Introduction

At Divine Group, we are committed to protecting your privacy and handling your personal data with transparency and care. This Privacy Notice (“Notice”) outlines how Divine Group and its affiliated companies collect, use, store, and safeguard your personal information. It applies to data you provide directly, as well as information we may obtain through third parties or other sources.

We may process your personal data for the purposes described in this Notice or as explained to you at the time of collection.

For more information about Divine Group, please contact us directly.

Who We Are

Divine Group acts as the data controller of your personal data. This means we are responsible for determining the purposes and means of processing your information, either independently or in partnership with others.

If you interact with specific venues, services, or facilities operated by Divine Group, the entity responsible for managing that service or location may also act as a data controller. A list of relevant entities and their contact details is available upon request to help you identify which part of Divine Group is responsible for managing your data.

 

Information Covered by This Notice

In this Notice, we use the term “processing” to refer to any activity involving your personal data—including collecting, storing, using, sharing, or deleting it.

Personal data means any information that can identify you as an individual, either directly or indirectly—such as your name, address, contact details, or other identifiers. When we say “you” or “your,” we are referring to the individual to whom the personal data relates. This may include:

• Primary Customers: Individuals or entities who directly engage with Divine Group’s products or services.

   

• Secondary Customers: Individuals affiliated with or linked to Primary Customers, such as employees, family members, or associates, who also benefit from the service.
• Children: Individuals under the age of 16.

We may also collect and process certain types of sensitive data, which may include information about your:

• Racial or ethnic background
• Political views
• Religious or philosophical beliefs
• Trade union membership
• Health conditions
• Genetic or biometric data used for identification

Use of Cookies

Where applicable, our websites may use cookies to enhance user experience, analyze traffic, or provide personalized content. You can manage your cookie preferences and withdraw consent at any time using the settings in your web browser. For more information, please refer to our Cookie Policy.

 

What Personal Data We Collect and How We Use It

To deliver our services, we collect and process various types of personal data. We only use what’s necessary, and we always comply with data protection laws.

Categories of Personal Data We Collect

• Contact Information: Home address, phone numbers, email, emergency contact.
• Identification Data: Full name, title, photo, passport/ID details, visas, driver’s license, certificates, insurance numbers, etc.
• Sensitive Data: Includes health info, ethnicity, political/religious beliefs, union membership, genetics, biometrics.
• Web Data: Cookies, IP address, social media profiles, and browsing activity.
• Financial Data: Card and bank details.
• Other Personal Info: Date of birth, gender, marital status, spoken languages, religion, family details, and more.

   

How We Use Your Data

We process your data for both external and internal operations, including:

• Marketing & Analytics: To personalize offers, track user activity, and improve services (with your consent or legitimate interest).
• Bookings & Orders: To manage reservations and transactions (based on contract or legitimate interest).
• Wi-Fi Access & Events: To provide on-site services or event participation (with consent or contract).
• Customer Support & Feedback: For surveys, complaints, and quality improvement (legitimate interest).
• Membership Management: To maintain account records (based on consent).
• Security & Safety: CCTV monitoring, system backups, health and safety incidents (legitimate interest, legal obligation, or consent).
• Legal & Financial Operations: For payments, audits, and legal compliance (contractual and legal basis).
• Business Development & CSR: For sales, research, and corporate responsibility initiatives (legitimate interest).

   

Your data is retained for up to 7 years after your last transaction, and sensitive data is kept for up to 2 years unless laws require otherwise.

CCTV Usage

We use CCTV in our locations for the safety of customers and staff. Signage is posted where required by law. Data is retained only as long as necessary for security purposes.

Data Received from Others

In some cases, we receive your personal data from third parties such as:

• Medical providers – for incident response and health support.
• Financial providers – for payments and contracts.
• Social media platforms – for analytics, marketing, or managing feedback.
• Group companies – including subsidiaries and affiliates within our corporate group.

   

Our Legal Basis

We rely on different legal grounds such as:

• Your consent
• Contractual necessity
• Legal obligations
• Vital interest (e.g. emergencies)
• Legitimate interest – where we’ve balanced your rights with our need to operate efficiently, ethically, and securely.

How Long Do We Keep Your Personal Data?

We will only retain your personal data for as long as necessary to fulfill the purposes outlined in this notice. The retention period is determined by factors such as the duration of our relationship with you and any legal requirements (e.g., for accounting, litigation, or regulatory purposes). For more details on storage periods, please refer to the section “What Do We Collect from You and How Do We Use It?” above.

If we no longer need to retain your data, we will either delete it or anonymize it so that you can no longer be identified, unless we are required to keep it for legal or regulatory reasons.

Who Do We Share Your Personal Data With?

We may share your personal data with trusted third parties, vendors, service providers, and affiliated employees as necessary to fulfill the purposes described in this notice. Where applicable, we may also share your data with other entities within The divine group Corporate LLC, including subsidiaries and holding companies.

Here’s a list of the categories of third parties with whom we may share your data and why:

Category of Third Party	Purpose for Disclosure
Legal and Professional Advisers	Audits, invoicing, legal requirements, transaction processing, accident/incidents, legal claims, competitions, and IT security.
Health Providers	Accident/incidents, legal requirements, medical care, and legal claims.
Finance, Insurance, and Credit Providers	Invoicing, payment processing, insurance, and valuation.
Government Bodies, Regulators	Audits, customer queries, invoicing, legal compliance, service improvements, and transaction progress.
IT, Digital, Technology, and Telecoms	Audits, customer queries, application security, support, service improvement, analytics, marketing, and memberships.
Marketing and Research Services	Service provision and marketing purposes.
Education and Childcare Providers	Service provision, IT security, and service improvement.
Membership Associations	IT security, marketing, and membership-related activities.

 

Security of Your Personal Data

We have implemented both technological and operational security measures to safeguard your personal data from loss, misuse, alteration, or destruction. Access to personal data is granted only to authorized personnel, who are committed to maintaining its confidentiality.

Your Rights

Depending on the country in which you reside, you may have specific rights related to your personal data. These rights are determined by the laws of your country, and their application may vary.

Right to Withdraw Consent

If you have provided your consent for us to process your personal data, you have the right to withdraw that consent at any time. You can do so by following the instructions provided when you initially gave consent or by contacting us. Please note that withdrawing consent will not affect any processing of your personal data that occurred before the withdrawal.

 

AI Implications

Artificial Intelligence (AI) Systems

We use AI Systems that process personal data to enhance our services and improve user experiences. While utilizing AI, we remain committed to safeguarding personal data, ensuring customer privacy, and preventing unauthorized or fraudulent activity. Our customers and stakeholders can trust that their personal data is securely protected, especially in situations where AI is involved in delivering our products or services. The deployment of AI inherently enhances the protection of personal data.

How We Use AI Systems

This notice provides details on how we protect your personal data while using AI Systems.

When personal data is processed through our AI Systems, we remain the data controller. We process your data in compliance with applicable data protection laws. If we engage a third-party processor, we ensure that contracts are in place to uphold our high standards and adhere to the relevant data protection regulations.

In some cases, we may process personal data through AI Systems. Before using AI, we carefully evaluate the opportunities and risks and ensure proper human oversight for sensitive matters. If we provide interactions with AI, we will clearly inform you and, when necessary, point out any potential errors.

Personal Data Processed by AI Systems

We may collect personal data directly from you, third parties, or public sources. We process this data using AI Systems to improve the efficiency, quality, and speed of our business processes and to provide services. For more detailed information, please refer to the section titled “What do we collect from you and how do we use it?”

In certain circumstances, we may process sensitive personal data through AI Systems. However, we will ensure that we have the necessary lawful basis for doing so. For processing existing personal data, we will continue to rely on the appropriate lawful basis. In cases where we engage data processors, they are unable to access personal data entered into AI Systems. We ensure that contracts with data processors require them to protect your personal data.

Contact us

If you want to exercise any of the rights set out above or have any questions or concerns about how we treat your personal data, please contact us at 

UAE: Cuber Business Centre, Al Khazna Tower -18th Floor – Al Najda Street – Al Danah – Zone 1 – Abu Dhabi.

MALTA: Amber Court,Block C,No 1, Qormi Road ,Santa Venera SVR 1301, Malta.

ROMANIA: Str. Augustin Buzura 1 Bl. A Ap. B10,Loc. Cluj Napoca, Cluj, Romania.

Call +40763316510 

Changes to This Notice

We regularly review this Notice and may update, modify, add, or remove sections at our discretion. We encourage you to periodically check this Notice for any updates. If required by data protection laws, we will notify you of any changes, including the effective date of those changes.