Instagram Facebook

Privacy Policy

Last updated: 26 August 2025

This privacy policy explains how we collect, use, disclose and protect your personal data when you use our websites and online services. It also covers how we process any data you supply to us through features such as enquiry/booking forms, quote requests, downloads, newsletters and account areas.

 

Who we are (Data Controller)

Unity Hall & Business Space
Westgate, Wakefield, WF1 1EP, United Kingdom
(“Unity Hall”, “we”, “us”, “our”)

For the purposes of the UK GDPR and the Data Protection Act 2018, Unity Hall is the Data Controller of personal data you supply to us in connection with our services. As our client, visitor or enquirer, you are the data subject.

If you have questions about this policy or how we handle your data, please contact us in writing at the postal address above or via our website contact page.

 

What personal data we collect

The personal data we collect depends on how you use our website(s) and services:

  • Browsing data & analytics: IP address, device and browser information, pages viewed, referral sources, and time spent. We use this in aggregate/anonymous form where possible to understand site performance and improve user experience.
  • Enquiries & bookings: Name, email, phone number, organisation, event details (e.g., date, capacity, requirements), messages and attachments.
  • Quotes & service requests: Contact details, service preferences, budget, project details.
  • Ticketing & events (where applicable): Name, contact details, ticket purchase details, seating preferences, accessibility requirements, and attendance data (often via our trusted ticketing partners).
  • Marketing subscriptions: Name, email address, communication preferences.
  • Downloads & gated content: Contact details and your stated interests.
  • Account/tenant/partner interactions: Name, role, company, business contact details, correspondence history.
  • Recruitment: CVs, cover letters and application data if you apply for employment or freelance roles.

We may also collect information from:

  • You directly (forms, emails, calls, meetings),
  • Your organisation (if you act on its behalf), and
  • Third parties (e.g., ticketing partners, event platforms, payment providers) where lawful.

 

Why we use your personal data (purposes & legal bases)

We process personal data only where we have a lawful basis. Typical examples include:

Purpose Examples of Data Legal Basis
Responding to enquiries, providing quotes & bookings Contact details, event specifics Contract or steps prior to entering a contract; Legitimate interests (to operate our business)
Delivering events, venue hire & services Contact, booking and payment details; preferences Contract; Legal obligation (e.g., finance, safety)
Ticketing & admissions (with partners) Identity, contact, ticket info Contract; Legitimate interests
Marketing communications (email/newsletters) Name, email, preferences Consent (you can withdraw anytime) or Legitimate interests (B2B relevant updates)
Site operations, security & analytics IP, device data, usage stats Legitimate interests (secure, efficient site); Consent for non-essential cookies
Legal, compliance & record-keeping Transaction records, invoices Legal obligation; Legitimate interests
Recruitment Application details, CV Consent; Legitimate interests; Contract where applicable

Where we rely on consent, you can withdraw it at any time (e.g., unsubscribe links in emails).

 

Cookies and similar technologies

We use cookies and similar tools to operate the site, remember your preferences, and measure performance. Non-essential cookies (e.g., marketing/analytics beyond necessary) are used only with your consent.
Please see our Cookie Policy for details on cookie categories, retention, and how to manage your choices.

 

Who we share data with

We may share personal data, where necessary and proportionate, with:

  • Service providers acting on our instructions (e.g., website host, IT support, analytics, email platforms).
  • Ticketing/event partners and payment processors (e.g., [insert partners]) to process bookings and admissions.
  • Professional advisers (legal, accounting, insurance) for legitimate business needs.
  • Authorities or regulators where required by law or to protect our rights or visitors’ safety.

All such parties are bound by contracts and/or legal duties to protect your data and use it only for specified purposes.

 

International transfers

If any processing requires transferring data outside the UK/EEA, we ensure appropriate safeguards (e.g., UK IDTA or EU Standard Contractual Clauses, where applicable) are in place, along with risk assessments.

 

How long we keep your personal data

We retain personal data in line with our Data Retention Policy. In general, we keep most records for 7 years, which covers the 6-year statutory period plus the current year.


Some categories (e.g., financial or health/accessibility data) may have different retention periods where law or risk requires. Data that is no longer necessary is securely deleted or anonymised. A copy of our retention policy can be made available upon request.

 

How we protect your data

We use administrative, technical and organisational measures to help protect personal data against unauthorised access, alteration, disclosure or destruction. These include access controls, encryption in transit where appropriate, secure hosting, staff training, and data minimisation.

 

Your rights (UK GDPR)

You have the following rights, subject to conditions and exemptions:

  • Access – request a copy of the personal data we hold about you.
  • Rectification – have inaccurate or incomplete data corrected.
  • Erasure – request deletion of your data where there is no lawful reason for us to continue processing.
  • Restriction – ask us to limit how we use your data in certain circumstances.
  • Data portability – receive data you provided in a structured, commonly used, machine-readable format and/or request we transmit it to another controller where technically feasible.
  • Object – object to processing based on our legitimate interests, and to direct marketing at any time.
  • Automated decisions – we do not make decisions based solely on automated processing that have legal or similarly significant effects.

To exercise any of these rights, please contact us in writing at the address above or via our website contact page. We may need to verify your identity.

 

Marketing preferences

You can change your preferences or unsubscribe from marketing at any time by using the links in our emails or contacting us. We will continue to send essential service messages where required (e.g., booking confirmations, safety notices).

 

Third-party links

Our website may link to third-party sites (e.g., ticketing platforms). Those sites have their own privacy policies, and we are not responsible for their content or practices.

 

Children

Our website is not intended for children under 13. Where events involve minors (e.g., family shows), any related data is handled in line with this policy and applicable law.

 

Complaints

If you have concerns about our use of your personal data, please contact us first so we can try to resolve the issue. You also have the right to complain to the Information Commissioner’s Office (ICO)ico.org.uk | 0303 123 1113 | Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

 

Changes to this policy

We may update this policy from time to time. Changes will be posted on this page with an updated “Last updated” date. We encourage you to review it periodically.