last updated September 7, 2020
Welcome to Kidzone!
This notice sets out the basis on which any Personal Data we collect from you, or that you provide to us, or will be processed by us. It also describes how we use Personal Data, with whom we share it, your rights and choices, and how you can contact us about our privacy practices.
This policy does not apply to third-party websites, products, or services, even if they link to our Services or Sites, and you should consider the privacy practices of those third-parties carefully.
Please read the following carefully to understand our views and practices regarding your sensitive information and how we will deal with it. For the purposes of the Data Protection Act 2018 (‘the DPA’) and the EU General Data Protection Regulation (‘the GDPR’), sensitive information includes what is defined as your ‘Personal Data’.
More formally, we are JFF Kidzone Ltd. We are a company registered in Ireland with Company Number 572015 and our registered office is at Old Court, Ardbrack, Kinsale, Co. Cork, P17DF30.
Our primary business is to provide a facility for children to play in an indoor play centre, and a venue to host children’s parties incorporating the play centre.
For the purposes of the DPA and in-line with the GDPR, Kidzone is the Data Controller.
If you have any concerns about the way we use your information or any questions about this Privacy Notice, please let us know. We can be contacted via email at DPO@kidzone.ie, or you can write to us at the address above
Information We Collect About You
Personal Data is any information that relates to an identified or identifiable individual. We collect information about you when you register as a Client, modify your profile, sign-up for or make purchases through the System. In particular:
- when you register for the System, you provide your contact information including your full name, email address, and telephone number
- when you complete a booking on the System you are required to provide us with the names of children on your booking, accept the Terms and Conditions, and acknowledge any policies that we present to you.
How we Use Personal Data
We rely upon a number of legal grounds to ensure that our use of your Personal Data is compliant with applicable law. We use Personal Data to facilitate the business relationships we have with our Users, to comply with our financial regulatory and other legal obligations, and to pursue our legitimate business interests. We also use Personal Data to provide data in the event of requirement for Contact Tracing with regard to COVID-19 traceability requirements as specified by the Irish Government
We may process information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website. The Transaction Data may include your contact details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions. The legal basis for this processing is legal requirements for proper accounting practices.
We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters. The Notification Data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is your given consent to receive this communication.
We may process information contained in or relating to any communication that you send to us. The Correspondence Data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
We may process any of your Personal Data identified in this policy where necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
We may process any of your Personal Data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
In addition to the specific purposes for which we may process your Personal Data, we may also process any of your Personal Data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Do not supply any other person’s Personal Data to us, unless with their proper consent.
How We Disclose Personal Data
Kidzone does not sell or rent Personal Data to marketers or unaffiliated third parties. We may share your data as follows:
- to staff, for the purposes, and on the legal bases, set out in this policy
- to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure
- to our payment services providers, Stripe. We will share Transaction Data with our payment services provider only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds
- as we believe necessary: (i) to comply with applicable law, or payment method rules; (ii) to enforce our contractual rights; (iii) to protect the rights, privacy, safety and property of Kidzone, you or others; and (iv) to respond to requests from courts, administrative or out-of-court procedures, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.
You have the right to find out about what information we hold about you :
- How you can see or change your account Personal Data. If You would like to review, correct, or update Personal Data that You have previously disclosed to us, You may do so by signing in to your SimplyBook.it Client account or by contacting us
- Your data protection rights. You have the following rights with regard to the Personal Data we control about you:
- if your Personal Data is incorrect then you have the right to rectify this information and ensure that it is accurate and up to date. Your Personal Data is readily available inside the system for approved users. Data can be updated, deleted and exported
- the right to request that your Personal Data is permanently ereased in certain circumstances provided by law; if you would like to exercise this right then please contact us at DPO@kidzone.ie
- the right to restrict processing of your Personal Data
- the right to withdraw your consent at any time
- the right to complain to a Supervisory Authority, in this instance The Irish Data Protection Commissioner
Your Personal Data is readily available inside the system for approved users. Data can be updated, deleted and exported either by login, or by link.
Security and Retention
We are committed to safeguarding the privacy of our website visitors and our system users and make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data within our organization against unauthorized access, destruction, loss, alteration or misuse. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties.
We retain your Personal Data as long as we are providing the Services to you. We retain Personal Data after we cease providing Services directly or indirectly to you to the extent necessary to comply with our legal and regulatory obligations. We also retain Personal Data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data by our contractual commitments to our affiliated partners and service providers. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
International Transfers Of Your Personal Data
- hosting facilities for our booking system are situated in France with OVH; Amazon and Google Cloud servers, based in EU, are used for backups
- our booking system email servers are situated in UK with Linode
- credit card payments are processed through Stripe who comply with applicable laws to provide an adequate level of data protection for the transfer of your Personal Data to the US and adheres to the Privacy Shield Principles in connection with personal data transfers from the EEA, the UK and Switzerland. For more, see Stripe’s Privacy Shield Policy.
A Cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.