PRIVACY POLICY

 

Last Updated: 5th December 2025

 

1. INTRODUCTION AND CONTROLLER INFORMATION

 

Eventless Ltd ("we", "us", "our", or "EL") (Company Number 16665061) is committed to protecting and respecting your privacy. This Privacy Policy ("Policy") explains how we collect, use, disclose, and safeguard your personal data when you visit our website at http://eventless.co.uk (the "Site"), use our mobile application "Eventless" (the "App"), or otherwise use our services (collectively, the "Platform").

 

This Policy is incorporated into and forms part of our Terms and Conditions. This Policy should be read in conjunction with our Terms and Conditions. Certain features of our service, such as the process following a subscription cancellation as detailed in the Terms, involve specific data sharing practices outlined in this Policy.

It is provided in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws (collectively, "Data Protection Laws"). 

 

1.1 Controller and Processor Roles

Depending on the context of our relationship with you, EL acts in different capacities under Data Protection Laws:

 

- Data Controller: When we determine the purposes and means of processing your personal data for our own business operations, including Platform administration, customer service, marketing, and when we provide Event Services directly to you under Section D of our Terms and Conditions.

- Data Processor: When we process personal data on behalf of our Members (Clients and Suppliers) to facilitate their Event Agreements. In this context, our Members are the independent data controllers, and we process such data according to their instructions as set out in our Terms and Conditions and this Policy.

 

1.2 Contact Details

If you have any questions about this Policy or wish to exercise your data protection rights, please contact us using the following details:

 

Data Protection Officer / Responsible Person:

 

Eventless Ltd

305 Washington Building

Deals Gateway

London, SE13 7SE

United Kingdom

 

Email: solutions@eventless.co.uk

Phone: 07766553467

 

2. THE DATA WE COLLECT ABOUT YOU

 

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows. "Personal data" means any information about an individual from which that person can be identified.

 

2.1 Categories of Personal Data

 

- Identity Data: First name, last name, maiden name, username or similar identifier, marital status, title, date of birth, gender, company name, job title, photographs, government-issued identification (for validation purposes), and professional qualifications.

- Contact Data: Billing address, delivery address, email address, telephone numbers, and social media handles where provided for business purposes.

- Financial Data: Bank account details, payment card details (processed via third-party payment processors), credit history (where applicable for credit checks), and VAT numbers.

- Transaction Data: Details about payments to and from you, details of services you have purchased or supplied through the Platform, contract details, and communications related to transactions.

- Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the Platform.

- Profile Data: Your username and password, purchases or orders made by you, your interests, preferences, feedback, survey responses, Accreditation status, Feedback Ratings, and any other information you provide in your Member profile.

- Usage Data: Information about how you use our Platform, including full Uniform Resource Locators (URLs), clickstream to, through and from our Platform (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

- Marketing and Communications Data: Your preferences in receiving marketing from us and our third parties, your communication preferences, records of correspondence and communications with us (including call recordings where applicable), and your survey responses.

- Special Category Data: We do not intentionally collect "special category" data (as defined in Article 9 of the UK GDPR). However, you may choose to provide such information voluntarily (e.g., dietary requirements for an event, which may indicate health or religious beliefs). We will only process such data where we have obtained your explicit consent or where another lawful basis applies, and we will implement additional safeguards.

 

2.2 If You Fail to Provide Personal Data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with access to the Platform or to perform Event Services). In this case, we may have to cancel a service you have with us, but we will notify you if this is the case at the time.

 

3. HOW WE COLLECT YOUR PERSONAL DATA

 

We use different methods to collect data from and about you, including:

 

3.1 Direct Interactions

You may give us your Identity, Contact, Financial, Profile, and Marketing Data by:

- Filling in forms on our Platform or corresponding with us by post, phone, email, or otherwise.

- Registering for an account or applying for membership.

- Submitting validation documents.

- Requesting marketing to be sent to you.

- Entering a competition, promotion, or survey.

- Giving us feedback or contacting us for support.

 

3.2 Automated Technologies or Interactions

As you interact with our Platform, we may automatically collect Technical and Usage Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. Please see our Cookie Policy (Section 11) for further details.

 

3.3 Third Parties or Publicly Available Sources

We may receive personal data about you from various third parties and public sources, including:

- Technical Data: From analytics providers (such as Google Analytics), advertising networks, and search information providers.

- Contact, Financial, and Transaction Data: From providers of technical, payment, and delivery services (such as Stripe or PayPal).

- Identity and Contact Data: From data brokers or aggregators, publicly available sources such as Companies House and the Electoral Register, and from other Members with whom you transact (e.g., a Supplier providing your contact details to us in connection with a Booking).

- Background and Validation Data: From credit reference agencies, fraud prevention agencies, and insurance providers.

 

4. HOW WE USE YOUR PERSONAL DATA

 

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

 

- Performance of a Contract: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., to provide you with Platform access or to deliver Event Services under a Service Order).

- Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., for network security, fraud prevention, and direct marketing).

- Legal Obligation: Where we need to comply with a legal or regulatory obligation (e.g., for tax, accounting, or anti-money laundering purposes).

- Consent: Where you have given us clear, specific, and informed consent for a particular purpose (e.g., for certain marketing communications or processing of special category data).

 

4.1 Purposes and Lawful Bases for Processing

The table below describes the ways we plan to use your personal data and the lawful bases we rely on to do so. We may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​

​​

​

​

​

​

​

​

​

​

​

​

 

​

​

​

​

​

​

​

​

​

​

4.2 Marketing and Promotional Offers

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

 

Promotional Offers from Us: We may use your Identity, Contact, Technical, Usage, and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which services and offers may be relevant for you (this is "marketing").

 

You will receive marketing communications from us if you have requested information from us, used our services, or if you provided us with your details when you registered for a promotion and, in each case, you have not opted out of receiving that marketing.

 

Third-Party Marketing: We will get your express opt-in consent before we share your personal data with any third party for their own direct marketing purposes.

 

Opting Out: You can ask us or third parties to stop sending you marketing messages at any time by:

- Following the opt-out links on any marketing message sent to you; or

- Contacting us at any time using the details in Section 1.2.

 

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a service purchase, service experience, or other transactions, which we will continue to process as necessary for the performance of our contract or for other legitimate business purposes.

 

4.3 Cookies and Similar Technologies

Our Platform uses cookies and similar tracking technologies to distinguish you from other users. This helps us provide you with a good experience when you browse our Platform and allows us to improve our Platform. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy in Section 11.

 

4.4 Change of Purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

 

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

4.5 Data Processing in Connection with Subscription Cancellation

Your use of the Platform and acceptance of these Terms constitutes an instruction to us to process your personal data as follows in the event of subscription cancellation:

 

Purpose: To enable the contractual renegotiation process outlined in our Terms and Conditions, where discounted Bookings may be affected by subscription cancellation.

Data Shared: We will share minimal necessary Identity and Contact Data (your name, company name, email address, and/or phone number) with the Supplier(s) of your outstanding discounted Bookings.

Your Responsibility: Once your data is shared for this purpose, any further communication, negotiation, and data processing between you and the Supplier occurs directly. We are no longer a party to or responsible for that data exchange. You should review the Supplier's own privacy practices.

Lawful Basis: This processing is necessary for the performance of our contract with you (to give effect to the Terms you agreed to) and for the legitimate interests of both parties in resolving the status of the Event Agreement.

 

5. DISCLOSURES OF YOUR PERSONAL DATA

 

We may share your personal data with the parties set out below for the purposes set out in Section 4. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

5.1 Internal Third Parties

Other companies in the Eventless Ltd group acting as joint controllers or processors and who are based in the United Kingdom.

 

5.2 External Third Parties

- Service Providers: Acting as processors who provide IT and system administration services, payment processing, fraud prevention, identity verification, and customer relationship management.

- Professional Advisers: Acting as processors or joint controllers including lawyers, bankers, auditors, and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance, and accounting services.

- HM Revenue & Customs, Regulators, and Other Authorities: Acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.

- Other Members: When you enter into an Event Agreement, necessary Identity, Contact, and Profile Data will be shared with the other Member to facilitate the contract (e.g., a Client's contact details will be shared with the Supplier they book).

- Credit Reference and Fraud Prevention Agencies: For the purpose of assessing your credit score and preventing fraud, where this is a condition of us entering into a contract with you.

- Third Parties in Connection with Business Transfers: In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets. If Eventless Ltd or substantially all of its assets are acquired by a third party, personal data held by it about its Members will be one of the transferred assets.

- Facilitating Post-Cancellation Renegotiations: In accordance with our Terms and Conditions, if you cancel your subscription and have outstanding discounted Bookings, we may disclose necessary Identity and Contact Data (your name, company, email, and/or phone number) to the relevant Supplier(s) to enable them to contact you directly regarding the renegotiation or continuation of the Event Services at revised rates.

 

6. INTERNATIONAL TRANSFERS

 

Our servers are located in the United Kingdom. However, we may use service providers and subcontractors who operate outside the UK, including in the European Economic Area (EEA) and the United States.

 

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK Government.

- Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK (UK International Data Transfer Agreement or Addendum).

 

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.

 

7. DATA SECURITY

 

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

 

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 

8. DATA RETENTION

 

8.1 How Long We Keep Your Personal Data

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it, whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

 

8.2 Specific Retention Periods

In some circumstances, you can ask us to delete your data: see Section 9 (Your Legal Rights) below for further information.

 

- Member Account Data: We retain this while your account is active and for 7 years after account closure for tax, legal, and regulatory purposes.

- Transaction Data: We retain this for 7 years from the end of the tax year in which the transaction occurred.

- Marketing Data: We retain your marketing preferences for 3 years from your last interaction with us.

- Technical and Usage Data: We retain server logs and analytics data for 2 years.

- Data Processed on Behalf of Members: We retain personal data processed as a processor according to the instructions of the Member (as controller) and for a period of at least 90 days after the termination of the Member's account, unless otherwise required by law or instructed by the Member.

 

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

 

9. YOUR LEGAL RIGHTS

 

Under certain circumstances, you have rights under Data Protection Laws in relation to your personal data. Please contact us using the details in Section 1.2 to exercise any of these rights.

 

9.1 The Rights Available to You

- Right of Access: You have the right to request a copy of the personal data we hold about you (a "data subject access request").

- Right to Rectification: You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

- Right to Erasure ("Right to be Forgotten"): You have the right to request deletion of your personal data where there is no good reason for us continuing to process it.

- Right to Restrict Processing: You have the right to request that we suspend the processing of your personal data in certain circumstances.

- Right to Data Portability: You have the right to request the transfer of your personal data to you or a third party in a structured, machine-readable format.

- Right to Object: You have the right to object to our processing of your personal data where we are relying on a legitimate interest and you feel it impacts your fundamental rights and freedoms. You also have the right to object to direct marketing.

- Rights Related to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. We do not currently engage in such automated decision-making.

 

9.2 How to Exercise Your Rights

We will respond to all legitimate requests within one month. Occasionally, it could take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

 

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

 

10. CHANGES TO THIS PRIVACY POLICY

 

We may update this Policy from time to time. The date of the last revision will appear at the top of this page. We will notify you of any material changes by posting the new Policy on the Platform and/or by sending you an email. You are advised to review this Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page.

 

11. COOKIE POLICY

 

Our Platform uses cookies and similar tracking technologies to enhance user experience.

 

11.1 What Are Cookies?

Cookies are small data files placed on your device when you visit our Platform. They help the Platform work more efficiently and provide information to the owners.

 

11.2 Types of Cookies We Use

- Essential Cookies: Required for the Platform to function. They enable core functionality such as security, network management, and account access.

- Analytical/Performance Cookies: Allow us to recognise and count the number of visitors and see how visitors move around our Platform. This helps us improve the way our Platform works.

- Functionality Cookies: Used to recognise you when you return to our Platform and to personalise our content for you.

- Targeting Cookies: Record your visit to our Platform, the pages you have visited, and the links you have followed. We may use this information to make our Platform and the advertising displayed on it more relevant to your interests.

 

11.3 Managing Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Platform may become inaccessible or not function properly.

 

12. HOW TO COMPLAIN

 

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details in Section 1.2.

 

You also have the right to lodge a complaint with the UK supervisory authority for data protection issues, the Information Commissioner's Office (ICO). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

 

ICO Contact Details:

Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

Cheshire SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk