Cookies and similar technologies
- Your rights
- Keeping your personal information secure
- How to complain
- How to contact us
- Do you need extra help?
Who we are
This website is operated by Prime Pass Events Ltd trading as Prime Pass. We are an events management platform connecting participants with upcoming high-quality events across London and the United Kingdom and for more information see https://www.prime-pass.co.uk/ which will take you to our home page.
We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the UK General Data Protection Regulation (including the Data Protection Act 2018) which applies across the United Kingdom and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
Throughout our website we may link to other websites owned and operated by certain trusted third parties such as our Prime Pass Partners to make additional products and services available to you. These other third-party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third-party websites, please consult their privacy policies as appropriate.
Our collection and use of your personal information
We collect personal information about you when you access our website, register with us, contact us, send us feedback, purchase products or services via our website, post material to our website and complete customer surveys or participate in competitions via our website.
We collect this personal information from you either directly, such as when you register with us, contact us or purchase products or services via our website or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).
We also collect personal information about you from other sources as follows:
- Personal information from Facebook, Instagram and YouTube.
The personal information we collect about you depends on the particular activities carried out through our website or as above. This information includes:
- your name, address and contact details
- date of birth
- bank account and payment details
- details of any feedback you give us by phone, email, post or via social media
- information about the services we provide to you
- your account details, such as username, login details
We use this personal information to:
- create and manage your account with us
- verify your identity (including related aspects such as age verification for products which contain alcohol)
- provide goods and services to you
- customise our website and its content to your particular preferences
- notify you of any changes to our website or to our services that may affect you
- improve our services
This website is not intended for use by children, and we do not knowingly collect or use personal information relating to children.
Our legal basis for processing your personal information
When we use your personal information, we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include:
- consent: where you have given us clear consent for us to process your personal information for a specific purpose
- contract: where our use of your personal information is necessary for a contract, we have with you, or because you have asked us to take specific steps before entering into a contract
- legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations)
- legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information, which overrides our legitimate interests)
Further information—the personal information we collect, when and how we use it
For further details on when we collect personal information, what we collect as well as how we use it, please read the following sections:
|When information is collected||What information we ask for||How and why we use your information|
|When you register with us||Contact details: your name, email address, telephone number||We ask for this:
— to create and manage your account with us
— to communicate with you about your account
— to maintain a membership database and offer you benefits, good and services
We rely on performance of a contract with you as the lawful basis for collecting and using your personal information.
Our legitimate interests are to develop our products/services and grow our business.
We will keep this information until:
— you close your account with us
— we close your account
Who we share your personal information with
We routinely share your name, contact details and delivery address details with our third-party suppliers such as Huboo (https://www.huboo.co.uk). We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party suppliers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
This data sharing enables them to despatch the goods you ordered directly to you.
We will share personal information with law enforcement or other authorities if required by applicable law.
We do not sell your personal data to any third party.
Whether information has to be provided by you, and if so why
We require you to provide your name, address, delivery address and exceptionally sensitive personal information such as allergy information to enable us to ensure your health and safety in relation to the goods and/or services delivered to you. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.
We take care to ensure the security of your personal data in use, storage and transmission and that it is only accessed by verified persons who have the necessary authority. All of our people who have access to your personal data are obliged to respect the confidentiality of this information and we deliver training to make sure this happens.
Any payment transactions will be encrypted using SSL technology.
We have in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, financial, or reporting requirements.
In general, unless still required in connection with the purpose(s) for which it was collected and/or is processed, we remove your personal data from our records usually once a transaction is completed unless different retention periods apply.
Where we anonymise your personal data (so that it can no longer be associated with you) we may use this information for research or statistical purposes indefinitely without further notice to you.
If you request to receive no further contact from us, we will keep some basic information about you to comply with your request and avoid sending you unwanted materials in the future.
International transfers of your personal information
From 1 January 2021, the UK is considered a ‘third country’ by the EU for data protection purposes.
International transfers must be given additional safeguards. This is on top of the existing measures we have in place for international transfers outside of the European Economic Area (EEA).
Data transfers from us to EEA countries
We can still send personal data to the EU/EEA, Gibraltar and other countries deemed “adequate” by the EU. They have adequate protection by the UK Government under the new arrangements. We will always do so securely in accordance with UK GDPR principles.
Data transfers to us from EEA countries
Because the UK is currently deemed a ‘third country’, the EU require additional protection when transferring personal data to the UK.
We use the Standard Contractual Clauses to make sure that data transfers are secure and lawful. These are EU approved terms to facilitate the continued exchange of personal data.
Data transfers from the CIPD to countries outside the EEA
Some of our applications, services and products use service providers outside of the EEA so their processing of your personal data will involve a transfer of data outside the UK. We may have to transfer some of your data to these providers so you can use our website and products.
Appropriate measures and controls (including technical) are in place to protect the transfer of your data.
Transfer of data is made in accordance with the requirements of Regulations (EU) 2016/679 (GDPR) and may be based on the use of the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA.
If you do not want your data to be transferred outside the EEA you should not use our website or products or services. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Cookies and other tracking technologies
We would like to send you information about our products and services, competitions, and special offers, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call.
We would also like to share your information with selected Prime Pass Partners so that they may send you information about their products and/or services, depending on what you agree with us.
We will only ask whether you would like us and other businesses to send you marketing messages when you tick the relevant boxes when you complete our online order form for the first time.
If you have previously agreed to being contacted in this way, you can unsubscribe at any time by:
—contacting us at firstname.lastname@example.org—using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts
It may take up to 21 days for this to take place.
For more information on your rights in relation to marketing, see ‘Your rights’ below.
Under the UK General Data Protection Regulation, you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email, call or write to us,
- let us have enough information to identify you (account number, user name, registration details),
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- let us know the information to which your request relates including any account or reference numbers, if you have them.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority (www.ico.org.uk) if you think your data protection rights have been breached by us. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. The ICO may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
How to contact us
If you wish to contact us, please send an email to email@example.com, write to 6th Floor Amp House, Dingwall Road, Croydon, England, CR0 2LX or call 02031373340.
Do you need extra help?