Data Protection Policy for Hidden Clue HQ

1. Introduction

At Hidden Clue HQ, we are dedicated to safeguarding the personal data of everyone who visits our facilities, books our quest room experiences, uses our website, or communicates with us. This Data Protection Policy outlines how we collect, use, store, and protect your personal information. We are committed to handling your data responsibly and in accordance with applicable data protection laws. Our goal is to ensure that your privacy is respected while providing you with an exciting and safe quest room adventure.

2. Information We Collect

We collect and process various types of personal data to operate our quest rooms and related services effectively. The categories of data we may collect include:

• Identity information: Full name, date of birth, and proof of age where necessary (for age-restricted games).
• Contact information: Email address, phone number, and physical address used for communication, booking confirmation, or emergency contact purposes.
• Booking details: Information about your reservations, group size, selected quest rooms, and participation history.
• Payment data: Billing address and payment details required to process your transactions securely.
• Account data: If you choose to create an account with us, we may collect usernames, passwords, and preferences related to your experience.
• Technical data: IP address, device type, browser type, operating system, and interaction data collected automatically when you use our website or digital services.
• Images and video: CCTV recordings at our premises to ensure the safety of players, staff, and property.
• Feedback and communication: Information you provide in surveys, reviews, or when contacting customer service.

3. How We Collect Data

Your personal data is collected through various channels, including:

• Direct interactions: When you book a quest room, create an account, contact us, or provide feedback.
• Automated technologies: When you use our website or app, data is gathered using cookies and similar technologies to enhance functionality and security.
• On-site systems: CCTV and other monitoring tools within our premises to ensure safety and prevent unauthorized activities.

4. Why We Process Your Data

We process your personal data for the following purposes:

• Managing and confirming bookings for quest room experiences.
• Processing payments and managing invoices.
• Providing customer support and responding to inquiries.
• Ensuring the security of our premises, participants, and staff.
• Sending service-related communications, such as booking confirmations or important updates.
• Conducting surveys to gather feedback and improve our services.
• Managing competitions, promotions, or events, where you choose to participate.
• Analyzing service usage and customer preferences to improve our quest rooms and customer experience.
• Meeting legal obligations, including health, safety, and tax requirements.

5. Legal Grounds for Processing

The lawful bases we rely on for processing your personal data include:

• Your consent: For sending promotional materials or optional services.
• Performance of a contract: When processing your bookings or providing related services.
• Compliance with legal obligations: To meet regulatory requirements, such as health and safety laws.
• Legitimate interests: To operate and improve our business, enhance safety, and prevent fraud, balanced against your privacy rights.

6. Sharing of Personal Data

We may share your personal data with trusted third parties that assist us in delivering our services, including:

• Payment processors for secure handling of transactions.
• IT providers that support our booking systems and digital infrastructure.
• Marketing providers, only where you have given consent for promotional communications.
• Security firms that assist with surveillance and on-site safety measures.
• Legal or regulatory authorities when required by law or for the protection of rights and safety.

We do not sell or rent your personal data to external parties.

7. Data Security

We have implemented strong technical and organizational measures to protect your personal data from unauthorized access, misuse, or loss. These measures include:

• Secure servers and firewalls to protect stored data.
• Encryption of sensitive information during transmission and storage.
• Access controls to limit data handling to authorized personnel.
• Regular system reviews and updates to maintain security.
• Staff training on data protection principles and confidentiality requirements.

Although we take all reasonable precautions, no system can be guaranteed completely secure. We encourage you to protect your own information by using secure passwords and handling your credentials carefully.

8. Data Retention

We keep your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting obligations. For example:

• Booking records and transaction data are retained for several years to meet tax and regulatory requirements.
• CCTV footage is stored for a limited period, unless required for incident investigation.
• Marketing data is retained until you withdraw your consent or update your preferences.

When data is no longer needed, we securely delete or anonymize it.

9. Your Rights

You have several rights concerning your personal data, including:

• The right to access your personal data and receive details about its processing.
• The right to correct inaccurate or incomplete information.
• The right to request deletion of your data under certain circumstances.
• The right to object to or restrict certain processing activities.
• The right to data portability, where applicable.
• The right to withdraw consent at any time where consent is the basis of processing.

To exercise your rights, please contact us using the details provided at the end of this policy. We will respond within the timeframes required by law.

10. Children’s Privacy

Our quest rooms may have age restrictions for certain experiences. We do not knowingly collect personal data from children without appropriate parental or guardian consent. If we discover that personal data of a minor has been collected improperly, we will take steps to delete it promptly.

11. Policy Updates

We may update this Data Protection Policy from time to time to reflect changes in our practices, technology, or legal requirements. We encourage visitors to review the policy regularly to stay informed about how we protect personal data.

12. Contact Information

If you have any questions, concerns, or requests related to this Data Protection Policy or the handling of your personal data, please contact:

Hidden Clue HQ
Data Protection Officer
Rosedale Road, Albany, Auckland 0632, New Zealand
Phone: +642040471936
Email: [email protected]

We are committed to protecting your personal data and ensuring a safe, enjoyable experience in our quest rooms.