We’re committed to protecting your personal data and handling it responsibly. Our data practices follow the UK GDPR, the Data Protection Act 2018, and any other relevant UK data protection legislation.

---

1. Who We Are
In this document, ‘we’, ‘our’, and ‘us’ refers to Carson’s Castles, trading as Carson’s Events Ltd. ‘You’ refers to our customers, website visitors, and anyone who contacts us.

2. Who is responsible for your data?
The Data Protection Officer (DPO) and company owner is Dayle Lapthorne. He is responsible for ensuring your data is stored and processed securely and lawfully.

You can contact him at:
📧 info@carsonscastles.co.uk
📞 07700 181976
📍 Birmingham, England

---

3. What Data We Collect
We collect and store only the data necessary to run our business and provide our services. This may include:

• Your name

• Contact details (phone number, email address, address)

• Booking details

• IP address and website usage (for analytics and performance monitoring)

• Payment information (processed securely through third-party providers)

---

4. Why We Collect Your Data
We collect your data to:

• Process your booking or enquiry

• Communicate with you about your order

• Provide a safe and efficient hire experience

• Comply with legal, tax, and insurance obligations

• Improve our services (e.g. via website analytics)

We do not collect more data than we need and we do not sell or share your data with third-party marketers.

---

5. How Long We Keep Your Data
We retain your data for up to 7 years after your last booking, as required for legal, tax, and insurance purposes. After this time, your personal information will be securely deleted or anonymised unless you have opted in to receive further marketing.

---

6. Who Has Access to Your Data
Access to your data is strictly limited to:

• The DPO and authorised members of staff

• Third-party service providers necessary for running our business (e.g., Booking Online Ltd, email providers, payment processors)

Any third party we use is also required to keep your data secure and confidential.

---

7. Sharing Your Data with Others
We may share your information with third parties only when legally required, such as:

• Insurance providers (for claims)

• HMRC or accountants (for tax purposes)

• Law enforcement or fraud prevention agencies

---

8. Your Rights
You have rights over your personal data, including:

• Access: You can request a copy of the data we hold about you

• Correction: You can ask us to correct inaccurate or outdated data

• Deletion: You can ask us to delete your data, where legally permitted

• Objection: You can object to how your data is processed in some situations

• Withdrawal of consent: If you opted into marketing, you can withdraw at any time

To make a request, contact us using the details above.

---

9. Marketing Preferences
If you’ve opted in, we may contact you with updates or special offers. You can unsubscribe at any time via:

• The unsubscribe link in our emails

• Contacting us directly at info@carsonscastles.co.uk

---

10. Cookies & Website Tracking
Our website uses cookies to:

• Enable you to make a booking

• Track usage for performance insights via Google Analytics

These cookies are not used to identify you personally. You can manage cookie settings in your browser.

---

11. Complaints
If you are unhappy with how we’ve handled your data, please contact us first so we can try to resolve the issue. If you're still not satisfied, you can contact the UK’s data protection authority:

Information Commissioner's Office (ICO)
📞 0303 123 1113
🌐 www.ico.org.uk