Privacy Policy


privacy-policy

Last updated: 4 August 2025

1. Introduction

Woolly Mammoth Ltd ("Woolly Mammoth", "we", "our" or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose and safeguard your information when you visit www.woolly‑mammoth.io (the "Site") or use our services.

1.1 Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

2. Who we are

We are Woolly Mammoth Ltd, a company registered in England and Wales under company number 14012740. Our registered office is 26 Boundary Street, London E2 7JE. For the purposes of the UK General Data Protection Regulation (UK GDPR) we are the data controller of your personal data.

3. Contact details

If you have questions about this policy or wish to exercise your rights, please contact:

Woolly Mammoth Ltd
26 Boundary street, E2 7JE
London E2 7JE
United Kingdom
Email: info@woolly‑mammoth.co.uk

4. Personal data we collect

We collect and process the following categories of data:

  • Identity data: name, username, title, date of birth.
  • Contact data: billing address, delivery address, email, phone number.
  • Profile data: bookings made by you, feedback, preferences.
  • Financial data: payment card details processed by Stripe, bank account details for payouts.
  • Transaction data: details of payments to and from you, event details, invoices.
  • Technical data: IP address, login data, browser type, time zone, operating system, device identifiers.
  • Usage data: information about how you use our Site and services, including page views and clicks.
  • Marketing data: your communication preferences, marketing responses.
  • Image data: photographs or video you upload or that are taken at events with your consent.

5. How we collect your data

We use different methods to collect data from and about you, including:

  • Direct interactions: you provide data by creating an account, making a booking, filling in forms, giving feedback or contacting us.
  • Automated technologies: we collect technical and usage data by using cookies, server logs and similar technologies.
  • Third parties: we receive data from payment processors, analytics providers, advertising networks and identity verification services.

6. Legal bases for processing

We rely on the following legal bases under UK GDPR:

  • Contract: to perform the contract we are about to enter or have entered with you.
  • Legitimate interests: to pursue our business interests where your interests and fundamental rights do not override those interests.
  • Consent: where you have given clear consent for us to process your personal data for a specific purpose.
  • Legal obligation: where processing is necessary for compliance with a legal obligation.

7. How we use your data

We use your personal data to:

  1. Register you as a user and manage your account.
  2. Process and administer bookings and payments.
  3. Provide customer support before, during and after an event.
  4. Verify identity and conduct fraud checks.
  5. Manage our relationship with you, including notifying you about changes to terms or policies.
  6. Send marketing communications that you have opted in to receive.
  7. Improve our Site, products, marketing and user experience through analytics.
  8. Enable participation in reviews, surveys or competitions.
  9. Comply with legal obligations such as tax, accounting and anti‑money‑laundering regulations.

8. Marketing

We may send you emails about new venues, promotions or industry news if you have opted in, or if you are an existing customer and have not opted out. You can unsubscribe at any time by clicking the link in our emails or by contacting us.

9. Sharing your data

We only share your personal data with:

  • Hosts and guests for the purpose of fulfilling a booking.
  • Service providers acting as processors, including Stripe for payments, AWS for hosting, Google and Meta for analytics and advertising, and Cloudflare for security.
  • Professional advisers such as lawyers, bankers, auditors and insurers.
  • HM Revenue and Customs, regulators and other authorities where required by law.
  • Third parties to whom we may sell, transfer or merge parts of our business. If a change happens, the new owners may use your data in the same way as set out in this policy.

We do not sell your personal data to third parties.

10. International transfers

Some of our service providers are located outside the United Kingdom. Whenever we transfer your data abroad, we ensure a similar degree of protection is afforded to it by implementing safeguards such as Standard Contractual Clauses approved by the UK Information Commissioner or using providers in countries with adequacy regulations.

11. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also limit access to your personal data to employees, agents, contractors and other third parties who need to know.

12. Data retention

We keep your personal data only for as long as necessary to fulfil the purposes we collected it for, including any legal, accounting or reporting requirements. The retention period depends on the nature of the data and the purpose of processing, for example:

  • Booking records and invoices: seven years for tax and accounting compliance.
  • Marketing preferences: until you unsubscribe or withdraw consent.
  • Technical logs: up to twelve months.

13. Your rights

Under UK GDPR you have the right to:

  • Request access to your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request deletion where there is no good reason for us to continue processing.
  • Object to processing based on legitimate interests.
  • Request restriction of processing.
  • Request the transfer of your data to you or a third party (data portability).
  • Withdraw consent at any time when we rely on consent.

To exercise any of these rights, email dataprotection@woolly‑mammoth.io. We may need to request specific information from you to confirm your identity.

14. Children

Our Site is not directed at children under 16. We do not knowingly collect data from children. If you believe we have collected such data, please contact us and we will delete it.

15. Links to other websites

The Site may include links to third‑party websites. We do not control these websites and are not responsible for their privacy statements.

16. Changes to this policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. If changes are significant we will notify you by email or by a notice on the Site.

17. Complaints

You have the right to lodge a complaint with the Information Commissioner’s Office. We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us first.

ICO website: https://ico.org.uk
ICO helpline: 0303 123 1113

© 2025 Woolly Mammoth Ltd. All rights reserved.











Follow us

© 2024 Woolly LTD