1. What is this Notice About & Why Should You Read It?
We are committed to safeguarding the privacy of persons for whom we process personal data. In this privacy notice we explain how we will treat personal data processed by us, in accordance with data protection legislation.
This Privacy Notice applies to the Book Me At solely.
2. What Types of Personal Data Do We Process and What are the Purposes of the Processing?
We receive personal information (“data”) from organisations who sign up to Book Me At. We also receive personal information (“data”) from the customers of our organisations who use Book Me At.
We are the data controller for “data” provided by organisations who use Book Me At (our “customer”).
We are the data processor for “data” provided by customers of organisations who use Book Me At (“visitors”).
We process the following types and categories of personal data:
- Data from Organisations who sign up to Book Me At
- ID numbers, titles, forenames, surnames, dates of birth, e-mail addresses, telephone numbers, usernames, passwords, job role, and business name
- Data from Customers of Organisations who use Book Me
- ID numbers, titles, forenames, surnames, dates of birth, e-mail addresses, telephone numbers, usernames and passwords
- Personal data obtained through the usage of Cookies on our website – for more information, please view our Cookie Notice.
- Personal data enabling us to administer our website and ensure that our website is presented in the most effective manner for you, such as IP address, geographical location, browser types and version, operating system, referral source, length of visit, page views and website navigation paths.
From time to time we may process special category data about people. We will only process special category personal data when allowed to do so by law, including where you have given us consent to do so, where it is necessary in order to enable us to carry out our obligations and specific rights in the field of employment, social security and social protection law, in order to protect a person’s vital interests, or if the data has already manifestly been made public by you. We may also process this type of data to establish, exercise or defend a legal claim. There are certain other exceptions which exist in law, and we reserve the right to rely on these exceptions, if and when required, but do not envisage such processing of special category personal data taking place within our organisation.
We will only process personal data which is adequate, relevant and limited to what is necessary for the processing purposes.
3. Where Do We Obtain Your Personal Data From?
3.1 Data Which We Collect From You Directly
The majority of the personal data which we process is obtained from the customer themselves.
3.2 Data Which We May Obtain From Others
We routinely receive or process personal data about you from organisations who have signed up to Book Me At. We process such personal data in accordance with the law.
Please note that if you are disclosing personal data regarding another person to us, you must first obtain that person’s consent for both the disclosure and the processing by us of that personal data, unless another lawful basis exists for such a disclosure, such as a legal obligation. You are responsible for ensuring that you are authorised to disclose any such data to us.
4. What Lawful Bases Do We Have For Processing Your Personal Data?
We process your personal data on a number of lawful bases, but primarily based on our legitimate interests, namely the provision of Book Me At, which is a universal booking system for organisations.
We reserve the right to process personal data additionally on the following lawful bases:
- The performance of contract, or to enter into pre-contractual negotiations;
- In order for us to comply with a legal obligation imposed upon us;
- In order for us to protect your vital interests or those of another person
- With your consent. Where the lawful basis for our processing your personal data is consent, you have the right to withdraw your consent at any time.
5. What Rights Do You Have?
You have certain rights under data protection legislation, which you can generally exercise in respect of the data which we process about you by contacting us.
- Right of access – you can request a copy of the information that we hold about you
- Right to rectification – you can ask us to correct any personal data which we hold about you if you think that it is inaccurate or incomplete. Please note that you are responsible for letting us know if the personal data which we hold about you needs to be corrected or updated.
- Right to be forgotten – in certain circumstances you can ask us to delete the personal data which we hold about you
- Right to restriction of processing – in certain circumstances you have a right to restrict us processing your personal data
- Right of data portability – you can ask us to transfer the personal data that we hold about you to other organisations in certain circumstances
- Right to object – you have the right to object to us processing your personal data in certain circumstances
- Right to object to us making a decision about you based solely on automated processing, including profiling in certain circumstances
6. Who Do We Share Your Personal Data With and Why?
We may disclose your personal data to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary, and in accordance with data protection legislation.
We may also disclose your personal data:
- with your consent;
- to the extent that we are required to do so by law;
- to protect the rights, property and safety of us, our customers, users of our websites and other persons;
- in connection with any ongoing or prospective legal proceedings;
- to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling;
- to another organisation if we enter into a joint venture or merge with another organisations;
- to any member of our group, which means those companies which are a subsidiary of our holding company, as defined by s.1159 of the Companies Act 2006.
If we wish or need to share your special category personal data with another organisation, we will only do so if we have either obtained your consent or we are required or allowed to do so by law.
7. Transferring Your Data Outside of the European Economic Area/The UK
Where we need to transfer and/or share personal data to countries and/or organisations outside of the European Economic Area, we only do so in accordance with the General Data Protection Regulation (‘GDPR’).
In the event of a no-deal Brexit, we will only transfer and/or share personal data to countries and/or organisations outside of the United Kingdom where authorised to do so by law.
Can we count you in?
Try out Book Me At free for 30 days