This Privacy Notice explains how The Black Service ("TBS", "we", "us") collects, uses, shares and protects your personal data when you visit our website (the "Site"), contact us by email or WhatsApp, or engage with our services, introductions and curated experiences (the "Services"). We are committed to discretion, compliance, and the respectful handling of all personal information entrusted to us.

​

1. WHO WE ARE (DATA CONTROLLER)​

Data Controller: MyStyleWindow Limited trading as The Black Service (company number 07295325), [whose registered office is 120 Regent Street, London, W1B5FE.

Contact: privacy@theblackservice.com.

​

We act as Data Controller for the personal data we process about you in connection with the Site and our Services. For Partner‑delivered elements, our Partners will act as independent controllers of the personal data they process.

​

Primary jurisdiction: United Kingdom (UK GDPR and Data Protection Act 2018). Where relevant, Nigerian data‑protection law (including the Nigeria Data Protection Act) also applies.

​​

2. SCOPE

This Notice covers:

• Site interactions: browsing, viewing, and interacting with our content and catalogues.

• Service enquiries and coordination: emails, web forms and redirection to WhatsApp for concierge requests, event interest, and curated introductions.

• Partner facilitation: where we share limited personal data with trusted Partners to secure availability or fulfil your instructions.

 

We do not currently take payments on the Site. Any fee‑bearing arrangements are handled off‑platform.

​

3. THE PERSONAL DATA WE COLLECT

We only collect data that is relevant and proportionate to the Services we provide. This may include:

​

• Identity & contact: name, job title, company, email, phone/WhatsApp number, postal address.

• Enquiry & preferences: details of your request, event preferences, location and timing, guest names, dietary or access needs you choose to share.

• Verification (where appropriate): limited KYC/eligibility checks for high‑value or restricted experiences; copies of ID only where strictly necessary and handled securely.

• Transactional context: booking references, dates and logistics (note: we do not process card data on the Site).

• Communications data: messages and correspondence with us (email/WhatsApp), including metadata (time, sender, recipients).

• Technical data: device/browser information, IP address, approximate location, and cookie identifiers (see Cookies Policy below).

• Marketing preferences: your preferences for receiving insights or event invitations.

• Third‑party sources: information from Partners (e.g., confirmation numbers), publicly available sources, or referrals with your knowledge.

​

We do not intentionally collect special category data. If you voluntarily share health or religious information (e.g., dietary requirements), we will process it only to meet your request and with appropriate safeguards.

​

4. HOW AND WHY WE USE YOUR DATA (LEGAL BASES)

We process personal data only where lawful under UK GDPR and, where applicable, Nigerian law. Our principal legal bases are:

• Contract: to respond to your enquiry, coordinate with Partners, and deliver Services you request.

• Legitimate interests: to operate and secure our Site, prevent fraud, protect our clients’ discretion, coordinate logistics, maintain internal records, and send relevant updates to existing clients (you can opt out at any time).

• Consent: where required for direct marketing to new subscribers, optional cookies/analytics, and when you ask us to communicate via WhatsApp or similar platforms.

• Legal obligation: to comply with laws, court orders, or regulatory requirements (e.g., anti‑money‑laundering or sanctions screening where applicable).

• Vital interests: very rarely, to protect life or safety (e.g., sharing essential information with venues or emergency services).

 

We do not engage in solely automated decision‑making that produces legal or similarly significant effects.

​

5. SHARING YOUR DATA

We share personal data only as needed to provide our Services or where required by law:

• Partners & venues to hold dates, request availability, or complete bookings on your instructions.

• Service providers who support our operations (e.g., website hosting, IT/security, email/newsletter platforms, CRM), under confidentiality and data‑processing terms.

• Professional advisers (legal, accounting) and insurers for governance and risk.

• Authorities where mandated by law, court order, or to prevent fraud or harm.

• Business transactions (e.g., restructuring): your data may be transferred under appropriate safeguards.

​

We do not sell your personal data.

​

6. INTERNATIONAL TRANSFERS

We operate cross‑border and may transfer data to Partners or service providers outside the UK (including Nigeria and the EEA/US). Where we do so, we use appropriate safeguards such as the UK International Data Transfer Agreement (IDTA) or EU Standard Contractual Clauses (as applicable), and require recipients to protect your data to UK‑equivalent standards. Where local law requires additional measures, we will implement them.

​

7. RETENTION

We keep personal data only for as long as necessary for the purposes described here, including to meet legal, accounting or reporting requirements. Typical retention periods are:

​

• General enquiries: up to 24 months after last contact.

• Bookings/engagement records: 6 years for contractual/financial records.

• KYC/verification (if collected): the shorter of legal minimums or 3 years after the engagement ends, then securely deleted.

• Marketing preferences: until you opt out or your address bounces repeatedly.

​

We review retention periodically and anonymise or securely delete data when no longer required.

​

8. MARKETING CHOICES

We may send curated insights, invitations, or updates consistent with your relationship with us. You can opt out at any time via the link in our emails or by contacting us. If you opt out, we may still send non‑marketing service messages (e.g., booking updates).

​

9. YOUR RIGHTS 

Subject to legal limits, you have the right to access, rectify, erase, restrict or object to processing, and to data portability. Where we rely on consent, you may withdraw consent at any time without affecting prior processing. In the UK you can lodge a complaint with the Information Commissioner’s Office (ICO). In Nigeria, you may raise concerns with the relevant data‑protection authority.

​

To exercise your rights, contact privacy@theblackservice.com. We may need to verify your identity.

​

10. SECURITY

We apply organisational and technical measures appropriate to the sensitivity of the data we handle, including access controls, encryption in transit where supported, and staff confidentiality obligations. No internet transmission is completely secure; please do not send sensitive information unless we ask you to use a secure channel.

​

11. CHILDREN 

Our Services and Site are intended for adults (18+). If you believe a minor has provided us with personal data, please contact us so we can delete it.

​

12. THIRD-PARTY SITES & PLATFORMS 

Our Site may link to third‑party sites (including Partner sites) that are governed by their own privacy terms. Messaging platforms such as WhatsApp have their own privacy policies; please review them before use.

​

13. CHANGES TO THIS NOTICE

We may update this Notice from time to time. The latest version will be posted on the Site with the effective date.

​

14. CONTACT

Questions about this Notice or your data rights: privacy@theblackservice.com.