Millennium Cinemas Ltd believes that your personal and private information must be protected and is committed to doing so. This Privacy Policy explains how we collect, use and store information about you, and what your rights are if you wish us to correct, remove, or restrict any information we hold, and who it is share with. Please read this Privacy Policy carefully before submitting any of your Information to us
This Data Protection Policy serves to outline the obligations and responsibilities of MILLENIUM CINEMAS LIMITED (“the company”) as well as parties involved in the processing of personal data within the company, with the overarching objective of safeguarding the privacy of individuals. It is predicated upon the principles of lawful data processing, data minimization, data accuracy, and the implementation of robust security safeguards to ensure proper handling, processing and use of personal data. The Company is committed to complying with all relevant Kenyan laws as well as applicable international legislations related to Data Protection. We recognize that the protection of individuals’ data through lawful, legitimate, and responsible processing and use of their personal data is a fundamental human right. We will ensure that we protect the rights of data subjects and that the data we collect, and process is done in line with Data Protection laws. Our employees must comply with this policy, breach of which could result in disciplinary action.
By using our services, such as registering on our website, purchasing tickets on our website, registering for our Loyalty schemes and offers that require registration and collection of personal data, subscribing to our social channels on Whatsapp, Facebook & Instagram or any other channel, contacting us on chat, social media, WhatsApp, email and any other communication, you are acknowledging that we will collect and use your Information as described in this Policy. Protecting your privacy is important, and we aim to be as open and transparent about how your Information is used. We do need to some of Information to provide our services to you, but other optional uses will be with your consent. We aim to keep your Information only for as long as we need to for the purposes identified. As a valued Millennium Cinemas ltd client, entering into business with us means that you have consented to the use of your personal data and the required information to facilitate your transactions.
3. WHAT INFORMATION DO WE COLLECT AND HOW DO WE USE IT?
We collect Information from you: -
• when you purchase tickets
• when you sign up to our Whatsapp or Telegram updates channel
• when you subscribe to our Loyalty Card scheme and our offers
• when you interact with our social media pages (e.g. Twitter or Facebook);when you enter a competition
• when you contact us by telephone, chat, social media, WhatsApp, email and any other communication
• when you respond to a survey, or enter a competition (whether via our websites, an app or through social media).
• when you fill out a comment card
We use that Information:
• to effectively and efficiently provide our services to you;
• to improve the services, we provide and to tailor our products and services to you;
Bookings, Ticket purchases and payments
If you book tickets using our website or at the counter using MPESA or Credit Card, we will need to know some details about you; such as your name and payment card details. For MPESA, your name and telephone number. For online bookings on our website, we require your name, telephone number and email address.
If you contact us or have an enquiry via our website or email, we will keep a record of this which may include some of your Information depending on how you contacted us.
How we use this Information
We use this Information to allow us, or our third-party payment integrators iPay for website transactions and Kopo Kopo for over-the-counter transactions via MPESA to process your booking, and to send you any relevant emails or contact you regarding your booking.
If you choose to pay for your ticket or loyalty cards or gift cards on our website by credit or debit card or MPESA, or at the cinema via MPESA or credit or debit cards, those payments will be processed by our payment providers iPay, Kopo Kopo and ABSA
iPay processes your data in accordance with its privacy policy https://www.ipayafrica.com/info/Data-Protection-Statement%C2%A0
Kopo Kopo process your data in accordance with its privacy policy https://app.kopokopo.com/privacy
For tickets bought on our website, transaction data is anonymized after 3 months.
If a film is age restricted 18, whether or not a ticket has been purchased online, the Customer must bring recognized identification, such as a passport or identity card. If authentic identification cannot be provided when requested, you will not gain entry to the film. The final decision with regard to the production of identification and its suitability to prove age rests with the Staff of the cinema, and the Companies' decision in this matter is final.
LOYALTY SCHEME, GIFT CARDS AND OFFERS
If you join our Loyalty scheme, purchase a Gift Card online, we will ask you to complete the registration process to register it. As part of this process, we will ask for Information such as your name, e-mail address, postal address, telephone number, date of birth and payment method, Identity card or passport.
If you register for a Loyalty Card or Gift Card for someone else (if it is a gift), we will still need some Information about you (so we can contact you about your gift and you can pay) but we will also ask for the details of the person who will be the card holder. Where you submit Information about that person to us, you confirm that you have all necessary permissions and consents to do so (including the consent of the card holders’ parent or guardian, if they are under 18).
How we use this Information
In addition to using this information to effectively and efficiently provide services to you, we use this information to administrate and monitor card usage, for the onward improvement of our service. The card enables you to collect points, redeem tickets, enjoy offers which equate to discounts at our cinemas. We may use the information to market you with promotions or offers related to the loyalty cards and other offers at the cinema.
SUPPLIER DATA AND CORRESPONDENCE
Data held on our accounting software, files and records are accessible only by authorized personnel secured by login and password for software and restricted access to authorized personnel for files
MARKETING AND SOCIAL MEDIA CHANNELS
Our Whatsapp and Telegram updates channels may allow the channel administrators to see your name and telephone number. Other followers cannot see your profile and phone number when you interact, and they both have opt-out policies and an option to unfollow the channels.
Our social channels on Facebook and Instagram which subject to their terms and regulations
Emails: Our common email for customer feedback and correspondence: info@nyalicinemax.com which is restricted to specific personnel with password access. All our company emails are restricted to specific personnel with password access.
RETENTION OF DATA
We only retain personal data for as long as it is necessary to do so in line with the Data Protection Laws. This means that we retain data:
a. For as long as you continue to use our services
b. For any period required by law.
c. For purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
d. For the purposes of any legal proceedings. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation arising out of our relationship with you.
e. For as long as is required for the company’s legitimate business interests.
We may hold anonymized information that is no longer associated with you indefinitely. To determine the appropriate retention period for data, we consider the nature and sensitivity of the personal data, the purposes for which we process the data, the potential risk or harm from authorized use or disclosure and whether we can achieve those purposes through other needs means and the need to comply with our Privacy Policies and applicable laws
Disclosure of personal data
We will not share personal information with any other individual, company or organization except in the following cases: -
a. Where we have gotten your consent.
b. For legal reasons where there is a court order or a legal obligation which we have to comply with.
c. Where it is necessary to do so to enforce the Terms and Conditions and other agreements, or where it is necessary in order to investigate potential breaches.
d. In the event of a merger, sale or change of control, we may transfer this Privacy Notice and your personal information to a third-party entity that acquires or is merged with us as result of a merger, acquisition, sale or other change of control.
Where we share personal data in the cases listed above we take all necessary steps to ensure that:-
i. The data is processed lawfully.
ii. We only disclose what is necessary.
iii. The data is kept secure and all safeguards are put in place to ensure protection.
DATA SECURITY
The Company implements and maintains appropriate technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. Access to personal data shall be restricted to authorized personnel on a need-to-know basis.
Audits are done once a year – to include that in policy and practice
Periodic requests to confirm details and data held and to update channels have an opt-out option.
Awareness & training done as required.
INFORMATION SECURITY
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of data. As a company policy, we do NOT store ANY card detail, security PINs or sensitive pieces of information regarding your payments on our servers.
We also restrict access to personal information to Millennium Cinemas Ltd employees, who need to know that information to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Where information in our custody has been accessed and/or acquired by unauthorized person, and there is a real risk of harm to our client, we endeavor to remedy the breach as follows:
1. Communicate to the data subject of the breach stating the nature of the breach
2. Put in preventive measures to restrict further access of information by unauthorized persons
3. Mitigate adverse effects of the security compromise.
4. Identify the unauthorized persons who may have accessed the information.
CCTV
The Company reserves the right to use closed circuit television (CCTV) systems throughout its premises as deemed necessary and employees and visitors to our cinemas should expect all areas (other than those where use would contravene common decency) to be visible on a television monitoring system. Any information obtained from the system will be used with strict adherence to the Data Protection Act and our privacy policy. Information will be used for the prevention and detection of crime and to ensure compliance with our policies and procedures and our legal obligations. This may include using recorded images as evidence in disciplinary proceedings.
We also use CCTV monitoring at our cinemas to ensure the safety of guests. It enables us to monitor the screen remotely and the exterior of the cinema, for the protection of our guests and as part of our health and safety management,
Footage from CCTV is stored securely on the server for a maximum of 28 days or less, then automatically deletes. Footage is available to view on the internal monitor at the sites and can be viewed by all staff in the area of the monitor. Footage can be viewed remotely by authorized personnel with authorized access.
The footage may be shared with other agencies such as the Police, the Health and Safety Committee or our insurers in the event of claims. Any requests to view footage must otherwise be made in writing.
CHANGES TO THIS PRIVACY POLICY
Please note that this Privacy Policy may change from time to time.
We will not reduce your rights under this Privacy Policy without your explicit consent, and we expect most such changes will be minor. Regardless, we will post any Privacy Policy changes on this page
and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes).
Each version of this Privacy Policy will be identified at the top of the page by its effective date, and we will also keep prior versions of this Privacy Policy in an archive for your review.
UPDATING, RECTIFYING AND DELETING PERSONAL DATA OR WITHDRAWING CONSENT
Where you have consented to us using your Information for particular purposes as set out in this Privacy Policy (for example asking us to store your payment card details), you can withdraw your consent at any time. You can also ask us to stop sending you marketing communications by email or via social media at any time, in each case by contacting us on 0733 786 470008 or email at admin@nyalicinemax.com. Where you ask us to stop marketing communications, please be aware it may take us a few days (but not longer than a month) to ensure our systems are updated.
If you want to find out what Information we hold about you or to have your Information updated, removed or corrected, please email us at admin@nyalicinemax.com