This Privacy Notice sets out how we, who administer the Portsmouth Baroque Choir, gather, use and secure any data that you give us when you visit this website and/or provide your contact details to us for mailing or emailing purposes. We are committed to protecting your personal data. Any personal data we collect from you will be used in line with the General Data Protection Regulations (GDPR).
We have appointed a Data Controller under the GDPR who can be contacted at firstname.lastname@example.org
The Portsmouth Baroque Choir may change this Privacy Notice from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
What data we collect
We may collect the following information from you:
– Your name
– Your contact information. This will include some or all of postal/mail address/telephone number, as appropriate for you – depending on whether you are a choir member, a Friend, or due to receive hard-copy or electronic mailings
– Financial info, where payments of expenses, fees or invoices for services are to be carried out by online bank transfer
– Other information relevant to previous attendance at our events and any other information you have provided to us which helps us know what future events you may be interested in.
What we do with the data we gather
We process this data for the following reasons:
– For membership record keeping (choir members or Friends), for the dissemination of choir related topics as appropriate (e.g. rehearsal notes/publicity/topics of interest/membership material)
– For (e)mailshots, to keep you informed about future concerts or other events, or about becoming a Friend or a member of our choir.
– Your bank details (when provided) are only used to directly pay your expenses and/or fees as appropriate.
We will never share your personal information with third parties unless we have your permission or if we are required by law to do so.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard the information we collect and use. Examples of these are such as password protection, standard banking security for bank details, etc.
Retention of data
Our policy is to review all data held on individuals at least every two years and remove data where we no longer have a legitimate reason to keep it.
Controlling your personal information
You can contact us at any time at email@example.com to update or correct the data we hold on you, or to request that we stop using such data, or by unsubscribing from any email you receive from us. We undertake to do so promptly.
Website visitors: running and improving our website
We use Google Analytics and cookie technology when a person visits our website to collect and analyse anonymised data on how many people have visited, what pages they have looked at and other statistical information. This enables us to better understand how visitors use this website. A cookie does not give us access to your computer or any information about you personally.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
For further information on our use of Google Analytics, please go to https://support.google.com/analytics/answer/6004245.
Your rights under the GDPR
You have the following rights over your data and its use:
– The right to be informed about what data we are collecting on you and how we will use it
– The right of access – you can ask to see the data we hold on you
– The right to rectification – you can ask that we update or correct your data
– The right to object – you can ask that we stop using your data for a particular purpose
– The right to erasure – you can ask us to delete the data we hold on you
– The right to restrict processing – you can ask that we temporarily stop using your data while the reason for its use or its accuracy are investigated.
All requests related to your rights should be made to the choir’s Data Controller. We will respond within one month. You can find out more about your rights on the Information Commission’s Office website.
We may change this Privacy Notice from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
Effective from 11 February 2019.