We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
Our policy does not extend to cover the activities of third party websites, so we recommend you check the respective privacy policies of these websites.
Who we are
Central Hall Westminster Limited (company number 03802387) (“we”, “us”, “our”) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
The personal information we collect and use
Information collected by us
In the course of dealing with your enquiries, arranging and managing your hall hiring and/or event(s) we collect the following personal information when you provide it to us:
- Your name, address and email address and any other contact details you give us when you make an enquiry using our contact form
- Your dietary preferences
- Payment details
We also log your Internet Protocol (IP) address to enable us to receive and send information from and to you over the Internet. We also collect information on how you use our website, we track which pages you visit, if you scroll to the bottom of these pages, if you watch a video, view our gallery and if you download any of our brochures. This data can be viewed by authorised people within our organisation and our service partners to aid in fulfilling enquiries, improving the website and to provide you with the right information.
CCTV surveillance – CCTV systems are installed at our premises. All internal and external CCTV cameras are clearly visible. Typically, they are positioned on the interior of the building, reception areas and lift lobbies. CCTV surveillance is used primarily to assist with security and safety of our staff and visitors to our premises, although in occasional situations we may use CCTV footage in investigations and/or be asked to provide to law enforcement agencies.
Information collected from other sources
We also obtain personal information from other sources as follows:
- Information those hiring or using our facilities provide us with about their guests including:
- dietary preferences
- names of guests and any specific requirements they may have
How we use your personal information
We will use this information to:
- Provide goods and services to you or your organisation
- Collect and process payments
- Inform you of other goods and services in which you may be interested
- Inform you about changes and improvements to our products/services
- Help ensure a safe and secure environment for your event
Who we share your personal information with
We routinely share your personal data with our service partners in order that they can provide you with the services you require. Our service partners are currently:
- KUDOS (catering)
- White Light (AV Production)
- SBS (security)
- Delatim (facilities management)
- Eveleen Hatch (PR)
These providers are all located in the UK.
Our IT providers may also process your information in order that we may communicate with you. These providers are also in the UK.
We may also share your information with our accounting software provider where needed to process our accounts.
We will share personal information with law enforcement or other authorities if required by applicable law or where we otherwise need to do so (for example to report a possible criminal offence).
Where we need to enforce our rights to payment or other rights we may share your details with enforcement officers or agents, the court and our professional advisers.
We will not share your personal information with any other third party.
Whether information has to be provided by you, and if so why
The provision of your contact details is required from you in order to deal with your enquiry and arrange and manage any booking. If you do not provide us with this information we will not be able to proceed with your booking. We will inform you at the point of collecting information from you, whether you are required to provide the information to us.
How long your personal information will be kept
When submitting enquiry forms we will keep your data for up to two years if no further contact has been made. In cases when events have subsequently been contracted or further correspondence and enquires made, we keep your data for up to six years.
Reasons we can collect and use your personal information
We rely on the following lawful reasons to collect and use your personal data and on occasion more than one lawful basis may apply to the processing:
- To perform or enter into any contract with you
- Our legitimate interests in running and marketing our facilities/venue to both our benefit and yours, and in working with our service partners in order that they can assist you and in offering goods and services to those wishing to use and/or hire our facilities/venue
- To complete with our legal obligations
- To protect your vital interests or that of another person (e.g. in an emergency)
- Our legitimate interests in ensuring the safety and security of our premises and those who visit them
- Where you consent to the processing where we ask you to (e.g. for certain sorts of marketing or other processing where the law requires this
Transfer of your information out of the EEA
We do not ourselves currently envisage transferring personal information to persons located outside the European Economic Area (EEA) other than to our accounting software supplier which is located in New Zealand. Such countries do not have the same data protection laws as the United Kingdom and EEA. We will ensure that any transfer of your personal information where the GDPR applies to such transfer either by us or by any third party supplier we provide your information to such as our accounting software provider will be subject to the appropriate or suitable relevant safeguards (e.g. European Commission approved contract) as permitted under the General Data Protection Regulation that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. In general, we and our third party suppliers use contract clauses for such transfers (Article 46.2 GDPR) unless the country in question is judged adequate under Article 45 GDPR (including in the case of the USA Privacy Shield; New Zealand is deemed to have an adequate level of protection).
If you would like further information, please contact us (see ‘How to contact us’ below).
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- Fair processing of information and transparency over how we use your personal information that this Privacy Notice is already designed to address
- Access to your personal information and to certain other supplementary information
- Require us to correct any mistakes in your information which we hold
- Require the erasure of personal information concerning you in certain situations
- Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine readable format and have the right to transmit that data to a third party in certain situations
- Object at any time to processing of personal information concerning you for direct marketing
- Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Object in certain other situations to our continued processing of your personal information
- Where the processing is based on your consent you may wirthdraw your consent at any time
- Otherwise restrict our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- Email, call or write to us (contact details below) and let us have enough information to identify you (e.g. account number, user name, registration details)
- Let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- Let us know the information to which your request relates, including and account or reference numbers, if you have them
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
Please be aware that sending information over the internet is generally not typically secure so any data you send is sent at your own risk.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to this privacy notice
This privacy notice was published on 22nd May 2018 and last updated on 22nd May 2018.
We may change this privacy notice from time to time, when we do we will inform you via email or by posting the updated notice on our website.
How to contact us
Please contact us if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us please send an email to email@example.com, write to Central Hall Westminster, Storey’s Gate, London, SW1H 9NH or call 020 7222 8010.