Think Tank NCL Logo

Privacy Policy

Privacy Policy: Tokyo Group Limited

Last Updated: March 2026

Version: 2.0

1. Introduction and Data Controller

Tokyo Group Limited (Company No: 06462216), registered at C/O Cooper Parry St James Building, 79 Oxford Street, Manchester, M1 6HT (“”””the Company””””, “”””we””””, “”””us””””, “”””our””””), is committed to protecting the privacy and security of your personal data.

In accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, we act as the Data Controller for the personal information collected across our portfolio of bars, clubs, and music venues.

Contact Details:

Data Protection Officer: dataofficer@tokyoindustries.com

2. Scope of Policy

This policy outlines our protocols for collecting, processing, and safeguarding your data across all touchpoints, including:

  • Digital platforms (Websites, WiFi portals, and Mobile Apps).
  • Commercial transactions (Bookings, Ticketing, and Guestlist management).
  • Physical presence (CCTV, Event Photography, and Venue Entry).

3. Categories of Data Collected

We may process the following types of personal data:

  • Identity Data: Full name, title, and date of birth (for age verification).
  • Contact Data: Email address, telephone number, and billing address.
  • Financial & Transaction Data: Payment card tokens (processed via PCI-compliant gateways), booking history, and purchase details.
  • Technical & Usage Data: IP addresses, browser specifications, device identifiers, and interaction data via cookies.
  • Marketing & Communications Data: Your expressed preferences for receiving promotional material.
  • Audio-Visual Data: CCTV footage, professional photography, and videography captured during venue operations or events.

4. Lawful Bases for Processing

Under UK GDPR, we process data only where a valid legal basis exists:

  • Contractual Necessity: To fulfil bookings, issue tickets, and provide requested services.
  • Consent: For electronic marketing communications and the deployment of non-essential cookies.
  • Legitimate Interests: To ensure venue security, prevent fraudulent activity, improve our service offering, and conduct business analytics.
  • Legal Obligation: To comply with licensing laws, health and safety regulations, and tax requirements.

5. Marketing and the “”””Soft Opt-In””””

We strictly adhere to the Privacy and Electronic Communications Regulations (PECR).

  • Direct Marketing: We will only contact you if you have opted in, or if you are an existing customer (Soft Opt-In) regarding similar services, provided you were given an opportunity to opt out at the point of collection.
  • Opt-Out: You maintain an absolute right to object to marketing at any time via the “”””Unsubscribe”””” link in our correspondence or by contacting the Data Protection Officer.

6. CCTV and Venue Surveillance

CCTV is utilised for the Legitimate Interests of public safety and crime prevention.

  • Retention: Footage is standardly retained for up to 90 days, unless required for an ongoing legal investigation.
  • Transparency: Clear signage is displayed at all venue entrances where monitoring is in effect.

7. Photography and Event Media

By attending our events, you acknowledge that photography or filming may take place for promotional purposes.

  • Right to Erasure: If you appear in a published image and wish for it to be removed from our digital channels, please contact us directly, and we will act promptly to redact or delete the media.

8. Data Sharing and International Transfers

We do not sell personal data. We share data only with vetted third parties:

  • Service Providers: Payment processors, ticketing platforms, and IT infrastructure providers.
  • Regulatory Bodies: Law enforcement or licensing authorities where required by law.
  • International Transfers: If data is transferred outside the UK/EEA, we ensure “”””Adequacy Decisions”””” or Standard Contractual Clauses (SCCs) are in place to maintain equivalent levels of protection.

9. Data Retention Schedule

We retain data only as long as necessary for the purpose it was collected:

  • Marketing Records: Retained for 24 months from the last engagement.
  • Booking Records: Retained for 12 months post-event.
  • Financial Records: Retained for 6 years to comply with UK tax law.

10. Your Statutory Rights

You possess the following rights under data protection law:

  1. Access: Request a copy of the data we hold about you.
  2. Rectification: Request correction of inaccurate data.
  3. Erasure: Request deletion of data (subject to legal retention requirements).
  4. Restriction: Request that we limit how we use your data.
  5. Object: Object to processing based on Legitimate Interests.
  6. Withdrawal: Revoke consent at any time.

To exercise these rights, please email dataofficer@tokyoindustries.com. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

11. Security Measures

We employ industry-standard technical and organisational measures—including AES encryption, secure firewalls, and restricted access protocols—to protect your data from unauthorised access or accidental loss.

12. Children’s Privacy

Our venues and services are strictly targeted at individuals aged 18 and over. We do not knowingly process the data of minors.

We use cookies.