We supply community Venues across the country with their booking and reservation systems, and are a 3rd party acting on behalf of the Venue to process a Hirer's booking application.
We use a few standard terms below:
We act as both a data processor and a data controller under the GDPR changes.
VillageVenue as a data processor: When a Hirer uses the VillageVenue application to submit a booking request to a Venue, we process the personal data associated with that request to provide it to the Venue for their ongoing use - we act as a data processor.
VillageVenue as a data controller: The data submitted by a Hirer regarding a booking is stored in the VillageVenue application, and this stored data can be administered by both the Hirer and the Venue using our application - we act as a data controller.
Data submitted by a Hirer is then provided to the Venue for their use - they require this to process the booking request, and meet their insurance requirements*.
* Please check the Venue's policies for any information regarding what they require & do with personal data.
We collect & process required personal information on behalf of the Venue, and that exact requirement may vary from Venue to Venue - but in the main it includes: Hirer's name, address, phone number, email address, insurance details and 3rd-party contact details.
Additionally, we also collect personal information from a Venue, allowing them to access the VillageVenue application - but this only amounts to name & email address.
Furthermore, we also collect some anonymous cookie data (some using Google Analytics) that is required for the functionality of the application to operate.
All data provided to Our application is collected over an encrypted connection between the Hirer/Venue and Our servers - this is done using a security certificate (which can be witnessed in any web browser, around the address bar - look for a green padlock icon).
The securely submitted data is then stored on Our servers in a password protected database - with some sensitive data (eg: passwords) given extra encryption before storage*.
At no time do We ever use personal data for anything other than the functional operation of Our application.
* If any personal data is stolen from Our secure systems, We promise to contact & advise all affected persons as soon as We are made aware.
The only mechanism for both Venues and Hirers to view booking data, is using Our application. Details for relevant booking are provided to Venues, to allow them to process their bookings - the Venue is not able to edit any Hirer data, and likewise the Hirer cannot view or edit any Venue data not relevant to their specific booking.
Hirers are able to view all the data stored in the application, by 'logging in' to the account (Your VillageVenue) - access is authenticated by the username & password you choose. Personal data is spread over the various sections, with the primary data stored on the 'Account Details' section.
Within the 'Account Details' section, there are controls to both delete* your data, and request all the data we store.
Additonally, within the 'Account Details' section, Hirers can control which types of email communications We send regarding bookings, and ongoing use of Our application. These preferences can be amended at any time, and adjustments are immediate.
* Some booking information may be required by the Venue, for their record keeping. Therefore, any delete request may mean that rather than deletion, all identifiable personal data will instead be anonymised rather than deleted. This action will depend on the status of the Hirer/Venue account.
Data policies © VillageVenue (org) Ltd, registered in England under company number 08194690