Our commitment to privacy
We know privacy is important to all of our members and users of our services, so we want you to know Klub Verboten has got your back.
We aim to make sure you always know exactly how and when we will use your personal data, and what your rights are.
What data do we collect?
If you browse our website as a guest, we may collect some or all of the following information about you:
+ Information about your device and how you use our website
+ Your IP address
If you choose to subscribe to our members’ club, we may collect the information described above, plus some or all of
the following information:
+ Your full name
+ Your email address
+ Links to your social media account(s)
+ Your phone number
+ Your date of birth
+ Photo(s) of yourself
How do we use your data?
Information about your device and how you use our website
We collect information about your device and how you use our website. This may take the form of our own server logs, or information collected by Google Analytics or Facebook when you load our website. This allows us to continue to develop our business strategy, and to predict and protect against potential attacks which may cause disruption to our
website or services.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – this –information forms part of our business strategy planning and helps us maintain a secure site for our visitors and subscribers.
Your IP address
If you access our site, we may collect the IP address of the device you are using. We need to do this to predict and protect against potential attacks which may cause disruption to our service.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – this information forms part of our business strategy planning and helps us maintain a secure site for our visitors and subscribers.
Your full name
We need to know your full name in order to identify you and in order to assess your application for membership.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – knowing your name helps us to maintain a safe and secure environment for our members and visitors.
Your email address
We will use your email address to communicate with you about your membership, and to send you optional updates about Klub Verboten.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – we need to be able to communicate with you about your membership.
Links to your social media account(s)
As part of our process of identifying our members and assessing applications for our private members’ club, we may collect links to your social media account(s).
We will never ask you for your social media passwords or login credentials.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – collecting social media account information allows us to have greater confidence of the identity of our members and helps us maintain a safe, fun and secure environment for our members and visitors.
Your phone number
In order to maintain a safe and secure platform for our members, we will collect your phone number. Knowing your phone number allows us to restrict access to ticket purchasing facilities if we find that you have breached our rules or you are otherwise banned from attending future events.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – in order to maintain a safe and secure environment, collecting this information allows us a greater level of control over the people attending our events.
Your date of birth
For the purposes of age verification, we need to ensure that you are above the age of 18.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – in order to ensure you are above the age of 18, it is necessary to know your birthdate.
Photo(s) of yourself
We may ask you to provide a photo when becoming a member of Klub Verboten. This allows us greater certainty over the identities of our members, and a greater ability to ensure that in-person attendees to our events are fully registered Klub Verboten members.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – in order to maintain a safe and secure environment for members, it is important for us to have confidence in the identities of event attendees.
Not part of the membership system. However, we may ask you to provide one of the following documentation in order to be eligible for a carer/personal assistant ticket:
+ Front page of PIP or DLA
+ Deaf or Blind Registration
+ CredAbility Access Card
Your accessibility status
For the purposes of accessibility access verification, we need to ensure that you are eligible for carer tickets/access.
Legal Basis: GDPR Art. 6(1)(f) – “Legitimate interests” – in order to provide our guests with carer tickets, collecting this information allows us to identify their eligibility. In such cases, retention will be limited to 90 days after an event takes place.
Third parties we may share your data with
Operating a modern web platform like ours requires us to rely on a number of third parties to keep our website running safely, smoothly, and securely. We take your privacy seriously and only share your data with trusted third
parties with the goal of providing our services to you. We will never sell your personal information.
We make use of Google Analytics on our site to collect metrics about our visitors for technical capacity and business strategy planning.
We enable IP anonymisation in our Google Analytics account and ensure that it uses pseudonymous identifiers.
You can opt out of data processing by Google Analytics by enabling Google’s “Google Analytics Opt-out Browser Add-on” on your device.
Facebook / Meta
We make use of the Facebook Pixel on our site to collect metrics about our visitors for technical capacity and business strategy planning.
For more information about the Facebook Pixel, please see the Facebook Business Tools Terms.
We make use of DICE to organise events. Your data may be processed by DICE if you sign up or register to attend any of the events that we organise through the platform.
We use Mailchimp to manage our email communication. If we send you email communication, your email address will be processed by Mailchimp.
We also make use of Join It to handle membership management tasks.
We make use of Google services internally to provide administrative functions for our team. This may include, but is not necessarily limited to, Google Drive, Google Docs, and Google Sheets. These services are important for the day-to-day operation of Klub Verboten and we ensure when using them that your data is stored securely and is not available to
parties who should not have access to it.
How long will we keep your data?
We hold on to the information we collect about you, detailed above, for as long as your membership is active. After your membership ends or is terminated, we will erase your personal data. You can also contact us to request deletion of your personal data, which will terminate your membership. We are unable to delete your data without terminating your Klub Verboten membership.
We will keep data for longer periods if reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or to enforce our Terms and Conditions.
We may also hold on to your information for longer in the event that you are banned from Klub Verboten. This additional retention is necessary to ensure we maintain a safe and secure environment for our other members.
You have a number of relevant rights in respect of our processing of your personal data. The relevant rights are:
+ You may request access to your personal data, and information about how and why we process it. You can read more about this right here.
+ You may request us to rectify information about you which you think
is inaccurate. You can read more about this right here.
+ In some circumstances, you may request that we delete your personal information. You can read more about this right here.
+ You may have the right to object to our processing of your data
if we are doing so as part of our legitimate interests. You can read more about this right here.
For more general information about your rights as a data subject, please see the Information Commissioner’s Office’s "Your Data Matters" project.
If you wish to exercise any of these rights, please contact us via email.
You also have the right to lodge a complaint about our processing with a supervisory authority. In the United Kingdom, this authority is the Information Commissioner’s Office.
Updates to this document
If we plan to use your personal data for a new purpose, we will update this information and communicate any changes to you before starting any new processing.
We will communicate any updates to this notice prominently on our website.
The Data Controller for your personal data is Klub Verboten. You can contact our Data Protection Officer via email.
Last updated: 03/01/22