Bokatinos

Privacy Policy

Who We Are

Bokatinos, incorporated in England & Wales, is the data controller responsible for your personal data collected through our website and services.

Scope

This Policy applies to anyone who visits our website, makes a booking, inquires, attends an event, or provides data to us (guests, clients, staff, contractors).

Data We Collect

We collect:

  • Identity & Contact Data: name, age, gender (optional), email, postal address, phone number.
  • Booking & Event Data: event date, venue, guest list, dietary requirements, access needs, personal preferences.
  • Transaction & Financial Data: payment info (securely processed), billing address.
  • Technical Usage Data: IP address, device, browser type, browsing patterns, cookies.
  • Communications Data: correspondence and feedback.
  • Supplier/Contractor Data: CVs, DBS checks, contractor credentials.
  • Marketing Data: preferences and consents.

We do not collect special category data (e.g. religious beliefs) unless voluntarily disclosed (e.g. dietary requirements).

How We Collect It
  • Via inquiry or booking forms (online, email, phone, in person).
  • Directly during events or welfare questionnaires.
  • Through cookies and web analytics.
  • Via third-party integrations (secure payment gateways).
  • Applicant CVs or supplier onboarding.
 
Legal Bases for Processing

We rely on:

  • Contractual necessity: to fulfil your booking and deliver Services.
  • Consent: for marketing communications, cookie storage, optional data.
  • Legitimate interests: for service improvement, fraud prevention, security, internal record-keeping.
  • Legal obligation: for record-keeping, tax, archiving, audits.
 
Use of Data

We use your data to:

  • Process and confirm bookings and payments.
  • Plan and deliver events (including dietary and access needs).
  • Communicate essential information.
  • Administer contracts and Services.
  • Provide customer service, manage grievances, and seek feedback.
  • Personalise marketing content (newsletters, promotions).
  • Detect fraud, ensure safety and security.
  • Comply with legal obligations (safety, health, accounting).
  • Operate, analyse and improve our website and Services.

 

Data Sharing

We may share your data with:

  • Suppliers (caterers, florists, entertainers, venues).
  • Payment processors (e.g. Stripe).
  • Professional advisers (lawyers, insurers, auditors, financial institutions).
  • Event venues (for logistics).
  • IT and analytics providers.
  • Legal/regulatory authorities if required.
  • Successors in event of merger or sale.

All transfers are GDPR‑compliant, with appropriate contractual safeguards.

International Transfers

Some data may be accessed by group entities or partners outside the UK. We ensure adequate safeguards (e.g., Standard Contractual Clauses) for lawful cross-border transfers.

Data Retention

We retain your data only as long as necessary:

  • Enquiries: up to 12 months.
  • Clients/Events: up to 7 years for financial/legal compliance.
  • Website analytics: aggregated retention up to 24 months.
  • Job applications: up to 12 months unless you request deletion.
 
Your Rights Under Data Protection Law

You have the right to:

  • Access a copy of your data.
  • Correct inaccuracies.
  • Request erasure (“right to be forgotten”) where lawful.
  • Restrict or object to processing.
  • Data portability (to a new provider).
  • Withdraw consent at any time (marketing, cookies).
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow SK9 5AF, helpline 0303 123 1113.

 

Cookies & Tracking

We use cookies for:

  • Essential: session, form processing.
  • Performance/Analytics: usage insights.
  • Functional: preferences, language.
  • Marketing: retargeting (only with consent).

You can manage cookie preferences via banner or browser settings. Opt‑in is required for non-essential cookies.

 

Data Security

We implement technical and organisational measures to protect data:

  • Secure servers, data encryption, firewall, intrusion prevention.
  • Limited access on a need‑to‑know basis; confidentiality training.
  • Planned breach response procedures and reporting systems.
  • Regular audits and risk assessments.

Nevertheless, no transmission method is 100% secure. If a breach occurs, we will comply with our legal obligations including notifying ICO and affected individuals if required.

Children

Our website and services are not intended for under‑18s. We do not knowingly collect data from children. If you believe we have inadvertently collected such data, please contact us to request deletion.

Marketing Communications

By consenting, you will receive occasional information on our Services, special offers, newsletters. You may opt‑out anytime via the unsubscribe link or by emailing [insert email]. We never share data with third‑party marketers without consent.

Changes to This Policy

We may update this Policy. The revised date will appear in the header. The latest version will be published on our website. Continued use after changes constitutes acceptance.

How to Contact Us

Data Protection Officer

Bokatinos

[Insert registered address]

Email: [Insert privacy email]

Phone: [Insert phone number]

You may also write to the ICO at the address above.

Bokatinos

Luxury hospitality, bespoke events, personal service, unforgettable experiences.

Quick Links
Services
Contact Info
Facebook X-twitter Instagram

© 2025, Bokatinos. All Rights Reserved.