A NOTE BEFORE YOU READ

Your privacy is not a legal formality to us. It is the foundation upon which every aspect of Monkey Business is built. We understand that the nature of our events and community means that the information you share with us is deeply personal — and we treat it with the absolute discretion and respect it deserves.

Please read this policy carefully. It tells you exactly what we collect, why we collect it, and precisely how we protect it.

1. WHO WE ARE

Monkey Business (trading as Monkey Business — Fire Rock Events) is a private members lifestyle events company operating in Essex and across the South of England.

Data Controller: Ms. Monkey Business Contact: info@monkeybusiness1.com Phone: 07568 354015 Website: www.monkeybusiness1.com

We are committed to protecting your personal data in full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. THE INFORMATION WE COLLECT

We collect and process the following categories of personal information:

Information You Provide Directly When you register, make a booking, purchase a ticket or membership, or contact us in any way, you may provide us with your name, email address, postal address, telephone number, and payment information. Where relevant to membership applications, you may also provide profile information and preferences.

Information Collected Automatically When you visit our website we automatically collect certain technical data including your IP address, browser type and version, device information, pages visited, time spent on pages, and how you navigated to and from our site. This information is collected using cookies and similar tracking technologies, which are explained fully in Section 7 below.

Communications If you contact us via email, WhatsApp, or any other channel, we retain records of that correspondence including any personal information contained within it.

Special Category Data Given the nature of our business, some information you share with us — including information relating to your lifestyle, preferences or health — may constitute special category data under UK GDPR. We treat this category of information with the highest level of protection and will only ever process it with your explicit consent.

3. WHY WE COLLECT YOUR INFORMATION

We collect and use your personal information for the following lawful purposes:

To Deliver Our Services To process bookings, manage memberships, send event confirmations, and provide everything necessary to deliver the experience you have booked.

To Maintain Our Relationship With You To communicate with you about your account, upcoming events, membership renewals, and any matters relating to your experience with us.

To Keep You Safe In certain circumstances, including the management of our physical events, we may need to process personal information to protect the health, safety and wellbeing of our guests and staff.

To Improve Our Services We analyse aggregated, anonymised data about how our website and events are used in order to continuously improve our offering. This data cannot be used to identify you individually.

To Meet Legal Obligations We will process your data where required to do so by applicable law or regulation, or where necessary to establish, exercise or defend legal claims.

Marketing Communications With your explicit consent, we will contact you with information about upcoming events, special offers, and news from the Monkey Business community. You may withdraw this consent at any time — see Section 8 for how to do this.

4. HOW WE STORE AND PROTECT YOUR DATA

Platform Security Our website is hosted on the Wix.com platform. All data stored through our website is held on Wix's secure servers, protected by industry-standard firewalls and encryption protocols. Wix.com's full security policy is available at www.wix.com/about/privacy.

Payment Security We do not store your full payment card details. All payment transactions are processed through payment gateways that comply fully with the Payment Card Industry Data Security Standard (PCI-DSS) — the global security standard maintained by Visa, Mastercard, American Express and Discover. Your financial data is handled exclusively by these certified providers.

Retention Period We will retain your personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. Membership and booking records are typically retained for a period of three years following the end of your relationship with us, after which they are securely deleted.

Our Internal Commitment Access to your personal data within our organisation is strictly limited to those who genuinely need it to deliver our services. All personal information relating to our members and guests is handled with the utmost confidentiality — consistent with the discretion that is central to everything Monkey Business stands for.

5. WHO WE SHARE YOUR DATA WITH

We do not sell your personal data. We never have and we never will.

We may share your information with carefully selected third parties only in the following limited circumstances:

Service Providers We work with trusted third-party providers — including our website platform (Wix.com), payment processors, and email communication services — who process data on our behalf. All such providers are contractually bound to process your data only on our instructions and in accordance with UK GDPR.

Legal Requirements We may disclose your personal information where required to do so by law, court order, or at the request of a regulatory or law enforcement authority.

Protection of Rights We may share information where we reasonably believe it is necessary to protect the rights, property or safety of Monkey Business, our members, or others.

We will never share your personal information with any third party for their own marketing purposes without your explicit consent.

6. HOW WE COMMUNICATE WITH YOU

We may contact you via email, telephone, SMS or WhatsApp for the following reasons:

• To confirm bookings, tickets or membership applications

• To provide event information, updates or changes

• To resolve any issues with your account or booking

• To respond to enquiries or complaints you have raised

• To send marketing communications where you have consented to receive them

• Where required to comply with our legal obligations

You are always in control of how we contact you. You may update your communication preferences at any time by contacting us at info@monkeybusiness1.com.

7. COOKIES AND TRACKING TECHNOLOGIES

What Are Cookies? Cookies are small text files placed on your device when you visit a website. They allow the website to recognise your device and remember certain information about your visit.

What Cookies Do We Use?

Essential Cookies — These are necessary for our website to function and cannot be switched off. They are set in response to actions you take such as logging in or making a booking.

Analytics Cookies — We use these to understand how visitors interact with our website — which pages are most visited, how long people spend on certain pages, and how they navigate through the site. This data is aggregated and anonymous. We use this information solely to improve our website experience.

Marketing Cookies — Where you have given your consent, these cookies allow us to show you relevant content and communications based on your interests.

Managing Your Cookie Preferences You can control and manage cookies through your browser settings at any time. Please be aware that disabling certain cookies may affect the functionality of our website. For more information on managing cookies, visit www.allaboutcookies.org.

8. YOUR RIGHTS

Under UK GDPR you have the following rights in relation to your personal data. You may exercise any of these rights at any time by contacting us at info@monkeybusiness1.com:

The Right to Access — You may request a copy of the personal data we hold about you at any time.

The Right to Rectification — You may ask us to correct any inaccurate or incomplete personal data we hold about you.

The Right to Erasure — You may ask us to delete your personal data where there is no compelling reason for us to continue holding it.

The Right to Restrict Processing — You may ask us to pause the processing of your personal data in certain circumstances.

The Right to Data Portability — You may request that we transfer your personal data to you or to a third party in a commonly used, machine-readable format.

The Right to Object — You have the right to object to our processing of your personal data for direct marketing purposes at any time. You may also unsubscribe from any marketing communication using the unsubscribe link included in every email we send.

The Right to Withdraw Consent — Where we process your data based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

We will respond to all requests within 30 days of receipt.

9. COMPLAINTS

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) — the UK's independent data protection authority.

ICO Website: www.ico.org.uk ICO Helpline: 0303 123 1113

We would, however, always appreciate the opportunity to address your concerns directly before you contact the ICO. Please reach out to us first at info@monkeybusiness1.com.

10. CHANGES TO THIS POLICY

We review and update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you via email or by placing a prominent notice on our website. The date at the top of this policy indicates when it was last updated.

11. CONTACT US

If you have any questions, concerns or requests relating to this Privacy Policy or how we handle your personal data, please do not hesitate to contact us:

Monkey Business — Fire Rock Events Email: info@monkeybusiness1.com Phone: 07568 354015 WhatsApp: wa.me/447568354015

This Privacy Policy was prepared in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It does not constitute legal advice. If you require specific legal guidance on data protection compliance, we recommend consulting a qualified solicitor.

At Monkey Business, your privacy is not a policy — it is a promise. And we keep every promise we make.