Privacy Notice

Scope

All personal data is collected in line with the requirements of the EU’s General Data Protection Regulations (GDPR).

Your privacy and trust are important to us and this Privacy Notice (“Notice”) provides important information about how Park Lane Club London (“Park Lane Club London,” “Park Lane Club,” “PLC,”  “we,” or “us”) handle personal information. This Notice also applies to the Park Lane Club London website.

Responsibilities

The Data Protection Officer (DPO) is responsible for ensuring that this notice is made available to data subjects prior to PLC collecting and processing their personal data.

Consent

This notice draws the data subject’s attention to the purposes and nature of the processing of their data. PLC have a duty to comply with legal obligations (see section 13) to process personal data. This Notice, is part of our terms and conditions that you MUST agree to.  If you do not agree to our Privacy Notice (data protection policy) we will not be able to continue the business relationship.

What is Personal Data?

PLC is committed to the responsible handling and protection of personal information. Under the EU’s GDPR personal data is defined as:

Personal information means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

Who are we?

Silverbond Enterprises Limited trading as Park Lane Club London. Registration no. 07215674.

Park Lane Club London and its address is 22 Park Lane Park Lane, Mayfair, London, W1K 1BE is regulated and licensed by the UK Gambling Commission and holds an Operating Licence. Park Lane Club London is a Data Controller registered with the Information Commissioner’s Office (ICO), registration no. ZA077716.

Why we collect information

In order for us to provide you with all the amenities offered within the club, and to be a member of the casino, we need to collect personal data for identification and verification purposes as required by our legal obligations. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.

PLC will process (collect, store and use) the information you provide in a manner that is compatible with the EU’s GDPR. We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.

For you to be a member of the casino we need to collect personal data to:-

  • Assist us in setting up and managing your account and building an accurate customer profile of you;
  • Enable us to comply with legal and regulatory requirements; in particular those relating to the identification and verification of individuals under money laundering legislation;
  • Meet any obligations arising from any contracts entered into between you and PLC including payment processing;

How we collect information

 Personal information is initially collected during the registration process, but is also collected and monitored throughout our business relationship and may be collected when there is activity on your account.

Information you provide may be verified with trusted external third party due diligence service providers.

Cookies

In relation to your activity on our website, we use Google Analytics to collect anonymous information relating to pages viewed, page response times, download errors, length of time spent on pages, page interaction information such as scrolling, clicks, and wagers, and methods used to browse away from pages.

This is a service provided by Google Analytics.  Full Google Analytics cookie information can be found here. Further information can be found here in Google’s Privacy notice in regards to Analytics.

Preventing Money Laundering and Terrorist Financing

We collect personal information from you to start a business relationship (becoming a member), that being, it starts with customer due diligence.  Customer due diligence means taking steps to identify and verify our customers and checking they are who they say they are.

In situations we must carry out ‘enhanced due diligence’.

In instances where more information is required, we may verify/ask you for verifiable information pertaining to legitimate sources of wealth and funds. This information may be used and verified by PLC and further verified by external enhanced due diligence providers.

Types of Information

You provide us with Personal Data when you complete forms in the club, or by corresponding with us by telephone (we may record such calls), e-mail, website or by other means.  The information you give us may include your name, age, gender, nationality, address, telephone number, e-mail address, occupation(s), financial information and bank details.

Sensitive information: The information we collect and process may be considered sensitive personal information.

Sensitive personal information is a subset of personal information and is generally defined as any information related to racial/ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health (SENSE/voluntary self-exclusion information). Sensitive personal information may also include criminal allegations or convictions, financial and bank account numbers, or unique identifiers such as government-issued social security numbers, driver’s license, and passport numbers.

Marketing and Events

PLC will not share your personal data with any third parties for marketing purposes.

We will only use this to communicate upcoming events within the club. During your membership application phase we ask for explicit consent for the purposes of marketing. If you opt in, you can set a preference as to how to receive communications. If you wish to opt out, or vary your consent in relation to marketing communications as much as our legal obligations allows, then you may do so by providing us reasonable notice in writing by email to events@plclondon.com.

Closed Circuit Television (CCTV)

We are required by legislative and licencing obligations (Premises licencing issued by the City of Westminster) to have CCTV throughout the premises, including all internal and external areas. CCTV collects and processes Personal Information about you that may include visual images and recordings, and audio recordings.

We may store such information and may analyse it in order to investigate any actual or suspected criminal activity.

It may also be used to monitor staff, agencies, contractors and visitors when carrying out work duties.

Our legal basis for processing your personal data

We have a legal obligation to process Personal Information, this is necessary for us to comply with the law, the following is legislation PLC are obliged to follow;

  • Proceeds of Crime Act (POCA) 2002
  • Terrorism Act 2000
  • The Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017
  • Anti-Terrorism, Crime & Security Act 2001

Will PLC share my personal data with anyone else?

Your Personal Information may be disclosed or shared with third parties to comply with any legal or regulatory obligations. If we disclose or share your sensitive personal data, we will only do so once we have obtained your consent, unless we are legally required.

Our Legal basis may require us to use, retain and share personal information for the prevention, detection, or investigation of a crime; loss prevention; fraud; illicit, unfair or fraudulent gaming activity, regulatory breaches, or the apprehension of or prosecution of offenders  We may also use personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate: (a) under applicable law; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, (c) to enforce our terms and conditions; and (d) to protect our rights, privacy, safety, or property, or those of other persons, (d) complaints adjudicators/alternative dispute resolution bodies, (e) in the event that PLC sells or buys any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.

How we secure personal information?

PLC takes data security seriously, and we use appropriate technologies and procedures to protect personal information. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements.

The data that we collect from you may be transferred to, or stored at, a destination outside the European Economic Area (“EEA”).  It may also be processed by staff operating outside the EEA who work for us.  Such staff may be engaged in, among other things, the provision of any requested services, the processing of your payment details and the provision of support services.  We will take all steps necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

All information you provide to us is stored on secure servers.  If you use our site to send messages, your transmission will be protected by Secure Socket Layer (SSL), more information can be found here.

Under what circumstances will PLC contact me?

Our aim is not to be intrusive, we will only contact you when necessary and we will always explain why we have done so.

Your right to your personal information

We respect your right to access and control your information, we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information. Under EU GDPR at any point while we are in possession of, or processing your personal data, you, the data subject, have the following rights:

  • Right of access
  • Right of rectification
  • Right to be forgotten
  • Right to restriction of processing
  • Right of portability
  • Right to object
  • Right to object to automated processing, including profiling

Access to Personal Information

 If you request access to your personal information, we will gladly comply, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. We may also charge you a fee, for example, if there is repeated or excessive requests.

We will provide the information requested to which you are entitled within one month of the receipt of the request.

The period may be extended by a further two months. This is in cases where the requests are complex or multiple.

With all the rights stated above, all requests are to be forwarded to the Data Protection Officer.

Retention period

In determining data retention periods, PLC takes into consideration legal and contractual obligations, retaining personal information for 5 years after the business relationship has ended, however if there are subsequent requirements by legal authorities, information may be required to be held for up to 10 years. When we no longer need personal information, we securely delete, anonymise or destroy it.

Notification of Change

If we decide to change our privacy policy, we will post material changes on the website so that all of our users are always aware of what personal data we collect, how we use it, and under what circumstances, if any, we disclose it.

How to contact us

We understand that you may have questions or concerns about this Notice, our privacy practices or you may wish to submit a subject access request or to file a complaint. Please feel free to contact us in one of the following ways.

Our DPO can be contacted directly here:

  Data Protection Officer
Contact Name: Attn: Data Protection Officer
Address: Park Lane Club London
22 Park Lane
Mayfair
London
W1K 1BE
Email: DPO@plclondon.com

 

The Supervisory authority contact details are:

  Supervisory authority contact details
Contact Name: Information Commissioners Office (ICO)
Phone Number 0303 123 1113
Website: https://ico.org.uk/