Skip to content

Privacy Notice

  1. Information We Collect
    1.1 Types of Personal Data
    We may collect various types of personal data about you including:
    – Identity & Contact Details: Name, date of birth, gender, postal/email addresses, phone numbers, profile picture
    – Demographic Information: Age, nationality, language preferences
    – Interaction Data: Records of communications and interactions we have with you including by email, telephone, in person or otherwise.
    – Transaction Information: Details about payments or reservations made for events/services.
    – Technical Information: Internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices used to access our website or services.
    – Profile & Usage Data: Purchases made, events attended, interests/preferences, survey responses, website usage data through cookies, unique identifiers for your account or devices
    – Special Category Data: Disability status, dietary preferences or restrictions and other information relevant to accommodation requests and event requirements
    – Visual Information: CCTV images captured on our premises

    1.2 Sources of Personal Data
    We may collect personal data from:Direct Interactions: You may share personal data when making a reservation, purchase, using website forms/features, corresponding with us by phone/email/in person or otherwise.Automated Technologies: As you interact with our website, we may automatically collect technical data about equipment/browsing actions. We collect this via cookies, server logs and similar technologies.

    Third Parties: We may receive personal data about you from third party sources such as event partners, reservation agencies, marketing partners, analytics providers, search engines and public register.

  2. Usage of Personal Data
    2.1 Purposes for Usage
    We collect and process personal data about you for specified, explicit and legitimate reasons including:
    – Providing requested products and services to you
    – Sending service communications via email, text or in-app notifications
    – Improving how we market and advertise to existing/potential customers
    – Understanding our users, their interests and preferences
    – Processing reservations, event registrations and accepting payments
    – Building marketing lists and data models for better advertising
    – Providing customized services and user experiences2.2 Legal Bases for Processing
    We only process personal data where permitted by law including when:
    Consent – You have given clear consent for us to process your personal data for a specific purpose.
    Legal Obligation – Processing of personal data is necessary for compliance with an EEA legal obligation.
    Legitimate Interests – Processing data serves a legitimate interest and the fundamental rights and freedoms of individuals do not override those interests.
    Contract – Processing personal data is necessary to deliver the services per a contract with an individualWhere permitted by law, sensitive special category data may be processed without explicit consent, including where necessary to protect the vital interests of a data subject or another party where physically or legally incapable of giving consent
  3. Retention of Personal Data
    We retain personal data as long as necessary to serve the purposes outlined, unless a longer retention period is mandated or permitted by law.  Typical retention periods for categories of personal data are:
    – Event attendees: 5 years post event
    – Customers: 5 years post last purchase/transaction
    – Users subscribed to email lists/alerts: 3 years post last interaction
    – Website visitor cookies: 2 yearsAfter retention there are further periods before deletion/destruction to allow for data to be reviewed or accessed to comply with legal obligations.  We may need to retain records until the statute of limitations has expired for legal claims or if mandated by law.
  4. Transfer & Disclosures of Personal Data
    4.1 Third Party Disclosures
    We may disclose personal data to certain recipients third parties including:
    IT Service Providers – For website development, hosting, maintenance, security or support services. They may access data according to their tasks but not for other purposes.
    Marketing & Advertising Partners – So they can analyse data, show relevant website/ads to customers, develop new products/features and operate promotions.
    Professional Advisors – External advisors such as recruitment firms, insurers and lawyers may require access to personal data to provide consultancy services.  Strict confidentiality agreements prohibit any use for other reasons.
    Authorities & Public Bodies – Disclosure to courts, law enforcement agencies or regulators may be necessary to establish or exercise our legal rights, assist fraud investigations or comply with mandates from law enforcement or other valid legal processes.

    4.2 International Transfers
    Many third party services operate outside the EEA and may access personal data we share with them.  We utilize appropriate safeguards approved by European regulators to allow personal data to be transferred internationally including:
    – Standard Contractual Clauses – Contracts between us and recipients giving personal data the same protection it has within the EEA.
    – Privacy Shield – Ensures personal data receives an adequate level of protection required under GDPR when transferred to certified US-based organizations.

  5. Your Privacy Rights & Choices
    You have certain rights regarding personal data we process:
    – Access & Portability – Request access to copies of personal data we hold about you including receiving copies in a portable format.
    – Correction & Updates  – Have any incomplete or inaccurate personal data corrected and updated.
    – Deletion – Request we delete personal data if certain grounds laid out in law apply, such as when no longer necessary for purposes collected for (right to erasure).
    – Restrict Processing – Pause processing of personal data about you, such us if you contest accuracy and verification is being performed.
    – Object to Processing – Direct us to stop processing your personal data, such as for marketing purposes.
    – No Automated Decisions – Request automated decision making does not apply to you if such techniques are used.
    – File a Complaint – Lodge complaints pertaining to our collection or use of personal data to the applicable supervisory authority in your country of residence in the EEA.You can exercise these rights using the contact points in Section 6.
  6. Personal Data Controls & Contact Details
    You have ability control and access personal data we have about you:
    – Marketing Emails – Follow opt-out links on any marketing messages sent to you stop receiving further communications. This controls messages from us only.
    – Website Cookies – Blocking cookies on your internet web browser prevents us from tracking website usage behaviour.If you have questions about this privacy policy or want to exercise data rights, get in touch with our Data Protection Officer via:Email:   marketing@eastangliapubs.comPhone: 01702 475666

    Post:
    Attn: Data Protection Officer
    East Anglia Pub Company Ltd
    27 High Street
    Leigh-On-Sea
    Essex SS9 2EN

    If you are not satisfied or think we are not complying with data protection laws, you can make a contact the UK data protection regulator who can be contacted as set out below:

    Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

    Phone number: 0303 123 1113

    Website: https://ico.org.uk/make-a-complaint/

  7. Changes to this Privacy Policy
    We may change this privacy policy to remain compliant with applicable regulations and evolving business practices. When changes are made, we will revise the “Last Updated” date at the top of this privacy policy. Where changes to the policy or personal data practices are significant, a notice will be posted prominently on our website along with the updated privacy policy prior to changes taking effect.

Privacy Policy last updated 20 January 2023.