This is the privacy notice of Imaginar Limited, trading as Virtual Realities (“Virtual Realities”, “we”, “our”, “us”), a company registered in England and Wales (Company No. 06111370). Registered office: C/O Gf & Co, 3 Braid Drive, Herne Bay, Kent, CT6 5DZ.
Introduction
This notice describes how we collect, store, transfer and use personal data and explains your privacy rights under UK law. “Personal data” means information that identifies you or could be used to identify you. “Processing” means any use of personal data.
Except as set out here, we do not sell or disclose personal data to third parties. This notice applies to data collected through our website and social media channels.
1. How we obtain personal data
We process data you provide directly, data from service providers/partners, and data generated from your use of our website and services.
2. Types of personal data we collect directly
– Personal identifiers (name, title, date of birth)
– Contact details (email, phone, addresses)
– Account login details (username/password)
– Booking and participation records, including signed waiver forms, age/guardian confirmations, and incident reports (if any)
– Health-related information you voluntarily disclose in waivers/incident forms, limited to what is necessary for safety (special category data)
– CCTV images captured in and around our arena for safety/security
– Media consent choices (e.g., opt‑in/opt‑out to identifiable photo/video for marketing)
– Records of communications with us and your marketing preferences
– Payment identifiers (processed via our payment providers; we do not store full card details)
3. Data from third parties
We may receive data to confirm identity/contact details, booking and payment confirmations, and anti‑fraud signals from payment and booking providers.
4. Data from your use of our services
Technical/usage information (IP address, device/browser, pages visited), survey responses, and transaction history related to bookings.
5. Special category data
Where necessary for safety (e.g., VR suitability), we may process limited health information that you voluntarily provide in waivers or incident forms. We process this only where strictly necessary and with appropriate safeguards.
6. If you do not provide required data
If required data is not provided (e.g., waiver/signature), we may be unable to provide services.
7. Our purposes and lawful bases
– Bookings & participation (manage reservations, verify age/guardian status, run sessions): Contract; Legitimate interests (service operation)
– Waivers & safety briefings: Contract; Legitimate interests (health & safety; risk management)
– Incident reporting & first aid: Legitimate interests (safety/security); Legal obligations
– CCTV (safety/security): Legitimate interests
– Marketing communications: Consent (where required) or Legitimate interests with right to object
– Identifiable photos/videos for marketing: Consent via separate Media Consent Form (or recorded verbal consent); can be withdrawn at any time
– Complaints, legal claims, compliance: Legitimate interests; Legal obligations
8. Consent and how to withdraw it
Where we rely on consent (e.g., identifiable marketing media), you can withdraw it at any time by emailing support@virtualrealities.uk. This will not affect processing carried out before withdrawal.
9. Cookies and similar technologies
We use cookies for functionality, analytics and (with consent) re‑marketing. See our [Cookie Policy]
10. Payment information
Payments are handled by WooCommerce/Stripe. We do not store full card details; our staff cannot access them.
11. CCTV
We operate CCTV in and around the arena for safety, security and incident investigation. Lawful basis: legitimate interests. We may share footage with the venue operator where necessary.
12. Sharing your data
– Service providers (hosting, email, bookings, payments, analytics)
– Dreamland (venue operator) for safety, security and incident handling, as necessary to operate within the venue
– Law enforcement or regulators, where required by law
– Professional advisers (legal/insurance) for claims and risk management
We do not sell your personal data.
13. International transfers
Where processors are located outside the UK, we use appropriate safeguards (e.g., IDTA/Addendum, approved clauses).
14. Children’s data
Experiences are available to ages 7–17, but a parent/guardian (18+) must sign the waiver. We will not use a child’s identifiable image for marketing without explicit opt‑in consent from the parent/guardian. We apply additional safeguards for children’s data.
15. Security
We use technical and organisational measures (including TLS/SSL) to protect personal data in transit and at rest.
16. Your rights
You have rights to access, rectify, erase, restrict, object, and portability, and the right to withdraw consent. You may complain to the ICO: https://ico.org.uk/make-a-complaint/
17. Retention
– Waivers, CCTV & incident records: kept for up to 6 years, or longer where required by law or to establish/defend legal claims.
– Marketing media: up to 5 years or until consent is withdrawn, whichever is sooner.
– Other records: retained only as long as necessary for the stated purposes.
18. Contact
Questions or requests: support@virtualrealities.uk.
19. Changes to this notice
We may update this notice from time to time. Significant changes will be signposted on our website.