Privacy and Data Protection Policy

Last modified: September 16th, 2024

Website Privacy Policy

Last modified: September 16th, 2024

Personal Information that the Company obtains from you via Our online presence at this website and how it is protected is governed by this Privacy Policy (regardless of where you visit it from) (the “Policy”). This Policy does not cover information that you submit on other websites, even if We communicate with you on those sites. For example, if you post something on Facebook, Twitter, or YouTube, that information is governed by the privacy policies on those websites, and is not governed by this Policy.

BACKGROUND
Museum of Illusions Manchester Ltd (“Company,” “We,” “Us,” “Our”) is committed to protecting the personal information you share and/or store with Us. By using Our website (the “Service(s)”), you consent to this Privacy Policy, which applies to transactions and activities and data gathered through the Company’s website (the “site” or “website”). We collect information about the apps, browsers, and devices you use to access the Services, which helps Us fulfil and improve this Service and optimise your user experience. This Policy describes Our practices for collecting, using, maintaining, protecting, and disclosing that information and tells you about your privacy rights and how the law protects you.


This Policy applies to information We collect:

- On Our website.
- In email, text, and other electronic messages between you and Our website.
- Through Our mobile applications, which provide dedicated non-browser-based interaction between you and Our website.
- When you interact with Our advertising and applications on third-party websites and services, if those applications or advertising include links to this Policy.

It does not apply to information collected by:

- Us offline or through any other means, including on any other website operated by the Company or any third party; or
- Any third party, including through any application or content (including advertising) that may link to or be accessible from or through Our website.

This website is not intended for children and we do not knowingly collect data relating to children.

Please read this Policy carefully to understand Our policies and practices regarding your personal information and how We collect or process it so that you are fully aware of how and why we are using your data. If you do not agree with Our policies and practices, your choice is not to use Our website. By accessing or using Our website, you agree to this Policy. This Policy may change from time to time. Your continued use of Our website after We make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

Controller
The Company is the controller and responsible for your personal data.
We have appointed a data privacy manager who is responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.


Contact Details
If you have any questions about this Policy or Our privacy practices, please contact our data privacy manager in the following ways:
Full name of legal entity: Museum of Illusions Manchester Ltd
Email address: [email protected]
Postal address: c/o Peachey & Co LLP, 95 Aldwych, London, United Kingdom, WC2B 4JF


Changes to the Privacy Policy
We keep this Policy under regular review.


Your Duty to Inform Us of Changes
It is important that the personal data we hold about you is accurate and current. Please keep Us informed if your personal data changes during your relationship with Us.


Third-party Links
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave Our website, we encourage you to read the privacy policy of every website you visit.

WHAT INFORMATION DO WE COLLECT FROM YOU?
‍Personal data, or personal information (used interchangeably throughout this Policy), means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We collect information that may personally identify you when you voluntarily access Our site from your computer or mobile device, register your email address on Our site, enter a contest or sweepstakes, respond to a survey or communication such as email, or engage with another site feature. The information We may collect, use, store and /or transfer on or through Our website may include information:

- Identity Data such as [first and last name any previous names, username or similar identifier, marital status, title, date of birth, gender].
- Contact Data such as postal address, email address, telephone number, or any other identifier by which you may be contacted online or offline.
- Transaction Data includes [details about payments to and from you and other details of products and services you have purchased from Us].
- Profile Data includes [your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses].
- Usage Data includes [information about how you interact with and use Our website, products and services].
- Marketing and Communications Data includes [your preferences in receiving marketing from Us and Our third parties and your communication preferences].
- Technical Data including your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access Our website..
- Financial Data such as bank account and payment card details for the fulfilment of your orders.

We also collect, use and share aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals' Usage Data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our service offering.

HOW WILL WE COLLECT YOUR PERSONAL DATA?

We use different methods to collect this information including through:

Your interactions with us. You may give us your personal data by filling in online forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

- fill in forms on Our website;
- apply for our products or services including information provided at the time of purchasing tickets;
- create an account on our website;
- subscribe to our service or publications;
- request marketing to be sent to you;
- enter a competition, promotion or survey; or
- give us feedback or contact us.

Automated technologies or interactions. As you navigate through and interact with Our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies[, server logs] and other similar technologies. Please see our cookie policy for further details.

Third parties or publicly available sources. We will receive personal data about you from various third parties, for example, Our business partners and as set out below:

- Technical Data is collected from: (i) analytics providers; (ii) advertising networks; and search information providers based inside the UK.
- Contact, Financial and Transaction Data is collected from providers of technical, payment and delivery services.
- Identity and Contact Data is collected from data brokers or aggregators.
- Identity and Contact Data is collected from publicly available sources such as Companies House and the Electoral Register based inside the UK.

You can always choose not to provide information, however, this may prevent you from taking advantage of such site features of this website. When you access Our site from your computer or mobile device (either one, a “device”) to access and use the Services. We may receive information about your location and your computer or mobile device, including a unique identifier for your device. We may use this information to provide you with location-based services, such as advertising, search results, and other personalised content. Most mobile devices allow you to turn off location services. Please contact your mobile service carrier or device manufacturer to learn how to disable location services for your particular device. We use mobile analytics software to allow Us to better understand the functionality of Our site on your device. This software may record information including how often you use the site, events that occur within the site, aggregated usage, performance data, and where the site was accessed from. The information We store within the analytics software is anonymised. In other words, We do not link the information to you. We store within the analytics software to any personal Information that you submit within the site.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

HOW IS MY INFORMATION USED?


‍Legal Basis
The law requires Us to have a legal basis for collecting and using your personal data. We rely on one or more of the following legal bases:

- Performance of a contract with you: Where we need to perform the contract we are about to enter into or have entered into with you.
- Legitimate interests: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests, for example to prevent fraud and enable us to give you the best and most secure customer experience. We make sure We consider and balance any potential impact on you and your rights (both positive and negative) before We process your personal data for Our legitimate interests. We do not use your personal data for activities where Our interests are overridden by the impact on you (unless We have your consent or are otherwise required or permitted to by law).
- Legal obligation: We may use your personal data where it is necessary for compliance with a legal obligation that We are subject to. We will identify the relevant legal obligation when We rely on this legal basis.
- Consent: We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose, for example if you subscribe to an email newsletter.
Purposes for Which We Will Use Your Personal Data

Direct Marketing, Third-Party Marketing and Opting-Out of Marketing

E-mailing list users of the service may be given a choice whether they would like to be included on Our e-mail list and receive e-mail newsletters from Us. If You have opted-in to receive e-mail newsletters from Us, you may periodically receive communications including links to and information regarding sales, promotions, sweepstakes, and other information that We believe you may find interesting. If you have not opted-in to receive e-mail newsletters from Us, you will not receive these e-mails.

How to Opt-Out of E-mailing List: If you would no longer like to receive e-mail newsletters from Us, you can unsubscribe by selecting the unsubscribe link located in any of Our promotional emails.

We may also analyse your Identity, Contact, Technical, Usage and Profile Data to form a view which products, services and offers may be of interest to you so that We can then send you relevant marketing communications.

We will get your express consent before We share your personal data with any third party for their own direct marketing purposes.

HOW IS MY INFORMATION STORED AND PROTECTED?

The security of your personally identifiable information is important to us, and We strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information that We store in order to protect it from unauthorised access, destruction, use, modification, or disclosure. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. While We attempt to protect the information in Our possession, no security system is perfect and We cannot promise that information about you will remain secure in all circumstances, including the security of your data during transmission to Us or the security of your data on a computer or mobile device.

We have put in place procedures to deal with any suspected personal data breach and We are committed to alerting you and any applicable regulator of a breach where we are legally required to do so.

WHAT INFORMATION IS COLLECTED THROUGH TECHNOLOGY AND BY THIRD- PARTIES?
‍During your visit, as you browse through and interact with Our site and place orders, We automatically collect and store the following non-personal, or anonymous, information about your visit:

- the date and time you access Our site;
- the pages you visit on Our site;
- if you navigate to Our site by clicking a link, the location of that link;
- the technical capabilities of the device you use to access Our site;
- the internet service provider you use to connect to Our site (for example "companyX.com" if you have a commercial internet account, or "universityX.edu" if you connect from a university); and
- the IP address (a number automatically assigned to your device whenever you are surfing the internet) from which you access Our site.

We use this information, in the aggregate, to make Our website more useful to visitors — to learn about the number of visitors to Our site and the types of technology used, to detect operational problems, and to improve the website’s overall security. Cookies, Beacons, Local Storage and Other Similar Technologies Cookies are small data files which include anonymous, unique identifiers that We may transfer to your device to allow Us or a third-party to recognise you and make your next visit to Our site easier. Recognising your device helps Us provide features such personalised advertisements, improve services, and compile aggregate data about site traffic and interaction. We may also use them to help Us understand your preferences based on previous or current site activity, which enables Us to provide you with improved services. We also use cookies to help Us compile aggregate data about site traffic and interaction so that We can offer better experiences and tools in the future. Similarly, flash cookies (also called Local Shared Objects or "LSOs") are data files similar to cookies, except that they can store more complex data. Flash cookies are used to remember settings, preferences, and usage, particularly for video, interactive gaming, and other similar services. We may transmit non-personally identifiable website usage information to third-parties in order to show you advertising for the Company when you visit other sites. You may choose to have your device warn you each time a cookie is being sent, or you may even choose disable cookies through your device settings. Each device is a little different, though, so please contact your mobile service carrier or device manufacturer to learn how to disable or modify cookies for your particular device. Do note that if you’ve chosen to disable or delete cookies on your device, some of the functionality of Our site may be lost. Some of Our features may not display properly, and We recommend that you leave them turned on.


Do Not Track Signals: We do not respond to browser-based "do not track" signals. Do Not Track is a preference that you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser.


Analytics, Log Files and Reading History: We gather certain information automatically and store it in log files. This information may include IP addresses, browser type, operating system, and other usage information about the use of Our services, including a history of the pages or site features you view and/or interact with. We may combine this automatically collected log information with other information We collect about you. We do this to improve services We offer you, including customized recommendations, advertising, to improve marketing, and to track access and use of the Services across the devices that you may use to access the Services. We have hired third parties to provide Us information, reports, and analysis about the usage and browsing patterns of Our users. They may independently record the type of device and operating system You are using, general location information, as well as events that occur on Our App, such as how often you use Our App.

DO WE SHARE YOUR PERSONAL INFORMATION WITH ANYONE?


‍We do not sell, trade, or otherwise transfer to outside parties your personal information unless We provide you with advance notice, except as described below. The term “outside parties” does not include the Company, its affiliates, or Our website. It also does not include website hosting partners and other parties who assist Us in operating Our website, conducting Our business, or servicing you, so long as those parties agree to keep your information confidential.
Third Parties: We may share information about Our visitors in aggregate or de-identified form with third parties for the purposes set out in the table ‘Purposes for which we will use your personal data’ above. Nothing in this Policy is intended to indicate a restriction of Our use or sharing of aggregated or de-identified information in any way. We may also include links to third party websites on Our site in an attempt to provide you with increased value. These linked websites or other apps may have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, We seek to protect the integrity of Our site and welcome any feedback about these linked sites (including whether a specific link works).


Disclosure by Necessity: We may occasionally access, preserve, and/or disclose personal information as required by law, for example, to comply with a court order or subpoena or We have a good faith belief that such action is necessary to (1) comply with the law or with legal process; (2) protect and defend Our rights and property; (3) protect against misuse or unauthorised use of Our Services; or (4) protect the personal safety or property of Our users or the public (among other things, this means that if you provide false information or attempt to pose as someone else, information about you may be disclosed as part of any investigation into your actions).
As We continue to develop Our business, We or Our affiliates may sell or buy other businesses or entities, or We may merge with another company, or be bought by another company. In such transactions, personal information may be among the transferred assets. Your information may be stored and processed in any country in which We maintain facilities or conduct operations and as set out in this Policy.


We require all third parties to respect the security of your personal data and to treat it in accordance with the law. WE do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to:

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data We hold about you and to check that We are lawfully processing it.

Request erasure of your personal information that We hold about you. This enables you to ask Us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Request correction of the personal information that We hold about you. This enables you to have any incomplete or inaccurate data that we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Object to processing of your personal data where We are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where We are processing your personal data for direct marketing purposes. In some cases, We may demonstrate that We have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask Us to suspend the processing of your personal data in the following scenarios:

If you want Us to establish the data's accuracy.

Where Our use of the data is unlawful but you do not want Us to erase it.

Where you need Us to hold the data even if We no longer require it as you need it to establish, exercise or defend legal claims.

You have objected to Our use of your data but We need to verify whether We have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of these rights please submit a request to this designated email address: [email protected]. For further information on your legal rights please visit the ICO website (https://ico.org.uk/).
No Fee Usually Required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, We could refuse to comply with your request in these circumstances.
What We May Need From You
We may need to request specific information from you to help Us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time Limit to Respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, We will notify you and keep you updated.

INTERNATIONAL TRANSFERS

We do not transfer your personal data outside the UK.

Whenever We transfer your personal data out of the UK to service providers, We ensure a similar degree of protection is afforded to it by ensuring that the following safeguards are implemented:

We will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data.
Where We use certain service providers, We may use specific contracts approved for us in the UK which give personal data the same protection it has in the UK.

Please contact us if you require further information on the specific mechanism used by us when transferred your personal data out of the UK.

DATA RETENTION
How Long Will We Use your Personal Data For?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes We collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if We reasonably believe there is a prospect of litigation in respect to Our relationship with you.
To determine the appropriate retention period for personal data, We consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which We process your personal data and whether We can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
By law We have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask Us to delete your data: see your legal rights above for further information.
In some circumstances We will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case We may use this information indefinitely without further notice to you.

AMENDMENTS

We reserve the right to update or change this Policy at any time. Your continued use of the Service after We inform you of and/or post any amendments to the Policy at the website will constitute your acknowledgement and acceptance of such amendments.

QUESTIONS AND FEEDBACK

We welcome your questions, comments, and concerns about privacy. Please feel free to send any comments and/or concerns regarding this policy to [email protected].

Back to Homepage Click to download PDF