Techniquest is temporarily closed.Read more about it


Techniquest is temporarily closed.Read more about it

Bookings Privacy PolicyBookings


Cyber Essentials Techniquest is committed to being transparent about how it handles personal information, to protecting the privacy and security of personal information and to meeting its data protection obligations under the General Data Protection Regulation (the GDPR) and the Data Protection Act 2018. The purpose of this privacy notice is to provide awareness of how and why we will collect and use personal information both during and after a working relationship with Techniquest. We are required under the GDPR to notify the information contained in this privacy notice.

Data protection principles

Under the GDPR, there are six data protection principles that Techniquest must comply with.

These provide that the personal information we hold must be:

  1. Processed lawfully, fairly and in a transparent manner.
  2. Collected only for legitimate purposes that have been clearly explained and not further processed in a way that is incompatible with those purposes.
  3. Adequate, relevant and limited to what is necessary in relation to these purposes.
  4. Accurate and, where necessary, kept up to date.
  5. Kept in a format which permits identification for no longer than is necessary for those purposes.
  6. Proceed in a way that ensures appropriate security of the data.

Techniquest is responsible for, and must be able to demonstrate compliance, with these principles. This is called accountability.

Techniquest’s Bookings team is the main point of contact for all groups, schools and individuals wanting to make advance bookings, either for us to go out to their venue or for them to visit our centre in Cardiff Bay.

Why this policy exists

We want everyone to feel confident and comfortable with how personal information will be looked after or used. This Privacy Policy sets out how we collect, use and store your personal information (this means any information that identifies or could identify you).

Information we take

When processing a booking, personal data that we obtain on each client will be all of or the majority of the following:

  • Postcode of home or business address
  • Full Name of individual/school/group
  • Contact telephone numbers – both mobile and landline if applicable
  • Personal/Business Email address of individual/school/group

This information is necessary for a booking to be made and for contact to be established between ourselves and the client.

Where your information is held

This data is held in our online booking system Maxim, run by TOR and can only be accessed by staff members with password protected accounts. There are also different levels of authorisation within the booking system so some can see/do more than others. Data is held indefinitely as information can be used for future bookings and for having a booking history with the client. This is essential for good customer service practices.

Direct Marketing

Email address and postal addresses are sometimes used for marketing purposes but only for events that they have signed up to previously or attended previously.

This information is not shared with any company outside of Techniquest and is only accessible within the Operations and Marketing department of Techniquest.

If a client would like their data to be removed from the system, they can do this by emailing or by calling Techniquest directly, asking to speak to the customer service team on 02920 475475.

Your rights

You can ask us to access the information we hold on you at any time

You have the right to rectify the information we hold

You can ask us to completely remove your details from all of our systems

You’re able to object to us using your information

You can restrict how we use your information

You have a right to data portability

Contact and Complaints

The primary point of contact for all issues arising from this Policy, including requests to exercise data subject rights, is our Data Protection Officer. The Data Protection Officer can be contacted in the following way:

If you have a complaint or concern about how we use your personal data, please contact us in the first instance and we will attempt to resolve the issue as soon as possible. You also have a right to lodge a complaint with your national data protection supervisory authority at any time. In the UK, the supervisory authority for data protection is the ICO ( We do ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.