Privacy and Cookies Policy

1. PRIVACY AND COOKIES POLICY
2. CONTACT DETAILS
3. WHAT DATA DO WE COLLECT AND FOR WHAT PURPOSE
4. PROVIDING YOUR PERSONAL DATA TO OTHERS
5. INTERNATIONAL TRANSFER OF YOUR PERSONAL DATA
6. RETAINING AND DELETING PERSONAL DATA
7. DATA SECURITY
8. YOUR LEGAL RIGHTS
9. WEB BROWSER COOKIES
10. AMENDMENTS
11. COMPLAINTS

1. PRIVACY AND COOKIES POLICY

This privacy notice provides you with details of how we collect and process your personal data through your use of our site https://www.aiescape.com. We have provided this policy to ensure that you understand what personal data we may collect and hold about you, what we may use it for and how we keep it safe. You have legal rights to access the personal data that we hold about you and to control how we use it which are also explained within this policy.

By providing us with your data and/or consent, you warrant to us that you are over 13 years of age.

2. CONTACT DETAILS

Our details are:
Archimedes Inspiration
Unit K002, Tower Bridge Business Complex
100 Drummond Rd, SE16 4DG London

Email address: [email protected]

3. WHAT DATA DO WE COLLECT AND FOR WHAT PURPOSE

In this section we set out the general categories of personal data that we may process, the purposes for which we may process personal data and the legal basis of the processing.

3.1 Correspondence Data includes any communication that you send to us whether via the contact form on our website, email, social media, texting or any other form of communication that you may use to contact us. We may process correspondence data for the purposes of communicating with you and record keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and to provide you with the information, products and services that you request from us.

3.2 Customer Data may include your name, email address and contact number. Customer data may be processed for the purposes of sending you service emails related to your booking(s) for example but not exclusively a confirmation email of your booking, a reminder email with useful information about your visit, a thank you for your visit and any necessary amendments/updates made to your booking (when applicable). The legal basis for this processing is our legitimate interests in properly administering your ability to use our services and consent (in case of marketing material).

3.3 Service Data refers to personal data that you provide for the use of our services. This may include information provided to us from you before visiting an Archimedes Inspiration location, such as purchase details and personal information (email address, contact number and full name). The service data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is consent (in the case of marketing material) and/or our legitimate interests in properly administering your ability to use our services (e.g. making any necessary amendments/updates made to your booking).

3.4 Transaction Data relates to information you provide when you make a transaction with us, including purchase of goods and services through our website. Transaction data may include your contact information, your card information and transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services, the proper record of those transactions, managing your bookings, processing your payments, refunding such payments and dealing with queries and complaints relating to such payments and refunds. The legal basis for this processing is the performance of a contract between you and us and/or, at your request, to enter into such contract as well as our legitimate interests in the proper administration of our website and business.

3.5 User Data refers to data about your use of our website and services. This may include your IP address, geographical location, details about your browser, length of your visit to our website pages, page views, navigation paths, operating system, referral source, time zone , frequency and pattern of your service use. The source of this data is from our analytics tracking system. User data may be processed for the purposes of analyzing the use of the website and services. The legal basis for this processing are our legitimate interests, which in this case are operating and securing our website; monitoring, administering and improving our website and services, grow our business and to decide our marketing strategy.

3.6 Notification Data corresponds to information provided to us for the purpose of subscribing to our email notifications and/or newsletters and may include emails and names. The purpose of processing notification data is to send relevant notifications and/or updates via newsletters. The legal basis for this processing is consent.

3.7 Marketing Data includes information about your communication and marketing preferences from us and our third parties. We process this data to enable you to participate in promotions such as prize draws and competitions, to deliver relevant website and advertising content to you, and to measure or understand the effectiveness of these advertisements. The legal basis for this processing is our legitimate interests to understand how customers use our products and services, to develop them, grow our business and to decide our marketing strategy.

3.8 CCTV images. We use CCTV in our venues for security and safety purposes as well as in the game rooms, to enable our Games Masters to assist players during the experience. Images captured through CCTV will not be made public such as on social media and will be used for the purpose of providing you with the service and for security reasons. Notices are clearly displayed in our venues. The legal basis for this processing is our legitimate interests of operating and securing our business and venues as well as providing and enhancing your experience with us.

3.9 We may use Customer Data, User Data, Service Data and Marketing Data to deliver relevant website and advertisements content to you (including Facebook or other display advertisements) and to measure or understand the effectiveness of the advertising we serve you. The legal basis for this processing is our legitimate interests to grow our business and consent.

3.10 We may process any of your personal data identified in the other provisions of this policy where necessary for the establishment, pursuance or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

3.11 In addition to the specific purposes for which we may process your personal data set out in this Section 3, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

3.12 You are under no legal obligation to provide us with any of your personal data but please note that if you elect not to provide us with your personal data we may be unable to provide you with our goods or services.

4. PROVIDING YOUR PERSONAL DATA TO OTHERS

4.1 We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.

4.2 We may disclose Customer Data, User Data, Correspondence Data, Notification Data and Transaction Data to our suppliers or subcontractors so far as reasonably necessary for the purpose of our legitimate interests, namely the proper administration of our website and business, marketing and communications with the user. These suppliers include Stripe, Resova, MailChimp, TripAdvisor, Google and Facebook.

4.3 Transaction data relating to our services and websites are handled by our bookings and payment service providers Resova Limited and Stripe. We share transaction data with our booking and payment services providers to the extent necessary for the purposes of managing your bookings, processing your payments, refunding such payments and dealing with queries and complaints relating to such payments and refunds. You may review our booking and payment services providers’ privacy policies and practices at https://resova.com/privacy and https://stripe.com/privacy.

4.4 In addition to the specific disclosures of personal data set out in this Section 4, we may also disclose your personal data where such disclosure is necessary for compliance with a a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

5. INTERNATIONAL TRANSFER OF YOUR PERSONAL DATA

5.1 Your personal data may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) by us or by our sub-contractors. Where we, or our sub-contractors, use IT systems or software that is provided by non-UK companies, your personal data may be stored on the servers of these non-UK companies outside the EEA. Whenever we transfer your personal data out of the EEA, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy by ensuring at least one of the following safeguards:

a) Your personal data will only be transferred to countries that the European Commission have approved as providing an adequate level of protection for personal data; or

b) Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or

c) If we use US-based providers we may transfer data to them only if they are part of EU-US Privacy Shield, as they have equivalent safeguards in place.

5.2 The hosting provider for aiescape.com is located in the UK, however, traffic is routed through Cloudflare, Inc., which based in the USA. All data passed to or from this website pass through the worldwide network of CloudFlare, Inc. The data is buffered and accesses are logged. Hereby, the nearest data center is regularly used. CloudFlare also operates data centers outside the European Union. According to CloudFlare, cached data are deleted within 4 hours, but at the latest after three days. For more information, see CloudFlare’s Privacy Statement (https://www.cloudflare.com/security-policy) and /or Cloudflare’s EU-U.S. Privacy Shield Framework Statement (https://www.cloudflare.com/privacyshield/)

5.3 We use MailChimp as our Newsletter Email Service Provider who are certified with the EU-U.S. Privacy Shield Framework. Details about Mailchimp’s privacy policy and EU-U.S. Privacy Shield Framework can be found at https://mailchimp.com/legal/privacy/ and https://kb.mailchimp.com/accounts/management/about-mailchimp-the-eu-swiss-privacy-shield-and-the-gdpr

5.4 We use Stripe and Resova to process payments. You may find their privacy policies and practices at https://stripe.com/privacy and https://resova.com/privacy

5.5 You acknowledge that the personal data you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

6. RETAINING AND DELETING PERSONAL DATA

6.1 We will retain your personal data for no longer than is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, reporting or booking requirements. When deciding what the appropriate time to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, processing purposes, if these can be achieved by other means and legal requirements.

6.2 For tax purposes such as VAT record keeping, the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.

6.3 In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

7. DATA SECURITY

7.1 We take every care to ensure that your personal data is kept secure and adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information and data stored on our site.

7.2 Sensitive and private data exchange, such as credit card information, between the website and its users happens over a secure socket layer technology (SSL) communication channel and is encrypted and protected with digital signatures. However, unfortunately, sending information via the internet is not always completely secure. While we will do our best to protect your personal data, we cannot guarantee the security of personal data sent to our website; you send us personal data at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.

8. YOUR LEGAL RIGHTS

8.1 Under data protection laws you have the following principal rights in relation to your personal data:

  • The right to access a copy of any personal data you have given us
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to be informed
  • The right to data portability
  • The right to withdraw consent when the legal basis of processing is consent (the withdrawal will not affect the lawfulness of processing before the withdrawal)
  • The right to object
  • Rights in relation to automated decision making and profiling

You can find out more about these rights at:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

If you wish to exercise any of the rights set out above, please email us at [email protected]

8.2 We do not make use of automated decision making.

8.3 You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, if your request is clearly unfounded, repetitive or excessive we we may charge a reasonable fee.

8.4 We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

8.5 We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.

8.6 In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.

8.7 You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose. To exercise this right you must email us at [email protected]

9. WEB BROWSER COOKIES

The Site may use “cookies” to enhance User’s experience. Cookies are small text files that are stored on your device’s web browser to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. Please note that some parts of the Site may not function properly when cookies are disabled.

10. AMENDMENTS

10.1 We may update this policy from time to time by publishing a new version on our website

10.2 You should check this page occasionally to ensure you are happy with any changes to this policy

10.3 We may notify you of changes to this policy by email

11. COMPLAINTS

If you are unhappy with the way we have used your personal data, please contact us to discuss this using the contact details set out in the section above.

You are also entitled to make a complaint to the Information Commissioner’s Office, the UK supervisory authority for data protection issues (www.ico.org.uk). Whilst you are not required to do so, we would be grateful if you would contact us directly to [email protected] first to discuss any concerns that you may have and to allow us an opportunity to address these before you contact the Information Commissioner’s Office.

Menu