Privacy Policy

Privacy Policy
Last updated: [07/10/2025]

Welcome to The Wedding Guild of Wales (“we”, “us”, “our”). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect your personal data when you visit our website, interact with us, or register for our wedding fayres and events.

1. Who we are / contact details
Controller: The Wedding Guild of Wales
Website: theweddingguildofwales.co.uk
Contact: [insert address / email / telephone contact for data-protection queries]

If you have any questions about this policy or wish to exercise your legal rights, please contact us using the contact details above.

2. Data we collect

We only collect personal data when you provide it to us (for example via a contact form, email enquiry, or event registration). Typical data we may collect includes:

Name
Email address
Telephone number
Other information you provide in your enquiry (for example, wedding date, venue, preferences)

We do not collect sensitive / special category data (such as health, race, religion, etc.), unless you voluntarily provide it in your correspondence (in which case it is treated in accordance with applicable law).

We do not track visitors via cookies or collect non-personal usage analytics (see section on cookies below).

3. How we use your data (purposes and legal basis)

We use your personal data only for the following purposes:

To respond to your direct enquiries (e.g. via contact form, email)
To administer and manage event registrations (including free tickets via Eventbrite)
To communicate with you about our services or events only if you have given explicit consent (see section on marketing / consent below)

Our lawful basis for processing your data is typically your consent or legitimate interest (e.g. to manage your enquiries and event registration).

We will not use your data for any other purposes not described in this policy without obtaining your consent (where required by law).

4. Marketing, reminders & consent
We do not send marketing communications (newsletters, promotions, advertising) to you unless you explicitly agree to receive them.
The sole exception is attendance at wedding fayres: if you attend one of our wedding fayres and complete a consent form on site indicating that you agree to marketing or follow-up communications, we may then use your details for that purpose.
When you register (for free tickets) via Eventbrite, Eventbrite’s terms and privacy policy apply to your registration data. You have the option to unsubscribe from reminder emails or event communications at any time (via links or via Eventbrite).
At any time, if you have received a communication from us and no longer wish to receive further messages, you may request to unsubscribe / opt out, and we will comply.

5. Cookies and tracking
We do not place any non-essential cookies on your browser.
We do not engage in visitor tracking (e.g. analytics, behavioral advertising) on this site.
Only strictly essential cookies (if any) that enable basic website functionality (if needed) may be used — however, we aim to minimise even those.
Because we do not set non-essential cookies, you will not see cookie banners for tracking cookies on our site (unless needed for e.g. plugin or third-party service).

If in future we do add analytics or marketing cookies, we will update this policy and seek consent appropriately.

6. Sharing your data / third parties
We do not share your personal data with third parties for marketing or commercial purposes.
We do not sell or rent your personal data.
We may share data with third-party service providers only when necessary to deliver services you request (e.g. Eventbrite, email systems) — always under contract, bound by data protection obligations.
Where Eventbrite is used, your registration data is subject to their policies and practices; we do not have control over their internal practices beyond what is agreed under our event setup.
If required by law, regulation, court order or similar, we may disclose personal data to authorities or legal bodies when obliged to do so.

7. Data retention

We will retain your personal data for as long as is necessary for the purposes for which it was collected, or to comply with legal obligations (e.g. for purposes of dispute resolution, auditing, or record-keeping).
Once data is no longer required, we will securely delete or anonymise it.

If you request deletion (under your rights, see section 9), we will erase your data unless there is a lawful reason to keep it (e.g. dispute, legal obligation).

8. Security of your data

We implement reasonable technical and organisational measures to protect your personal data from unauthorised access, loss, misuse, alteration, or disclosure. These may include:

Secure servers and access controls
Encryption (where appropriate)
Restricting access to only those staff / agents who need the data
Regular review of security procedures

Although we take precautions, no system is completely secure. If a data breach occurs, we will notify affected individuals and the relevant supervisory authority where required by law.

9. Your rights

Under UK GDPR and Data Protection Act 2018, you have certain rights regarding your personal data:

Right of access: you can ask to see what personal data we hold about you
Right to correction: you can ask us to correct inaccurate or incomplete data
Right to erasure (“right to be forgotten”): you can ask us to delete your data (subject to legal exceptions)
Right to restriction: you can ask us to restrict processing in certain circumstances
Right to object: you can object to processing (for example, direct marketing)
Right to data portability: to receive your data in a structured, commonly used format (if applicable)
Right to withdraw consent: if you have consented to processing (e.g. marketing), you can withdraw that consent at any time

To exercise any of these rights, please contact us at the contact details above. We will respond without undue delay and in any case within statutory deadlines (usually one month).

You also have the right to complain to the UK Information Commissioner’s Office (ICO) if you believe your data protection rights have been violated. The ICO is the UK supervisory authority for data protection.

10. Changes to this Privacy Policy

We reserve the right to modify or update this Privacy Policy from time to time. When we make significant changes, we will post the updated version on this site with a revised “Last updated” date.
We encourage you to review this Privacy Policy periodically to stay aware of how we protect your information.

11. Additional notes
When we collect personal data, we will inform you at the time of collection (e.g. via forms) about how we will use it, your rights, and any other relevant information (as required under UK GDPR / Article 13).
If any part of this policy is found invalid or unenforceable, it shall not affect the validity of the rest of the policy.
This policy does not cover third-party websites, plugins, or services you link to from our site — you should read their privacy policies before providing personal data to them.