This Privacy Policy explains how Marylebone London collects, uses, discloses and safeguards your personal data when you visit the website, in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations (PECR).
The data controller for personal data collected through this website is Teksyte LTD, trading as Marylebone London, a company registered in England & Wales. You can contact the controller about any data-protection matter at [email protected]. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk at any time.
We collect the following categories of personal data:
Under the UK GDPR we rely on: consent (newsletter subscriptions, non-essential cookies); contract (operating your Listing or subscriber account); legitimate interests (responding to enquiries, securing the website, measuring audience, promoting listed businesses); and legal obligation (tax and accounting records for paid services).
We use personal data to operate and improve the website; publish and manage Listings; respond to enquiries and route listing enquiries to the relevant business; send the newsletter to subscribers who have opted in; process subscriptions and payments; protect the Service against fraud and abuse; and comply with legal obligations. We do not sell personal data.
We share data only with service providers who process it on our instructions:
When you send an enquiry to a listed business through the Service, the content of your enquiry and your contact details are forwarded to that business, which acts as an independent controller of that data.
Our primary infrastructure is located in the UK and the European Economic Area. Where a processor transfers data outside the UK/EEA (e.g. Cloudflare, Google), the transfer is protected by UK International Data Transfer Agreements, the UK Extension to the EU-US Data Privacy Framework, or equivalent safeguards.
We keep personal data only as long as necessary: enquiry emails up to 24 months; newsletter data until you unsubscribe; account and listing data for the life of the account plus a reasonable period; billing records 6 years (legal requirement); server logs up to 12 months.
You have the right to access, rectify and erase your personal data; to restrict or object to its processing; to data portability; and to withdraw consent at any time (without affecting prior processing). To exercise any right, email [email protected]. We respond within one month. You will not be discriminated against for exercising your rights.
We apply appropriate technical and organisational measures: TLS encryption in transit, access controls, hardened infrastructure, and least-privilege database access. No method of transmission or storage is 100% secure, but we work to protect your data against unauthorised access, alteration or destruction.
The Service is not directed at children under 18 and we do not knowingly collect their data. If you believe a child has provided us personal data, contact us and we will delete it.
We do not make decisions producing legal or similarly significant effects about you based solely on automated processing.
We use cookies and similar technologies as described in our Cookie Policy, including the consent banner that lets you accept or reject non-essential cookies.
We may update this policy from time to time; the "Last updated" date reflects the current version. Material changes will be highlighted on this page.
Email: [email protected] | Contact page