Privacy Notice

What is this notice for?


Whenever we need to collect any of your data, we will let you know at that point why we need to do so and what it will be used for, but this notice provides a useful overview of most of those situations and provides more detail on how we keep your data secure and up to date, how long we might hold it for, and what your rights are in relation to it.


Thames Philharmonic Choir (“TPC”) is committed to protecting your personal data and will use any personal or sensitive data we collect from you in line with the General Data Protection Regulations (GDPR).


Who’s responsible for the data that TPC collects?


The Data Controller, who is the Secretary of TPC.


What data do we collect and what do we use it for?


TPC collects data from individuals to help us plan, organise and run the day-to-day operations of the group (e.g. co-ordinating rehearsals or collecting subscription payments) and to promote and market the group’s activities (e.g. marketing mailing lists and photography/video capture).


Members: for administering membership


When you join TPC as a member, or during your membership with us, we may need to collect some of the following information on you:

 

  1. Name

  2. Email address

  3. Phone number

  4. Address

  5. Emergency contact details

  6. Medical information

  7. Gift Aid Declarations

  8. Age/gender

  9. DBS checks

  10. Bank details

  11. Photos/video footage


This data will be used to manage your membership with TPC and to organise and run our activities.

If you give us your consent to do so, we may also use your contact details to send you marketing/promotional communications from TPC. Any marketing/promotional communication we send you will include a clear option to withdraw your consent (e.g. to ‘opt out’ of future
emails) and you can also withdraw consent at any point by contacting the Data Controller, who is the Secretary of TPC.

Event attendees: for processing and managing tickets for events


Where our events are ticketed, we need to collect data on the person booking (name and email) in order to allow you access to the event and to send you a confirmation of your reservation/purchase. This data will only be used for administering your access to the event/s for which you have booked and will not be used to send you marketing/promotional messages from TPC unless you have also provided your consent to receive these (see below).
 

Employees and contractors: for administration and legal/regulatory purposes


We may need (for administration or for legal/regulatory reasons) to collect personal or sensitive data on employees or contractors of TPC. Where this is the case, we will explain what this is for at the point of collection.


Mailing list subscribers: for marketing and promotion


We offer everybody the opportunity to sign up (consent) to receive marketing and promotional information on TPC’s activities (e.g. emails about forthcoming events).


When you sign-up to our marketing mailing list we will ask for some or all of the following: your name, email, phone number and postal address. We will use this data to send you information about our events and activities (e.g. forthcoming performances, social events and fundraising events). We may also ask for your preferred topics and communication methods. These allow us to tailor the information we provide to suit your preferences (e.g. email vs post).


We will only send you information that is related to TPC (e.g. we will not use your data to send you marketing messages from third parties).


Anything we send you will include a clear option to withdraw your consent (e.g. to ‘opt out’ of future emails) and you can also do so at any time by contacting the Data Controller.


Do we share your data with anyone else?


If (and only if) you give consent, we may pass your details to related third parties so they can contact you about their activities.
 

We sometimes use third party services to process your data (e.g. Mail Chimp). We will always make sure any third parties we use are reputable, secure, and process your data in accordance with your rights under GDPR.


How can you update your data?


You can contact the Data Controller at any time to update or correct the data we hold on you.
 

How long we will hold your data?


TPC’s Data Retention Policy is to review all data held on individuals at least every two years and remove data where we no longer have a legitimate reason to keep it.

Where you have withdrawn your consent for us to use your data for a particular purpose (e.g. unsubscribed from a mailing list) we may retain some of your data for up to two years in order to preserve a record of your consent having been withdrawn.


What rights do you have?


Under the GDPR, you have the following rights over your data and its use:

  1. The right to be informed about what data we are collecting on you and how we will
    use it

  2. The right of access - you can ask to see the data we hold on you

  3. The right to rectification - you can ask that we update or correct your data

  4. The right to object - you can ask that we stop using your data for a particular purpose

  5. The right to erasure - you can ask us to delete the data we hold on you

  6. The right to restrict processing - you can ask that we temporarily stop using your
    data while the reason for its use or its accuracy are investigated

  7. Though unlikely to apply to the data we hold and process on you, you also have rights
    related to portability and automated decision making (including profiling)

All requests related to your rights should be made to the Data Controller, who will respond within one month.


You can find out more about your rights on the Information Commission’s Office website.


What will we do if anything changes?


If we make changes to our policies or processes we will post the changes here. Where the changes are significant, we may also choose to email individuals affected with the new details.  Where required by law, will we ask for your consent to continue processing your data after  these changes are made.

Cookies on the website

A cookie is a small text file that is downloaded onto ‘terminal equipment’, such as a computer or smartphone, when the user accesses a website. It allows the website to recognise that user’s device and store some information about the user’s preferences or past actions.

TPC’s web hosting company, WIX, uses various cookies for different purposes, such as, for example, tracking an individual’s sessions on TPC’s site, identifying logged in members or for security purposes. These cookies also have differing life spans: some are stored on the user’s hard drive until they expire (based on an expiration date set by WIX) or until the user deletes them; others are deleted automatically when the user’s browser is closed.

For more information about how WIX uses cookies, please refer to their Privacy Policy on www.wix.com and the section entitled, “Use of cookies and other tracking technologies”.

In addition, when an individual who is within TPC’s website, clicks on a link to social media or shares a blog post with social media, the target platform may store one or more cookies on the user’s computer. For further information, please refer to the target platform’s website and its Privacy and/or Cookie Policy.

For information on deleting or controlling cookies, please visit www.aboutcookies.org.