Back to home
Your privacy is important to us. This privacy statement explains what personal data Sugar Hut collects from you, how we use that data and our data storage policy and security.
Personal Data We Collect
The data we collect includes the following:
Name and Contact Data – We collect your name, email address and phone number when making a booking or enquiry with us.
Payment Data – We process card details via a PDQ device when deposits are made over the phone. This information is covered by PCI compliance. We also process payments via Design my night booking software. Only card number and expiry date is stored however, verbally we ask for CVV code and postcode and door number of registered address.
CCTV – Your image may be captured by many of our security cameras around the venue.
IDscan – Your photographic ID may be scanned into an ID scan system when entering the nightclub.
Mailing list – we collect your name, email address, phone number and DOB.
Gallery – Images are taken of customers on club nights by Licklist Holdings LTD and uploaded onto our website, social media accounts and Licklist’s own website and can sometimes be used in marketing material.
How We Use Personal Data
Name and Contact Data – We use this to contact you and answer any enquiries you have and to secure and verify any bookings.
Payment Data – We sometimes have to take deposits for bookings and card details will be collected to process this payment. Additional verbal information like CVV code and postcode are for additional security and helps us confirm we are speaking with the cardholder.
CCTV – Is used for the security of our customers, staff and the building. It can sometimes be used for investigating incidents/accidents or criminal activity.
IDscan – ID scan is used to notify us and other venues of any alerts or warnings relating to customers and helps keep our customers and staff safe. ID scan allows us to know who has attended the venue and when, which can sometimes be used for investigating incidents or criminal activity.
Mailing list – As part of the registration process for our weekly newsletter, we collect personal information. We use that information to tell you about things you’ve asked us to tell you about and keep you updated on news, offers and discounts.
We use third-parties, MailChimp and Incentivated and an SMS broadcaster, to deliver our newsletters and SMS marketing. We gather statistics around email and SMS opening and click-throughs using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see our third-parties privacy notices. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing our data protection officer.
Gallery – Images are uploaded onto our website, social media accounts, and Licklist’s own website for the pleasure and use of customers and can sometimes be used in marketing material. No names are given out of people photographed unless individuals wish to identify themselves via twitter handles or tags.
How Long We Store Your Data For
Name and Contact Data – This information is stored indefinitely on a reception PC which is password protected and only used by those staff members responsible for dealing with enquires and bookings.
Payment Data – Card payment slips are kept for a period of 1 year in case there is a payment query i.e. chargeback. They are destroyed after this date by incineration. Payments made by ‘Designmynight’ will show as encrypted data on our version of the software.
CCTV – All CCTV is kept for 31 days unless there has been an incident or accident. In this event a copy would be made and kept for a period of three years for insurance purposes. In the event CCTV has been requested by the police or insurance company they will keep a copy for as long as is required for the matter they are dealing with.
IDscan – ID scan software is kept indefinitely on the IDscan system. Full information is accessible only by management, security and operators of the device. It is password protected and full data is never shared with anyone other than the police, solicitors or other legal entities. All data is encrypted before going to the IDscan software provider. As alerts are designed to be shared by their nature, this is a basic share of information with other venues that use IDscan but would only state if an alert is in place and give a reason category.
Mailing list – We will keep details given when signing up to the mailing list indefinitely unless you would like to be removed. You can be removed at any time by clicking unsubscribe on our newsletters or by contacting the data protection officer. The data is stored on a password protected folder on the data protection officer’s PC.
Gallery – We keep all images indefinitely internally (on the data protection officers PC) however they may not stay on our website forever dependant on server space.
Access to your personal information
You are entitled to view, amend, or delete the personal information that we hold with some exceptions covered in the next sections. Email your request to our data protection officer
The Right to ‘Erasure’ (right to be forgotten)
Name and Contact Data – We can remove this data any time after 31 days has passed from your attendance.
Payment Data – We can destroy this data and only keep an encrypted version at any point however in the event a refund was later required we would need to be given the data again to process the refund. The encrypted version of the payment slip can be destroyed after 6 months from the transaction date if you would like it destroyed sooner than the standard one year we hold it for.
CCTV – Unfortunately, CCTV cannot be removed before the 31 days standard lead time as it is still serving a purpose. Police can request CCTV within this time frame and it would be detrimental to not have it available. If the CCTV is still serving a purpose after the 31 days has elapsed it can still not be destroyed (i.e. where it is providing evidence).
IDscan – We can remove this data as long as 31 days has passed since your entry and no alerts have been placed on you already. This timescale is at police request.
Mailing list – You can be removed at any time by clicking unsubscribe on our newsletters or by contacting the data protection officer.
Gallery – You can request your image to be removed at anytime by contacting the data protection officer
Sharing of data
Name and Contact Data – This information is shared internally to relevant staff only.
Payment Data – This data is only shared with our merchant service provider when defending a charge back.
CCTV – CCTV can be shared with police, solicitors, legal entities and management only unless permission is given by every person included in the shot. We do not have the facility to blur out other individuals so copies of CCTV can only be provided to you if you happen to be the only person on display. This is to fulfill the data protection of the other individuals.
IDscan – Full ID scan data can be shared with police, solicitors, legal entities and management. Basic information on whether an alert is in place will be shared with any other venue using IDscan. We will sometime produce analysis from this data but no personal information is used. I.e male to female ratio, most popular age group, demographic.
Mailing list – We do not sell or share our mailing list with any other company and is used solely by us.
Gallery – Our galleries are shared on our website, social media accounts, marketing material and Licklist Holding’s own website.