Privacy Notice

Background

We respect the privacy of our customers, commercial partners and of everyone who visits our website, wiskowandwhite.com (Our Website). Wiskow & White Ltd (we /us / our) will only collect and use personal data in ways that are described in this Privacy Notice, and that are consistent with our obligations and your rights under the Data Protection Legislation.


1. Definitions and Interpretation

In this Privacy Notice, the following terms shall have the following meanings:  

Client: means a client who purchases products or services from us, including our wedding planning services and/ or access to The Club membership; and

Data Protection Legislation: means all applicable data protection and privacy legislation in force from time to time in the UK including the UK GDPR; the Data Protection Act 2018 (DPA 2018) (and regulations made thereunder); the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended, the Data (Use and Access) Act 2025 and all other legislation and regulatory requirements in force from time to time which apply to a party relating to the use of personal data (including the privacy of electronic communications).

2. Information About Us

Wiskow & White Ltd is a limited company registered in England & Wales with company number 11321343, with its registered office address at 13 Furlong Road, Westcott, England, RH4 3PP (we/ us / our).  We are the controller and responsible for your personal data.  

If you have any questions relating to your personal data or this Privacy Notice, you may contact us at lucy@wiskowandwhite.com.

3. Third party links

Our Website may include links to third-party websites. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for the way in which they handle personal data. We encourage you to read the privacy policy or privacy notice of every website you visit.

4. Your personal data

Personal data is any information about you that enables you to be identified. Personal data covers your name and contact details, but also information such as electronic location data and other online identifiers.  It does not include data where your identity has been removed (anonymous data).

It is important that your personal data is kept accurate and up-to-date.  If any of the personal data we hold about you changes, please let us know.

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you do not provide that data when requested (for example complete information needed for us to arrange delivery of our products or services to you), we may not be able to perform that contract.  In this case, we may have to cancel a contract you have with us.  We will notify you if this is the case.

Please note that our Our Website is not intended for children.  We do not knowingly collect personal data relating to children.

5. Your rights in relation to your personal data

Under the Data Protection Legislation, you have the following rights.  More information on how to exercise these rights follows later in this Privacy Notice.

  • The right to be informed about our collection and use of your personal data. 

  • The right to access your personal data.  

  • The right to rectify your personal data if any of it is inaccurate or incomplete. 

  • The right to request deletion of your personal data (subject to certain legal requirements) or to withdraw consent to us using it.

  • The right to prevent processing of your personal data.

  • The right to restrict the use of your personal data for particular purposes.

  • The right of portability, enabling you to ask for a copy of your personal data to re-use with another business.

  • Rights relating to automated decision-making and profiling. We do not however use your personal data in this way.

  • The right to lodge a complaint if you believe your privacy or data protection rights have been breached.  You should raise your complaint with us in the first instance, and a copy of our Data Protection Complaints Policy is available on request.  We will acknowledge your complaint within 30 days and respond to it without undue delay.  If we are not able to resolve your complaint effectively, then you may submit a complaint to the Information Commissioner’s Office (ICO) at www.ico.org.uk

For more information about our use of your personal data or exercising your rights set out above, please contact us at lucy@wiskowandwhite.com.

6. What Data We Collect 

Depending upon whether you are simply browsing Our Website, are a Client, represent a wedding venue or are a wedding vendor, we may collect and hold some or all of the personal data set out below, using the methods also set out below.

Please also see our Cookie Policy on Our Website regarding our use of cookies and similar technologies.  

We collect the following types of personal data:

  • Contact Information: If you are a Client or potential client, or represent a wedding vendor or venue, we may collect your name, email address, postal address, telephone number and other similar contact details that you provide when contacting us through Our Website, by email, by telephone, through one of our social media channels or via a third party website. We may also receive guest names, postal addresses and email addresses from our Clients;

  • Passport information: if you are a Client, we may collect a copy of your passport to enable us to provide our services to you. We may also collect the passport numbers of Clients and their guests where wedding venues require this information for accommodation booking purposes;

  • Event information: We may collect information relating to your event, including the date and location of your wedding and your wedding budget;

  • Photographs and video recording: We may also collect and use images, photographs or video recordings of Clients and their guests, to feature on our social media channels or on Our Website when marketing our services.  We will only feature those images, photographs and recordings with our Customers’ consent, which can be withdrawn at any time.

  • Payment Information: If you purchase products or services from us, we may collect payment information, billing address, and transaction history. However, please note that we do not store full credit card numbers on our servers.

  • Communication Data: This includes any correspondence or communication between you and us. 

  • Dietary requirements: relating to Clients and their guests;

  • Usage Information: We automatically collect information about your usage of Our Website, including pages visited, time spent on the site, clickstream data, and referring URL, using our analytics software.  This data helps us analyse website performance and user preferences.

  • Technical Information: We may collect technical information about your device and browser, using our analytics software, including your IP address, browser type and version, device type, operating system, and platform.

  • Social Media Data: If you interact with our social media pages or use social media features integrated into Our Website, we may collect information from your social media profiles, such as your social media handles and activities. We also collect wedding venue and vendor social media handles.

  • Cookies and Tracking Technologies: We may use cookies and similar tracking technologies to collect information about your browsing behavior and preferences using our analytics and advertising cookies. For more details, please see our Cookie Policy.

  • Sensitive or special category data: If you are a Client, we may collect sensitive or special category data relating to you (for example information relating to your health and accessibility requirements) but only if you consent to this and proactively share this information with us voluntarily.  We do not request any sensitive or special category data.

  • Other Information: We may collect additional information not specifically mentioned here with your consent or as required by applicable laws and regulations.

Please note that the exact information collected may vary depending on your interactions with Our Website and the services we offer. We only collect information that is necessary for the purposes outlined in this Privacy Notice and as permitted by Data Protection Law.

7. How we use your personal data

Under the Data Protection Legislation, we must always have a lawful basis for using personal data. 

We will use your personal data in the following circumstances:

  • To perform a contract with you or with one of our Clients.

  • If you represent a wedding venue or vendor, to recommend your services to Our Clients and prospective Clients

  • Where it is necessary for our legitimate interests (or those of a third party), for example:

    • To develop our business

    • To protect the security or integrity of our IT systems

    • To manage our relationship with our Clients

    • To administer our business

    • To administer or improve Our Website

    • To maintain records for legal and regulatory compliance

    • To maintain or defend legal claims 

Note that we will only rely on our legitimate interests to use your personal data if your interests and rights do not override those legitimate interests.  

  • Where we need to comply with a legal or regulatory obligation.

  • Where you have consented to us using or processing your personal data (for example by consenting to receiving direct marketing communications from us, or consenting to us featuring images of your event on Our Website or our social media channels). You have the right to withdraw consent at any time by contacting us.

  • With your permission and/or where permitted by law, to market our products and/ or services to you.  You will not be sent any unlawful marketing or spam, and you will always have the opportunity to opt-out of marketing communications at any time.

We will only use your personal data for the purposes for which it was originally collected unless we reasonably believe that another purpose is compatible with those original purposes and we need to use your personal data for that purpose. 

If we need to use your personal data for an unrelated or incompatible purpose to that for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.

In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.

8. Keeping your personal data

We will only process and store our personal data for as long as is necessary taking into account the reasons for which it was first collected.  

When deciding what the correct time is to keep the data for, we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means, and any legal and regulatory requirements. 

We may keep your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation arising out of our relationship.

The law requires us to keep basic information about our Clients (including identity, contact and transaction information as well as information on the contracts we enter into with our Clients) for tax purposes, for six years after they stop being Clients.

In some circumstances, we may anonymise your personal data for research or statistical purposes.  In this case, we may use this information indefinitely without further notice to you.

9. Storing your personal data

The security of your personal data is essential to us.

To protect your personal data, we have put in place appropriate technical and organisational measures, including the following:

  • personal data entered by you on Our Website is secured by SSL (secure socket layer) technology in transit and at rest to improve security.  SSL secures connections, prevents hackers from impersonating Our Website or stealing information that Clients or other website visitors submit, like an email address.  

  • we store personal data securely, including putting in place access controls, physical security, and secure backup procedures.

  • we collect only the minimum amount of personal data necessary for our purposes.

  • access to your personal data is limited to those employees, agents, contractors, and other third parties with a legitimate need to know and they are subject to duties of confidentiality.

  • we conduct regular data security audits to identify and address any vulnerabilities.

  • we keep our software, systems, and applications up-to-date with security patches and updates to address known vulnerabilities

  • we have in place procedures for dealing with data breaches.  These include notifying you, acting quickly to identify and limit the breach and any consequences of the breach and/or notifying the relevant authorities where we are legally required to do so.

However, please note that although we take appropriate steps to protect your personal data, no website or transmission of data, computer system or wireless connection is completely secure and so we cannot guarantee the security of that personal data.

10. Transferring and sharing your personal data

We may use external third parties to provide systems, technology or support which involves them processing your personal data on our behalf.  For example, we use:

  • Mailchimp to create, manage and send marketing emails to Customers, potential Customers who have expressed an interest in our products and other people who have previously purchased from us and/ or have opted to receive them.   Please see Mailchimp’s Data Privacy & Security Policy and Data Processing Addendum, which set out how Mailchimp processes and protects personal data.  

  • Stripe to administer our payment processes.  When you purchase products or services from us via Stripe, the payment information that you provide is encrypted and transmitted directly to Stripe. We do not store your payment information.  The information you input is processed by Stripe in accordance with their Data Protection policy which is available here: Stripe's Data Processing Addendum.

  • Zoom to provide us with web-based meeting facilities.  Please see Zoom’s Privacy Statement for further information on how it collects, stores and uses personal data.

  • Xero accounting tool to administer our payment processes and bookkeeping.  Please see Xero’s Data Processing Addendum which explains how it stores and processes personal data. 

  • Dropbox to provide us with cloud document storage.  Please see Dropbox’s Data Processing Agreement for more information on how Dropbox stores and secures personal data on our behalf.

Some of these external third parties use physical or cloud storage which is based outside the United Kingdom.  By providing any information, including personal data to us, you consent to such transfer, storage and processing.  Third countries outside the EEA may not have data protection laws that are as strong as those in the UK. We use our best endeavours to select only external third parties that require the same levels of personal data protection that would apply under the Data Protection Legislation, and ensure these levels of protection are contained in the external third parties’ privacy policies and/ or data processing addenda.  

In addition to the third party IT and systems providers referred to above, we may also:

  • share your personal data with other third parties if you specifically request this and/ or have consented to it: for example, if you are a Client we may share your personal data with potential wedding venues and vendors. If you represent a wedding venue or vendor, we may share your personal data with our Clients when recommending your services.

  • in exceptional circumstances, share personal data if we consider that there is a real risk of harm to you or to others.

  • on occasion, share your personal data with our professional advisers such as lawyers, bankers, auditors and insurers. 

  • share your personal data with HM Revenue & Customs, regulators and other authorities based in the United Kingdom if they request this.

  • transfer your personal data to any new owner, if we sell, transfer, or merge parts of our business or assets.  Any new owner of our business may continue to use your personal data in the same way(s) that we have used it, as specified in this Privacy Notice.

  • be legally required to share certain personal data, which might include yours, if:

o we are involved in legal proceedings

o we are complying with legal obligations, for example as regards safeguarding, terrorism, money laundering or drug trafficking

o we are complying with a court order

o we are complying with the instructions of a government or regulatory authority.

If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.

11. Controlling and withholding your personal data

In addition to your rights under the Data Protection Legislation, set out in Section 5 above, when you submit personal data via Our Website, you may be given options to restrict our use of your personal data.  We aim to give you control over our use of your data for direct marketing purposes (including the ability to opt out of receiving marketing emails from us), which you may do by unsubscribing using the links provided. 

You may restrict our use of Cookies. For more information, see our Cookie Policy which is available on Our Website.

12. Accessing your personal data

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it. This is known as a Subject Access Request.

All subject access requests should be made in writing and sent to the following email address: lucy@wiskowandwhite.com.   Please include “Subject Access request” in the email subject field.

There is not normally any charge for a subject access request, unless your request is ‘manifestly unfounded or excessive’, in which case we may charge an administrative cost.

We will aim to respond to your subject access request within one month of receiving it.  If your request is more complex, more time may be required, up to a maximum of three months.  We will keep you informed of our progress.

13. Our contact details

To contact us about anything to do with your personal data and data protection, please email us at lucy@wiskowandwhite.com.

14. Updates to this Privacy Notice 

We may amend or update this Privacy Notice from time to time.  A revised Privacy Notice will be uploaded on Our Website and you will be deemed to have accepted its terms on your first use of Our Website following the revisions.  We recommend that you check this page regularly. 

This Privacy Notice was last updated on 2 December 2025.

We send great emails.
Don’t miss out

SUBSCRIBE