OUR PRIVACY
POLICY INTRODUCTION
The Bijou Venues and The Harper group of companies respect your privacy and is committed to protecting your personal data. This Privacy Policy aims to give you information on how the group collects and looks after your personal data when you:
• visit our websites (including https://www.theharper.co.uk/);
- use our online planner (“Planner”) (accessed via the following website: https://accounts.lebijou.co.uk);
- make a booking with us and / or otherwise use our services; and
- purchase products from us.
- It will also tell you about your privacy rights and how the law protects you.
1 WHO WE ARE AND IMPORTANT INFORMATION
1.1 The Harper Limited is a company incorporated in England and Wales with company number 06733397. Our registered office is 11 Castle Hill, Maidenhead, Berkshire, SL6 4AA.
1.2 The group of companies operating under The Harper and Bijou Venues brand (and to whom this Privacy Policy applies) is made up of different legal entities including, Prowess Partnership, Prowess Ltd and Notley Abbey Ltd. This Privacy Policy is issued on behalf of the Bijou Venues group of companies so when we mention “Bijou”, “we”, “us” or “our” in this Privacy Policy, we are referring to the relevant company in the Bijou group of companies responsible for processing your personal data.
1.3 We are bound by applicable data protection laws in respect of the handling and collection of your personal data. We are registered as a data controller with the Information Commissioner’s Office (“ICO”) under the following registration numbers:
- Bijou Wedding Venues Limited: ZA032249
- Prowess Ltd: ZA638594
- Notley Abbey Ltd: ZA824439
1.4 If you have any questions about this Privacy Policy, including any requests to exercise your legal rights as set out in sections 9 and 10, please contact us using the contact details in section 13.
1.5 It is important that you read this Privacy Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.
1.6 It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
2 BASIS FOR PROCESSING PERSONAL DATA
2.1 Sections 2.2 – 2.8 below explain how and why we process your personal data, as well as the legal basis on which we carry out this processing.
2.2 To enter contracts with you: Where you order services (and/or products) from us, we will process your personal data to process your order so that we can provide services (and/or products) to you. Our use of personal data in this way includes sharing your personal data with our payment system provider, with delivery companies and other potential subcontractors. The legal basis on which we process your personal data in this way is the necessity to be able to enter into and perform the contract for the provision of services (and/or products) you have requested from us. If you do not wish to provide us with your personal data in this way, you will be unable to purchase services (and/or products) from us.
2.3 To provide products to others: Where you have provided personal data about another person (for example, your guests or if making a gift purchase), we need to process such personal data in order to provide services (and/or products) to the other person or people. This will include sharing their personal data with potential suppliers and subcontractors. We need to process their personal data in this way to be able to provide the services (and/or products) you have ordered for them. The legal basis on which we process their personal data in these circumstances is our legitimate interest to provide the person you have identified and requested with the services (and/or products) you have ordered.
2.4 To make our website better: We may also use your personal data to make sure our website is displayed in the most effective way for the device you are using. We also use various cookies to help us improve our website (more details are set out in section 5) and share your personal data with the third party analytics and search engine providers that assist us in the improvement and optimisation of our website. We will also process personal data for the purposes of making our website more secure, and to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes. The legal basis on which we process personal data in these circumstances is our legitimate interest to provide you with the best customer experience we can, and to ensure that our website is kept secure.
2.5 To provide customer services to you: We may process your personal data in order to provide various supporting or ‘pre-contract’ customer services to you (such as where you contact us with a booking enquiry and/or otherwise request certain information from us). The legal basis on which we process your personal data in these circumstances is our respective legitimate interests in dealing with customer service requests and responding to communications. If you do not provide us with the personal data we request from you for customer services purposes, we may not be able to fully answer your queries.
2.6 For marketing purposes: Where:
2.6.1 you have expressly opted in to receive marketing communications from us, we will process your personal data to provide you with marketing communications in line with the preferences you have provided;
2.6.2 you have expressly opted in via our site to receive marketing communications from a third party, we will process your personal data by transferring it to the relevant third party, in each case, the legal basis on which we process your personal data is your consent. You are not under any obligation to provide us with your personal data for marketing purposes, and you can withdraw your consent to your personal data being processed in this way at any time by contacting us (please see section 13) or, where relevant, by following the unsubscribe link in every marketing communication you receive from us. If you do choose to withdraw your consent, this will not mean that our processing of your personal data before you withdrew your consent was unlawful.
2.7 If our business is sold: We will transfer your personal data to a third party:
2.7.1 in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets (at all times in accordance with all applicable data protection laws); or
2.7.2 if The Harper or substantially all of its assets are acquired by a third party, in which case personal data held by The Harper about its customers will be one of the assets transferred to the purchaser, in each case, the legal basis on which we process your data in these circumstances is our legitimate interest to ensure our business can be continued by a purchaser. If you object to our use of personal data in this way, the relevant seller or buyer of our business may not be able to provide services (and/or products) to you.
2.8 In certain circumstances we may also need to share your personal data if we are under a duty to disclose or share personal data in order to comply with any legal obligation.
3 CATEGORIES OF INFORMATION WE COLLECT FROM YOU
3.1 We will collect and process the following personal data about you.
3.2 Information you give us: This is information about you that you give us when filling in forms on our website, making a booking or purchase via our website or by corresponding with us by phone, e-mail or otherwise. It includes information provided when you register to use our website(s) (including our Planner), register to receive information about our venues, open an account with us, use our services, participate in social media functions on our website, and when you report a problem with our website. The information you give us may include names, addresses, email addresses, phone numbers and details of wedding/event plans (including names and phone numbers of suppliers and key people (including guests) for the wedding/event) as well as bank account details for refund purposes.
3.3 Information we collect about you: With regard to each of your visits to our website we will automatically collect the following information:
3.3.1 technical information, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, screen resolution, operating system and platform; and
3.3.2 information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.
3.4 Information we receive from other sources: We may receive information about you when you use our site. We are also working closely with third parties (including, for example, referral sites as well as other business partners, sub-contractors, analytics providers, hosting providers and search information providers) from whom we may also receive information about you.
3.5 Special Category Personal Data: We may collect and process some personal data that would be categorised as a special category of data, which could reveal your (or your guests’) health, religious or philosophical beliefs or sexual orientation. This is because we collect and process data concerning dietary requirements and type of ceremony, (e.g., civil partnership, religious ceremony), for the purpose of wedding/event booking and planning process to provide our services. The basis on which we process such special category data will be your explicit consent or as necessary to protect your vital interests.
3.6 We do not process the following special categories of personal data:
3.6.1 racial or ethnic origin;
3.6.2 political opinions or trade union membership; or
3.6.3 genetic or biometric data that uniquely identifies you.
3.7 We do not collect data relating to criminal convictions or offences or related security measures.
4 CATEGORIES OF RECIPIENTS OF PERSONAL DATA
4.1 The details in this Privacy Policy relating to third parties other than Bijou (but including our group) are for your information only. We are not responsible for the privacy policies or practices of third party recipients of your personal data. Where third parties are recipients of your personal data from us, please read any information those third parties provide you about how, why and the legal basis for, their processing of your personal data and make your own enquiries in respect of them.
4.2 Your personal data may be shared by us with categories of recipients that include:
4.2.1 Sub-contractors and suppliers (Consult Believe, IQ Digital, Dropbox and other third party sub-contractors, suppliers and e-storage providers we may use from time to time for the purpose of providing our services (and/or products); and
4.2.2 Analytics providers (Google Analytics).
5 COOKIES
5.1 Our website(s) use cookies to distinguish you from other users of our website(s). More details can be found here: Cookie Policy
6 USES MADE OF THE INFORMATION
6.1 We will combine the information you provide to us with information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
6.2 The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
7 WHERE WE STORE PERSONAL DATA
7.1 The data that we collect from you will be stored in (and will not be transferred out of) the United Kingdom and the European Union. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. In particular, any transfer of your personal data made by us to a location outside of the United Kingdom and the European Union will be governed by the relevant set of model contract clauses approved by the European Commission, or other lawful arrangement for such transfer, which we will make available to you on request.
7.2 All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. You must not share your password with anyone.
8 PERIOD OF STORAGE
8.1 Where you order goods and/or services from us, we will retain your data for a period of 6 (six) years after the services (and/or products) are provided, to ensure that we are able to assist you should you have any questions or feedback in relation to our services (and/or products) or to protect, or defend our legal rights.
8.2 Where we have processed your personal data to provide you with marketing communications with consent, we may contact you at least every twelve (12) months to ensure you are happy to continue receiving such communications. If you tell us that you no longer wish to receive such communications, your personal data will be removed from our lists.
8.3 Where we have processed your data for any other reason (such as where you have contacted us with a question in connection with our services or products), subject to section 8.1, we will retain your data for twelve (12) months or a shorter period, in order to sufficiently address any follow-up enquiry or purchase made during that period.
9 YOUR RIGHT TO OBJECT UNDER DATA PROTECTION LAWS
9.1 You have the right to object to us processing your personal data where we are processing personal data:
9.1.1 based on our legitimate interests (as set out at sections 2.2 to 2.8 above). If you ask us to stop processing your personal data on this basis, we will stop processing your personal data unless we can demonstrate compelling grounds as to why the processing should continue in accordance with data protection laws; and
9.1.2 for direct marking purposes. If you ask us to stop processing your personal data on this basis, we will stop. In each case please do so by making contact with us directly (please see section 13).
10 YOUR OTHER RIGHTS UNDER DATA PROTECTION LAWS
Right of access
10.1 You have the right to receive confirmation as to whether your personal data is being processed by us, as well as various other information relating to our use of your personal data. You also have the right to access your personal data which we are processing. You can exercise this right by making contact with us directly (please see section 13). You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. Right to rectification
10.2 You have the right to require us to rectify any inaccurate personal data we hold about you. You also have the right to have incomplete personal data we hold about you completed, by providing a supplementary statement to us. Right to restriction
10.3 You have the right to restrict our processing of your personal data where:
10.3.1 the accuracy of the personal data is being contested by you;
10.3.2 the processing by us of your personal data is unlawful, but you do not want the relevant personal data erased;
10.3.3 we no longer need to process your personal data for the agreed purposes, but you want to preserve your personal data for the establishment, exercise or defence of legal claims; or
10.3.4 we are processing your data on the basis of our legitimate interest (as set out at sections 2.2 to 2.8 above) and you:
10.3.4.1 object to our processing on the basis of our legitimate interest under section 9.1.1 above; and
10.3.4.2 want processing of the relevant personal data to be restricted until it can be determined whether our legitimate interest overrides their legitimate interest.
10.4 Where any exercise by you of your right to restriction determines that our processing of particular personal data are to be restricted, we will then only process the relevant personal data in accordance with your consent and, in addition, for storage purposes and for the purpose of legal claims. Right to data portability
10.5 You have the right to receive your personal data in structured, standard machine readable format and the right to transmit such personal data to another controller. Right to erasure
10.6 You have the right to require we erase your personal data which we are processing where one of the following grounds applies:
10.6.1 the processing is no longer necessary in relation to the purposes for which your personal data was collected or otherwise processed;
10.6.2 our processing of your personal data is based on your consent, you have subsequently withdrawn your consent and there is no other legal ground we can use to process your personal data;
10.6.3 you object to the processing in your personal data as set out in section 9.1.1 above and we have no overriding legitimate interest for our processing;
10.6.4 the personal data have been unlawfully processed; and
10.6.5 the erasure is required for compliance with a law to which we are subject.
10.7 You have the right to lodge a complaint with the Information Commissioner’s Office, the supervisory authority for data protection issues in England and Wales.
10.8 Exercising your rights: You can exercise your rights by making contact with us directly (please see section 13).
11 LINKS ON OUR WEBSITE
Our website may, from time to time, contain links to and from the websites of our partner networks and affiliates. Our service connects you to different websites. If you follow a link to any of these websites or use our service, please note that you have left our website and these websites have their own privacy policies. We do not accept any responsibility or liability for these policies or websites. Please check these policies before submitting any personal data to these websites.
12 CHANGES TO OUR PRIVACY POLICY
Any changes we make to our Privacy Policy in the future will be posted on this webpage and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Privacy Policy.
13 CONTACT
Questions, comments and requests regarding this Privacy Policy are welcomed.
You can contact us by emailing; Group Marketing Manager, Sara de Velasco sara.develasco@theharper.co.uk
Managing Director, Sam Cutmore-Scott smcs@theharper.co.uk
This Privacy Policy was last updated on 9 December 2020.
