Data Protection Statement
This statement explains how Pendleton Events Ltd handles and uses the personal data we ask for and hold about our clients, their guests and emergency contacts. The majority of personal information details are only asked for when dealing with overseas travel and are processed as a legitimate interest for event management undertaken by Pendleton Events.
We are committed to protecting your personal information and being transparent about what information we hold and how we use it.
Personal data we hold and how it is processed
The following is a broad description of the way Pendleton Events processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices Pendleton Events has provided or contact us directly to ask about your personal circumstances.
Pendleton Events processes personal information to enable us to arrange travel and accommodation bookings, provide consultancy and advisory services, to promote our services, and to maintain our own accounts and records.
We process information relating to the above reasons/purposes. This information may include:
- personal details such as:
- passport details provided on guest profile forms;
- contact details which are updated whenever you let us know that these have changed;
- confirmation of attendance at events both domestic and overseas;
- dietary and medical information used specifically for event management and where appropriate arranging insurance
- goods and services provided
- employment details (this pertains only to contact details)
We also process sensitive classes of information that may include:
- physical or mental health details
- offences and alleged offences (only required for specific events where the venue require this information for safety or insurance)
We process personal information about our customers, clients and employees, complainants and enquirers, suppliers, advisers and other professional experts.
We sometimes need to share the personal information we process with the individual themselves and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.
Where necessary or required we share information with:
- suppliers and services providers
How we share your data with others
We share your personal data only with those suppliers who require this in order to process a booking, for example airlines and hotels. These suppliers have their own data protection statement and procedures.
How we protect your data
We ensure we have appropriate data storage and sharing arrangements in place – encrypted files and secure wifi networks.
We do not sell your personal data to third parties under any circumstances.
We do not release personal contact details to delegates without prior permission.
Any transfer of your data outside of the European Economic Area, as set out above, are protected either by an 'adequacy decision' by the European Commission (declaring the recipient country as a 'safe' territory for personal data) or by standard contractual clauses adopted by the European Commission (which give obligations for the recipient to safeguard data). Further information about the measures we use to protect data when being transferred internationally is available from us on request.
You have the right to:
- ask us for access to, or rectification or erasure of your data;
- restrict processing;
- object to communications from us not relating to attendance at a specific event.
You have the right to lodge a complaint with the Information Commissioner's Office at http://ico.org.uk/concerns/
If you have concerns of queries about any of these purposes or what information we hold for you, please contact us directly.
We will always respect a request by you to stop processing your personal details and will not hold your data for longer than 12months.
The legal basis for processing your personal data for the interdependent purposes set out above is that it is necessary for the pursuit of our legitimate interests. We always handle your personal data securely and minimise it's use. There is no overriding prejudice to you by using your personal information for these purposes. In addition, there is no statutory or contractual requirement requirement for you to provide us with any personal data.
Please contact us if you have any concerns or questions about the above information or you wish to ask us not to process your personal data for particular purposes. Where you have specific requests relating to how we manage your data, we will endeavour to resolve these, but please note that there may be circumstances where we cannot comply with specific requests.