Hivelink End-User Privacy Notice
0

Hivelink End-User Privacy Notice

Last updated: 17th December 2025

This Privacy Notice explains how Hivelink Ltd (“Hivelink”, “we”, “us”) processes personal data when you use the Hivelink platform as an end user (for example, when registering, booking or paying for activities with a school, club or activity provider (the “Organisation”)).

This notice is designed to make our role clear. In most cases, the Organisation you book with decides how and why your personal data is used. Hivelink generally provides the platform and processes data on the Organisation’s instructions.

1. Who we are and our role

Hivelink provides the technology used by Organisations to manage bookings, payments, communications and participant information.

  • The Organisation you book with is the data controller for personal data relating to parents/guardians and participants.
  • Hivelink acts primarily as a data processor, processing personal data on the Organisation’s instructions to provide the platform.
  • In limited circumstances Hivelink may act as an independent data controller, such as for account administration, billing, legal compliance, and aggregated platform analytics.

Personal data processed via the platform may be hosted and/or accessed outside the UK from time to time, subject to appropriate safeguards in line with UK GDPR requirements.

2. Personal data processed via the platform

Depending on how an Organisation configures Hivelink, the platform may process:

  • your name and contact details;
  • details of children/participants added to your account (such as name and age/date of birth);
  • profile information, images, documents, files or notes added to your account;
  • booking, attendance and payment records; and
  • messages and communications sent via the platform.

3. Account-level data and access

Personal information you add to your Hivelink account is held at account level for the Organisation you register with. Each Organisation you use the platform with operates a separate environment, and information entered for one Organisation is not visible to other Organisations.

Organisations and authorised administrators acting on their behalf may access relevant account information to administer bookings and deliver activities. Hivelink support staff may access data where necessary for support, onboarding, security, troubleshooting and service improvement. Actions in the platform may be logged and attributable to individual users.

4. How and why personal data is used

The Organisation determines the purposes for processing personal data via the platform. Typical purposes include:

  • managing registrations, bookings and attendance;
  • communicating with parents/guardians about activities;
  • delivering activities and related services;
  • managing payments, refunds and reconciliation; and
  • meeting legal, safeguarding or operational requirements.

5. Custom fields and additional information

Organisations may configure additional profile fields or request extra information (including documents or notes). These fields are controlled by the Organisation and the Organisation is responsible for ensuring it has a lawful basis for collecting and using that information.

6. Payments

When you make payments through the platform, payment processing is handled using third-party payment providers. Hivelink and the Organisation may receive payment status information and transaction references needed for administration, reconciliation and support. Payment card details are handled by the payment provider and are not stored directly by Hivelink.

7. Communications

The platform may send operational emails or messages relating to bookings, reminders and account activity. Where an Organisation sends communications, it is responsible for the content and the lawful basis for sending them.

8. Platform analytics and security

Hivelink may use limited technical information (for example, logs and device/browser data) to maintain security, prevent fraud, diagnose issues, and improve platform performance and reliability. Where used, analytics are intended to be aggregated and proportionate to these purposes.

9. Data sharing and service providers

Hivelink may use trusted service providers (“sub-processors”) to deliver parts of the platform (for example hosting, email delivery, monitoring and payment services). Where Hivelink acts as a processor, providers are engaged under appropriate contractual protections.

10. Data retention

Retention periods are primarily determined by the Organisation and their legal/operational needs. Where an Organisation ceases to use the platform, data may be retained for a limited period to support transition and then deleted or anonymised when no longer required.

11. Your data protection rights

You have rights under UK GDPR, including the right to:

  • access your personal data;
  • request correction or deletion;
  • object to, or request restriction of, certain processing; and
  • in some cases, request portability of your personal data.

In most cases, requests relating to personal data used for bookings and participation should be directed to the Organisation you booked with. If you contact Hivelink directly and the Organisation is responsible, we may redirect your request to the relevant Organisation.

12. Contact us

If you have questions about this Privacy Notice or how Hivelink processes personal data, you can contact:

Hivelink Ltd
Email: support@hivelink.co.uk




powered by
Terms & Conditions
Privacy Notice