Privacy Policy

Privacy and Data Protection Policy

1. PURPOSE OF POLICY

We are committed to protecting your personal information and being transparent about what information we hold about you.

Using personal information allows us to develop a better understanding of our patrons and in turn to provide you with relevant and timely information about the work that we do.

The purpose of this policy is to give you a clear explanation about how we collect and use the information we collect from you and to meet our duties of transparency under the “General Data Protection Regulation” or “GDPR”.

We use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:

– What information we may collect about you

– How we may use that information

– In what situations we may disclose your details to third parties

– How we might use cookies to improve our website

– Information about how we keep your personal information secure, how we maintain it and your rights to be able to access it

If you have any queries about this policy, contact details are provided at the end of this policy.

Any modifications or changes to this Privacy Policy will be updated on this page.

2. YOUR RIGHTS RELATING TO YOUR PERSONAL DATA

By law you have the right to:

– Request access to your Personal Data. This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it. – Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

– Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).

– Object to processing of your Personal Data. This right exists where we are relying on a Legitimate Interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.

– Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.

– Request the transfer of your Personal Data. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

– Withdraw consent. This right only exists where we are relying on consent to process your Personal Data (“Consent Withdrawal”). If you withdraw your consent, we may not be able to provide you with access to the certain specific functionalities of our Site. We will advise you if this is the case at the time you withdraw your consent.

3. LEGAL BASIS

There are three bases under which we may process your data:

Contract purposes

When you make a purchase from us or make a donation to us, you are entering into a contract with us. In order to perform this contract, we need to process and store your data. For example, we may need to contact you by email or telephone in the case of cancellation of a show, or in the case of problems with your payment.

Legitimate business interests

In certain situations, we collect and process your personal details for purposes that are in our legitimate organisational interests. However, we only do this if there is no overriding prejudice to you by using your personal information in this way. We describe below all situations where we may use this basis for processing.

With your explicit consent

For any situations where the two bases above are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation.

4. MARKETING COMMUNICATIONS

We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as what events you have booked for in the past, as well as any preferences you may have told us about.

We use our legitimate organisational interest as the legal basis for communications by post and email. In the case of postal mailings, you may object to receiving these at any time using the contact details at the end of this policy. In the case of email, we will give you an opportunity to opt out of receiving them during your first purchase with us. If you do not opt out, we will provide you with an option to unsubscribe in every email that we subsequently send you, or you can alternatively use the contact details at the end of this policy.

We may also contact you about our work by telephone however we will always get explicit consent from you before doing this. Please bear in mind that this does not apply to telephone calls that we may need to make to you related to your purchases (as above).

You can ask us to stop sending you marketing messages at any time by visiting our website, logging –in and changing your contact preferences OR by calling us at Box Office to change your contact preferences OR by following the opt-out links on any marketing message sent to you OR by contacting us at any time using the contact details shown at the end of this Privacy Policy.

Where you opt out of receiving these marketing messages, this will not apply to Personal Data provided to us as a result of emails relating to purchases or subscription renewals.

5. INFORMATION COLLECTION

We collect various types of information and in a number of ways:

Information you give us

For example, when you register on our website, buy tickets or make a donation, we’ll store personal information you give us such as your name, email address, postal address, telephone number and card details. We will also store a record of your purchases and donations.

Information about your interactions with us

For example, when you visit our website, we collect information about how you interact with our content and ads. When we send you a mailing we store a record of this, and in the case of emails we keep a record of which ones you have opened and which links you have clicked on.

Information from third parties

We occasionally receive information about you from third parties. For example, we may use third party research companies to provide general information about you, compiled using publicly available data.

Sensitive personal data

Data Protection law recognises that certain categories of personal information are more sensitive such as health information, race, religious beliefs and political opinions. We do not usually collect this type of information about our patrons unless there is a clear reason for doing so.

6. OTHER PROCESSING ACTIVITIES

We also process personal information in the following ways that are within our legitimate organisational interests:

– We may analyse data we hold about you to ensure that the content and timing of communications that we send you are as relevant to you as possible.

– We may analyse data we hold about you in order to identify and prevent fraud.

– In order to improve our website, we may analyse information about how you use it and the content and ads that you interact with.

– We may use profiling techniques or third party wealth screening and insight companies to provide us with information about you that will help us to communicate in a relevant way with you, in particular when we are approaching you about potential philanthropic support. Such information is compiled using publicly available data about you.

In all of the above cases we will always keep your rights and interests at the forefront to ensure they are not overridden by your own interests or fundamental rights and freedoms. You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the end of this policy.

7. THIRD PARTIES

There are certain circumstances under which we may disclose your personal information to third parties. These are as follows:

– To the subsidiaries when it is necessary for them to be able to provide you with products or services that you’ve requested.

– To our own service providers who process data on our behalf and on our instructions (for example our ticketing system software provider, Spektrix Ltd). In these cases, we require that these third parties comply strictly with our instructions and with data protection laws, for example around security of personal data.

– Where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies).

– To the Friends of Strode Theatre, for whom we act as a processor, if you have joined them by making a regular donation. You can see Friends of Strode Theatre’s Privacy Policy here

– To specific named visiting companies whose performances you have attended. In these cases we will always ask for your explicit consent before doing so.

In addition to the Personal Data that we collect directly from you (as described in the section immediately above this one), we may also collect certain of your Personal Data from third party sources such as credit reference agencies, social media sites and analytics providers for identity verification, behavioural and technical data which may or may not already be publically available.

8. WEBSITE COOKIES

Cookies are small text files that are automatically placed onto your computer device by some websites that you visit. They are widely used to allow a website to function (for example to keep track of your basket) as well to provide website operators with information on how the site is being used. We may use cookies to keep track of your basket as well as to identify how the website is being used and what improvements we can make.

9. YOUR DEBIT AND CREDIT CARD INFORMATION

If you use your credit or debit card to purchase from us or to make a donation, we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). You can find more information about this standard by clicking HERE

We optionally allow you to store your card details for use in a future transaction. This is carried out in compliance with PCI-DSS and in a way where none of our staff members are able to see your full card number. We never store your 3 or 4-digit security code.

10. MAINTAINING YOUR PERSONAL INFORMATION

We store your personal information indefinitely, such that for any subsequent purchases you make we are able to link them back to a single unique record that we hold for you on our system.

To determine this retention period, we considered the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and the applicable legal requirements, which includes financial returns and Gift Aid declaration timescales.

If there are aspects of your record that are inaccurate or that you would like to remove, you can usually do this by logging in to your account through our website. Alternatively please use the contact details at the end of this policy. Any objections you make to any processing of your data will be stored against your record on our system so that we can comply with your

11. HOW WE KEEP YOUR PERSONAL DATA SECURE

We use a secure ticketing system and database with security features designed to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality.

As part of Strode College, we have procedures to deal with any actual or suspected Personal Data breach. In the event of any such breach, we have systems in place to work with applicable regulators. We will not transfer, process or store your data anywhere that is outside of the European Economic Area.

12. THIRD PARTY LINKS

This Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect some of your data. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Site, we encourage you to read the privacy policy of every site you visit.

13. YOUR RIGHTS TO YOUR PERSONAL INFORMATION

You have a right to request a copy of the personal information that we hold about you and to have any inaccuracies in this data corrected. Please use the contact details below if you would like to exercise this right.

14. CONTACT DETAILS AND FURTHER INFORMATION

You can change your contact preferences by logging into your account by clicking HERE or by contacting our Box Office on 01458 442 846.

This is a subsidiary policy of the Strode College Data Protection Policy.

If you have any questions about any aspect of these Policies, and in particular if you would like to object to any processing of your personal information that we carry out for our legitimate organisational interests, you can contact our Data Protection Officer on 01458 844 410 or [email protected]

Download privacy policy as aPDF
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.