Your privacy is very important to us at AdventureRooms, so we’d like to tell you what we do to keep your data safe and secure.
In this policy, we explain how AdventureRooms collects, manages, uses and protects your data.
1. Who are AdventureRooms?
AdventureRooms® is a Live Escape Game in Switzerland with Franchises around the world.
The term “Service” refers to the service of a Live Escape Game, operated in different cities in Switzerland.
In the language of data protection regulation, AdventureRooms is the “data controller” of your personal data and you, our customer, are the “data subject”. This means that AdventureRooms determines the purposes and means of processing your personal data, while respecting rights concerning your privacy.
2. What data do we collect?
Like most companies, we collect various types of data about our customers. Some of it may be considered personal data, which means data that make you identifiable as an individual.
We may collect and use the following data:
Basic personal data, such as (but not limited to):
- Date of birth
- Phone number
- E-mail address
This data is necessary for AdventureRooms to provide the Service to you. We need to know who books our service, to minimize fraud and no-shows and in case of willfull destruction of any of our material inside our Escape Rooms.
Technical data, such as (but not limited to):
- Page views
- Operating system
- Browser type
This data is used to help us to understand how you use our Service, so that we can improve it. This data does not make you identifiable.
3. Why do we collect your data?
We collect your data to personalise and improve our Service for you. The specific purposes for which we collect your data include:
Minimizing fraud and no-shows
We need to collect data in order to minimize fraud. We have to know who books our services, because we will be organizing your event as soon as you book our service. Also, in the past there have been many cases of no-shows. Clients booked our services and didn’t show up at the time of the service, which is very hurtful to a small company like ours, as we have to pay our employees, even if no clients show up.
We may process your personal data to provide you with certain types of marketing communication that we believe will be relevant and of interest to you. This helps us provide you with a more personalised Service. This kind of activity is permitted by our ‘legitimate interest’ (for more information on legitimate interest, please see Section 8 of this Policy). We will always endeavour to make these communications relevant and unintrusive, and you are able to object to marketing communication from us at any time.
Analytical purposes We may collect and analyse data such as website or app visit logs in order to improve the quality of our Service.
You do not have to disclose any of the above data to us. However, if you choose to withhold certain data, we may not be able to provide you with our Service.
4. How do we keep your data safe and secure?
All the data that you provide to us is encrypted. We restrict access to your data to specific employees of AdventureRooms who have an important business-related reason for handling it. Our communications are encrypted using the TLS (Transport Layer Security) technology protocol.
5. How long do we keep your data?
Depending on what purpose your data is used for, the length of time we keep it may vary. Either way, we will only hold your data as long as necessary to serve the purpose it is used for.
When the five years’ retention period and/or legitimate interest no longer apply, we will remove your data from our system. For more information on legitimate interest, please see Section 8 of this Policy.
In situations where you give us specific consent to process certain kinds of data, you are able to withdraw that consent at any time. We will then stop processing your data and, if the five years’ retention period and/or legitimate interest retention period does not apply, we will also erase your data from our system.
We may retain any data mentioned above for a longer period, if required to protect the rights, property or safety of AdventureRooms or of the Service provided by us or our partners.
6. Who do we share your data with?
We will never sell your personal data to other organisations.
The following are some purposes for which we may share your data with third parties:
To fulfil the contract between you and AdventureRooms
We may share your data with third parties, such as our partners and intermediaries, when they are necessary for the fulfilment of the Service.
When required by law
We may share your data when required by law, for example for the purposes of security, and criminal investigations.
For marketing and communication
We may share your data with third parties such as providers of customer service tools, marketing campaign tools, email communication tools, analytics software (for marketing purposes) and data visualization tools (for analytical purposes).
If we sell or buy any business or assets, we may be obliged to share your personal data with the prospective seller or buyer.
7. What are your rights?
The law gives you a number of important rights in relation to your personal data, which are listed below.
There are certain exceptions where these rights may be superseded by laws and other requirements applicable to regulated financial institutions like AdventureRooms. An example of this would be the obligatory retention period (seen Section 5), which supersedes the right to data erasure.
Your rights are:
- The right to be informed: the right to be informed about how we use your personal data
- The right of access and data portability: the right to request access to the data that we have about you, to obtain the data within a month of asking for it, and to use it for your own purposes
- The right to rectification: the right to correct, amend or update your personal data if it is wrong or has changed
- The right to erasure: the right to ask us to remove the data we hold about you from our records
- The right to be forgotten: the right to request erasure of any links to your personal data, or of any copy or replication of any public personal data
- The right to restrict processing: the right to ask us to stop processing your personal data
- The right to object: the right to object to data processing, if you believe that our legitimate interest might infringe upon your rights
- Rights related to automated decision-making and profiling: the right not be subject to individual decisions made solely by automated means.
- The right to notification in the event of breach: the right to be immediately informed if we identify a data breach
- The right to raise a complaint: the right to contact our Data Protection Officer if you are not happy with how we have handled your personal data
- The right to lodge a complaint with a supervisory authority: the right to submit a complaint to the Information Commissioner’s Office (ICO) if you are not satisfied with our Data Protection Officer’s response, or if you believe that we are not processing your personal data in a lawful way (For more details please write an email to email@example.com.).
8. Legitimate interest
Legitimate interest is a specific legal justification for the collection and processing of your personal data. It applies when we have reasonable grounds to collect and/or process your personal data to improve our Service, as long as this does not infringe on your rights.
Our legitimate interest may justify some examples of automated decision-making. One of those is our estimated transaction timing, which we use to determine the time in which the transfer will reach your beneficiary.
We believe that if you are an active customer of AdventureRooms, it is in your interest to receive occasional information about our Service. We may therefore send you communications about offers or promotions that we believe are relevant for you based on your previous use of the Service. If we notice that you are having problems using our Service, we may on our own initiative decide to contact you to offer help.
We may also process your data to help develop new product features that we believe will improve the Service. We may contact you occasionally to assess your satisfaction with the Service. We may also use your data to determine the effectiveness of marketing or promotional campaigns. We may also contact you with information about any changes in the Service, and/ or other important updates.
We will only share anonymised or encrypted data with the third parties. We may also provide our partners with anonymous aggregated data about our customers for marketing and analytical purposes, to help optimise our marketing communications.
You can object to data processing based on our legitimate interest at any time by contacting us at firstname.lastname@example.org.
9. Cookies Policy
Cookies are small text files which are stored on your device when you access AdventureRooms. They allow us to recognise you and store data about your past activity and your preferences so that we can personalise and improve the Service for you.
Cookies and other similar technologies may collect data such as language preference, country and previously viewed pages.
We use the following cookies:
- Analytical cookies: these cookies allow us to see how people use our Service so that we can understand how to improve it e.g. seeing how many people are logged in at a given time of day
By using our Service, you agree to place the cookies described above on your device. You have the right to withdraw your consent at any time. If you would like to delete our cookies, you can do so by changing the settings of your browser.
You can block or delete the cookies of course.
11. Special regulations
Special regulations in Germany:
Die AdventureRooms GmbH wird nicht an einem Streitbeilegungsverfahren vor einer Verbraucherschlichtungsstelle im Sinne des VSBG teilnehmen und ist hierzu auch nicht verpflichtet.
You can contact AdventureRooms:
- By post: Hotelgasse 10, 3011 Bern, Switzerland
- Via our website: www.adventurerooms.ch
AdventureRooms has a Data Protection Officer who is responsible for matters related to privacy, data protection and data security. Our Data Protection Officer can be contacted at email@example.com