Privacy Policy
1.1 Introduction
GERX LIMITED (“we,” “us,” “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you engage with our event management services, visit our website, or interact with us in any other capacity.
We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws. By using our services, you consent to the practices described in this policy.
1.2 Information We Collect
We may collect and process the following categories of personal data:
A. Personal Identification & Contact Information
- Full name
- Email address
- Phone number
- Business/organization name (if applicable)
- Job title (for corporate clients)
B. Event-Specific Information
- Event type (wedding, conference, hybrid event, etc.)
- Guest count, venue preferences, and special requirements
- Catering, décor, and audiovisual preferences
- Budget and payment details
C. Financial & Transactional Data
- Billing address
- Payment card details (processed securely via third-party gateways like Stripe/PayPal)
- Invoice and transaction history
D. Technical & Usage Data (Website & Digital Services)
- IP address, browser type, and device information
- Cookies and tracking data (see Section 3: Cookie Policy)
- Website interaction metrics (pages visited, session duration)
E. Marketing & Communication Preferences
- Subscription to newsletters or promotional emails
- Feedback, surveys, or reviews
1.3 How We Use Your Data
We process your personal data for the following lawful purposes:
| Purpose | Legal Basis |
|---|---|
| Providing event management services | Contractual necessity |
| Processing payments & invoices | Legal obligation |
| Sending service updates & confirmations | Legitimate interest |
| Marketing communications (e.g., promotions, newsletters) | Consent |
| Improving our website & services | Legitimate interest |
| Compliance with legal & regulatory requirements | Legal obligation |
1.4 Data Sharing & Third-Party Disclosures
We may share your data with:
- Event Vendors & Partners (caterers, venues, AV technicians) – Only necessary details for service fulfillment.
- Payment Processors (Stripe, PayPal) – For secure transactions.
- Legal & Government Authorities – If required by law (e.g., tax audits, fraud prevention).
- Marketing Platforms (Mailchimp, Google Ads) – Only with explicit consent.
We do not sell your data to third parties.
1.5 International Data Transfers
- Data is primarily stored in the UK/EEA.
- If transferred outside the UK/EEA (e.g., via US-based tools like Google Analytics), we ensure GDPR-compliant safeguards (Standard Contractual Clauses, Privacy Shield certification).
1.6 Data Retention Periods
We retain personal data only as long as necessary:
- Client records: 7 years (for tax/legal compliance).
- Marketing data: Until consent is withdrawn.
- Website analytics: Up to 26 months.
1.7 Your Data Protection Rights
Under GDPR, you have the right to:
✅ Access – Request a copy of your stored data.
✅ Rectification – Correct inaccurate information.
✅ Erasure – Request deletion (where applicable).
✅ Restriction – Limit processing under certain conditions.
✅ Portability – Receive your data in a machine-readable format.
✅ Object – Opt out of direct marketing or automated decision-making.
To exercise these rights, contact us at:
📧 Email: privacy@gerxlimited.com
📬 Postal Address: 8 Ellesmere Avenue Barnet NW7 3EU
1.8 Security Measures
We implement robust safeguards, including:
- Encryption (SSL/TLS for data transmission).
- Access controls (role-based permissions for staff).
- Regular security audits.
1.9 Changes to This Policy
Updates will be posted on our website. Material changes will be notified via email (where required).