Privacy Policy

Last updated: 21 May 2026

​

This Privacy Policy explains how SLTR Mayfair collects, uses, stores and shares personal data in connection with its nightclub promotion, guestlist, bookings, events, marketing and website activity. UK organisations that collect personal data must provide clear information about what data they collect, why they use it, their lawful basis, who they share it with, how long they keep it, and the rights available to individuals.

​

1. Who this policy applies to

This policy applies to anyone whose personal data SLTR Mayfair handles, including:

• website visitors;

• guestlist and table booking enquiries;

• customers and attendees;

• promoters, DJs, performers and venue contacts;

• people who contact the business by email, phone, social media, forms or messaging apps; and

• people who sign up to receive marketing communications.

​

2. Who controls your data

SLTR Mayfair is the controller of the personal data described in this policy.

Please replace this section with the correct business details before publishing:

• Business name: SLTR Mayfair

• Email: info@sltrmayfair.com

• Telephone: 020 3051 8159

If a business collects personal data, its privacy notice should include full contact details and explain how people can exercise their rights or raise concerns.

​

3. What personal data may be collected

Depending on how someone interacts with SLTR Mayfair, the business may collect the following categories of personal data:

• identity data, such as name, date of birth or age confirmation where needed for age-restricted events;

• contact data, such as email address, telephone number and social media handle;

• booking and event data, such as reservation details, guestlist requests, event attendance history, venue preferences and special requests;

• communication data, such as messages, enquiry details and customer service records;

• marketing data, such as communication preferences, consent records, open rates and click activity where email systems provide that information;

• technical data, such as IP address, browser type, device information, cookies and website usage data; and

• payment or transaction-related data where relevant, for example billing name, payment status or booking value, although card processing should usually be handled by a payment provider rather than stored directly.

​

UK GDPR requires organisations to explain the types of personal data they collect in a clear and accessible way.

​

4. How personal data is collected

SLTR Mayfair may collect personal data:

• directly from individuals when they complete booking forms, guestlist forms, contact forms or subscribe to updates;

• when they communicate by email, telephone, WhatsApp, Instagram or other social media channels;

• when they buy tickets, reserve tables or attend events;

• from trusted partners involved in event operations, such as venues, ticketing providers or booking platforms, where permitted; and

• automatically through website analytics, cookies and similar technologies.

​

If personal data is obtained from sources other than the individual, the privacy notice should explain where the data came from.

​

5. Why SLTR Mayfair uses personal data

SLTR Mayfair may use personal data for the following purposes:

• to respond to enquiries and manage bookings, reservations, guestlists and event attendance;

• to provide customer support and communicate important event updates;

• to take payment, prevent fraud and manage business records;

• to operate, improve and secure its website, services and events;

• to maintain internal records, administer commercial relationships and manage suppliers or talent bookings;

• to send marketing communications about future events, offers and announcements where permitted by law; and

• to comply with legal, regulatory, licensing, safety and security obligations.

​

The ICO says a privacy notice should explain why personal data is used, what the organisation is doing with it, and the lawful basis relied on for each processing activity.

​

6. Lawful bases for processing

SLTR Mayfair may rely on one or more of the following lawful bases under UK GDPR, depending on the activity:

• Contract: where processing is necessary to take steps at a person’s request before entering into a contract, or to provide booked services.

• Legitimate interests: where processing is necessary for the legitimate interests of running and growing the business, managing events, responding to enquiries, preventing misuse, improving services and maintaining customer relationships, provided those interests are not overridden by individuals’ rights.

• Consent: where consent is required, especially for certain electronic marketing activities or optional uses of cookies.

• Legal obligation: where data must be processed to comply with applicable laws, regulations, licensing requirements, accounting obligations or law enforcement requests.

​

ICO guidance states that organisations should decide their lawful bases before using personal data and explain them in the privacy notice.

​

7. Direct marketing

SLTR Mayfair may send marketing by email, SMS or similar electronic methods only where it has a valid legal basis and, where required, compliant consent under the Privacy and Electronic Communications Regulations (PECR). The ICO’s PECR guidance covers marketing by electronic mail, including email and text messages, and applies to organisations that send electronic marketing messages or use cookies.

​

Marketing messages may include event announcements, ticket launches, offers, VIP invitations and related promotional updates. Individuals should be able to opt out of marketing at any time by using the unsubscribe option in a message or by contacting the business directly.

​

8. Cookies and analytics

If the SLTR Mayfair website uses cookies, pixels, analytics tools or advertising technologies, the site should explain this clearly and provide any required cookie controls. ICO guidance states that cookies and electronic marketing are regulated under PECR, while the broader handling of personal data is also subject to UK GDPR and the Data Protection Act 2018.

​

A separate Cookie Policy or cookie banner may also be appropriate depending on the tools used on the website.

​

9. Sharing personal data

SLTR Mayfair may share personal data where necessary with:

• venues, event partners and co-promoters;

• payment processors and ticketing platforms;

• website hosts, email marketing providers, CRM systems, analytics providers and cloud storage providers;

• accountants, insurers, legal advisers and professional advisers; and

• regulators, public authorities, law enforcement or other third parties where required by law or to protect legal rights.

​

10. International transfers

Some service providers may store or process personal data outside the UK. Where this happens, SLTR Mayfair should ensure appropriate safeguards are in place before transferring personal data internationally.

​

11. Data retention

SLTR Mayfair should keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, regulatory or operational requirements. UK data protection law requires personal data to be kept no longer than necessary and handled securely.

​

enquiry data: up to 12 months after the last contact;

• booking and customer records: up to 6 years where needed for tax, accounting or legal claims;

• marketing records: until consent is withdrawn or the individual unsubscribes, then limited suppression records may be retained to respect opt-out requests;

• website analytics: according to the settings of the analytics platform.

​

12. Data security

SLTR Mayfair uses appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction or damage. UK data protection law requires organisations to handle personal data in a way that ensures appropriate security.​

​

Measures may include password controls, restricted access, secure cloud systems, staff confidentiality expectations and secure deletion practices.

​

13. Your rights

Under UK data protection law, individuals have rights that may apply to their personal data, including the right to:

• be informed about how their data is used;

• request access to their personal data;

• request correction of inaccurate data;

• request deletion in certain circumstances;

• restrict processing in certain circumstances;

• object to processing in certain circumstances, including some direct marketing;

• request data portability in certain circumstances; and

• withdraw consent at any time where consent is the lawful basis.

​

To exercise any of these rights, individuals should contact SLTR Mayfair using the contact details listed in this policy.

​

14. Complaints

Anyone who has concerns about how SLTR Mayfair handles personal data should contact the business first. They also have the right to complain to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues.

​

ICO website: https://ico.org.uk

​

15. Children’s data

SLTR Mayfair operates in the nightlife sector, which is generally intended for adults. If the business ever knowingly collects data from younger individuals, it should make sure its privacy information remains clear and appropriate, especially if any services are directed toward children or young people.​

Where events are strictly 18+, the business may process limited information to verify eligibility or age-related access requirements.

​

16. Changes to this policy

SLTR Mayfair may update this Privacy Policy from time to time to reflect legal, operational or service changes. ICO guidance says privacy information should be reviewed regularly and updated where necessary.​