Privacy Policy

Privacy Policy 2018

The Panic Room Escape Ltd privacy policy sets out to respect and protect the privacy of all personal data. The following privacy policy contains important information on who The Panic Room Escape Ltd are and why we collect, process, store, use and share your personal data. In addition, we explain your rights to your own personal data and how to contact us or relevant supervisory authorities should you need to raise any complaint.

Use of your personal data is subject to your instructions to us, the EU General Data Protection Regulation (GDPR) and other relevant EU and UK Legislation.

1. KEY TERMS

(i) The Panic Room, We, Us, Our The Panic Room Escape Ltd

(ii) Data Protection Officer Alexander William Souter

The Panic Room Escape Ltd 7 Berkley Crescent Gravesend Kent DA12 Dontpanic@

2AH

thepanicroom.net 01474 536801

(iii) Personal Data Any information which can formally or informally

identify any living person

(iv) Sensitive Personal Data Personal information revealing any or all of the

following: Racial or ethnic origin, religious beliefs, political beliefs, philosophical opinions and trade union membership. Genetic and biometric data Health, sexual orientation or sex life.

2. YOUR PERSONAL DATA COLLECTED BY US

Personal data we may collect from customers: Name, address, telephone number, email address, information enabling us to verify your identity.

Personal data we may collect from our employees or suppliers: Name, address, telephone number, email address, information enabling us to verify your identity, information relating to the matter in which you are seeking our representation or advice, information to undertake credit or other checks e.g. passport or driving license details and financial details relating to your instructions including: National insurance number, bank and building society details, tax details, employment status, salary and benefits, employment records including sickness attendance, performance, disciplinary, conduct and grievances, pension details, trade union membership, medical records, racial or ethnic origin, gender and sexual orientation, religious or similar beliefs and other personal identifying information.

This personal data may be required – only should it be relevant – to provide services to you. If you do not provide personal data requested by us, it may delay or prevent us providing services to you.

3. HOW PERSONAL DATA IS COLLECTED

We collect the majority of personal information from you directly. We may also use other sources such as:

Companies House From a third party with your consent (e.g. banks, financial advisor, professionals engaged in your matter, employers, professional bodies, pension administrators, NHS professionals, your referees and guarantors, credit reference agents). Automated monitoring and analytics or our website and other IT systems, and our website.

4. COOKIES

The Panic Room Escape Ltd website uses cookies to run content management and to collect anomalous visitor data. Cookies are part of modern day websites. They help distinguish visitors to a website and its traffic. The Panic Room uses cookies on its website and also employ Google Analytic Cookies and Facebook Pixel. .

If you are uncomfortable with the use of cookies, most browsers now permit users to opt-out/block them. By opting out/blocking however, you may not be able to access certain sections of a website or its functionality may be impaired.

Brower settings can be changed by you to automatically opt-out/block cookies. To prevent all cookies, you may need to install The Goole Analytics Opt-Out Browser Add-On.

5. YOUR PERSONAL DATA: HOW AND WHY WE USE IT

Your personal data can only be processed (i.e. taken/stored) if we have a proper reason to do so;

Legitimate Interest: The Panic Room Escape LTD have a legitimate interest in storing your personal data or those of a third party where we have a commercial or business reason to do so, so long as this is not overridden by your own rights and interests.

Consent: where you have given consent.

Personal data may be used for the following reasons:

To provide our booking services and sell experiences and gift vouchers

To contact you regarding news, offers and information regarding The Panic Room Escape Ltd.

For internal business reasons to ensure company policies and procedures are adhered to including staff training and quality control. To ensure the commercial confidentiality of sensitive and valuable information including intellectual property. To prevent unauthorised access and modifications to systems including prevention of criminal activity damaging to you and us. To ensure safe working practises as compliant with statutory and non-statutory procedures for health and safety at work reasons. To market our services to existing and former clients, third parties who have shown interest in our services and to third parties as of, yet we have had no dealings. To enter into/maintain/update/change and/or claim for our or our insurances as required under these specific policies.

The above list is an example of but not exhaustive of the many reasons why personal data may be processed including secure storage. Personal explicit data will only be processed by us, however, with your consent.

6. MARKETING AND PROMOTION

We may use your personal data to send you an email about our services including offers, promotions, new services or legal or other relevant updates.

It is under a legitimate interest we process your personal data for promotional purposes. However, where consent is needed e.g. electronic marketing communications, this we will obtain first.

No personal data will be sold to any third party for marketing purposes, and no third party will be sent your personal information unless a legitimate, consensual or contractual obligation exists.

You have a right to opt out of receiving promotional communications at an time by telephoning us on (01474) 536801 or emailing us at dontpanic@thepanicroom.net . If you instruct us to provide further services in the future, we may ask you to confirm or update your marketing preferences at this time.

7. YOUR PERONAL DATA: WHO WE MAY SHARE IT WITH

We may routinely share personal data with:

Our IT/telephone providers. Our banks . Our accountants and auditors. Third parties necessary to carry out your instructions External service providers, representatives and agents that we use to make our business more efficient, e.g. IT analytics, IT service providers, payment processors

We will only allow our service providers to handle our personal data should we be satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to you.

8. WHERE YOUR PERSONAL DATA IS HELD

Information may be held at our offices or on the following customer service/business related companies secure servers:
Bookify
Mailchimp

Escape Games Global
Stripe
iZettle

Zendesk
 

9. YOUR PERSONAL DATA: HOW LONG DO WE HOLD IT FOR

We may keep your personal data after your booking is completed, because:

We may need to respond to any questions, complaints or claims made by you or on your behalf. We may need to carry out checks for conflicts of interest in the future. We may need to demonstrate we treated you fairly. We may need to keep records as required by law.

Your personal data will not be stored for longer than is necessary. Different retention periods apply to different data sets. You can request information on how long data will be held specific to the matter in hand.

10. PERSONAL DATA TRANSFERING OUT OF THE EUROPEAN ECONOMIC AREA (EEA)

To deliver services to you, sometimes it will be necessary to share your personal data outside the EEA e.g. with your service providers outside the EEA/if you are based outside the EEA/where there is an international dimension to the matter in which we are advising you. In this instance, we will however ensure that transfer of your personal data only happens with countries deemed to provide adequate protection and security as defined by The European Commission.

11. YOUR RIGHTS

You have the following rights which you can exercise free of charge:

Access: the right to be provided with a copy of your personal data. Rectification: The right to require us to correct any mistakes in your personal data. Deletion: The right to require us to delete your personal data in specific situations. Restriction of Processing: The right to require us to restrict processing of your personal data in certain circumstances e.g. if you contest the accuracy of the data. Data Portability: The right to receive the personal data you provided to us and to transmit this data to a third party in certain circumstances. Objection: The right to object at any time to your personal data being processed for direct marketing or in other certain situations to Sealeys continued processing of your personal data e.g. processing carried out for the purposes to legitimate interests.

For further information on these rights please see the guidance form The UK Commissioners Office on individuals rights under the General Data Protection Regulation: http://ico.org.uk/for- organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

To exercise these rights with The Panic Room,. please call us on 0147 536801 or email us at dontpanic@thepanicroom.net . Please ensure we have sufficient information to identify you, let us have proof of your identity e.g. passport, photo driving license.

and let us know which right you want to exercise and the relevant information to which your request relates.

You will not have to pay a fee to access your personal data or exercise any of these rights, however, we reserve our right to charge a fee should the request be clearly unfounded, repetitive or excessive. Alternatively, you may refuse to comply with your request in these circumstances.

We will try to respond to all legitimate requests within one month. Occasionally, it may take us longer than one month in which case we will keep you updated.

12. PERSONAL DATA SECURITY

We employ appropriate security measures to prevent personal data from being accidentally lost or used and accessed unlawfully. All with a genuine business need to access data will do so only in an authorised manner and be subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

13. HOW TO COMPLAIN

GDPR gives you the right to lodge a complaint with the supervisory authority which is The Information Commissioner: http://ico.org.uk/concerns or telephone (0303) 123 1113.

14. PRIVACY POLICY CHANGES

Any policy changes to The Panic Room Escape Ltd Privacy Policy will be notified to you, prior to changes coming into effect, by email at the email address you provided.

15. HOW TO CONTACT US

Please contact us or our data protection officer (Alexander Souter) by post, email or telephone if you have any questions relating to The Panic Room Escape Ltd.

The Panic Room Escape Ltd. 7 Berkley Crescent Da12 2AH www.thepanicroom.net dontpanic@thepanicroom.net 01474 536801