Privacy Policy

Information relating to how we use your data on RoaldDahl.com

Updated on 13 October 2021

BY USING OUR SITE OR OTHERWISE COMMUNICATING WITH US YOUR PERSONAL INFORMATION WILL BE USED IN ACCORDANCE WITH THIS PRIVACY POLICY.

For information on how we work with children 12 and under in the United States and 15 and under in the United Kingdom and EU please see our Children's Privacy Policy.

This Privacy Policy (together with our Terms and Conditions of Use, Acceptable Use Policy and Cookie Policy and any other document referred to in it) describes the way we collect your personal information (whether collected from you or otherwise provided to us), how we use your personal information and why. 

Please read the following information carefully to understand our practices regarding your personal information and how we will treat it.

Your privacy is important to us. We take the security of your personal information seriously and we have strict policies and processes in place to ensure it remains safe.

CONTENTS

1. Definitions

2. Information we may collect from you

3. Information third parties may collect from you

4. How we use your information

5. Who we share your information with and why

6. Where we store your information

7. Your rights

8. Changes to our privacy policy

9. How to contact us about your privacy

10. Third party sites

 

1. DEFINITIONS

In this Privacy Policy, "we", "us" and "our" means The Roald Dahl Story Company Ltd. We are a limited company incorporated in England and Wales with company no 11099347 and our registered address is 5 Berkeley Mews, London, W1H 7PB United Kingdom.

If you provide us with personal information via or through using our website, www.roalddahl.com ("our site") or by otherwise communicating with us, we will process your personal information in accordance with all applicable data protection laws, including the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) or the GDPR insofar as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 (UK GDPR).

Our site brings together the work of various entities committed to protecting and furthering the works of Roald Dahl and his legacy. For example, our site allows you to:
•purchase books written by Roald Dahl and various other Roald Dahl related memorabilia;
•purchase tickets for entry to the Roald Dahl Museum and Story Centre;
•make donations to Roald Dahl's Marvellous Children's Charity;
•find out more about the work of the Roald Dahl Museum and Story Centre and Roald Dahl's Marvellous Children's Charity and the social benefit they each bring, as well as each of their various fundraising appeals and events;
•to subscribe for email newsletters so you can keep up to date with personal information and the latest news about Roald Dahl, the Roald Dahl Museum and Story Centre and Roald Dahl's Marvellous Children's Charity.

So that we can do all of this and more, we will need to share your information with licensees with whom we have close connections, depending on the reasons that your information was collected. These include: Roald Dahl's Marvellous Children's Charity (company no 07340518, registered charity number 1137409) ("Marvellous"); The Roald Dahl Museum and Story Centre (company no 04178505, registered charity number 1085853) ("Museum"); The Roald Dahl Centre (Trading) Limited (company no 04854808) ("Trading"); (together the "Roald Dahl Group") and other independent third party businesses, as we have explained below in more detail.

Where your requests or instructions are specifically related to another Roald Dahl Group company both us and that company will each act as a controller in respect of that data and we will each process your personal data in accordance with (a) this policy (and the words "we", "us", and "our" shall where the context requires, also refer to any other Roald Dahl Group company that controls such data) and (b) any other policy that the other Roald Dahl Group company may provide to you.

Where your information is processed by a third party company on our behalf it will only be processed on our documented instructions or where information is processed by a third party on behalf of one of the other Roald Dahl Group companies on the documented instructions of the Roald Dahl Group company (acting as controller).

2. INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following information about you:

•Information you give us. You may give us information about you by filling in forms on our site or by corresponding with us by telephone, e-mail or otherwise communicating with us. This includes information you provide when you: use our site; register to use our site; subscribe to receive newsletters and marketing (via email) about Roald Dahl, the Roald Dahl Museum and Story Centre, Roald Dahl's Marvellous Children's Charity (including details about products, activities and events, details of discounts, voucher codes and offers and campaigns, competitions and other opportunities from any of the Roald Dahl Group); search for products on our site; place an order for products on our site; place an order for tickets to the Roald Dahl Museum and Story Centre via our site; make a donation to Roald Dahl's Marvellous Children's Charity; participate in discussion boards or other social media functions on our site (such as making Contributions (as the term is defined in our Acceptable Use Policy); enter a competition, promotion or survey; apply for a grant from Roald Dahl's Marvellous Children's Charity; and/or when you contact us to report a problem with our site. The information you give us may include your title, first and last names, address, country of residence, e-mail address and contact telephone number, date of birth, your user type (e.g. parent/guardian, teacher, child or other type of user), personal messages you wish to send to recipients of products that you have ordered from Trading via our site and/or details relating to why you are corresponding/contacting us. Depending on whether or not you decide to purchase products from Trading, you may also give us financial and credit card information.

•Information we collect about you. Records of our contact with you, which may include notes on our systems, emails or electronic communications and written correspondence and any telephone number used by you to call our customer service phone number.

With regard to each of your visits to our site we may automatically collect the following information:

•technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type (e.g. Safari or Internet Explorer) and version, time zone setting, browser plug-in types and versions, operating system and platform;

•information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products, pages and items you viewed, searched for or purchased; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

•To the extent that any of this information constitutes personal data under applicable data protection laws, including the GDPR, we will process this in accordance with such laws.

Information we receive from other sources.

We work closely with third parties (including, for example, delivery fulfilment providers and courier service providers, business partners, technical and payment services providers, advertising networks, analytics providers and search information providers) to ensure that our site and the information and/or services we provide to you work effectively and we may receive information about you from them. This will include information that we receive from:

•Gardners Books Limited (company no 02010127) ("Gardners") (our delivery fulfilment provider) who will confirm to us if and when they have despatched to you products that you have ordered via our site from Trading. This is so that we can monitor the efficiency of our online shop and the efficiency of our delivery fulfilment provider; and

•Rocket Science Group LLC (trading as 'Mailchimp') who will provide us with information about whether or not you have received and read email newsletters and email marketing that they send on our behalf to you. This is so that we can monitor the reception of those email newsletters and email marketing.

•SurveyMonkey Inc (trading as Wufoo), who provide us with  services for the creation of online forms for the purposes of communication with us through our website.

•Formstack LLC, who provide customer engagement services.

•Mailgun Technologies Inc. who provide customer engagement and mailing services.

•DJS Research Ltd, who provide survey and research services to Museum by collecting any feedback that you provide about the Roald Dahl Museum and Story Centre when you click through to their survey from our site.

3.INFORMATION THIRD PARTIES MAY COLLECT FROM YOU

•Cookies. Our website uses cookies to distinguish you from other users of our site. This includes third party cookies. These third party cookies help us to provide you with a good experience when you browse our site, to provide you with content that is most relevant to you (e.g. when you have told us whether you are a parent/guardian, teacher, child or other type of user), to process and analyse your navigation and use of our site, to understand your interests and demographic and to target certain marketing and to allow us to improve our site. For detailed information on the cookies we use and the purposes for which we use them, please read our Cookie Policy;

•Purchasing products from Trading via our site. If you use our site to purchase products from Trading via the online shop on our site, we use a third party, Gardners Books Limited, to fulfil delivery of your order (see above "information we receive from other sources"). Gardners will collect information about you (i.e. your name, address, invoice address, delivery address, details of the products you have ordered from Trading via our site and any personal messages you wish to send to recipients of products you have ordered from Trading via our site) in order to deliver the products you order from Trading via our online store. Gardners will also collect information about the despatch of products to you (i.e. the address that the products were sent to and the date and time the products were despatched to that address);

•Subscribing to email newsletters and email marketing. If you ask us to keep you up to date, or permit selected third parties to keep you up to date (see "Who we share your information with" below), via email with the latest news and information about Roald Dahl, The Roald Dahl Museum and Story Centre and/or Roald Dahl's Marvellous Children's Charity, including the products that we and other entities in the Roald Dahl Group offer and events we and they are running, the various activities of the entities within the Roald Dahl Group, details of product discounts and other products available from our online store that may be of interest to you, details of fundraising activities, voucher codes and offers, campaigns, competitions and other opportunities to support our work and the work of the Roald Dahl Group, then Rocket Science Group LLC (trading as 'Mailchimp') will gather information to measure and understand and to permit entities in the Roald Dahl Group to measure and understand the effectiveness of the email communications sent to you. We also use Formstack LLC (trading as 'Formstack') and Mailgun Technologies Inc (trading as "Mailgun") to assist with our customer engagement programmes to help us develop our communications that will enable you to understand how we use your data;

•Purchasing tickets to The Roald Dahl Museum and Story Centre. If you use our site to purchase tickets for admission to the Roald Dahl Museum and Story Centre, you will be re-directed to tickets.com (a website owned and operated by Tickets.com, Inc). All ticket purchase transactions for admission to the Roald Dahl Museum and Story Centre are processed via the tickets.com website and, in the process of purchasing tickets via tickets.com, you will disclose personal information to Tickets.com, Inc. Any personal information you provide via the tickets.com website will be stored and processed in accordance with the privacy policy shown on the tickets.com website. Please read the privacy policy on the tickets.com website carefully. You acknowledge and agree that we are not, and none of the Roald Dahl Group are, responsible for the collection, use, processing, transfer and storage of any personal information you provide to the tickets.com website, nor the acts and/or omissions of tickets.com in respect of the collection, use, processing, transfer and storage of any personal information you provide to the tickets.com website. In order to process your ticket purchase and so that the Roald Dahl Museum and Story Centre can issue with your ticket, tickets.com will provide the Roald Dahl Museum and Story Centre with details of your ticket purchase (e.g. the number and type of tickets you have purchased and the date and time for when you have purchased those tickets). This so that Trading and the Museum know what tickets you have ordered and paid for when you arrive for your visit to the Roald Dahl Museum and Story Centre. The Roald Dahl Museum and Story Centre will store and process some of that information (i.e. your name, address, phone number and email address) in order to facilitate any future bookings you may make for tickets to the Roald Dahl Museum and Story Centre. If you choose to give feedback about the Roald Dahl Museum and Story Centre by clicking the relevant link on the site, you will be re-directed to a survey on a website operated by DJS Research Ltd, and DJS Research Ltd may share that feedback data with Museum;

•Making Donations. If you use our site to make a donation to Marvellous, you will, when you make one off donations to Marvellous, be re-directed to edirectdebits.com (a website owned and operated by Rapidata Services Plc) or thepayrollgivingteam.co.uk (a website owned and operated by The Payroll Giving Team Ltd) when you set up payroll giving donations to Marvellous, or roalddahl.charitycheckout.co.uk, a website owned and operated by Online Giving Ltd. (T/A charity checkout) who handle the processing of our online payments. All donations to Marvellous made via our site are processed by Rapidata Services Plc, The Payroll Giving Team Ltd or Online Giving Ltd and, in the process of making a donation via any of the sites listed above, you will disclose personal information to the entities who own and operate those sites. Any personal information you provide to, Rapidata Services Plc, The Payroll Giving Team Ltd and/or Online Giving Ltd will be stored and processed in accordance with the privacy policy shown on edirectdebits.com, thepayrollgivingteam.co.uk or charitycheckout.co.uk. Please read the privacy policies on those websites carefully. You acknowledge that we are not, and none of the Roald Dahl Group are, responsible for the collection, use, processing, transfer and storage of any personal information you provide to, Rapidata Services Plc, The Payroll Giving Team Ltd and/or Online Giving Ltd, nor the acts and/or omissions of Rapidata Services Plc, The Payroll Giving Team Ltd and/or Online Giving Ltd in respect of the collection, use, processing, transfer and storage of any personal information you provide to Rapidata Services Plc, The Payroll Giving Team Ltd and/or Online Giving Ltd. Please note that Rapidata Services PLC,The Payroll Giving Team Ltd and Online Giving Limited will provide Marvellous with some or all of the information they collect from you in respect of your donation which may include your financial and credit card information.

4. HOW WE USE YOUR INFORMATION

Our legal basis for using your information

Under data protection law, we can only use your personal information if we have a lawful basis to do so. Our lawful basis will depend on the reasons for which your personal information was collected, and these include

•where you have given your consent;

•to comply with our legal and regulatory obligations;

•for the performance of a contract with you (or to take steps at your request before entering into a contract); or

•for our legitimate interests of those of a third party.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own.

We specify in the section below the basis on which we use your personal information.

How we use your information

We use your personal information in the following ways: 

Information you give to us

We will use this information as follows:

•to permit you to purchase products via our site and (for such purpose) to enter into contracts with another member of the Roald Dahl Group, namely Trading, for the purchase of those products. Lawful basis: the performance of a contract with you;

•to include your email address, first name, last name, your alias (if any), country of residence and date of birth in a database (collated using a third party database aggregator, namely Rocket Science Group LLC (trading as 'Mailchimp') and Mailgun Technologies Inc (trading as 'Mailgun')). Mailchimp and Mailgun will have access to and will store and process this information, but will only do so on our instructions, so that we may contact you as described in the following bullet point. The function of the database aggregators is to help the Roald Dahl Group with conducting our newsletters and marketing campaigns and sending them to you via email. Using a database aggregator also allows the Roald Dahl Group to track the reception and take up of that newsletter and/or marketing campaign by those that subscribe to receive them. If you have not ticked the relevant box on our site indicating that you would like to receive such email newsletters and marketing campaigns, we will not disclose your personal information to Mailchimp or if we do need to obtain parental consent we will not share your personal information with Mailgun. Please see below at "Who we share your information with" and "Where we store your personal information", which sets our further details of the disclosure to Mailchimp and Mailgun of your personal information. Lawful basis: with your consent;

•to keep you up to date, or permit selected third parties to keep you up to date (see "Who we share your information with" below), with the latest news and information about Roald Dahl, The Roald Dahl Museum and Story Centre and/or Roald Dahl's Marvellous Children's Charity, including the products that we and other entities in the Roald Dahl Group offer and events we and they are running, the various activities of the entities within the Roald Dahl Group, details of product discounts and other products available from our online store that may be of interest to you, details of fundraising activities, voucher codes and offers, campaigns, competitions and other opportunities to support our work and the work of the Roald Dahl Group. We will send you this information either: where you have consented to receiving such news and information (e.g. by ticking the appropriate box on our site) from us and/or from the other entities within the Roald Dahl Group, or where you have previously purchased closely related products from us and have not indicated you do not wish to receive such news and information. If you do not want us to use your information in this way, or you do not want us to pass your details on to selected third parties for the purposes outlined above, please do not tick the relevant box on our site and, if you have ticked the relevant box in the past, please contact us at The Roald Dahl Story Company Ltd, 5 Berkeley Mews, London, W1H 7PB, United Kingdom or contact@roalddahl.com and ask us to cease using your information in this way; or if you have previously ticked the box in relation to the Marvellous Children's Charity please contact us at the Marvellous Children's Charity, 23 Woodside Road, Amersham, Buckinghamshire HP6 6AA, United Kingdom or enquiries@roalddahlcharity.org and ask us to cease using your information in this way, or if you have previously ticked the box in relation to either The Roald Dahl Museum and Story Centre, or the online shop on our site, please contact us at The Roald Dahl Museum and Story Centre, 81-83 High Street, Great Missenden, Buckinghamshire, HP16 0AL or hello@roalddahlmuseum.org. You can also opt-out of receiving future marketing emails or newsletters by clicking the unsubscribe button in the email. Lawful basis: we have a legitimate interest in using your personal data for marketing purposes, which means that we do not always need your consent to send you marketing information. However, where consent is required, we will ask you for this separately and clearly;

•to allow you to participate in the interactive features of this site, when you choose to do so (for example, to post your Contributions to pages of our site). Lawful basis: our legitimate interests;

•to notify you about changes to our site, changes to the products and/or services offered via our site and/or changes to the terms and conditions and/or policies shown on our site. Lawful basis: our legitimate interests;

•to ensure that content from our site is presented in the most effective manner for you and your device. Lawful basis: our legitimate interests;

•to contact you via email to invite you to comment on the services you may have received from us, as part of our ongoing website improvement and development. The services we may contact you about include the purchase of products from the Roald Dahl online store, incomplete purchases of products from the Roald Dahl online store, making a donation to Roald Dahl’s Marvellous Children’s Charity and buying tickets to the Roald Dahl Museum and Story Centre. Lawful basis: our legitimate interests; and/or

•to complete purchases you make through our website, Roald Dahl Trading will use your payment information to facilitate the purchase. We transfer necessary payment data directly to Elavon Digital Europe Limited (trading as ‘Opayo’ or ‘SagePay’), and do not retain it in our records. Elavon will use the data to complete the requested transaction. Elavon’s privacy notice can be found here: https://www.opayo.co.uk/policies/privacy-policy.

Information we collect about you

We and the entities of the Roald Dahl Group will use this information:

•for the purposes of carrying out your requests (for example, to address matters relating to our site and/or the services provided via our site) which you make known to us in electronic communications, written correspondence and/or during telephone calls you make to our customer service number and for the purposes of keeping records of the aforementioned electronic communications, written correspondence and/or telephone calls. Lawful basis: this will depend on the nature of your request. If it relates to a product or purchase, this will be as part of our performance of our contract with you, otherwise our lawful basis would be our legitimate interests;

•to administer our site and for internal operations and to permit entities in the Roald Dahl Group to carry out internal operations (see "Who we share your personal information with" below). Such internal operations will involve troubleshooting of technical issues that arise in relation to our site; testing of our site following resolution of such technical issues; analysis of statistics arising from the information collected about you (for example, using information gathered by cookies on our site to ascertain what content on our site is accessed by members of a particular age group) and will only involve the use and/or processing of information in an anonymous form to measure and understand the effectiveness of the services provided via our site (for example, we may share aggregate information about the number of people who access our site and go on to purchase products via our site). Lawful basis: our legitimate interests;

•to improve our site to ensure that content is presented in the most effective manner for you and for your computer. Lawful basis: our legitimate interests;

•to allow you to participate in interactive features of our site, when you choose to do so. Lawful basis: our legitimate interests;

•as part of our efforts to keep our site safe and secure. Lawful basis: our legitimate interests and to comply with our legal obligations to protect your personal information;

•to make suggestions and recommendations to you of our site about products or services that may interest you. Lawful basis: our legitimate interests.

Information we receive from other sources

For information on how we will use information we receive from other sources, please see the explanation above at "Information third parties may collect from you".

How long we keep your personal information

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by emailing us at contact@roalddahl.com.

5. WHO WE SHARE YOUR INFORMATION WITH AND WHY

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. 

We may also share your information with selected third parties:

•The Roald Dahl Centre (Trading) Limited, a member of the Roald Dahl Group. If you purchase products from our site, you will enter into a contract with The Roald Dahl Centre (Trading) Limited (see our Terms and Conditions of Sale). We will share the details of your order (i.e. your name, invoice address, delivery address, products you have ordered from Trading via our site, email address, contact telephone number, details of your payment and any personal messages you wish to send to recipients of products you have ordered from Trading via our site) with The Roald Dahl Centre (Trading) Limited so that they can take payment from you for the products you order from the online shop on our site and so that they can arrange for the delivery of such products to the address you specify in your order. Trading may also contact you to provide you with information about other products and services offered via the online store on our site that are similar to those that you have already purchased. Additionally, and only when you have expressly indicated (e.g. by ticking the relevant box on our site) that you wish to be kept up to date (via email) with the latest information and news about Roald Dahl, the products available from our online shop, details of discounts, voucher codes and offers, and competitions run by The Roald Dahl Centre (Trading) Limited, we will share your name, email address, country of residence, and date of birth with The Roald Dahl Centre (Trading) Limited so that they can fulfil your wish to be contacted about those matters and to ensure that the emails sent to you are appropriate to your age group and/or country of residence (e.g. Trading would not send an email to you advertising products that are available via our online store if you are under 16 years old; or in the USA, and under 13 years old). We will also share with Trading details of information gathered through cookies on our site (which may include details of your age, your gender, your country of residence and your language, but we will not be able to identify you from this data) to enable it to help us administer our site and for internal operations (i.e. troubleshooting of technical issues that arise in relation to our site; testing of our site following resolution of such technical issues; analysis of statistics arising from the information collected about you (for example, to analyse the geographical location and age profile of individuals who purchase products from the online store on our site));

•Gardners Books Limited, our delivery fulfilment provider. When you submit an order for products via our site, we will share with Gardners Books Limited your name, the invoice address, details of the products you have ordered from Trading via our site, the delivery address you set out in your order and any personal messages you wish to send to recipients of products you have ordered from Trading via our site. This is so that Gardner's Books Limited can fulfil your order for products;

•Elavon Digital Europe Limited, our payment services processor. When you submit an order for products via our website, we will share with Elavon Digital Europe Limited (or such other payment processor as we may choose from time to time) sufficient information for them to process the payment. This is so that we can take payment for the requested purchases.

•The Roald Dahl Museum and Story Centre, a member of the Roald Dahl Group. We will share with The Roald Dahl Museum and Story Centre details of information gathered through cookies on our site (which may include details of your age, your gender, your country of residence and your language, but we will not be able to identify you from this data) to enable it to help us administer our site and for internal operations (i.e. troubleshooting of technical issues that arise in relation to our site; testing of our site following resolution of such technical issues; analysis of statistics arising from the information collected about you (for example, to ascertain where visitors to the Roald Dahl Museum and Story Centre have travelled from and their age profile)) and so that the Museum can measure and understand the effectiveness of email newsletters and email marketing that are sent to you. Additionally and only where you have expressly indicated (e.g. by ticking the relevant box on our site) that you wish to be kept up to date (via email) with the latest information and news about Roald Dahl, events and activities at The Roald Dahl Museum and Story Centre, details of discounts, voucher codes and offers, details of fundraising opportunities, campaigns and competitions, we will share your name, email address, country of residence and date of birth with The Roald Dahl Museum and Story Centre so that it can fulfil your wish to be contacted about those matters and to ensure that the emails sent to you are appropriate to your age group and/or your country of residence (e.g. the Museum would not send an email to you about an event being held at the Museum if you tell us that your country of residence is New Zealand);

•Roald Dahl's Marvellous Children's Charity, a member of the Roald Dahl Group. We will share with Roald Dahl's Marvellous Children's Charity details of information gathered through cookies on our site (which may include details of your age, your gender, your country of residence and your language, but we will not be able to identify you from this data) to enable it to help us administer our site and for internal operations (i.e. troubleshooting of technical issues that arise in relation to our site; testing of our site following resolution of such technical issues; analysis of statistics arising from the information collected about you), and so that the Charity can measure and understand the effectiveness of email newsletters and email marketing that are sent to you. Additionally, and only where you have expressly indicated (e.g. by ticking the relevant box on our site) that you wish to be kept up to date (via email) with the latest information and news about Roald Dahl, fundraising opportunities, events, campaigns and competitions, and information about the work of the Charity, we will share your name, email address, country of residence and date of birth with Roald Dahl's Marvellous Children's Charity so that it can fulfil your wish to be contacted about those matters and to ensure that the emails sent to you are appropriate to your age group and/or country of residence (e.g. the Charity would not knowingly send an email to you asking you to make donations to Roald Dahl's Marvellous Children's Charity if you are under 16 years old; or in the USA and under 13 years old);

•Rocket Science Group LLC (trading as 'Mailchimp'), our database aggregator. Where (and only where) you have expressly indicated (e.g. by ticking the relevant box on our site) that you wish to be sent email newsletters, email marketing materials and other information (via email), we will share with Mailchimp your email address, first name, last name, alias (if any), country of residence and date of birth to create a database of individuals who have subscribed for these services. We will use this database as we have described above (see "How we use your information");

•SurveyMonkey Inc (trading as Wufoo), who will provide us with online form building services for communication with us through our website, including facilitating surveys service about what we do;

•SendGrid Inc, who will provide our email platform;

•16 Interactive Limited, who run our website;

•Any CCTV footage we may capture of you at our premises using Nest Home will also be shared with Google LLC, for the purposes of ensuring our site remains safe and secure;

•We may also share your information with trusted third parties for the purposes of market analysis and research. We will not disclose this information in a form which would allow you to be identified (for example, we may provide them with aggregate information about the number of copies of the book Charlie and The Chocolate Factory that have been sold via our site to residents of a particular post code);

•Analytics and search engine providers that assist us in the improvement and optimisation of our site; and/or

•To disclose your identity to any third party who is claiming that any content posted or uploaded by you to our site constitutes a violation of their legal rights, including their intellectual property rights or of their right to privacy.

We may also disclose your personal information to third parties: 

•In the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;

•If The Roald Dahl Story Company Ltd or substantially all of its assets are acquired by a third party, in which case personal information held by it about its customers and website users will be one of the transferred assets;

•Another company who may be monitoring correspondence received through the “Contact Us” mailbox requires for the performance of their professional advisory services;

•If we need to get legal advice or answer a legal request from law enforcement bodies;

•If we are under a duty to disclose or share your personal information with law enforcement agencies or regulatory bodies in order to comply with any court order or legal obligation;

•our external auditors and other professional advisors (such as accountants); and/or

•In order to enforce or apply our Terms of Website Use, our Terms and Conditions of Sale or our Sale of Tickets Terms; or to protect the rights, property, or safety of The Roald Dahl Story Company Ltd, any entity of the Roald Dahl Group, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction. 

6. WHERE WE STORE YOUR INFORMATION

Personal information you provide to us or which we collect will be filed and sorted at 5 Berkeley Mews, London, W1H 7PB (i.e. our trading address) or, for any information collected by Museum or Trading at 81-83 High Street, Great Missenden, Buckinghamshire, HP16 0AL (the trading address of Museum and Trading). Subject to the paragraph below, the information you provide to us and which we collect is stored on secure servers of our website hosting services provider. This information will be stored at a destination within the United Kingdom (“UK”) or European Economic Area ("EEA").

Staff members operating within the UK or EEA who work for or on behalf of us and/or any of the entities in the Roald Dahl Group may process the information that you give to us and which we collect. Such staff members may, among other things, be involved in the provision of support services in relation to our site. We will ensure at all times to take all reasonable steps necessary to maintain the security of your personal information in accordance with this Privacy Policy and data protection laws.

Payment transactions for the purchase of products (other than tickets to the Roald Dahl Museum and Story Centre) from our site are processed using Opayo, a secure online gateway that encrypts your card details and cannot be accessed by us. 

Unfortunately, the transmission of information via the internet is not completely secure.

Although we will do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Transferring your personal information outside of the UK and EEA

It is sometimes necessary for us to share your personal data outside of the UK and EEA, including:

•with our service providers based outside of the UK and EEA;

•if you are based outside of the UK/EEA;

•where there is an international dimension to the services we are providing to you.

Under data protection law, we can only transfer your personal data to a country or international organisation outside the UK/EEA where:

•the UK government or, where the EU GDPR applies, the European Commission has decided the particular country or international organisation ensures an adequate level of protection of personal data (known as an ‘adequacy decision’);

•there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or

•a specific exception applies under data protection law.

Adequacy Decision: We may transfer your personal data to certain countries, on the basis of an adequacy decision. These include: all European Union countries, plus Iceland, Liechtenstein and Norway (collectively known as the ‘EEA’); Gibraltar; and Andorra, Argentina, Canada, Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland and Uruguay. 

The list of countries that benefit from adequacy decisions will change from time to time. We will always seek to rely on an adequacy decision, where one exists.

Other countries or international organisations we are likely to transfer personal data to (such as the USA) do not have the benefit of an adequacy decision. This does not necessarily mean they provide poor protection for personal data, but we must look at alternative grounds for transferring the personal data, such as ensuring appropriate safeguards are in place or relying on an exception, as explained below.

Appropriate Safeguards: Where there is no adequacy decision, we may transfer your personal data to another country or international organisation if we are satisfied the transfer complies with data protection law, appropriate safeguards are in place, and enforceable rights and effective legal remedies are available for data subjects.

The safeguards will usually include using legally-approved standard data protection contract clauses (also known as ‘model clauses’). To obtain a copy of the standard data protection contract clauses and further information about relevant safeguards, please contact us (see the ‘Contact’ section below).

Specific Exceptions: In the absence of an adequacy decision or appropriate safeguards, we may transfer personal data to a third country or international organisation where an exception applies under relevant data protection law, e.g.: you have explicitly consented to the proposed transfer after having been informed of the possible risks; the transfer is necessary for the performance of a contract between us or to take pre-contract measures at your request; the transfer is necessary for a contract in your interests, between us and another person; or the transfer is necessary to establish, exercise or defend legal claims.

We may also transfer information for the purpose of our compelling legitimate interests, so long as those interests are not overridden by your interests, rights and freedoms. Specific conditions apply to such transfers and we will provide relevant information if and when we seek to transfer your personal data on this ground.

7. YOUR RIGHTS

Access: You have the right to access the personal information we hold about you. This is called a Subject Access Request. Should you wish to make a Subject Access Request, please make your Subject Access Request to us in writing to The Roald Dahl Story Company Ltd, 5 Berkeley Mews, London, W1H 7PB, United Kingdom or email to contact@roalddahl.com. Alternatively you can call (0)20 3696 6450

Or if you wish to make a Subject Access Request to the Marvellous Children’s Charity, please write to Marvellous at 23 Woodside Road, Amersham, Buckinghamshire, HP66AA, United Kingdom or enquiries@roalddahlcharity.org. Or if you wish to make a Subject Access Request to either Museum or Trading please write to us at 81-83 High Street, Great Missenden, Buckinghamshire, HP16 0AL or email us at hello@roalddahlmuseum.org.

Restriction of processing: If we no longer have a legal basis to process your personal data or if the legal basis that we are relying on is consent and you subsequently withdraw your consent then we will stop processing your personal data. If you inform us that you no longer wish to be contacted by us we will need to maintain a record of that to make sure that we do not contact you again in the future. You can do so by writing to us at The Roald Dahl Story Company Ltd, 5 Berkeley Mews, London, W1H 7PB or contact@roalddahl.com.

Rectification: You have the right to contact us to correct any inaccuracies in your personal data.

Erasure: Under certain circumstances you may have the right to instruct us to erase your personal data or provide the data to another person or organisation. You can do so by writing to us at The Roald Dahl Story Company Ltd, 5 Berkeley Mews, London, W1H 7PB or contact@roalddahl.com.

Object: You have the right to ask us not to process your personal information for marketing purposes. We will inform you (before collecting your personal information) if we intend to use your personal information for such purposes or if we intend to disclose your personal information to any third party for such purposes. You can exercise your right to prevent such processing by not ticking certain boxes on the forms we use to collect your personal information on our site and/or by changing your cookie settings on your internet browser (see our Cookie Policy for further information on how to do this). You can also exercise the right at any time by contacting us at The Roald Dahl Story Company Ltd, 5 Berkeley Mews, London, W1H 7PB or contact@roalddahl.com. You also have the right to object in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.

8. CHANGES TO OUR PRIVACY POLICY

This policy is effective from March 2014. We may need to change our Privacy Policy from time to time to keep it up to date. Any changes we may make to our Privacy Policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our Privacy Policy.

This Privacy Policy was last updated on 13 October 2021. 

9. HOW TO CONTACT US ABOUT YOUR PRIVACY

Individuals in the UK

If you have any questions about the way in which we collect or process your information, please contact us. You can also find out more about your rights under applicable data protection laws, including the GDPR, by visiting the Information Commissioner's Office (ICO) website at www.ico.org.uk or by writing to: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF. If you believe that your rights have not been respected at any time then you also have a right to contact the ICO to ask them for a resolution.

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to The Roald Dahl Story Company Ltd, 5 Berkeley Mews, London, W1H 7PB, United Kingdom or emailed to contact@roalddahl.com. Alternatively, you can contact us by phone on +44 (0)20 3696 6450. 

Individuals in the EEA

We have appointed Data Protection Representative Limited to be our data protection representative within the EEA.

Their contact details are, in terms of email correspondence, datarequest@datarep.com, and as regards addresses for post, then depending on your EEA location, their address is as set out below (and please ensure that any request is addressed to ‘Data Rep’ as opposed to The Roald Dahl Story Company Limited):

Country	Address
Austria	DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria
Belgium	DataRep, Place de L'Université 16, Louvain-La-Neuve, Waals Brabant, 1348, Belgium
Bulgaria	DataRep, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria
Croatia	DataRep, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia
Cyprus	DataRep, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus
Czech Republic	DataRep, IQ Ostrava Ground floor, 28. rijna 3346/91, Ostrava-mesto, Moravska, Ostrava, Czech Republic
Denmark	DataRep, Lautruphøj 1-3, Ballerup, 2750, Denmark
Estonia	DataRep, 2nd Floor, Tornimae 5, Tallinn, 10145, Estonia
Finland	DataRep, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland
France	DataRep, 72 rue de Lessard, Rouen, 76100, France
Germany	DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany
Greece	DataRep, 24 Lagoumitzi str, Athens, 17671, Greece
Hungary	DataRep, President Centre, Kálmán Imre utca 1, Budapest, 1054, Hungary
Iceland	DataRep, Kalkofnsvegur 2, 101 Reykjavík, Iceland
Ireland	DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland
Italy	DataRep, Viale Giorgio Ribotta 11, Piano 1, Rome, Lazio, 00144, Italy
Latvia	DataRep, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia
Liechtenstein	DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria
Lithuania	DataRep, 44A Gedimino Avenue, 01110 Vilnius, Lithuania
Luxembourg	DataRep, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg
Malta	DataRep, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta
Netherlands	DataRep, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands
Norway	DataRep, C.J. Hambros Plass 2c, Oslo, 0164, Norway
Poland	DataRep, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland
Portugal	DataRep, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal
Romania	DataRep, 15 Piaţa Charles de Gaulle, nr. 1-T, Bucureşti, Sectorul 1, 011857, Romania
Slovakia	DataRep, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia
Slovenia	DataRep, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia
Spain	DataRep, Calle de Manzanares 4, Madrid, 28005, Spain
Sweden	DataRep, S:t Johannesgatan 2, 4th floor, Malmo, SE - 211 46, Sweden

 

10. THIRD PARTY SITES

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers, affiliates and other independent third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and terms of use and that we do not and none of the Roald Dahl Group accept any responsibility or liability for such policies or their collection or processing of your personal information. Please check these policies and terms before you submit any personal information to these websites.