Privacy Notice: Clients

Please read the following information carefully. This Privacy Notice (“the Notice”) contains information about what data we collect, process and store and the reasons for obtaining and processing the data and is to be read in conjunction with our Terms of Business.

The Notice also sets out who we share information with, the steps we take to ensure information is kept secure, the rights of data subjects in respect of personal data and how to contact us in the event of a complaint.

About us

Gala Management Services T/A Gala Events, (“Gala”) sells hospitality packages (“Hospitality Services”) in accordance with requests received from you (“the Client”) as per our Terms of Business.

Through the provision of Hospitality Services by Gala and its employees, it acts as a data processor and data controller for the purpose of the General Data Protection Regulations (“GDPR”).

If you have any questions about this Notice or about personal data you can contact the Directors or Gala’s Compliance Officer via email at alan@galahospitality.co.uk or write to us at:

Compliance Officer
Farrier House
19 Pensham Croft
Solihull
West Midlands
B90 4XT

What Personal Information do we collect?

In order to allow us to provide Hospitality Services we may collect the following information from the Client that relates to the package that we are instructed on:

Name of Client
Client’s Organisation or Business Name
Contact information for Client (e.g. address, email address, telephone number)
Fee and/or billing details;
Bank details/Card details

The Client will usually be the source of any personal information that we hold, unless such information is provided to us by any third party.

How do we use the Personal Information?

All personal information that we collect in relation to the provision of Hospitality Services will be recorded, used and protected by Gala in accordance with applicable data protection legislation and this Notice.

We will process and store the personal data and sensitive personal data provided by the Client to us in order to provide and improve the Hospitality Services.

In the case of personal data, the legal bases that we rely upon are that:

The processing is necessary for the performance of the contract to provide the Hospitality Services to the Client;

The processing is necessary in order to comply with legal obligations to which Gala is subject; and/or

The processing is necessary for the purposes of legitimate interests pursued by Gala, such as for use in the defence of potential complaints, legal proceedings or fee disputes or fee recovery, for keeping anti-money laundering records, for training staff or for otherwise complying with our professional obligations.

In the case of sensitive personal data, the legal bases that we rely upon are:

In some cases, the personal data may have been manifestly made public by the Client;

The processing is necessary for the establishment, exercise or defence of legal claims. Where litigation is contemplated by the Client, these claims may be the claims that we are asked to pursue or defend on your behalf. Alternatively, the personal data may be retained for the defence of potential complaints and legal proceedings against ourselves; and/or

The processing is necessary for reasons of substantial public interest.

Information collected from other sources

In the provision of the Hospitality Services it is likely that information will be provided solely by you the Client; however from time to time and depending on the nature of the request, information may be collected via another party. Such information will only be processed in order to provide the Hospitality Services.

Personal data provided to third parties

We will not use personal data for purposes that are not clear at the time they were provided and personal data will not be disclosed outside of Gala except where necessary for the provision of the Hospitality Services or with the Client’s consent.

Personal data may be shared with the following:

Third Parties in accordance with our instructions (such as the Hospitality provider, venue, caterers);

Ombudsmen and other regulatory authorities;

the Client; and

Staff in confidence.

We may share some personal data with third parties in limited circumstances, which may include (a) if we are under a legal or regulatory duty to do so; (b) if it is necessary to do so to enforce our contractual rights; (c) to lawfully assist the police or security services with the prevention and detection of crime or terrorist activity; (d) where such disclosure is necessary to protect the safety or security of any persons and/or (e) otherwise as permitted under applicable law.

Personal information will not be used for any other purpose than has been set out in this Notice.

Transfer of data outside the EEA

Please note that the Gala does not transfer data outside of the EEA in general. There may however be a requirement from time to time to transfer some or all of your personal data outside of the EEA if so required in order to provide the Hospitality Services. Where this happens, all necessary steps will be taken to ensure that data transferred outside of the EEA is afforded the same or similar safeguards and processes that we undertake within the EEA.

Marketing

Gala may carry out marketing activities which include events and communications via email, social media and other digital platforms. In the provision of marketing activities we may collect your name, address, email address, name of your organisation (if applicable), telephone number and details of your enquiry. Any personal data that you provide to use will only be used to administer and provide products and services you request or have expressed an interest in and to tailor marketing communications from us. We will not use your data for purposes that are not clear when you provide your details and will not disclose them outside of Gala except in limited circumstances.

Further information and a full copy of our Marketing Privacy Notice can be found on our website www.galahospitality.co.uk

Data Retention

Gala will retain personal information for no longer than is reasonably necessary for the provision of Hospitality Services and personal information will not be retained indefinitely or for reasons incompatible with the relevant data protection legislation, including the GDPR and the requirements of other regulatory bodies.

Our standard data retention period for personal information provided to us for the purpose of providing Hospitality Services is as set out in our Retention Policy.

Hard copy files will either be archived securely off site with a third party for the period as set out in our Retention Policy after which the data will be securely destroyed. Any data held electronically shall be held on our server or via an external drive for the period as set in our Retention Policy.

Data Security

We take the security of personal information seriously and Gala has appropriate measures, safeguards and protocols in place to ensure that data is kept secure, is only accessed by those individuals authorised to do so and where there is a legitimate need to access the data. Appropriate and reasonable steps are in place to reduce the risk of unauthorised access to personal data held by Gala (either through accidental disclosure or deliberate act) and in line with Gala’s obligations under applicable data protection legislation, including the GDPR.

Rights

Under the GDPR, data subjects have a number of important rights regarding their personal information. In summary these rights are as follows and include the right to:

Request access to personal information;

Request that inaccurate information is corrected;

Request that processing of personal information is restricted;

Request that personal information that we hold is erased in certain circumstances;

Request a copy of the personal information that has been provided to us;

Object to the processing of personal information or the continued processing of personal information;

Request not to be subject to automated decision making which produces legal effects that concern or affect data subjects in a significantly similar way.

Further information regarding rights under the GDPR can be found by visiting www.ico.org.uk. These rights are subject to the conditions and restrictions set out in the General Data Protection Regulation and the Data Protection Act 2018.

Should you wish to make a request to exercise any of the above rights you should contact us via email at via email at alan@galahospitality.co.uk or write to us at:

Compliance Officer

Farrier House
19 Pensham Croft
Solihull
West Midlands
B90 4XT

When contacting us please ensure that you provide relevant information to allow us to identify you (this can include confirmation of any of the unique or personal identifiers we hold about you such as proof of identity or address) and state the right or rights that you wish to exercise. We may need to contact you to request further information to verify your identity.

We will respond to you within one month from when we receive a valid request.

Lead Forensics

Contained within our website is a tracking code provided by Lead Forensics. This code enables Lead Forensics to track activity on the website and provide us with information on the IP address of the requesting computer, the date and duration of the user’s visit, and the web pages which the user visits.

The Lead Forensics tool uses IP tracking for identifying businesses and is not the same as cookies. The Lead Forensics tracking code only provides information that is readily available in the public domain. It does not, and cannot, provide individual, personal or sensitive data regarding who has visited our website. It provides information on what companies have visited our website by identifying them from their IP address. This data may be used by us to contact the business about their experience or for marketing purposes. We will not pass this data to third parties for any reason. More information can be found at www.leadforensics.com.

Where to make a complaint

We hope that you are happy with our service and that we can resolve any issues or complaints that may arise. If you have a complaint regarding any aspect of your personal data or this Notice please write to us at alan@galahospitality.co.uk

In the event you are not satisfied with the outcome of your complaint, you may write to the Information Commissioner’s Office via:

Information Commissioner’s Office

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

You can also contact the Information Commissioner’s Office using their online form by visiting www.ico.org.uk

Changes to this Privacy Notice

We aim to meet high standards and so our policies and procedures are subject to regular review. From time to time we may change this Notice and will inform you, usually via writing or by publishing updated content to our website, as appropriate.

Cookie	Duration	Description
__stripe_mid	1 year	Stripe sets this cookie cookie to process payments.
__stripe_sid	30 minutes	Stripe sets this cookie cookie to process payments.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
aka_debug	session	Vimeo sets this cookie which is essential for the website to play video functionality.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_FYTW7B7K7B	2 years	This cookie is installed by Google Analytics.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Cookie	Duration	Description
layout-list	session	To manage the Product Layout Style
m	2 years	No description available.

Manchester City Hospitality

Lunch with the Football Characters

Fashion Week Experience

Birmingham Concerts