Welcome. This Privacy Policy (also referred to as our Privacy Notice) explains how Champion Events Ltd collects, uses, stores, and protects your personal data when you use our website or services. We are committed to safeguarding your privacy and handling your data responsibly.

Champion Events Ltd ("Champion Events", "we", "us", or "our") is fully committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We process personal data lawfully, fairly, and transparently, and only for legitimate purposes.

By the very nature of the Champion Events business model, the protection of personal information is a high priority. We have always sought to ensure that the rights of our clients and their people are respected and safeguarded in order to protect their privacy.

Champion Events has always devoted resources to ensure the security, confidentiality, integrity, and availability of the data we control and process. We are committed to continuously evaluating and improving our policies, standards, processes, and information systems to keep data safe, effectively support our clients and business services, and to comply with legal requirements. We do not hold any special category (sensitive) data.

Champion Events recognises the passing of the GDPR as an opportunity to evaluate and further enhance the effectiveness and resilience of our security framework with a particular focus on the rights of data subjects.

We have had an independent consultant review how we operate our processes, systems, and data gathering activities in alignment with the existing EU Data Protection Directive and we are well positioned to fully comply with the General Data Protection Regulations.

Here at Champion Events we take your privacy and the processing of your personal data very seriously. Therefore, we have prepared this Privacy Notice where we describe our contact details, information regarding what personal data we process and what rights you have towards us and how you may defend them. Always feel free to contact our customer support if you have any questions about our processing of personal data or this Privacy Notice.

1. WHO WE ARE

Company name: Champion Events Limited

National company registration number: 07639032

VAT number: GB253 4624 12

Country of operation: United Kingdom

Email address: carole@champion.events

Phone number: +44 (0)7850 227391

Postal address: Beech House, High Street, Pewsey, Wiltshire, SN9 5AF, UK

Visiting address: Beech House, High Street, Pewsey, Wiltshire, SN9 5AF

Data Protection Officer (DPO):

Name: Carole Champion Smyth

Title: Director

Email address: carole@champion.events

Phone number: +44 (0)7850 227391

2. WHAT IS PERSONAL DATA?

"Personal data" is any information relating to an identifiable or identified person (you as a user). An identifiable person is someone who can be identified, directly or indirectly, for example by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.

The processing of special categories of data, defined as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and data concerning health or sex life, is prohibited, subject to certain exceptions. Champion Events does not process any special category data.

3. PERSONAL DATA WE COLLECT AND PROCESS

Your personal data may only be processed by us with your given consent, when it is necessary for the performance of a contract to which you are a party, or when it is necessary for our compliance with a legal obligation. The processing of the personal data, the specific purposes for the processing, the legal basis for the processing, and for how long we store your personal data, is described below.

3.1 Name

Your name will be processed by us when:

- A client provides us with your details to attend an event we are organising on their behalf

- You contact us

- You register or register interest for an event we are managing

Legal basis: Legitimate interests

Retention period: Length of contract relationship where you are a party and two years thereafter

Storage location: Google cloud data storage and, if required, our meeting database/1-2-1 system provided by Delegate Select

Data sharing: Necessary for our performance of our part of the contract

3.2 Email Address

We will process your email address when you fill in the contact form on our website.

Legal basis: Legitimate interests

Retention period: Length of contract relationship where you are a party and two years thereafter

Storage location: Google cloud data storage and, if required, our meeting database/1-2-1 system provided by Delegate Select

3.3 Phone Number

For contact purposes during our contract relationship, your phone number will be processed by us.

Legal basis: Legitimate interests

Retention period: Two years after the end of the contract relationship

Storage location: Google cloud data storage and, if required, our meeting database/1-2-1 system provided by Delegate Select

3.4 National Insurance Number

If you are a consultant paid by us, we are required by law to collect and process your national insurance number.

Legal basis: Legal obligation

Retention period: Length of contract relationship to which you are a party and two years thereafter

3.5 Professional Details

To ensure that we are in contact with the proper contact point within your organisation, we may collect and process your professional details (such as job title, company name, and department).

Legal basis: Legitimate interests

Retention period: Term of a contract to which you are a party and for two years thereafter

3.6 Other Details

We may collect other personal details to help us provide the correct level of service to you when organising an event which you will be attending. This information may include:

- Dietary preferences

- Partner details

- Travel information

Retention period: Such information will be kept in the event database and will be deleted upon conclusion of the event.

3.7 Sharing Details at Events to Arrange 1-2-1 Meetings

Some of our events include the ability to share your details with other delegates, especially when arranging 1-2-1 meetings with other delegates. The software to arrange these meetings will stipulate what information is shared and allow you to opt out of this if you would rather not share any information beyond your name and company.

3.8 Information You Provide Directly

When you use our website or services, we may collect:

- Name

- Email address

- Phone number

- Business information

- Enquiries or messages sent through our contact forms

3.9 Cookies

Our website uses cookies to improve your experience, remember preferences, and analyse site traffic. For full details on the cookies we use and how to manage your preferences, please see our Cookie Policy.

Please note: Champion Events does not store personal data locally on end-user devices; all data is hosted with trusted third-party cloud providers who offer appropriate security measures.

4. HOW WE USE YOUR PERSONAL DATA

We use your data for the following purposes:

- Organising and managing events you are attending

- Responding to enquiries

- Providing services you request

- Managing client relationships

- Sending administrative or marketing communications (with consent where required)

- Improving website performance

- Meeting legal obligations

- Securing our website and systems

We do not sell, rent, or trade your personal data.

5. LAWFUL BASES FOR PROCESSING

We process personal data using one or more of the following lawful bases under UK GDPR:

- Consent – where you have given clear consent for us to process your data for a specific purpose.

- Contract – where processing is necessary to provide services you have requested or to perform a contract to which you are a party.

- Legal obligation – where we are required to process data to comply with the law.

- Legitimate interests – where processing is necessary for our business operations, organising events, improving services, or ensuring security, and your rights and expectations do not override those interests.

Where we rely on legitimate interests, we have conducted a Legitimate Interests Assessment (LIA) to ensure our interests are balanced against your rights and freedoms.

6. DATA RETENTION

We retain personal data only for as long as is necessary for the purposes for which it was collected, including:

- Organising and managing events

- Providing services to you

- Business and operational needs

- Legal, regulatory, or tax purposes

As a general rule, we retain personal data for the duration of our business relationship with you and for up to 2 years thereafter to comply with financial, legal, and contractual obligations, unless you request erasure earlier. Event-specific data such as dietary preferences or travel information is deleted upon conclusion of the event. Once data is no longer required, it is securely deleted or anonymised.

7. INTERNATIONAL TRANSFERS

If your personal data is transferred outside the United Kingdom, Champion Events ensures appropriate safeguards are in place, including:

- ICO-approved International Data Transfer Addendum (IDTA)

- Standard Contractual Clauses (SCCs) adopted by the European Commission

- Government-approved adequacy decisions, where applicable

8. YOUR RIGHTS

Under UK GDPR, you have the following rights in relation to your personal data:

- Right to be informed – about how we use your data.

- Right of access – to request a copy of your data.

- Right to rectification – to correct inaccurate or incomplete data.

- Right to erasure (also known as the "right to be forgotten") – to request deletion of your data.

- Right to restrict processing – to limit how we use your data.

- Right to data portability – to receive your data in a portable format.

- Right to object – to object to processing based on legitimate interests or direct marketing.

- Right to withdraw consent – at any time, where consent is our lawful basis.

To exercise any of these rights, please contact us at: carole@champion.events

Requests will be handled by the appropriate Champion Events team member, with oversight from our DPO, Carole Champion Smyth.

8.1 Right to be Forgotten

You have the right to request that we delete any personal data that we process about you. We will delete the data as soon as possible, but at least within one month's time. If the personal data is needed for fulfilment of our contractual duties towards you or to preserve it with legal ground, we will however not delete the information until the data is no longer needed. We will also, without your explicit demand, delete such personal data that we have collected but do not longer have a lawful right to process. We will inform you about this, if it would occur.

8.2 Right to Withdraw Consent

You have the right to withdraw your given consent at any time. If you do so, we will erase such personal data which is not subject to any other legal ground than your given consent. The erasure will be done as soon as possible. Please note that your withdrawal of consent does not oblige us to erase personal data which is processed based on a contractual relationship or any other legal ground.

8.3 Right of Access

You have, at any time, the right to receive confirmation from us as to whether personal data concerning you are being processed. You have also the right to access that personal data and to receive the following information:

a) The purposes of the processing

b) The categories of personal data concerned

c) The recipients or categories of recipients to whom personal data have been or will be disclosed

d) The envisaged period for which the personal data will be stored or the criteria used to determine that period

e) The existence of automated decision-making and profiling

8.4 Right to Rectification

You have, at any time, the right to demand us to correct any inaccurate personal data within a month's time. You have also the right to complete incomplete personal data, taking into account our purposes of the processing, by the means of providing a supplementary statement.

8.5 Right to Restriction of Processing

You have, instead of demanding us to delete any data, the right to demand us to restrict our processing of your personal data. This may be achieved if:

a) You have reason to believe that the accuracy of the personal data is not correct, and the restriction shall be in place during a period that allows us to verify the accuracy of the personal data

b) The processing is unlawful but you don't want us to delete the personal data

c) We no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims

d) You have objected to processing concerning profiling or automated decision-making, whereby a restriction shall be obtained during the period when we assess whether our legitimate ground for the processing override your legitimate ground.

8.6 Data Portability

You have the right to retrieve the personal data which we process about you and that you have provided to us. You have also the right to demand that we transmit such personal data to another data controller if the personal data is collected based on your consent or if the processing of the personal data is carried out by automated means by us, if we deem it technically feasible.

8.7 Right to Object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you. This can be done when the personal data is processed as part of automated decision-making, including profiling, and direct marketing, if such processing would be carried out.

8.8 Right to Lodge a Complaint with a Supervisory Authority

You have, at any time, the right to lodge a complaint with a supervisory authority regarding our processing of your personal data. Regardless of where we carry out our business, even if it would not be in the member state which is your country of residence, you have the right to lodge your complaint to your national supervisory authority.

For the UK, the supervisory authority is:

Information Commissioner's Office (ICO)

Website: www.ico.org.uk

Telephone: 0303 123 1113

9. SECURITY OF YOUR DATA

We take the security of your personal data seriously and implement appropriate technical and organisational measures, including:

- Secure cloud storage with encrypted data transmission

- Strict access controls and role-based permissions

- Regular staff training on data protection

- Encryption of data where appropriate

- Regular system reviews and vulnerability assessments

- Incident detection and reporting processes

Our third-party cloud providers notify us promptly of any suspected data breach, and we have procedures in place to respond effectively.

10. EXTERNAL LINKS

Our website may contain links to third-party websites, plugins, or applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices or content. We encourage you to read the privacy notice of every website you visit.

11. CHILDREN'S PRIVACY

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we discover that we have inadvertently collected such data, we will delete it promptly.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The latest version will always be available on our website, and we encourage you to review it periodically.

13. ADDITIONAL INFORMATION FOR EU VISITORS

If Champion Events provides services to individuals located in the European Union, their rights under EU GDPR are also fully recognised. The same procedures for access, deletion, rectification, and objection apply. Where we transfer data to the UK or other third countries, we ensure appropriate safeguards are in place.

14. ADDITIONAL INFORMATION FOR U.S. RESIDENTS

If Champion Events receives personal data from residents of U.S. states with comprehensive privacy laws, we comply with applicable requirements, including:

- California Consumer Privacy Act (CCPA/CPRA)

- Virginia Consumer Data Protection Act (VCDPA)

- Colorado Privacy Act (CPA)

- Connecticut Data Privacy Act (CTDPA)

- Utah Consumer Privacy Act (UCPA)

Subject to these laws, U.S. residents may have the right to:

- Access their personal data

- Delete their personal data

- Correct inaccurate data

- Know the categories of data collected

- Opt out of the sale or sharing of their data (we do not sell data)

Requests may be submitted to: carole@champion.events

ABOUT THIS PRIVACY NOTICE

With regard to the General Data Protection Regulation (EU) 2016/679 ("GDPR") and the UK GDPR, we must disclose what personal data we collect and process about you, and for what purposes. In this Privacy Notice, you find all such information that we are obliged to inform you.

The Regulation in its entirety may be accessed by following this link:

http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC

If you would like to defend your rights, which are listed in this Privacy Notice, you may contact us using the contact information listed above.

This Privacy Policy was last reviewed and updated in July 2026.