Privacy Policy

Last updated: October 12, 2025 Updated

Introduction πŸ”—

Guest It ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and store information when you use our platform, including the Guest It web portals, manager and staff systems, QR-code interfaces, and related services.

We act as the Data Controller under the UK General Data Protection Regulation (GDPR). This means we determine how and why your personal data is processed.

Our registered address is Guest It LTD, Unit 26g-26m Springfield Mill Bagley Lane, Farsley, West Yorkshire, United Kingdom, LS28 5LY. You can contact us at hello@guestit.co.uk.

Data We Collect πŸ”—

We collect information necessary to operate our platform and provide venue management and staffing services. This may include:

  • Account and Login Data: Staff, managers, or guests may be given access codes or credentials. These are stored securely and linked to the relevant venue or event.
  • Contact Information: Names, email addresses, phone numbers, or other contact details used for account setup, communication, or alerts (e.g., accident reports, contact manager messages).
  • Operational Data: Data entered into checklists, forms, order submissions, dockets, audits, or sustainability logs created through our system. This data belongs to the venue but is securely hosted by us.
  • Usage and Technical Data: Information about how you access our services, such as device type, IP address, browser version, and activity logs, for performance and security monitoring.
  • Uploaded Media: Optional images or digital signatures uploaded for forms, menus, audits, or staff evaluations. These may be stored securely in cloud storage (e.g., AWS S3) and linked to the relevant record.

How We Use Your Data πŸ”—

We process your personal data only when necessary and for legitimate business purposes, including:

  • Providing and maintaining the Guest It platform and related services.
  • Authenticating users and managing secure logins for staff and managers.
  • Recording operational data such as checklists, forms, audits, and accident reports on behalf of venues.
  • Communicating with managers, staff, or guests where required (e.g., shift details, messages, or confirmations).
  • Improving platform functionality, reliability, and user experience.
  • Complying with our legal obligations and protecting the integrity of our systems.

We do not sell or share your data with advertisers, social networks, or unrelated third parties.

We process your personal data under one or more of the following lawful bases:

  • Contractual necessity: When processing is required to deliver services to a venue or registered user.
  • Legitimate interest: To improve security, prevent misuse, and maintain reliable service operations.
  • Consent: When users voluntarily submit data through order forms, feedback, or surveys.
  • Legal obligation: When we are required to retain certain records for compliance or auditing.

Data Storage and Security πŸ”—

We store data securely on encrypted servers hosted in the United Kingdom. Files such as images or signatures may be stored via Amazon Web Services (AWS S3), which complies with UK data protection laws.

We implement appropriate technical and organizational security measures to protect against loss, misuse, unauthorized access, disclosure, alteration, or destruction of your data.

Data Retention πŸ”—

We retain data only for as long as necessary to fulfil the purpose for which it was collected or as required by law. Venue operational data (such as checklists, dockets, or forms) may be retained for record-keeping or compliance at the request of the venue.

Once data is no longer required, it is securely deleted or anonymized.

Data Sharing πŸ”—

We may share limited personal data only in the following cases:

  • With the venue or company that manages your account (e.g., managers viewing staff logs or reports).
  • With trusted third-party service providers such as hosting, email, or cloud storage vendors who process data under confidentiality and security agreements.
  • If required by law or to comply with legal proceedings.

We never sell or rent user data to third parties.

Your Data Protection Rights πŸ”—

Under UK GDPR, you have the right to:

  • Access and obtain a copy of your personal data.
  • Request correction or deletion of inaccurate or unnecessary data.
  • Withdraw consent where processing is based on consent.
  • Object to processing based on legitimate interests.
  • Request transfer of your data (data portability).

To exercise any of these rights, please contact us at hello@guestit.co.uk. We may need to verify your identity before responding to your request.

Cookies and Tracking πŸ”—

Guest It uses cookies only for essential functionality such as authentication and session management. We do not use advertising or analytics cookies that track personal behaviour across third-party websites.

Children’s Privacy πŸ”—

Guest It is designed for use by venue staff and managers aged 16 and above. We do not knowingly collect data from children. If you believe a child has provided personal data to us, please contact us immediately, and we will take steps to delete it.

Changes to this Policy πŸ”—

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. Updates will be posted on this page with the revised "Last Updated" date.

Contact Us πŸ”—

If you have questions about this Privacy Policy or your data, contact us at:

  • Email: hello@guestit.co.uk
  • Address: Guest It LTD , Unit 26g-26m Springfield Mill Bagley Lane, Farsley, West Yorkshire, United Kingdom, LS28 5LY
Back to top