Privacy Policy

Please read this Privacy Policy carefully as it contains important information about who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information, and how to contact us and supervisory authorities in the event you have a complaint.

This Privacy Policy is divided into the following sections:
Who we are
Our website
Our collection and use of personal information
Children’s personal data
Our legal basis for processing
Who we share personal information with
International transfers
Marketing
Data retention
Your rights
Keeping your personal information secure
How to complain
Changes to this Privacy Policy
How to contact us
Do you need extra help?

  1. Who We Are

We are Pamper Me Pretty & Co Limited (“we”, “us”, “our”).

We operate as an independent franchisee providing children’s party and event services in the United Kingdom.

We collect, use and are responsible for certain personal information about you under UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

For the purposes of those laws, we are the “controller” of the personal information we process in connection with our website and local services, unless expressly stated otherwise.

  1. Our Website

This Privacy Policy relates to your use of our website:
https://pampermeprettyyandco.com/

Our website may contain links to other websites operated by trusted third parties (for example, booking platforms, payment providers or social media platforms). Those third-party websites operate under their own privacy policies and we encourage you to review them.

  1. Our Collection and Use of Personal Information

We collect personal information when you:
visit our website;
submit an enquiry;
request a quote;
make a booking;
purchase services;
communicate with us by phone, email or social media;
participate in competitions or promotions (if offered);
subscribe to marketing communications (if applicable).

Information We May Collect

Depending on your interaction with us, we may collect:
your name, address and contact details;
event details (date, time, venue location);
payment and transaction details (processed via bank transfer or sumup);
correspondence and communication records;
marketing preferences;
technical data such as IP address, browser type and website usage data (see Cookie Policy).

We use this information to:
respond to enquiries and provide quotes;
plan and deliver booked events;
process payments;
manage bookings and customer relationships;
maintain safeguarding and incident records (where applicable);
improve our services and website;
comply with legal and regulatory obligations;
send marketing communications (where permitted).

  1. Children’s Personal Data

Our services relate to children’s parties and events. Bookings and enquiries must be made by a parent, legal guardian or other responsible adult aged 18 or over.

What Children’s Data We May Collect
To safely deliver events, we may collect limited personal data relating to children, provided by a parent or legal guardian. This may include:
child’s first name;
age or date of birth;
relevant medical information;
allergy information;
additional needs or behavioural considerations;
emergency contact details for the event.

We do not knowingly collect personal data directly from children without parental involvement.

How We Use Children’s Data

Children’s personal data is used solely to:
deliver the booked event safely;
tailor activities appropriately;
manage health and safety;
comply with safeguarding and legal obligations.

We do not use children’s personal data for marketing purposes.

  1. Our Legal Basis for Processing

Under UK GDPR, we must have a lawful basis to process personal data. We rely on:

Contract
Where processing is necessary to perform a contract with you or take steps at your request prior to entering into a contract.

Legitimate Interests
Where processing is necessary for our legitimate business interests, including:
delivering events safely and effectively;
maintaining appropriate records;
improving services;
preventing fraud or misuse.
We ensure these interests do not override your fundamental rights and freedoms.

Legal Obligation
Where processing is necessary to comply with legal or regulatory obligations.

Consent
Where you have given clear consent (for example, marketing emails or use of photography).
You may withdraw consent at any time.

  1. Who We Share Personal Information With

We may share personal information with trusted third parties where necessary to deliver our services, including:
website hosting providers;
booking and scheduling platforms:
payment processors: sumup
email marketing providers: mailchimp;
IT support providers;
professional advisers (e.g. accountants, legal advisers);
insurers (for incident or claim handling).

We require third parties to respect the security of your data and to process it in accordance with the law.

We do not sell personal data.

We may disclose personal information if required by law or regulatory authorities.

  1. International Transfers

Some third-party service providers may store or process personal data outside the UK.

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:
UK adequacy regulations;
International Data Transfer Agreements (IDTAs);
Standard contractual clauses.

You may contact us for further details.

  1. Marketing

We may send information about services, offers or promotions where:
you have provided consent; or
we are permitted to do so under applicable law.

You may opt out at any time by:
clicking “unsubscribe” in emails;
replying STOP to SMS (where applicable);
contacting us directly.

We do not use children’s data for marketing.

  1. Data Retention
    We retain personal data only for as long as necessary to:
    fulfil the purposes for which it was collected;
    comply with legal obligations;
    manage disputes or complaints;
    maintain safeguarding records where required.

Typical retention periods:
Booking and financial records: 6 years
Children’s event-related data: 6 months after event
Marketing data: until consent is withdrawn
Retention periods may vary depending on circumstances.

  1. Your Rights

Under UK GDPR, you have rights including:
the right to access your personal data;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object to processing;
the right to withdraw consent;
rights relating to automated decision-making (if applicable).

To exercise any of these rights, contact us using the details below. We may request proof of identity.

  1. Keeping Your Personal Information Secure

We have appropriate technical and organisational measures in place to prevent personal data from being:
accidentally lost;
used or accessed unlawfully;
altered or disclosed without authorisation.

Access is restricted to those with a genuine business need to know.

We maintain procedures for managing suspected data breaches and will notify affected individuals and regulators where legally required.

  1. How to Complain

We hope that we can resolve any query or concern you raise.

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: https://ico.org.uk
Telephone: 0303 123 1113

  1. Changes to This Privacy Policy

This Privacy Policy was published on 03.03.2026 and last updated on 03.03.2026 .

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

  1. How to Contact Us

If you have any questions about this Privacy Policy or your personal data, please contact:
Email: info@pampermeprettyandco.com
Address: unit 27, the baytree centre, brentwood CM14 4BX
Telephone: 01621 927102

  1. Do You Need Extra Help?

If you would like this Privacy Policy in another format (for example: large print, audio, braille), please contact us.