Privacy Policy


Allum Manor is committed to respecting your privacy. The purpose of this Privacy Policy isto explain how we will use any personal data we collect about you, the rights you have over any personal data we hold about you, and to tell you about the policies and procedures that we have in place to respect your privacy and keep your personal data secure.

This Privacy Policy applies to you if you visit Allum Manor, make a booking for an event or service at Allum Manor, or are a Customer or Supplier of products and/or services at Allum Manor, over the phone, online, by post or otherwise by using our website or interacting with us on social media (our “Services”).

Who are we?

  • Allum Manor is comprised of two buildings:
  • Allum Hall -a large hall suitable for events such as weddings and Bar Mitzvahs with a maximum capacity of 470
    The Manor House – a large house with a collection of rooms suitable for meetings, children’s groups and parties ranging from 25 to 50 guests

Our contact details

If you have any comments or questions about this Privacy Policy or our data processing practices, please address them to us at or address the letter for the attention of our Centre Manager, who can be contacted at Allum Manor – House & Hall, 2 Allum Lane, ELSTREE, WD6 3PJ.

The categories of personal data we collect and use

The categories of personal data we collect and use include:

  • name;
  • address;
  • email address;
  • telephone number;
  • information about the Services we provide to you (including for example, what we have provided to you, when and where and, if applicable, how much you paid);
  • bank account details and payment card information
  • information you provide to us with when you contact us by phone, email, post, or when you communicate with us via social media;
  • CCTV images when you visit Allum Manor
  • information about electronic communications you receive from us, including whether that communication has been opened and if you have clicked on any links within that communication;
  • other personal data which you may disclose to us when you use our Services at any time.

Sources of personal data

We will receive your personal data when you provide them to us yourself or when you use or purchase one or more of our Services.

How we use your personal data

All personal data that we obtain about you will be used in accordance with current data protection law and this Privacy Policy. We will process your personal data as follows:

  • As necessary, to perform a contract with you, such as a contract to process an order from you for one or more of our Services including, where applicable, taking payment and carrying out fulfilment and delivery.
  • As necessary, to comply with a legal obligation, for the following purposes:
    where you exercise your rights under data protection law and make requests;
    and to comply with any legal obligation, any lawful request from government or
    law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity.
  • As necessary, for our legitimate interests in providing the Services and ensuring
    they operate safely, securely and in a commercially suitable way which is tailored
    to your use and interests, for the following purposes:

> to provide you with the Services;

> to verify your identity for security purposes;

> to help us to ensure our customers are genuine and to prevent fraud;

> to ensure the security of our websites, mobile applications and other technology systems;

> for the good governance of our business, including keeping financial records, to allow us to pay suppliers and to charge, invoice or refund customers;

> by using CCTV, to prevent and detect crime and to keep people who visit and work at Allum Manor safe and secure;

> to record and investigate health and safety and other incidents which have happened or may have happened at Allum Manor;

> to provide you with information about our Services, to contact you about administrative matters, and to manage and respond to any queries or complaints you make or any correspondence you send us;

> to help us to return lost property to its rightful owner;

> for the purpose of marketing our Services including sending marketing communications and, where applicable, processing your registration, creating custom marketing audiences on third-party websites such as Facebook, and profiling and automated decision-making relating to our marketing; and

> for market research and statistical analysis and to analyse the use of our Services so that we can improve them.

Sharing your personal data

We will not share your personal data with any other body except as necessary, to comply with a legal obligation, for the following purposes:

  • where you exercise your rights under data protection law and make requests; and
  • to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity

How long do we keep your personal data?

  • We will normally retain your personal data for as long as you use our Services and for up to two years after your last use of our Services or your last interaction with us (for example, the last time you opened an electronic communication from us or visited one of our websites).
  • However, in some circumstances we will retain your personal data for a different period, including:

> we will retain recorded CCTV footage at Allum Manor for no longer than one month, unless we are required to retain it for longer (for example, if we are investigating an incident, or have been asked to retain specific CCTV footage for a longer period by government or law enforcement officials);

> We will retain your personal data for longer if we believe we may need them in order to respond to any claims, to protect our rights or the rights of a third party, or
if we are required to retain them in order to comply with applicable laws

We will always retain your personal data in accordance with data protection law and never retain your personal data for longer than is necessary.

Your rights

You can contact our Data Protection Officer (Centre Manager) at any time by email at to:

  • request that we provide you with a copy of the personal data which we hold about you;
  • request that we update any of your personal data which are inaccurate or incomplete;
  • request that we delete any of your personal data which we are holding;
  • request that we restrict the way that we process your personal data;
  • request that we provide your personal data to you or a third-party provider of services in a structured, commonly-used and machine-readable format;
  • object to us processing your personal data for direct marketing purposes.

Your request must include your name, email address and postal address and we may request proof of your identity. Please allow at least seven working days for us to process your request.

Withdrawing your consent 

Where we are processing your personal data based on your consent, you may change your mind and withdraw your consent at any time.

You can withdraw your consent to receive marketing communications by clicking on the unsubscribe link in an email or by adjusting the push message settings for the mobile application.

You can also withdraw your consent to receive marketing communications or any other consent you have previously provided to us by contacting us at or by writing to us at Allum Manor, 2 Allum Lane, ELSTREE WD6 3PJ

The consequence of you withdrawing consent might be we cannot do certain things for you.

Your right to lodge a complaint with a supervisory authority

You may also make a complaint to a supervisory authority for data protection matters. In the UK, this would be the UK Information Commissioner’s Office ( If you live in another EEA country, you may complain to the supervisory authority in your country. Alternatively you may seek a remedy through local courts if you believe your rights have been breached.

How do we protect your personal data?

We use industry standard technical and organisational security measures to protect your personal data. We keep your personal data secure by implementing policies, procedures and access controls so that only authorised members of our staff or authorised third parties can access your personal data.

We protect our information technology systems with firewalls and anti-virus and anti-malware software and other information security technology solutions.

We cannot guarantee the security of your personal data when you transmit it to us. For example, if you email us your personal data, you should be aware that email is not a secure transmission method. As such, you acknowledge and accept that we cannot guarantee the security of your personal data transmitted to us and that any such transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to prevent unauthorised access.

Links to other websites and mobile applications

We may sometimes provide you with links to other websites, but these websites are not under our control. We are only responsible for the privacy practices and security of our Services. We are not responsible for the privacy policies, content or security of any linked websites.

We recommend that you check the privacy and security policies of each and every website and mobile application that you visit.

Changes to our Privacy Policy

We reserve the right to change our Privacy Policy from time to time. Any such changes will be posted on our website so that we can keep you informed about how we process your personal data. We recommend that you consult our website frequently so that you are aware of our latest Privacy Policy and can update your preferences if necessary. Your continued use of our Services shall constitute your acceptance of any revised Privacy Policy.

This Privacy Policy was last updated on 23rd May 2018.