VenueCompliant
Legal

Privacy Notice

Last updated: 1 June 2026 · Applies to venuecompliant.com

In short:
We collect as little as possible. If you use the free scope checker without giving us your email, we don't know who you are. We only hold personal data when you choose to give it to us — for example by joining the waitlist or contacting us.

Who we are

VenueCompliant (“we”, “us”) is an independent guidance tool that helps UK venue managers understand whether they are in scope of Martyn's Law (the Terrorism (Protection of Premises) Act 2025). We are the data controller for the personal data described in this notice. We are not affiliated with the Home Office, the Security Industry Authority (SIA) or ProtectUK.

If you have any questions about this notice or how we handle your data, email us at hello@venuecompliant.com.

What we collect

We only collect personal data in a few specific situations:

  • Email address — when you join the waitlist, request your assessment, or contact us.
  • Checker answers — the options you select in the scope checker (for example, venue type and capacity band). On their own these are not personal data, but if you submit your email we may store them alongside it so we can tailor what we send you.
  • Contact details you choose to give us — such as your name, organisation, and the content of any message you send.
  • Anonymous usage analytics — privacy-friendly, cookie-free statistics about how the site is used (see Cookies & analytics).

We do not collect special category data, and we do not ask for payment details (Phase 1 has no payment processing).

How we use it

We use the data we hold to:

  • send you the assessment or guidance you requested;
  • keep you updated about VenueCompliant if you joined the waitlist (you can opt out at any time);
  • reply to your enquiries;
  • understand, in aggregate, how people use the checker so we can improve it.

We will never sell your data, and we won't use it for unrelated marketing.

Under UK GDPR, our lawful bases for processing are:

  • Consent — for sending you waitlist updates and product news. You give this by submitting your email, and you can withdraw it at any time.
  • Legitimate interests— for replying to enquiries and for understanding aggregate site usage to improve our service. We've balanced this against your rights and use privacy-friendly tools.

How long we keep it

We keep waitlist and contact data only as long as we need it for the purpose you gave it, or until you ask us to delete it. If the VenueCompliant project does not proceed beyond its validation phase, we will delete the waitlist in full. Anonymous analytics are retained in aggregate and cannot be linked back to you.

Third parties

We use a small number of trusted providers to run the service. Each processes data only on our instructions:

  • Resend — sends our transactional and waitlist emails. Privacy policy.
  • Plausible Analytics — privacy-friendly, cookie-free site analytics hosted in the EU. Privacy policy.
  • Vercel — hosts the website. Privacy policy.

Your rights

Under UK GDPR you have the right to:

  • ask what personal data we hold about you;
  • ask us to correct it if it's wrong;
  • ask us to delete it;
  • withdraw consent to marketing at any time;
  • object to processing or ask us to restrict it.

To exercise any of these, email hello@venuecompliant.comand we'll respond within one month. If you're unhappy with how we've handled your data, you can complain to the Information Commissioner's Office (ICO).

Cookies & analytics

We don't use tracking or advertising cookies. For analytics we use Plausible, which is cookie-free and does not collect any personal data or build profiles of visitors. Because of this, you won't see a cookie consent banner — there's nothing to consent to.

How to contact us

For any privacy question or request, email hello@venuecompliant.com. We read every message and aim to reply within a few working days.