Your data is of critical importance to us.
At Special Occasions Limited, the privacy and security of our client’s data is of critical importance to us. We want you to be given the opportunity to understand how we use your personal information and be confident that this information is safe and secure. This Privacy Notice explains who we are, why and how we collect your personal data, how long we may keep your data for and the steps we take to ensure your data is kept secure and confidential. It also sets out your rights as a data subject.
Who we are
Data you provide to us
Data collected by our website
Purposes for which we use your data
Retention of personal data
Transfer of data to third parties
1.1. “Personal data” means any information which relates to a living,identifiable person. It can include names, addresses, telephone numbers, email addresses, etc. But it is wider than that and includes any other information relating to that person or a combination of information which, if put together, means that the person can be identified.
1.2. “Processing” covers all activities relating to the use of personal data by an organisation, from its collection through to its storage and disposal and everything in between.
1.3. “Data subject” means the person whose personal data is being processed.
1.4. “Controller” means the person, public authority, agency or other body which determines the purposes and means of the processing of personal data.
1.5. “Processor” means the person, public authority, agency or other body which processes personal data on behalf of the controller.
2. Who we are
Special Occasions Limited (‘Special Occasions”’) together with its associated companies, provides event planning services to clients. We operate principally in the Isle of Man.
Special Occasions is the controller for all personal data processed by Special Occasions, staff or other appointed officers. The contact details for our offices can be found. You can also contact our Data Protection Officer, as highlighted in section 10 below.
3. GDPR Principles
Here at Special Occasions, we take your privacy very seriously. We will safeguard and utilise any personal data provided to us in accordance with the Principles of General Data Protection Regulation (GDPR, 2018). The six overall principles which apply to the processing of personal data are:
1) Lawfulness, transparency and fairness
2) Purpose limitation:
3) Data minimisation
5) Storage Limitation
6) Integrity and confidentiality
together with the overarching principle of ‘accountability’ which requires us to evidence our compliance with the six principles.
4. Data you provide to us
We collect and process your data for various purposes connected with our services. We collect personal information that is necessary for us to provide corporate and trust administration services to our clients or otherwise perform the services you have requested from us. We also collect personal information from third parties to allow us to do this. In addition, we may require information from you and from third parties about you to allow us to comply with legal and regulatory compliance obligations.
To allow us to provide our services, we may require the following personal information about the persons connected with any service we provide or entity we administer, such as officers, members, trustees, settlors, beneficiaries, beneficial owners and controller. The types of data we collect and process includes:
- Name and Contact details: Information we require for the purposes of managing our relationship, including your name, postal address, email addresses and telephone numbers.
- Other details: Any other information you provide to us through our relationship.
5. Data collected by our website
5.1 Information collected. To make our Site more useful to you, our servers collect information from you including your IP address (automatically collected), web browser type and version (automatically collected), operating system (automatically collected) and a list of URLs starting with a referring site, your activity on our website and the site you exit to (automatically collected).
5.3 Cookies. ‘Cookies’ are small pieces of information that a website sends to your computer’s hard drive while you are viewing a website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to improve your experience of using our Site and to ultimately, improve our range of services. Persistent Cookies can be removed by following internet browser help file directions. You may, if you wish, deny consent to the placing of Cookies by amending the privacy settings within your browser; however certain features of our Site may not function fully or as intended.
You can choose to delete Cookies at any time, however you may lose information that allows you to access our Site more quickly and efficiently. For instance, personalisation settings and automated form filling. It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
6. Purposes for which we use your data
When providing services to you, we may use data about you for the following purposes and on the following lawful bases:
LAWFUL BASIS FOR PROCESSING
Communicating with you and other parties involved in your event.
Necessary to perform our contract with you.
Managing our business operations.
Including maintaining internal records, analysis of financial results, internal audit requirements and receiving professional advice (e.g. legal advice).
Our legitimate business interest to process your personal data in order to manage our business processes.
Necessary to perform our contract with you.
To provide services to staff as an employer.
Including Payroll and other administrative tasks associated.
Our legitimate business interests to provide you with payroll services and other associative administrative tasks at your request.
Sharing data with other third parties.
Including third parties who process data on our behalf and other service providers involved in your event
Our legitimate business interest to share your data with trusted third parties who provide us with services relevant to our provision of services to you.
Necessary to perform our contract with you.
Where we process your personal data for a reason not named above, we will ask you for your consent before we process the personal data (these cases will be clear from the consent). Where the legal basis for processing your personal data is that you have provided your consent, you may withdraw your consent at any time. You will not suffer any detriment for withdrawing your consent. If you withdraw consent, this will not make processing which we undertook before you withdraw your consent unlawful.
You can withdraw your consent by contacting the Data Protection Officer, whose details are provided in Section 2.
7. Retention of Personal Data
Isle of Man incorporated entities are subject to stringent record keeping obligations under local legislation including the VAT legislation and relevant Companies Acts.
8. Transfer of data to third parties
We will not share your data with third parties except in specific circumstances. Generally, these circumstances will be to enable us to perform our contact with you (for instance, if you ask us to open a bank account for a legal entity) or to comply with legal or regulatory obligations.
Special Occasions uses Google to provide certain IT services including G-Suite platform for email and other cloud services. As a result, Google acts as a processor of personal data on our behalf. These services are provided under the data processing agreement and having made due enquiry, we are satisfied that the services provided are GDPR compliant.
9. Your rights
Under GDPR you have the right to expect us to handle your data sensitively, in accordance with the Principles set out in Article 5 of the Regulations which can be found at.
Details of your rights under GDPR are detailed in Chapter 3 – Articles 12-23 which can be found at https://gdpr-info.eu/chapter-3/.
Right of access. You have the right of access to your personal data and can request copies of it and information about our processing of it.
Right of rectification. If the personal data we hold about you is incorrect or incomplete, you can ask us to rectify or add to it.
Right of Erasure. You have the right to ask us to erase your personal information in certain circumstances, for example where you withdraw your consent or where the personal information we collected is no longer necessary for the original purpose. This will need to be balanced against other factors however. For example, we may have regulatory and/or legal obligations which mean we cannot comply with your request.
Consent. Where we are using your personal data with your consent, you can withdraw your consent at any time.
Right to restrict. You can ask us to restrict the use of your personal data if:
* It is not accurate.
* It has been used unlawfully but you do not want us to delete it.
* We do not need it any more but you want us to keep it for another use.
* You have already asked us to stop using your data but you are waiting to receive confirmation from us as to whether we can comply with your request.
If you wish to exercise your rights, please contact .
If you wish to make a formal complaint concerning our conduct then you should contact the Isle of Man Information Commissioner, whose contact details are below:
Isle of Man Information Commissioner
First Floor, Prospect House
Douglas, Isle of Man
Tel: +44 1624 693260
We would, however, appreciate the chance to deal with your concerns before you approach the Isle of Man Information Commissioner so please contact us in the first instance.
10. Contact us
If you are unsure about any aspect of this notice, have any questions or wish to exercise your right, please contact our Data Protection Officer (DPO) using the details below.
Data Protection Officer email firstname.lastname@example.org
We may update this notice (and any supplemental privacy notice) from time to time as shown below. We will notify you of the changes where required by applicable law to do so.