Call us on 0207 680 4001

or ENQUIRE NOW

Privacy Policy

Tobacco Dock Venue Limited (TDVL) Privacy Policy

Last updated: April 2026

1. Introduction

Tobacco Dock Venue Limited (“TDVL”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data.

This privacy policy explains how we collect, use, and protect your personal data when you:

  • Visit our website
  • Use our services
  • Visit our venue
  • Interact with us in any way

This policy is designed to meet the requirements of the UK GDPR and the Data (Use and Access) Act 2026.

2. Controller and Contact Details

TDVL is the data controller responsible for your personal data.

Contact details:
Email: sar@tobaccodocklondon.com
Address: Tobacco Dock, The Dock, Tobacco Quay, Wapping Lane, London, E1W 2SF
Phone: 0207 680 4001

3. The Data We Collect About You

We may collect the following types of personal data:

  • Identity Data – name, title, date of birth
  • Contact Data – email, address, phone number
  • Financial Data – payment details
  • Transaction Data – purchases and bookings
  • Technical Data – IP address, browser, device info
  • Usage Data – how you use our website/services
  • Marketing Data – preferences and communication choices

CCTV Data

We operate CCTV systems at our venue for security, safety, and crime prevention.

CCTV data may include:

  • Images of individuals
  • Behaviour and movements
  • Time and location of presence

CCTV footage:

  • Is treated as personal data where individuals can be identified
  • May incidentally capture:
    • Special category data (e.g. visible health or religious indicators)
    • Criminal offence data (e.g. security incidents)

We apply appropriate safeguards to protect this data.

4. How We Collect Your Data

We collect data through:

  • Direct interactions (forms, bookings, emails)
  • Automated technologies (cookies, analytics tools)
  • Third parties (e.g. service providers, analytics providers such as Google Analytics)

5. How We Use Your Personal Data

We use your personal data based on the following lawful bases:

  • Performance of a contract
  • Legitimate interests
  • Legal obligations
  • Consent (for marketing where required)

Key purposes include:

  • Providing services and managing bookings
  • Managing customer relationships
  • Improving our website and services
  • Marketing and communications

CCTV Processing

We use CCTV for:

  • Security and safety
  • Crime prevention and detection

Lawful basis:
Legitimate interests (protecting individuals, property, and operations), and legal obligations where applicable.

6. Disclosures of Your Personal Data

We may share your data with:

  • Service providers (IT, payment, hosting)
  • Professional advisers
  • Regulators and authorities

All third parties are required to protect your data and only process it under our instructions.

7. International Transfers

Some third-party providers (including analytics providers such as Google Analytics) may process personal data outside the UK.

Where this occurs, we ensure appropriate safeguards are in place, including:

  • UK International Data Transfer Agreements (IDTAs)
  • Adequacy decisions

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Access controls
  • Encryption where appropriate
  • Staff confidentiality obligations

9. Data Retention

We retain personal data only as long as necessary.

CCTV Retention

CCTV footage is typically retained for up to 30 days, unless required for:

  • Investigations
  • Legal proceedings
  • Regulatory purposes

10. Your Legal Rights

You have rights under data protection law, including:

  • Access to your data (Subject Access Request)
  • Correction of inaccurate data
  • Erasure of data
  • Restriction or objection to processing
  • Data portability
  • Withdrawal of consent

CCTV Requests

Where you request CCTV footage:

  • We will provide access where possible
  • Footage may be redacted to protect others

11. Complaints

We take complaints seriously and handle them in a fair and transparent manner.

  • Acknowledged within 5 working days
  • Responded to within 1 month

If you are not satisfied, you may complain to the Information Commissioner’s Office (ICO).

12. Accountability and Governance

We maintain appropriate policies, procedures, and records to demonstrate compliance with data protection law.

We regularly review:

  • Data protection complaints
  • Subject access requests
  • Data processing risks

to improve our practices and ensure ongoing compliance.

13. Updates to This Policy

We may update this policy from time to time. The latest version will always be available on our website.

14. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for their privacy practices.