Privacy Policy

1. Privacy policy introduction 

We respect and value privacy, and this Privacy Policy describes how Bookinglab and its affiliated companies (referred to as “we”, or “us”) handle personal information.   

This Privacy Policy applies to any Bookinglab website, application, product, software or service that links to it (collectively, our “Services”).  Occasionally, a Service may link to a different Privacy Policy that will outline the particular practice relevant to that service. 

It is important to us that you read through this Privacy Policy and contact us if you have any questions regarding our privacy practices or your personal information choices.   

We may change this Privacy Policy from time to time.  This may be necessary, for example, as the law changes or if we change our business in a way that affects personal data protection. 

This Privacy Policy was last updated on January 23^rd, 2023. 

2. Information privacy policy 

We collect, use, disclose, transfer, and store personal information when needed to provide our Services and for our operational and business purposes as described in this Privacy Policy.   

What sort of personal data do we collect? 

We collect information that you provide to us when you purchase our Services, including: 

• buyer contact details (name, email, telephone number) 
• finance contact details (name, email, telephone number) 
• payment and billing information  
• support ticket contacts (name, email, telephone number) 

We collect technical information about you when you visit and interact with our services to help us administer, protect, and improve our Services; analyse usage; and improve users’ experience, including:  

• your internet connection (IP address)  
• browser  
• country and telephone code where your computer is located 
• web page accessed during the visit 
• the type of download that you made from the website, but not the content of that download
• the type of device used to access the service 

We collect details of your interactions with us when you require support for our services, such as: 

• Information that you choose to submit regarding a problem that you are receiving with a service  
• Information that you choose to send, receive, post, share 

Not all of the personal information that we hold about you will necessarily come directly from you.  There may be times that it comes from your employer, other organisations to which you belong, or a professional service provider, if they use our Services. 

We also collect personal information from third parties such as our partners, service providers, and publicly available websites, to offer Services we think may be of interest and to help us maintain data accuracy and provide and enhance the Services. 

We share personal information with others only as described in this Privacy Policy, or when we believe that the law permits or requires it. 

2.1 How and why do we use your personal data? 

We use your data to provide the service and personalise your experiences, including processing transactions with you, authenticating you when you log in, providing customer support and operating and maintaining the services. 

We may also use this data to offer you products or services that are most likely to interest you.  The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.  Of course, you also have the right to refuse certain contact permissions and you may choose not to share your personal data with us, which may impact our ability to provide some services that you have asked for. 

We process personal information for these Service- and business-related purposes: 

• Account set up and administration:  We use personal information such as your name, email address, phone number, and information about your device to set up and administer your account, provide technical and customer support and training, verify your identity, and send important account, subscription, and Service information 

• Marketing and events:  We use personal information to deliver marketing and event communications to you across various platforms, such as email, telephone, text messaging, direct mail, and online. If we send you a marketing email, it will include instructions on how to opt out of receiving these emails in the future. Please remember that even if you opt out of receiving marketing emails, we may still send you important Service information related to your accounts and subscriptions. 

• Surveys and polls:  If you choose to participate in a survey or poll, any personal information you provide may be used for marketing or market research purposes.

• Personalisation: We use personal information to deliver and suggest tailored content such as news, research, reports, and business information and to personalise your experience with our Services. 

• Research and development: We use personal information for internal research and development purposes and to improve and test the features and functions of our Services. 

• Hosted services: Some of our Services provide data and document storage as an integral part of the product or solution offering. Documents and data stored by our customers may contain personal information. Any information stored by or on behalf of our customers is controlled and managed by and only made accessible to those customers or others our customers may authorise from time to time. Our access to this information is limited to our personnel with a critical business reason, such as technical support.  

• Chat rooms, messaging, and community and event forums:  A number of our Services provide features including chat rooms, messaging services, and community and event forums for collaboration, peer connection, games, and information exchange purposes. Depending upon the Service, the personal information you choose to post, share, upload, or make available is public and visible to others who use those Services. You should never post or share any information that is confidential or about others unless you have permission to do so. We may use information you provide in community and event profiles and forums to personalise your experience and to make content and peer connection recommendations. These Services may have their own Terms of Use and, where appropriate, their own privacy statements.  

• Legal obligations:  We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection or investigation of a crime; loss prevention; or fraud.   

2.2 How we protect your personal data? 

• Data security matters to all of our customers, and we will treat your data with the utmost care, taking the appropriate steps to protect it. 

• We use data hosting services to host the information that we collect, and configure TLS to prevent interception of data transmitted over networks and to restrict access to the databases and other storage points used. 

• Access to your personal data is password protected, and we regularly monitor our systems for possible vulnerabilities and attacks. 

2.3 How long will we keep your personal data? 

• Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. 

• At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning. 

• For information stored in backup archives, we will securely store the information and isolate it from any further use until deletion is possible. 

2.4 Who do we share your data with? 

We sometimes share your personal data with trusted third parties. The policy that we apply to those organisations to keep your data safe and protect your privacy: 

• We provide only the information they need to perform their specific services. 
• They may only use your data for the exact purposes that we specify in our contract with them
• We work closely with them to ensure that your privacy is respected and protected at all times 
• If we stop using their services, any of your data held by them will either be deleted or rendered anonymous 

Below are the parties that we may share personal information with:

• Within our affiliated companies:  Our business is supported by a variety of teams and functions, and personal information will be made available to them to provide our Services.  Personal information will be made available when necessary to fulfil the Services that we provide to you. 

• Our business partners:  We occasionally partner with other organisations to deliver co-branded Services, provide content, or to host events, conferences, and seminars. As part of these arrangements, you may be a customer of both Bookinglab and our partners, and we and our partners may collect and share information about you. 

• Our third-party service providers: We partner with and are supported by service providers around the world. Personal information will be made available to these parties only when necessary to fulfil the services they provide to us, such as software, system, and platform support; direct marketing services; cloud hosting services; advertising; data analytics; and order fulfilment and delivery.  Our third-party service providers are not permitted to share or use personal information we make available to them for any other purpose than to provide services to us.

• Third parties for legal reasons: We will share personal information when we believe it is required, such as: 

• To comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence.

• In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

• To protect our rights, users, systems, and Services. 

• Other third parties:  to whom we may choose to sell, transfer, or merge parts of our business or assets.  Alternatively, we may choose to acquire other businesses or merge with them.  If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy 

• Certain trusted third parties are based outside of the European Economic Area (EEA), so their processing of your personal data will involve the transfer of data outside of the EEA.  Whenever we transfer your data outside of the EEA, we will check that at least one of the following safeguards is implemented: 

• We will only transfer your data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.  For further details, see https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en  

• Where providers are based in the United States of America, we may transfer data governed under and International Data Transfer Agreement. For further details, see https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/

• Where we use certain service providers, we may use specific contracts approved by the European Commission, which give personal data the same protection as it has in Europe.  For further details, see https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en  

3. Personal data rights 

3.1 What is personal data? 

• Personal data is defined by the General Data Protection Regulation (GDPR) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. 

• Personal data is, in simpler terms, any information about you that enables you to be identified.

• Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers. 

2. What are your rights over personal data? 

You have the right to request: 

• How we use your personal data (why, how long for, who we share it with) 

• Access to the personal data we hold about you, free of charge in most cases

• The correction of your personal data when incorrect, out of date or incomplete

• To be forgotten, resulting in the deletion or disposal of any of the personal data that we hold about you 

• To restrict (i.e. prevent) the personal processing of your data, for example, that we stop using your personal data for direct marketing (either through specific channels, or all channels) 

• To object to us using your personal data for a particular purpose 

• Data portability, meaning that if you have provided personal data to us, and that data is processed using automated means, you can ask for a copy of that data to re-use with another service 

• The review of any decision made based solely on automatic processing of your data (i.e. where no human has yet reviewed the outcome and criteria for the decision) 

4. Other important privacy information 

4.1 Notice to end users 

Many of our products are intended for use by organisations. Where the Services are made available to you through an organisation (e.g. your employer), that organisation is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organisation's policies. We are not responsible for the privacy or security practices of an administrator's organisation, which may be different than this policy. 

4.2 Our policy towards children 

Our services are not directed to individuals under 16.  If we become aware that a child under the age of 16 has provided us with personal information we will take steps to delete such information.  If you become aware that a child has provided us with personal information, please contact us via the contact details specified in this section. 

4.3 Contact us 

We hope this information has been helpful in setting out the way we handle your personal data and your rights to control it. 

If you have any questions, or would like to contact us: 

Email: info@bookinglab.co.uk 

Address: 3 Wharfside Street, Spaces Level 1 Mailbox, Birmingham B1 1RD 

Bookinglab is a trading name of Bookinglab Ltd.  Registered in England.  Company no: 11764238.  Registered Office: 3 Wharfside Street, Spaces Level 1 Mailbox, Birmingham B1 1RD. 

You have the right to make a complaint at any time to the Information Commissioners Office (ICO), the UK’s supervisory authority for data protection issues (www.ico.org.uk).  We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.