Privacy Policy

Who are we?

Fennes and Parklands, Quendon Hall are operated by The Tabor Group Ltd.

For any questions about how we use your data, or to exercise your rights over your data, you can contact us on:

Telephone: 01376 324555
Email: data@thetaborgroup.co.uk
Post: Data Privacy, The Tabor Group, Fennes, Fennes Road, Braintree, Essex. CM7 5PL

If you do have questions, we’d ask you to read this policy first as we hope it’s clear and comprehensive.

What data do we collect and process about you, what do we do with it and why?

When you visit our website

We collect your IP address, the website you came from, what kind of browser you’re using, and what you do on the website – which links you follow, where your mouse travels, how long you spend on each page and so on.

We use cookies that are strictly necessary to enable you to move around the site or to provide certain basic features. We use cookies to enhance the functionality of the website by storing your preferences.

We also use cookies to help us to improve the performance of our website to provide you with a better user experience.

We use 3rdparty cookies from Google Analytics that tell us whether or not you’ve visited the site before.  Your browser will tell us if you have these cookies, and if you don’t, we generate new ones. This allows us to track how many individual unique users we have, and how often they visit the site.

We also use Facebook pixel code on our website to track conversions from Facebook ads, optimise ads based on collected data, build targeted audiences for future ads, and remarket to qualified leads—people who have already taken some kind of action on our website.

Formally, we justify this processing as a combination of pre-contractual negotiation and legitimate interest for the marketing and activity tracking aspects.

When you request a brochure

We obviously collect some personal data about you when you request a brochure.

If you request a brochure on our website, we collect your name, address and email address.

If you request a brochure over the phone from our office, we collect your name and calling telephone number. We’ll also collect your postal address if we’re posting you the brochure, or your email address if we’re sending them to you that way.

Formally, we justify this processing as being in our legitimate interest.

We will also use your information for marketing purposes – see further below.

We may also need to process sensitive information about you – see further below.

When you contact us

If you get in touch with us – whether that’s by phone, email, post or in person – we’ll collect the personal information you provide. If you use our contact form, we ask for your name, email address and contact phone number, and we’ll ask for the same things if you call our office. That information and anything else you tell us will be handled securely. Only what is needed to deal with your enquiry will be passed on internally. We do ask that you don’t include sensitive personal information in any communication unless it’s directly relevant, to make it easier for you and us jointly to protect you.

Formally, we justify this processing on the basis of your consent. When you use the contact form, call the contact centre or visit a venue in person, we will ask you for that consent explicitly. If you write to us by post or email, we will send you a privacy notification with the option to withdraw your consent by unsubscribing at any time if you wish.

When you hire the venue

When you hire the venue we will collect your name, contact address, contact telephone number. We will also collect some personal information for example, your date of birth.

We will also take payment information from you. If you pay your deposit or any other payments by payment card our payment processor will collect and process your card details on our behalf. If you pay by cheque we will see your bank details as a consequence but we will not store this information.

Formally, we justify this processing as part of our contractual obligation to you.

We will also use your information for marketing purposes – see further below.

We may also need to process sensitive information about you – see further below.

If you are attending a wedding and book a room

When you attend a wedding or event at our venue and book a room we will collect your name, contact address, contact telephone number and email address.

We will also take payment information from you. If you pay your deposit or any other payments by payment card our payment processor will collect and process your card details on our behalf. If you pay by cheque we will see your bank details as a consequence but we will not store this information.

When we send you marketing emails or other communications

Where we have noted this above we will use the information we have about you to send you marketing information. Where we have prior purchase history we will use that to help identify your interests and customise our marketing to you. We will also use outside data sources to get additional information based on your general location but we do not pass your details on for this purpose or seek any specific information about you personally.

Whenever you interact with us, we may ask you to consent to receive this marketing information by email or text message. If you are a consumer, we will only email or text you if you have consented in this way, and you can withdraw this consent at any time by contacting us using the information at the start of this policy, following the unsubscribe instructions that are in every email or text that we send, or visiting our website. If you are a business we may send you marketing communications by email or text without prior consent, but you still have the same rights to ask us to stop.

We do not make telephone marketing calls to consumers and will only call you in response to an enquiry or as part of contractual customer service.

Formally, we justify our marketing activity as being in our legitimate interest. As required by the Privacy and Electronic Communication Regulation 2003, for natural people we will only send marketing communication by email where we have explicit consent.

When you visit one of our venues

Our venue uses CCTV to help assure the security and safety of our visitors and staff. Appropriate notices are prominently displayed in these venues, and we are registered with the Information Commissioner’s Office as an operator of a CCTV scheme. If you are captured on CCTV while in our venues this is part of your personal data and you have the rights over it that are set out later in this policy.

We operate our CCTV. Only we have access to the footage. Unless there is an active need to investigate or we are required to by law we will not try to connect any person in CCTV footage to any other records that we have or otherwise try to identify them.

We retain CCTV footage for 31 days after which it is securely deleted.

Formally, we justify our use of CCTV as being in our legitimate interest in protecting our premises, staff and visitors.

If you have a special access requirement or an allergy

If you are coming to our venue and have an access requirement – such as a wheelchair space – we will collect the required information from you in order to make sure you have the best possible experience. We will only ask you to tell us what we need to know in order to accommodate you, and ensure that this information is shared in identifiable form only with those people internally and at our partners who need to know. We will anonymise your information and process it further in order to improve our access provisions across all of our venues.

Similarly, if you are coming to a catered event we will ask if you have any food allergies. Again, we will collect the required information from you in order to make sure you have the best possible experience. We will only ask you to tell us what we need to know in order to keep you from harm, and ensure that this information is shared in identifiable form only with those people internally and at our partners who need to know. We will anonymise your information and process it further in order to improve our allergy policy across all of our venues.

We will not normally retain access or allergy information once the feature or event has taken place.

Formally, we justify this processing as a legitimate interest, on the grounds of your safety and access.

Please note that if you only share access or allergy information with staff at a venue when you attend this will not constitute data processing as we won’t record anything in identifiable form.

Who else gets to see your data

We won’t ever sell your data or provide access to it to any third parties for marketing purposes. We will share your data in the following ways:

With our subcontractors

Like many businesses we don’t do everything ourselves. When we have someone else help us handle an aspect of our business, we will pass them some of your data so that they can do their work. We will only ever give them the minimum information that they need and it will always remain under our control. This means that they can only do with your data what we tell them to, and can’t keep it once they no longer need it or pass it on to anyone else.

At the moment, the following parts of our business work with partner companies:

 

We also outsource some of our IT. We have several partners for this; none of them have routine access to your data, but may be able to see it occasionally if they need to in order to fix a problem or make an update. We always have control of this access and have strict contractual provisions to make sure they don’t abuse it.

If legally required

In some circumstances, we may be legally required to pass on your data. For example, if there is a health and safety incident in one of our venues and you are involved, we will pass your data on to the Health and Safety Executive (a government agency) or to the relevant local authority. What they then do with your data is governed by the law. They may also contact you directly. We will always try to make sure that you know when your data is passed on in this way. In this specific circumstance we may collect health information about you where it is strictly relevant and this may be done without your consent if you are not able to consent at the time. We will only do this in order to comply with the law and to protect your vital interests.

The police and other government agencies may also request your data. We will pass it to them once they show us proof that their request is legal. We may not be able or allowed to tell you if this happens.

If you make a complaint

If you make a complaint or if we think it’s necessary for any other reason, we may depending on the issue pass your data on to our insurers. We will only pass them the data that they need; we have a clear agreement with them that they will only use the data to assess any claim that we may make in connection with the issue.

How we look after your data

We take the security of your data very seriously. We’ve made significant investments in IT systems and training to make sure it stays safe. We have strict contracts with anyone we share it with to ensure that do the same. It will always be stored and processed inside the EEA (European Economic Area), where the General Data Protection Regulation gives you strong legal protection for your data privacy rights. We will always obey both the letter and the spirit of the data protection laws that apply to us.

We keep clear records of what data we have and what we do with it, and make sure that we always consider what impact our processing will have on you. We also continually assess the risks to you from possible data breaches, and do everything we can to prevent them.

How long we keep your data

We won’t keep your data forever. If you haven’t interacted with us for five years – which means hiring the venue, opening an email, contacting us or visiting our website – we’ll anonymise your data so that it’s no longer connected to you in any way.

If you have hired the venue, we will keep your data to comply with HMRC and legal requirements. After this time, your data will be anonymised.

We will keep the anonymised data indefinitely to help us understand our business.

Your rights

You have the right to see a copy of all the data we hold about you.

You have the right to ask us to delete what we have or stop processing it. However, we may not be able to do so immediately, if we are legally required to keep it; or if we believe we need to keep it for contractual or insurance purposes. We will always tell you what we are doing and why.

You have the right to ask us to correct your data – and if what we hold about you is wrong, we’d really appreciate it if you told us – but we will in some circumstances need to check that what you’re telling us is accurate, and may require proof, in order to protect you – and us – from fraud.

To exercise any of these rights, please contact us using the details at the top of this policy.

You also have the right to complain to the Information Commissioner’s Office – the government agency that handles data protection in the UK. You can reach them at their website: https://ico.org.uk/global/contact-us/

Policy information

This policy was last updated on the 25thof May 2018. We may update it at any time in order to improve our customer experience or to comply with changes in the law.

This policy is ©2018 The Tabor Group Ltd