Privacy Policy

 

Like every other organisation which holds personal data, we have been reviewing our procedures to ensure that we are GDPR compliant. We take your privacy seriously, and will always treat your personal information (‘data’) with respect. This document sets out what data we hold and on what basis we hold it, how it is used, how long we retain it, and how an individual’s data can be removed from our system.

1. Whose data do we hold?

We currently hold data on all individuals who have actively shown an interest in our events, either by purchasing a ticket from us in the past seven years, or by requesting to join our mailing list. The mailing list is updated regularly as a result of amendments received from the individuals concerned; we also delete annually from the mailing list the names and addresses of those who have had no contact with us in the previous seven years. If you are happy with the way we currently use your data, there is nothing further you need do; if you wish to unsubscribe, now, or at any time in the future, please see item 7 below.

2. What is our legal basis for holding this data?

> We hold and record data for the purpose of fulfilling our contract with you (to supply tickets or merchandise)
> We hold and record data for marketing purposes (a legitimate interest)
> If you have signed up to our mailing list, we hold your data by consent

3. What data do/do we not hold?

> Our electronic records include names, postal addresses, telephone numbers and email addresses; if an individual is the representative of a choir, we record this information also
> We store details of all ticket transactions both electronically and also in paper form; paper records are held securely and are shredded after each event
> We do not store credit card or cheque details electronically
> We do not hold data for any person under the age of 18

4. How do we use your data?

The data you have provided is used in two ways:
> for the purpose of fulfilling our contract with you in terms of supplying tickets for specific events, or for the sale of merchandise (we may contact you by post, email or telephone)
> for keeping you informed of other events organised by TRBC, or, in certain circumstance, by third parties whose events are deemed likely to be of interest to those on our mailing list. We keep you informed in two ways:
>> by email newsletters if you have given your consent for us to contact you by email (currently between two and four per year)
>> by direct mail (currently twice a year)

5. How secure is the data?

> Data is stored in a secure, password-protected environment, accessed only by the staff of Scratch Concerts Ltd
> Data will never be sold to a third party
> Data will not be shared with third parties unless (i) we are required to do so by law; (ii) it is wholly necessary for the performance of a contract or to keep you informed of our events; or (iii) we have your explicitly given permission to do so for any other reason
> In the event of (ii) above, the data will be shared over a secure, password-protected link, and we will require our partner organisations to demonstrate compliance with GDPR

6. How long do we retain your data?

> Your data is retained indefinitely on our active mailing list as long as you continue to make bookings/purchases from Scratch Concerts Ltd or until you request to unsubscribe (see below)
> If, after a period of six years, you have not made any bookings/purchases, your details are automatically removed from our active mailing list and added to our suppression list (see below)

7. You can unsubscribe at any time *

> To unsubscribe from any e-mail newsletter, click on the link at the foot of the email (please note this will not remove you from our postal mailing list; it merely ensures that you will not receive general marketing emails)
> If you prefer not to hear from us at all, either by email or by post, please email members@trbc.co.uk or write to us at PO Box 4211, Bath, BA1 0HJ, England. We need your full name and postcode in order to identify you correctly, so be sure to include these when you contact us
> If you request that your details are removed from our mailing list, they are added to our suppression list; this helps to ensure that we do not contact you in the future
> You can request that your details are removed also from our suppression list; however this means we have no record of your request to unsubscribe, and we are less able to ensure that we do contact you again in the future

*If you have purchased tickets from us for a future event, we have a contract with you and we cannot unsubscribe you until after the event unless the contract is cancelled (i.e. you cancel your booking).

Date of posting: 18 March 2020