Privacy

 

The website www.cidermilltheatre.com is owned by Chipping Campden School (company no.07680770)

Cidermill Theatre is committed to being transparent about the information we hold on our customers and ensuring all users’ privacy is protected.

Using personal information allows us to develop a better understanding of our audience, and in turn provide you with relevant information about upcoming events if you opt-in to hear more from us. As a school, it also helps us to engage with potential donors and supporters.

The purpose of this policy is to give you a clear explanation about how we collect and use your information. All data is stored in accordance with the Data Protection Act 1998.  The policy has been written to comply with the General Data Protection Regulation (GDPR) law, 2016, and the Privacy and Electronic Communications Regulation (PECR), 2003, and is in line with Chipping Campden School’s privacy policy.

 

How & Why we collect your information

We collect information from you in several ways.

Information you give us

When you book a ticket to see a show in advance, we ask you to give us relevant personal information such as your name, email address, postal address, and telephone number. We use this to send a confirmation email following payment, to keep you updated about any changes or useful information for the event you have booked, and to send your e-tickets.

We then ask for information on the types of shows that you like and for your consent to be contacted. All this information is held on our secure box office system, Ticketsolve, and our automated marketing platform, Mailchimp.

We also store information when you enquire about hiring a space at Cidermill Theatre. 

Information about your interactions with us

When you visit our website, we may collect information about how you interact with our content. We sometimes keep a record of communications we have sent you and, in the case of emails, we keep a record of which ones you have opened, and which links you have clicked on.

Financial information

If you use your credit or debit card to purchase tickets from us or to make a donation, our box office system and payment system ensures that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). We process all payments through secure server software (SSL) ensuring that your personal information is encrypted whilst it travels through the internet. Our payment system encrypts and stores your card details in compliance with PCI-DSS when you make a transaction – though we can only use these details to refund your payment rather than take future payments, and none of our staff members can see your full card number. We never store your 3- or 4-digit security code.

How we use your information

If you have purchased a ticket to see a performance, we will:

  • Use your booking history to help us build up a broader picture of our audience. We look at audience attendance and booking patterns to make sure we are continuing to offer a programme that appeals to our audience and reaches their expectations.
  • Contact you with advertisements about our programme, with emphasis on upcoming shows that are likely to appeal to you, if you have opted-in to receive marketing communications.
  • Measure your responses to our various marketing methods to ensure our communications are effective, and to evaluate the success of our marketing campaigns.

As a current or potential donor or supporter of Cidermill Theatre, we will:

  • Make considered and appropriate approaches to you about donating or supporting Cidermill Theatre based on previous interactions with us.
  • Update you on the projects and events that your support helped make happen.
  • Inform you about important developments at Cidermill Theatre; for example, updates on fundraising campaigns and future productions.

When we seek your consent

For some of the ways in which we use your information, we require clear and explicit consent. Such as for:

  • Emailing you with marketing information about upcoming events or other services offered at Cidermill Theatre.
  • Sharing your data with other arts organisations.
  • Emailing you to request a donation or with any information about fundraising.

Though we are not legally required to have your consent to send you information by post, we promise to only send direct mails to customers who have opted-in to receive mail communications.

Where we have good reason and legal consent is not required, we may:

  • Look at publicly available information about you when we are considering whether it is appropriate to approach you for a donation.
  • Contact you by post with information on fundraising campaigns, or to request your support or a donation, having ascertained that it is appropriate to approach you.

When we share your information

There are some circumstances in which we may share your personal information with third parties. We may share your date with:

  • Any organisations that we contract to hold and process data on our behalf (i.e. our box office system providers, Ticketsolve, our marketing platform, Mailchimp, and The Audience Agency, for reporting purposes). In these cases, we make sure that the organisation complies with our instructions and with data protection law.
  • Any organisation that we are legally obliged to share information with (for example, law enforcement agencies).
  • Other arts organisations, whose performances or events you have previously attended, for marketing purposes. We will ask for your explicit consent before we do this.
  • Commissioning or co-producing partners, for reporting purposes only.
  • Funders, for reporting purposes – this data is anonymised.

Where we store your information and how we keep it safe

Our audience booking data is held in our box office database, a CRM system called Ticketsolve, which is stored on a password-protected external server. The company has a robust system in place to protect your data and recognises their responsibility for doing so. After you have made your first booking with us, a password-protected account is created – you can log in at any time and make changes to your preferences and to your data permissions.

We also hold personal information on our donors and members electronically on our internal shared drive. This information is held in password protected files and only the appropriate members of staff can access them.

How we maintain your information and the rights you have to it

We review the information we store on you every year to check that it is necessary for us to continue keeping it and that it is stored securely.

You have the right to control what information we hold about you and how we use it. This includes the right to:

  • Request a copy of the information we hold on you
  • Control how we use that information or request that the information is permanently erased, if your request does not go against any legal duties we have.
  • Unsubscribe from emails or update your preferences at any time, using the link at the bottom of every marketing email.

Personal Data & Recruitment

Data Protection law recognises that certain categories of personal information are more sensitive, such as health information, race, religious beliefs and political opinions. We do not usually collect this type of information unless there is a clear reason for doing so, such as during recruitment and occasionally for reporting demographics to funding organisations.

As part of our recruitment process, we ask all candidates to fill in an equal opportunity monitoring form, giving information on age, ethnicity, gender etc. These forms help us to make sure we are an equal opportunities employer. The information they contain is kept anonymous.

We work with Chipping Campden School’s recruitment manager to recruit our permanent staff and employ best practice when recruiting freelance staff and volunteers. We store application forms for a maximum of six months after the closing date or at the end of the relevant project, after which they are deleted and/or securely destroyed.

Holding information on young people or vulnerable adults

When working with children, young people and vulnerable adults we make sure the information we hold on them complies with our Safeguarding Policy.

  • Personal information on children under 16 and vulnerable adults is only obtained and stored with consent from parent/guardian.
  • Personal information is stored electronically in our box office system or in password protected spreadsheets
  • Physical copies of personal information are destroyed safely no more than one year after an activity or performance has taken place. Electronic records such as registers and participation forms are deleted no more than five years after an activity or performances has taken place.
  • We may use data to ask for feedback or share relevant information regarding similar participatory opportunities that may arise in the future.

Photography

We occasionally take photographs and videos of performances, audiences, and participants for marketing or reporting purposes. These may be displayed on our website and social media platforms.

When we plan to take photographs of audiences, we make them aware by displaying visible notices. If an individual does not wish to be photographed or filmed, they are encouraged to tell the photographer/videographer or a member of staff.

We ask for consent before taking and using photographs when:

  • It is for an activity that participants have specifically enrolled for, such as a workshop. We ask for consent as part of the booking process.
  • Vulnerable children or adults are involved.
  • School children are involved, with permission being sought via the school.

 

In all cases, we never identify the person(s) in the photographs without their or their parent or guardian’s explicit consent.

We aim to upload these images to our secure server and delete them off the camera or mobile device used within three working days.

Cookies

Our website uses cookies - small text files that are stored on your computer to provide a better user experience. Cookies track which URLs are accessed, and store information about customer purchases and user preferences. This data is anonymised and then processed by programmes like Google Analytics so we can analyse use of the Website.  You can set up your browser to reject cookies, although some functionality of the website may be impaired.

How to get in touch

If you have any questions or concerns relating to the way in which we are managing your information then please contact Danni McCabe, General Manager by emailing dmccabe@cidermilltheatre.com.

If you want to update your preferences or contact permissions on your box office account, simply log in to your account or contact the box office by emailing boxoffice@cidermilltheatre.com.

Changes to our policy

We reserve the right to make changes to the Privacy Policy at any time, so please check it periodically.

 

Updated: October 2022

Read More