The St Helens Sinfonietta
Forward. Although the regulations are complicated, the data requirements of The St Helens Sinfonietta (SHS) are quite simple. It is, however, important that you understand the data we will record and what we will do with it. In some instances, you will need to give specific permission for us to process your data (for example, we will not be able to send you marketing information about future events without your express permission). You may withdraw this permission at any time subject to any legal restrictions as noted below in 6(c).
1) Who are we? St Helens Sinfonietta runs live musical events for our audiences. It is a registered charity (No. 1116343) and an unincorporated organisation. It is run by an unpaid committee of trustees and other volunteers. We may engage separate organisations to provide some of elements of our services (for example: online ticket sales and mailing services).
2) Why we collect and process your data. We need to engage and pay performers, hire venues, market and sell tickets, and provide people to staff events. We collect personal data and process it only to the extent required to provide these services.
3) Data collected
a) Information about events that you have booked, and payments made.
b) If you have joined the mailing list, the means of communication you have selected
c) Information about donations made or fees paid for membership of the Friends & Patrons.
d) Information about other organisations, their contact persons, and about any payments made by us or fees received from them (for example: when a venue has been hired, or when SHS has been engaged by another party to provide a concert).
e) Contact and personal details where appropriate. This may include name, address, telephone numbers, email address, and disability requirements. The information collected may depend on the type of contact or any choices you make.
f) Gift-Aid declarations and details of donations made under them
a) For the efficient administration of our ticket sales and running of events.
b) To allow us to contact you in the event of a problem with payment or cancellation of a concert or recital.
c) To run the Mailing List, a list of donors, and the Friends & Patrons list.
d) To allow us to manage the event at the venue and cater for any special needs of disabled people (examples: limiting the size of audience; providing for wheelchair users).
e) To send marketing information to those who have opted-in for this, including details of forthcoming events and invitations to become, or renew as, a Donor, Friend or Patron.
f) We will use a ticket purchase agency (such as TicketSource) to provide an online ticket-buying service and to help run our in-house ticketing by providing a unified inventory of online and in-house sales. They will also provide a ticket production service for us; to facilitate this, we will provide the agency with only your initial and surname, which will be printed on the ticket. You can collect the ticket ‘on the door at the venue.
g) We also hope soon, but only with your permission, to enable automatic notifications of any cancelled events. Similarly, we could have automated reminders of your bookings, and information about new future events sent to you. These would involve entering your contact detail into our TS account and linking these to a mailing agency account (for example Mailchimp).
5) Data security.
a) Paper-based information and permissions supplied by you will be kept securely, when not being used, in a locked cabinet. Where information and permissions are given orally, we may keep a paper transcription and/or an electronic record.
b) We may transfer your data into an electronic record which will be kept on a password-protected personal computer. A back-up copy may be held on a remote server (for example on Microsoft’s OneDrive or Google Drive) which we regard as complying with UK GDPR regulations.
c) Where you buy tickets via the online ticket sales agency, who are engaged by us, you will need to provide them with sufficient information to enable the purchase and processing of your payment. Any such organisation will be fully compliant with GDPR and Privacy regulations, and they will not use your information for any other purposes than the ones we engage them to provide. They publish their own data protection and privacy policies.
d) The security features described in 5(c) will also apply to the agencies involved if you give us permission to provide your contact details to them as described under 4(g).
6) Retention of information
a) We will keep your data for as long as necessary to fulfil the contract (for example, until the event you have bought tickets for has occurred) and for up to twelve months after this.
b) If you have joined the Mailing List, or are a member of the Friends & Patrons, or are a donor, we will keep your data for as long as you remain in those categories and for up to two years afterwards. This is to ease continuity for people who allow their membership to lapse for a period and then renew again.
c) If your membership fees or donations have been gift-aided, we will keep your gift-aid donations records for as long as we are legally required to do so.
Destruction of redundant data. When data is no longer needed to fulfil the purposes for which it was collected it will be removed from all storage devices involved subject to the duration limits above.
Your Rights. To enact any of your rights please contact the person named in our literature and on our website.
a) You may request a copy of the information we hold about you.
b) You have the right to request that inaccurate information be corrected.
c) You may request the removal of your details from our database (may be subject to the retention periods listed above).
d) You may object to the processing of your data by us.
9) Sharing your data. We will not pass any of your information to any persons or organisations other than as described above, except where they have a legal right to it.