Privacy Policy

This Privacy Policy explains how we collect, store, protect and may use your information, how we protect your privacy and how you can choose ways in which your information is processed and managed securely.

By accessing and using our Site, and by providing your information, you confirm your consent to our Privacy Policy.

Who we are and who is collecting your information?

The personal information provided to us by you when visiting and using our Site, is provided to and is collected by Linen Mill Studios Limited, a Company (Number NI008331) registered in Northern Ireland at the address 1-6 St Helen’s Business Park, 130-134 High Street, Holywood, Co. Down BT18 9HQ

Security to protect your information and the personal information of others including children

The applicable Law: In accordance with the requirements of the EU General Data Protection Regulations (“GDPR”), the Data Protection Act 2018 brings equivalence to and implements the principles of the GDPR in the UK, and sets out the rights of individuals in respect of the management of their personal data as well as the obligations and conditions organisations must follow to process it. We have established and implemented secure Data Management policies and procedures to ensure your information is correctly stored, maintained and protected, including prevention of unauthorized access to areas of our Site, our Systems or our premises, where your information has been collected and securely stored by us.

Personal Information of others including Children: When you visit and use our Site you are, as part of your use, asked to provide personal information. You may also be asked to provide personal information relating to others, including children, on whose behalf you are acting when you make a booking on our Site on behalf of yourself and on behalf of others. The GDPR makes new provisions and strengthens rights of children, particularly children aged 12 and under, around their data. Children have the same rights as adults over their personal data. Children need protection in place when their data is being processed because they may be less aware of the risks involved.

Parental consent: You must ensure that parental consent is sought when collecting and providing the data of children for online services on our Site. We rely on your obtaining consent, to make sure that children know and understand what they are consenting to. Privacy notices must be written in clear language and children, on whose behalf you are acting, must be informed, in age appropriate words, which they can understand, when and why their data is being collected and provided to us by you when using our Site.

Ways in which we collect information and what information we collect

Systems Collection: It is possible for you to visit our Site and withhold telling us who you are. You can choose to not provide us with any of your personal information. You should be aware, however, that our Systems may identify and record information such as details of your ISP, your IP address, which pages of our Site you accessed, the date(s) and time(s) of your visit(s) and other technical information relating to your visit to our Site.

Your Visit(s) to our Site: We also collect your personal information in instances where you visit our Site and choose to opt-in to receiving information from us, purchase any of our Products or services, take part in online competitions or surveys or if you simply contact us with a query or complaint. If you contact us by phone or write to us by mail or on email, we keep a record of your contact details so that we can respond and if required, maintain a conversation with you.

Use of Cookies: On our Site, we use cookies which have a 30 – day expiration and which establish a user ‘session’ cookie. Session cookies are necessary to collate your transaction and are automatically deleted once you close your browser. Cookies are text files containing small amounts of information which are downloaded to your device when you visit our Site. The Cookies are then sent back from your device to our Site on each subsequent visit which you make to our Site. For further information on Cookies you can visit: www.allaboutcookies.org

What use do we make of your personal information?

Your personal information will be used by us in a variety of ways, including but not limited to: Responding to you when you make contact with us; Advising you of and promoting our services, such as special offers or promotions; Completing transaction(s) which you make on our Site, such as purchasing Tickets or Gift Vouchers; Delivering the products and services which you have purchased on our Site; Meeting our obligations to manage your booking(s) professionally; Addressing matters arising from Game of Thrones Studio Tour visit(s) which you have purchased on our Site; Managing your Subscription to our Newsletter, should you have subscribed; Providing you with information if you have opted-in to our messaging / marketing service; Asking you to provide a review of the service you received when using our services; Responding to a legal requirement to provide your data to a legally authorised authority. Before providing such information, we will advise you of our requirement to disclose such information; Share your information with third parties who assist and enable us to help, operate, provide, improve, integrate, customize, support and market our services to you; Satisfy a legitimate interest (which is not overridden by your data protection interests), such as for research and development; and Act on your behalf, with your consent, to enable us do so for a specific purpose.

Who will, may or can gain access to your personal information?

Third Party Service Providers: We work with third-party service providers who provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information which we hold about you. If a service provider has a need to access your information to perform services on your and / or on our behalf, they do so under close instruction from us, including, where and when possible, direction from us on their contractual obligations and their absolute need to abide by the Privacy Policy set out in this document.

Our Directors, Shareholders, Executives and Employees: All personnel employed within our Company and / or personnel employed within Companies in which we have an ownership, “Associated Companies” are bound by the Privacy Policy set out in this document even though the access to your information is strictly contained to access being granted on a “need to know” basis which enables each person to perform her or his role in the provision of our services to you. Key management will have outline, but not detailed, access to your information by way of financial and business performance reporting.

Sharing with Associate Companies: We share ‘restricted’ information we collect from you with our Associated Companies. The protections of this Privacy Policy apply to the information we share in these circumstances. Where personal information does not need to be shared, identifiable personal data is removed.

Visiting other Websites when using our Site: You may, when visiting and using our Site, make access to another site, for example to avail of taking Cancellation Protection.

When accessing these other Sites, the information which you might provide to them will be processed under their Privacy Policy which may not be the same as our Privacy Policy. We will not be responsible or held to be liable for the Privacy Policies and / or Data Protection procedures of any other Site or organisation to which you choose to provide your personal information.

Third party payment processors

We require certain personal information about you, to enable us to process a purchase which you make on our Site. Information we require may include your name, address, telephone number and email address, your credit or debit card number, other related cardholder details and similar information to process other payment instruments. We do not directly collect, process or store your card or other payment instrument details for online transactions. These details will be held by us on a secure, protected page. This page both ensures that the information is encrypted and passes your personal data to the Payment Processing company which issued it, for authorization and collection to our Account. There are exceptions to these procedures if a telephone order is approved and your information is processed via offline methods. For information security reasons, we will normally direct you, where possible, to use our preferred online Payment Systems.

We use information we collect from you to process your order. We normally retain this information for a period of up to 10 years, or until such time as you may provide a written request to dpo@gameofthronesstudiotour.com instructing us to remove your personal information from our records. All other details form part of our company records and will be retained in accordance with our Legal obligations for Company records.

Transfer of your personal information outside the EEA

By the use of our Site, and should you be a citizen of the European Economic Area (“the EEA”) you may be subject to your personal information being transferred to Territories outside the EEA. By way of example only, if you, whilst within the EEA, purchase, on our Site, a Gift Voucher and you decide to give the Gift Voucher to a person resident outside the EEA we may be required to provide certain of your personal information to the recipient of the Gift Voucher to enable the Voucher holder to gain orderly admission to the Tour. These Territories will not have the same Data Protection regulations as those governing our Site. By providing your personal data you confirm your agreement to these transfers. We will make best efforts to ensure, but we cannot guarantee, that your personal information will be treated in the manner set out in this Privacy Policy.

Management and retention of your personal information

Account information: We retain your account information for as long as your account is active and a reasonable period thereafter which can be up to 10 years, in case you should decide to re-activate your Account and the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Services improvement and development, we take steps to provide information that does not identify you, and we use the information only to uncover collective insights about the use of our Services, not to specifically analyse personal characteristics about individuals.

How long we keep information: The time period during which we keep your personal information depends on the types of information, as described in further detail below. After an appropriate time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), we will securely store your personal information and isolate it from further use until deletion is made possible.

Information you share on our Site: If your Account is deactivated or disabled, some of your information and the content you have provided to us will be stored in order to allow our employees to make use of the Services information. For example, we will continue to retain messages you sent to us and we will continue to retain any actions/content you provided to us.

Marketing information: You may choose to receive or to not receive direct marketing or other information from us. Please ensure you tick the correct box(es) indicating your preference. If you have elected to receive marketing material from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Account, where applicable. We retain information derived from cookies and other tracking technologies for a reasonable period from the date such information was created. If, at any time, you no longer wish to receive marketing or other information from us, you can unsubscribe by clicking on the unsubscribe link included on our Site.

Disclosure to third parties

We will not sell, trade, or rent your personal information to others. We will not disclose information about you to any other person or organisation without your prior consent, save in the case of fraud or other criminal activity, to meet any requirements of a Supplier of Services to you, or in order to enforce our legal rights. For the avoidance of doubt, we reserve the right to pass your information on to third party PCI organisations in the interests of protecting you and/or us against potential fraudulent use of a credit or debit card or other payment instrument, or other fraudulent act, or if acting on your behalf in pursuance of a complaint with one of our Suppliers.

Your entitlement to gain access to, update or delete your information

Change of mind: If you have consented to our use of your personal information for a specific purpose, you have the right, at any time of your selection, to change your mind. Your change of mind and our acting on your instruction to make the change, will not have the effect of changing any of your personal information processing which will have already taken place. Where we are using your information because we or a third party service provider have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer being able to avail of our services.

Access to and request to make changes to your personal information: You are entitled, subject to certain restrictions prescribed by law, to ask us to give you access to and to change, delete, or alter how we process your personal information.

Corrections: You can ask us to correct any inaccuracies which you might identify in your personal information which we hold.

Complaint and / or assistance: Should you be dissatisfied with any element of how we hold, manage or process your personal information you should, in the first instance, bring it to the attention of our Data Protection Officer at dpo@gameofthronesstudiotour.com (please reference “Data Protection Complaint” as the “Subject” or if you choose you have the right to complain to or request assistance from the Office of the Northern Ireland Information Commissioner on www.ni@ico.org.uk

Review and right to change or amend our privacy policy

Review: We constantly review and update our Privacy Policy.

Causes of change: Changes in Law, changes or improvements in technology, improvements in the security practises of processing personal information, or other significant changes governing Data management, will require us to amend our Privacy Policy.

Advice on changes: Any material change to our Privacy policy will be posted on our Site.

Rights to change: We reserve the absolute rights to change or amend our Privacy Policy at any time we decide change or amendment to be necessary.

Key changes

Better navigation and user-friendly language. To make these policies easier to understand, we use clear, plain language and examples that illustrate our activities. From time to time we reformat our Privacy Policy pages so you can quickly find the information that matters most to you.