*Active Indoor Leisure Limited (AIL), and its subsidiaries, registered at Ty Glas Avenue, Llanishen, Cardiff, CF14 5DX, UK, which operate ‘BUZZ’ trampoline parks in Cardiff and Swansea, are committed to protecting your personal information. This notice summarises how we collect, store, and process your information when using our website, online booking, telephone booking , when you buy from us in person, when we correspond with you as part of a booking, when you agree to our waiver and safety terms and terms of purchase and when you request information from us. Please read the notice carefully as by providing personal data to AIL we will deem that you have consented to the processing of such data. If having read this notice you are unclear about how we process your data, please contact us at firstname.lastname@example.org and we will provide the clarification you need. Justification: Any personal data we retain is justified on the legal basis defined within the General Data Protection Regulation on one or more of the following grounds: * we have your consent * we need your data to provide you with something you’ve purchased from us * we use your data to make it easier when you want to buy from us again * your data forms part of a legally binding agreement between us If you have never bought from us, the data we retain is only that which you have explicitly consented to. If you have bought from us before and that includes an activity that you and/or a dependent of yours participated in or plan to participate in, we may collect data justified on all the grounds above. Retention Period: Where your data forms part of a legal agreement between us, e.g. a safety agreement, we may retain that data indefinitely on the basis that we might need it to defend ourselves in a future case between us. If your data is needed for us to provide you with a forthcoming activity or event, we will retain your data at least until after the activity or event. If you ask us to remove your data before the activity or event, we might not be able to provide you with that activity or event. After an activity or event, your data may be retained until you request that we remove it from the system on the basis that by retaining your data we make it easier for you to buy from us again. If you don’t buy from us again for a period of greater than two years, we may remove your data from our systems. Where your data is it stored: Your data remains within our systems or within the systems of third parties that process data on our behalf. Any such parties agree to process data based on our instructions and requirements consistent with this Privacy Notice and GDPR. We do not share your data with any other third parties. When and How We Will Contact You: We may contact you via phone, post, or email as necessary if we have a change to, an issue with, or a query about an existing booking. We may send you information on a periodic basis to keep you informed about special offers, new activities, changes to activity schedules and other information that you might find of interest. You can always choose to opt-out of these communications by following the procedure detailed in every email we send you. Credit Cards: We do not store credit card data. All credit card processing is done on secure pages using SSL encryption, or through other secure methods using PCI compliant third-party systems.