Off Peak Break is committed to protecting your personal information and being transparent about how we use it. This policy explains what data we collect when you visit www.offpeakbreak.co.uk, enquire about our services, or attend an Off Peak Break event — and what rights you have over that data. It is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Who We Are
Off Peak Break ("OPB", "we", "us", "our") is a team experience and corporate offsite company operating in the United Kingdom. Our details as data controller are:
- Company: Off Peak Break
- Registered in: England & Wales
- Website: www.offpeakbreak.co.uk
- Email: contactus@offpeakbreak.com
- ICO registration: Off Peak Break is registered with the Information Commissioner's Office as required under the Data Protection Act 2018
We are the data controller for personal information collected through our website and services. Where we engage third-party service providers to process data on our behalf, they act as data processors under our instruction.
Data We Collect
We collect personal information in the following ways:
Information you give us directly
| Data Type | When Collected | Examples |
|---|---|---|
| Contact details | Enquiry forms, email, calls | Name, email address, phone number, job title |
| Company details | Event planning & proposals | Organisation name, team size, location |
| Event participant details | Registration & onboarding | Dietary requirements, accessibility needs, emergency contact |
| Feedback & e²i data | Post-event surveys | Engagement scores, survey responses, open text feedback |
| Payment information | Invoice & billing | Billing address, VAT number (payment cards handled by processor) |
Information collected automatically
- IP address and approximate location
- Browser type, device type, and operating system
- Pages visited, time on page, referral source
- Cookie identifiers (see Section 6)
Information from third parties
- Referrals from partner organisations or event sponsors
- Publicly available professional information (e.g. LinkedIn, company websites) used for outreach
How We Use Your Data
We use your personal data only for clear, defined purposes:
- Delivering your Off Peak Break — planning, coordinating, and running your event
- Proposals & quotes — preparing and sending bespoke event proposals
- Communication — responding to enquiries and keeping you updated on your booking
- e²i Engagement Scoring — processing post-event survey data to generate your team's Engagement Score
- Improving our service — analysing aggregated, anonymised data to develop our programmes and venues
- Marketing (with consent) — sending case studies, new experience updates, or event inspiration where you have opted in
- Legal compliance — meeting our obligations under UK law, including HMRC tax and record-keeping requirements
We will never sell your personal data, and we will never use it for purposes incompatible with those listed above.
Legal Basis for Processing
We process your personal data on the following legal grounds under UK GDPR and the Data Protection Act 2018:
- Contract performance — processing necessary to deliver the event you have booked with us
- Legitimate interests — responding to inbound enquiries, improving our services, and B2B outreach, where these interests are not overridden by your rights
- Consent — for marketing communications and non-essential cookies, where we ask for and rely on your explicit consent
- Legal obligation — where processing is required to comply with applicable law
Sharing Your Data
We share personal data only where necessary and only with parties who are required to handle it appropriately:
- Venue partners & experience providers — to coordinate logistics, accommodation, meals, and activities for your event
- Transportation providers — where OPB manages travel as part of your package
- Technology platforms — our CRM, email, survey, and project management tools (e.g. Google Workspace, form tools)
- Payment processors — for billing and invoicing; we do not store card data ourselves
- Professional advisers — accountants and legal advisers bound by professional confidentiality obligations
- Regulatory authorities — where required by law or court order
We do not sell, rent, or trade your personal data with third parties for their own marketing purposes.
Cookies & Tracking
Our website uses cookies — small text files stored on your device — to improve your experience and help us understand how the site is used. Our use of cookies is governed by the Privacy and Electronic Communications Regulations 2003 (PECR) alongside UK GDPR.
Types of cookies we use
| Cookie Type | Purpose | Consent Required? |
|---|---|---|
| Essential | Core website functionality (navigation, security) | No — necessary for the site to work |
| Analytics | Understanding page visits and user journeys (e.g. Google Analytics) | Yes — opt-in |
| Marketing | Tracking campaign performance and serving relevant content | Yes — opt-in |
You can manage or withdraw cookie consent at any time via your browser settings or our cookie banner. Withdrawing consent for analytics or marketing cookies will not affect your use of the site.
How Long We Keep Your Data
We retain personal data only as long as necessary for the purpose it was collected, or as required by law:
- Client and event records — 7 years from the end of the engagement (in line with HMRC requirements under the Companies Act 2006)
- Enquiry and prospect data — 2 years from last contact, or until you ask us to delete it
- e²i survey responses — anonymised aggregate data retained indefinitely; individual-level data deleted within 12 months of the event
- Marketing data — until you unsubscribe or withdraw consent
- Website analytics — as configured in our analytics platform (typically 26 months)
When data is no longer required, it is securely deleted or irreversibly anonymised.
Your Rights
You have meaningful rights over your personal data. We will respond to all requests within 30 days.
To exercise any of these rights, email us at contactus@offpeakbreak.com with the subject line "Data Rights Request". We will respond within one calendar month as required under UK GDPR. We may need to verify your identity before acting on your request. If you are not satisfied with our response, you have the right to complain to the ICO at ico.org.uk.
International Data Transfers
Off Peak Break is based in the United Kingdom and primarily processes data within the UK. Where we use cloud-based tools or service providers whose servers are located outside the UK, we ensure appropriate safeguards are in place before any transfer takes place. These safeguards may include:
- Adequacy regulations — transferring to countries deemed adequate by the UK Secretary of State (e.g. the EEA, which has UK adequacy status)
- UK International Data Transfer Agreements (IDTAs) — the UK's post-Brexit replacement for EU Standard Contractual Clauses
- UK Addendum to EU SCCs — where applicable for transfers to countries using EU-standard SCCs
If you have questions about the specific safeguards applied to any cross-border transfers, please contact us using the details in Section 11.
Children's Privacy
Our services are designed for corporate clients and working professionals. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has provided us with personal information, please contact us immediately at contactus@offpeakbreak.com and we will delete it promptly.
Contact Us
If you have any questions about this privacy policy, wish to exercise your rights, or want to raise a concern about how we handle your data, please get in touch:
Off Peak Break — Data Enquiries
We aim to respond to all privacy-related requests within one calendar month as required under UK GDPR. If your request is complex or numerous, we may extend this by a further two months — we will notify you within the first month if this applies.
Supervisory Authority
If you are not satisfied with how we handle your data, you have the right to complain to the Information Commissioner's Office (ICO) — the UK's data protection supervisory authority.
🌐 ico.org.uk · 📞 0303 123 1113 · Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
This policy was last updated in May 2026. We may update it from time to time — significant changes will be communicated via email to clients and a prominent notice on this page. Continued use of our website or services after changes take effect constitutes acceptance of the revised policy.