- Who processes your Personal Data ?
- Which Personal Data do we process and for what purpose?
- Overview of processing activities
- How long do we keep Personal Data for ?
- Your rights
- Protection and storage of your data
- Links to other websites
- Supervisory authority and applicable law
- Contact us
- Our employees;
- Our affiliates;
- Our group companies and their employees;
- Successors in title to our business;
- Third party consultants, contractors or other service providers who may access your personal information when providing services listed below (including but not limited to support services) to us;
- Government bodies and law enforcement agencies and in response to other legal and regulatory requests;
- Auditors or contractors or other advisers auditing, assisting with or advising on any of our business purposes, in any jurisdiction where we operate.
3. Which Personal Data Do We Process, and For What Purposes Do We Process Personal Data?
Personal data is any data that identifies you as an individual. The types of personal data we collect, and process include the following:
Uses made of your personal data (see schedule 1 below for further details) We use your personal data in order to:
- Contact details – such as name, age, phone or address
- Identity documents – such as passport information or other identify cards
- Financial information – any debit/credit card details you provide and financial transactions you make with us;
- Health information where disclosed and relevant to the provision of services (such as details regarding allergies);
- Preferences – such as special requests, service issues and other preferences for your stay;
- Event attendance details – records of attendance at any events hosted by us, including any CCTV footage
- Technical information – such as information about the device you use to interact with us (including the unique device identifier, hardware model, operating system and version, and mobile network information, in the case of our mobile App); and
- Communication – when you contact us, such as to send an enquiry or make a request, any correspondence or application may be kept and added to your personal information.
Personal Data submitted to us through the Channels or our website will be used for the purposes specified in this policy, and in Schedule 1 below. “Channels” means the following applications, websites and other relevant properties, via which you complete surveys and send or receive messages to or from us:
- Pursue our legitimate interest to enhance and manage your customer experience with us, provide you with information, products or services that you request from us or which we feel may interest you, run customer loyalty programmes, advertise our services or where you have consented to be contacted for such purposes (our list of services below);
- Administer our business and improve our products and services by analysing, responding to and acting on the data provided, including surveys you complete and issues you have raised with us via the Channels;
- Carry out our obligations arising from any contracts entered into between you and us;
- Contact you for marketing purposes where you have consented to be contacted for such purposes;
- Comply with legislation;
- Prevent or detect fraud;
- Notify you about changes to our services
- Ensure network, IT and information security
- Provide third parties with anonymized statistical information about our users (but those third parties will not be able to identify any individual user from that information)
- Gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our Online Services, newsletters and email subscriptions (you may unsubscribe at any time).
- Facebook / Facebook Messenger / Instagram Messenger
4. We Collect, Store and Process Personal Data at Three Different Stages:
- Before you decide visit one of our premises and
- When you stay or have stayed in one of our hotels, or visited one of our bars, restaurants or entertainment venues.
- When you engage with us through the use of third-party feedback management applications in some of our venues
4b. How Long Do We Keep Personal Information For?
We will generally retain your personal information for as long as is necessary for the purpose it was collected unless we need to retain it for legal purposes or in accordance with commercial practice and regulatory requirements. Generally, where there is no legal requirement, we retain all physical and electronic records for a period of 2 years after your last contact with us. Exceptions to this rule are:
- CCTV records which are held for no more than [30 days] unless we need to preserve the records for crime prevention;
- Information that may be relevant to any legal claims (for example personal injury claims) may be retained until the limitation period for those types of claims has expired. It is important to ensure that the personal information we hold about you is accurate and up-to-date.
4c. Use of Children’s Data
Press Up Entertainment Group offers some services to children via the Captain Americas and wagamama brands which are primarily targeted at children, and others that are intended for users of all ages and their families including activities that may collect information from children. Below we summarize potential instances of collection and outline how and when we will provide parental notice and/or seek parental consent. In any instance that we collect personal information from a child, we will retain that information only so long as reasonably necessary to fulfil the activity request or allow the child to continue to participate in the activity, and ensure the security of our users and our services, or as required by law. In the event we discover we have collected information from a child in a manner inconsistent with the GDPR’s requirements, we will either delete the information or immediately seek the parent’s consent for that collection.
Registration for Kids Club
Children up to the age of 12 can be registered for our Kids Club on our Captain Americas and wagamama websites. Every year on the child’s birthday we will send a birthday card to your child’s registered postal address with a voucher for a free kid’s meal. During the registration process, we ask for the Parents name and email address for notification and security purposes, as well as the child’s first name and date of birth, (for age verification purposes) and a postal address. Competitions We occasionally run in-venue competitions where we collect data. Unless specified with an option to tick a consent box, this information will not be used to market to you. This information is only collected to inform you if you are a lucky prize winner. Data will not be retained after the closing date of any such competition.
About the Collection of a Parent or Legal Guardian’s Email Address
This information is collected for notification and security purposes. If you believe your child is participating in a Kids Club activity that collects personal information and you or another parent/guardian have NOT received an email confirming subscription to the kids club, please feel free to contact us at firstname.lastname@example.org. We will not use parent emails provided for parental consent purposes to market to the parent, unless the parent has expressly opted in to email marketing or has separately participated in an activity that allows for such email contact.
When Information Collected From Children Is Available to Others
We may share or disclose personal information collected from children in a limited number of instances, including the following:
- We may share information with our service providers if necessary for them to perform a business, professional, or technology support function for us.
- We may disclose personal information if permitted or required by law, for example, in response to a court order.
Parental Choices and Controls
At any time, parents can refuse to permit us to store personal information from their children in association with a particular account, and can request that we delete from our records the personal information we have collected in connection with that account. Please keep in mind that a request to delete records may lead to a termination of a membership, or other service. Where a child has registered for a Captain Americas or wagamama’s Kids Club, we use one method to allow parents to access, change, or delete the personally identifiable information that we have collected from their children:
Parents of Captain Americas or wagamama’s Kids Club members may contact us directly at: email@example.com. In any correspondence, please include the child’s name and the parent’s email address. To protect children’s privacy and security, we will take reasonable steps to help verify a parent’s identity before granting access to any personal information.
- Parents can contact us to request access to, change, or delete their child’s personal information by sending an email to us at firstname.lastname@example.org. A valid request to delete personal information will be accommodated within 30 days as per the GDPR legislation.
5. Your Choices and Rights
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about our products or services, then you can contact us using the contact details below. We endeavour to keep your data accurate, complete and up to date. If your information that we hold is inaccurate, you can let us know. We will make the necessary amendments, erase or block the relevant Data as you request and notify you within one month of your request that relevant action has been taken. All requests should be addressed to email@example.com You may also request in writing copies of your Data held by us. Please quote your name and address and provide brief details of the information you would like. We may also request proof of identification to verify your access request. We will provide you with a copy of the data held by us as soon as practicable and within one month after the request in writing is received and verified by us, unless the complexity of the matter requires a longer period of time to comply with your request. All access requests should be addressed to firstname.lastname@example.org We recognise that you have certain rights as a ‘data subject’ and we are committed to upholding these. These include the right to be informed, the right to rectification, the right to access, the right to restrict processing, the right to data portability, the right to object and the right to withdraw consent. We want to be as transparent as possible in our processing. Please get in touch with us by emailing email@example.com find out more or to exercise your information rights.
6. Protection and Storage of Your Data
We have used and will continue to use reasonable endeavours to protect your personal data against loss, alteration or any form of unlawful use. Where possible, your personal data will be encrypted and stored on a virtual private server that is secured by means of state-of-the-art protection measures. Please be aware that communications over the internet, such as emails/webmail are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered – this is the nature of the world wide web/internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control. A strictly limited amount of people have access to your personal data. In any instance that we collect personal information from you, we will retain that information only so long as reasonably necessary to fulfil the activity request or to allow you to continue to use our services, and ensure the security of our users and our services, or as required by law. Please keep in mind that a request to delete records may lead to a termination of a membership, or other service provided by us.
8. Links to Other Websites
9. Supervisory Authority and Applicable Law
With respect to the processing of your personal data, Press Up Entertainment Group Operations is the ‘main establishment’ of Press Up Entertainment Group. This means that the data protection authority of Ireland shall have jurisdiction with respect to the cross-border processing of your personal data in which Press Up Entertainment Group. Notwithstanding the foregoing you shall be entitled to lodge a complaint with the competent supervisory authority in the territory of a Press Up Entertainment Group business. The processing of your personal data by Press Up Entertainment Group Operations and the relevant Press Up Entertainment Group business(s) shall be subject to the laws of Ireland, including the General Data Protection Regulation, when it applies from 25 May 2018 onwards. The applicability of the laws of Ireland and General Data Protection Regulation shall be without prejudice to any provisions that may apply to a particular processing activity under local mandatory data protection law. The Office of the Data Protection Commissioner regulates data protection in Ireland. Further information can be found at www.dataprotection.ie
11. Changes to this Privacy Statement
Press Up Entertainment Group reserves the right to change this Privacy Statement. Press Up Entertainment Group will provide notification of the material changes to this Privacy Statement through the Company’s websites at least fifteen (15) business days prior to the change taking effect. If you want to know more or if you have any queries, please write to us at: Press Up Entertainment Group 41a Pleasants Street St. Kevin’s Dublin 8