Privacy and GDPR Compliance Policy

Privacy Policy and GDPR Compliance Policy

Effective Date: 25 February 2025

Last Updated: 25 February 2025

1. Introduction

4 Queens ("we," "our," or "us") is committed to protecting the privacy and security of personal data. This Privacy Policy outlines how we collect, use, store, and protect personal information in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, you agree to the practices described in this policy.

---

2. Information We Collect

We collect personal information from stall owners, decorators, food vendors, and other event participants, including but not limited to:

Personal Identification Data: Name, email address, phone number, and business address.

Business Information: Company name, registration details, VAT number (if applicable).

Financial Information: Payment details for invoicing and transactions.

Event-Related Data: Stall locations, services provided, and event participation details.

---

3. How We Use Your Information

We process personal data for the following purposes:

Event Management & Coordination: To facilitate event organization, assign stall locations, and communicate with vendors.

Payment Processing: To manage invoices and transactions for participation in events.

Legal & Compliance: To fulfill our legal obligations, including tax and accounting requirements.

Marketing & Promotions: To inform you about upcoming events, offers, or updates (only with your consent).

Security & Fraud Prevention: To protect our business and participants from fraudulent activities.

---

4. Legal Basis for Processing

We process personal data under the following legal bases:

Contractual Necessity: When processing is required to fulfill contractual obligations.

Legal Obligation: To comply with legal and regulatory requirements.

Legitimate Interests: To improve our services, prevent fraud, and manage business operations.

Consent: For marketing communications (you can withdraw consent at any time).

---

5. Data Sharing & Third-Party Disclosure

We do not sell personal data. However, we may share information with:

Service Providers: Payment processors, IT support, and logistics partners who assist in event execution.

Regulatory Authorities: When required by law, such as HMRC, law enforcement, or court orders.

Event Sponsors & Partners: Only with explicit consent for promotional purposes.

All third-party partners are required to comply with UK GDPR standards.

---

6. Data Storage & Security

We implement strong security measures to protect your data, including:

Encryption & Secure Servers: Data is stored securely in the UK or EEA.

Access Control: Limited access to authorized personnel only.

Data Minimization: Retaining only necessary information for as long as required.

---

7. Data Retention Policy

We retain personal data for as long as necessary to fulfill our obligations:

Event Records: Up to 3 years after event completion.

Financial Transactions: Up to 6 years for accounting and tax compliance.

Marketing Data: Until consent is withdrawn or after 2 years of inactivity.

After these periods, data is securely deleted or anonymized.

---

8. Your Rights Under UK GDPR

Under the UK GDPR, you have the right to:

Access: Request a copy of your personal data.

Rectification: Correct any inaccurate or incomplete data.

Erasure ("Right to be Forgotten"): Request deletion of your data.

Restriction: Limit how we process your data.

Data Portability: Receive your data in a structured format.

Objection: Opt-out of marketing communications.

Automated Decision-Making: Request human intervention in automated processes.

To exercise your rights, email us at contact@4queens.uk. We will respond within one month.

---

9. Cookies & Tracking Technologies

Our website may use cookies to enhance user experience. You can manage cookie settings through your browser. 

---

10. International Data Transfers

If we transfer data outside the UK or EEA, we ensure compliance with UK GDPR standards through:

UK International Data Transfer Agreements

Standard Contractual Clauses (SCCs)

Other legally approved safeguards

---

11. Updates to This Policy

We may update this policy from time to time. Any changes will be posted on our website, and significant updates will be communicated via email.

---

12. Contact Us

For any privacy-related inquiries, please contact:

4 Queens

Email: contact@4queens.uk

Phone: 07405095227 / 07448753015 / 07767198965 / 07411342409

If you are dissatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) (www.ico.org.uk).