Privacy Policy ← Siobhan Davies Dance
O

Privacy Policy

Siobhan Davies Dance is committed to protecting your privacy and your personal information, and being transparent about what information we hold about you and what we do with it.

1. Introduction

This privacy policy replaces the Personal Data section of the Terms & Conditions (found on our website) relating to our collection and use of personal data; it has been updated in accordance with the General Data Protection Regulation EU 2016/679 (GDPR), and the Privacy and Electronic Communications Regulations 2003 (PECR), both as amended.

This policy was last updated 18 May 2018.

We collect personal data from your when you interact with us. This is collected, stored and used in different ways depending on the data and our interaction. Some of the date we request from you is optional and you can decide not to give it to us - we will let you know this when we request it. We ensure that all of our activities that involve your personal data are carried out lawfully, fairly and in a transparent manner.

This policy explains:

What information we collect and how we collect it

  • Why we collect data and what we do with it
  • Your options in regards to the information that you give us
  • Where we keep your data and whether we disclose your details to anyone else
  • Your rights regarding the data we hold about you

How to contact us

If you have any further questions about this policy or any of our data processing activities, or if you would like to amend, update or have your data removed from our systems, please contact us.

Via telephone 0207 091 9650 (Reception)

Via post: Administrator (RE: data protection)
Siobhan Davies Dance
Siobhan Davies Studios
85 St Georges Road
London, SE1 6ER

Via email: enquiries@siobhandavies.com

Please note “Data Protection” in the subject line to direct your email.

This policy is under regular review so may change at any time. We will notify you about significant changes by sending a notice to the primary email address you have provided to us, and/or by placing a prominent notice on our website(s). By continuing to use our services you will be deemed to have seen and understood such changes.

Who we are

Siobhan Davies Dance is an artist-led organisation that advances the art forms of dance and choreography. We connect artists and audiences through investigative, collaborative and interdisciplinary artistic activities at our studios and beyond. Positioned at the leading edge of contemporary dance and choreography, Siobhan Davies Dance offers an interdisciplinary and investigative approach to the art-form developed in collaboration with independent dance artists, artists from other art-forms and specialists in other disciplines. This rich tapestry of talent creates intelligent and provoking art for audiences who are increasingly seeking active rather than passive experience in their cultural lives.

Founded in 1988, the organisation has been based at Siobhan Davies Studios since 2006. The RIBA award-winning Studios is now a vibrant arts space in central London, filled with dance, film and visual art through a regular programme of exhibitions, performances, classes and new commissions from contemporary artists.

Siobhan Davies Dance is a charity (1010786) and company limited by guarantee (2701923).

2. What information do we collect and how do we collect it?

We collect personal data from your when you interact with us. This is collected, stored and used in different ways depending on the data and our interaction. Some of the date we request from you is optional and you can decide not to give it to us - we will let you know this when we request it.

Different ways we collect your personal data:

Information you give us

When you purchase a ticket from us, book a space to hire or join mailing list, we will collect from you: your name, email address and/or postal address and store this within your customer record on the appropriate system. When you make a purchase we do request card details, however these are not retained on our systems – they are sent directly to our payment processor (although we do retain the last 4 digits of your card number so we can track transactions).

Information we get from your use of our website

We collect information about the services you use and how you use them, for example when you visit our websites. If you subscribe to our mailing list we do keep a record of any emails that we send to you. In order to assess the effectiveness of our emails we do monitor/track if you’ve opened the email, or if you click any links in the email.

Information we get from your interaction with us using social media

If you interact with us on social media (for example to make a comment or ask a question), we may record the details of this interaction. Depending on your settings or the privacy policies of social media and messaging services like Facebook, Instagram, LinkedIn or Twitter, you may be giving third parties (like ourselves) permission to access information from those accounts or services. You may also see adverts from us on social media that are tailored to your interests.

Information we get from third parties

We may also get information about you from third parties (which may include your name and contact details) for example if you attend our events elsewhere and consent to the hosting venue passing your details on to us. If you book a ticket via a third-party booking service (such as EventBrite) they will pass on some of your details to us so we can identify you should you have a query (we will not however use these details for any marketing or fundraising communications unless you ask us to). We may also receive information from fundraising sites such as DONATE or Big Give Campaigns if you use them to make a donation to us. You should check these third-party’s Privacy Policy when you provide your information to them to fully understand how they will process your data.

Information we get from “public sources”

We will sometimes use data from other sources and combine this with what we already know about you. Examples are things that have been made publically available about you, such as information from Companies House, your biography on your employer’s website, information published in mainstream media, or publicly published donor lists from other charities/arts organisations.

Sensitive personal data

Data Protection law recognises that certain categories of personal information are more sensitive. This is known as sensitive personal data and covers health information, race, religious beliefs and political opinions. We do not usually collect ‘sensitive personal data’ unless there is a clear reason for doing so, such as participation in an event or where we need this information to ensure that we provide appropriate facilities or support (for example recording any health conditions if you participate in a workshop). If we do collect this information, it will be held in a confidential folder on our server that has limited and secure access by only those who may need it.

Website use, “cookies” and tracking

We have a terms and conditions of use for our website which also details cookies and any tracking such as Google Analytics. This can be found at the bottom of our website: Terms and conditions Payment card information

If you use your payment card (credit or debit) to purchase something from us (online, in person, or over the phone), we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. You can find our more information about PCI DSS here - https://www.pcisecuritystandards.org/security_standards.

We do not store actual payment card details at all on systems – at most we retain the last 4 digits of the card number to enable us to track transactions and respond to queries. When you provide us with your card details these details are sent directly to our payment processor, who then gives us a transaction reference number and the partial card number.

If we receive an email containing payment card details, this email will be immediately deleted from our systems, and payment will not be taken.

3. Why do we collect this information? What do we use this information for?

We collect information to support delivery of our programme, services and charitable aims to you as a customer, artist, audience or participant. As a charity and publically funded organisation, we also use information to report to stakeholder and to show our knowledge of who we are serving with our work. In order to deliver our programme, services and charitable aims, we do need to contact people however we aim to be clear about what we do with your data and not do anything that you wouldn’t reasonably expect.

Optional/Consent

The primary way in which we collect data is by asking you to join our mailing list, and gaining your consent for us to communicate with you. This is entirely optional, and you can unsubscribe at any time.

With your consent, we will tell you about our organisation, our programme and events or participation opportunities that we think will be of interest to you. We may include information about partner organisations or events by other organisations that we think may be of interest to you – but we won’t pass your details on to them.

With your consent we may also contact you about being involved or supporting our organisation. This will include volunteering or working with us, joining membership groups or attending event and donating to support us as a charity. In doing this we may use what we already know about you (such as your previous purchase history with us, where you live) and information from publically accessible sources (such as donor lists from the websites of other charities). This assists us in understanding the background of the people who support us and helps us to make appropriate requests to supporters who may have the means and the want to give more.

Contractual

Some of the data you give us is necessary for us to provide a service to you – this includes your name and email address when book tickets or workshops, so that we can communicate with you if there are any changes to the programme. If making a purchase online we will also need to get your payment card details – as outlined above your actual card number is never stored on our systems.

Legitimate interests

Some of the usage of your data we will do because we believe that we have a legitimate interest that we believe doesn’t infringe your rights and freedoms. Where we have made this decision we have outlined our interests and balanced them against your interests and rights, and reached a conclusion that our activity doesn’t infringe on you too much. You do have the right to object to this as outlined in the section on your rights.

As an example we believe that we have a legitimate interest in tracking the effectiveness of our marketing emails so will monitor if you open emails we have sent you.

4. Putting you in control

We will never send you any marketing or fundraising communications via email unless we have your prior consent to contact you. We have recently updated our mailing list to ensure we are clear on who we have consent to email to, and have updated the signup process to our mailing list to offer you better control over the communications you receive from us. We may retain your details on a suppression list to help ensure that we do not continue to contact you.

We do not do any marketing or fundraising via SMS/text message, so we don’t currently ask for consent for this.

Any consent that you give us we will only use for 2 years – just before it expires we’ll contact you to ask if you wish to continue hearing from us.

Any consent you do give to us you can revoke at any time. You can let us know your preferences in a variety of ways – just contact us.

If you consent to receive emails from us, each marketing or fundraising email will give an unsubscribe link if you change your mind. Do note that we may still contact you about specific bookings for events you make with us, as this is a contractual arrangement and not marketing communication. Our programme includes work by other artists and organisations (third parties), therefore we will at times ask for your consent to pass on your contact details or share data with them. If you consent to this we will pass on the relevant details to the company concerned once their performances with us have finished – and we will not pass the details on to any other companies. As part of this data transfer we ask the recipient company to ensure that they send you an initial introduction communication, this communication will enable you to decide whether or not to join their mailing list(s). After the company contacts you if you then wish to not be contacted by them in the future you will need to opt-out directly with them.

5. Where do we keep your data?

Your personal data will be held and processed on our systems or systems managed by suppliers on our behalf.

GINGER

We maintain a customer database (GINGER) that has been created for us as a bespoke system to hold contact details and a record of your interactions with us such as ticket purchases, donations, memberships, queries, complaints and attendance at special events. Where possible we aim to keep a single record for each customer. The data is held on our internal servers.

ARTIFAX

A space booking system that holds customer data for the purpose of managing bookings/hires. The data is held on our internal servers.

Siobhan Davies Dance WEBSITE

When you sign up to our mailing list via our website, your details are entered into a database in the backend of the site (CRM). They are then accessed and entered into GINGER for processing based on your consent.

CampaignMonitor

This e-communications service stores your data based on your consent.

As we do not operate a ticketing system, your details may be recorded in booking sheets or spreadsheets temporarily for event management. Following the event, your GINGER record will be updated and the spread-sheets will be cleared of any personal data that could be used.

If you purchase a ticket for one of our events through a third-party online ticketing system (we currently use EventBrite), they will hold your data in accordance with their privacy policy and transfer your data to us.

Your data is always held securely. Access to customer information is strictly controlled. The CRM system can only be accessed by people who need it to do their job. Certain data, for example some sensitive information, is additionally controlled and is only made visible to members of staff who have a reason to work with it.

We may need to disclose your details if required to the police, regulatory bodies or legal advisors.

How long we’ll keep this data

We will keep your data only for as long as needed for the purposes that we are using it for. Exactly how long will depend on what we are using the data for, and on your level of engagement with our services. Some personal data is required to operate in accordance with legal requirements and tax and accounting rules.

Any consent that you give us we will only use for 2 years – just before it expires we’ll contact you to ask if you wish to continue hearing from us. Where your information is no longer required, we will ensure it is disposed of in a secure manner.

6. Who will we share your data with?

We will only ever share your data in other circumstances if we have your explicit and informed consent. We will only share personal details for the purposes of marketing/communications if you have given explicit consent for us to do this. But if we run an event in partnership with another named organisation, some of your details may need to be shared in order that they can help us run the event. We will also ask if you are happy for us to transfer your contact details to artists or other organisations whose work you are seeing, to allow them to communicate with you directly. We may share your anonymised purchase history with artists or other organisations whose work you are seeing, for their own research or reporting purposes. They may ask us to send you an email on their behalf to invite you to participate in a survey or join their mailing list.

We do not sell or trade your personal data to third parties for any purpose.

Companies we use that may have access to your data

We engage third-parties to assist us with data processing – these companies will only use your data for things that we have instructed them to do on our behalf. Some of this processing is required by our main funders, Arts Council England as part of our funding agreement (processing of data from surveys which are undertaken voluntarily).

  • CampaignMonitor – for sending communication emails
  • iZettle & PayPal – payment processing
  • The Audience Agency – for audience profiling and segmentation from surveys
  • HMRC – in the processing of gift aid on donations
  • EventBrite – third-party ticketing agency
  • Googleforms – for bookings and surveys, temporary holding of data

This list is not exhaustive but indicates the sites we interact with most often.

Countries where data might be shared

For financial and technical reasons we may use the services of a supplier outside the European Economic Area (EEA), which means that your personal information is transferred, processed and stored outside the EEA. This includes countries that the European Union authorities do not consider provides and adequate level of protection for personal data. However we take steps to put in place suitable safeguards to protect your personal information when processed by the supplier such as entering into the European Commission approved standard contractual clauses. If you would like to receive further information about our safeguards, please contact us.

7. Your rights

Under the General Data Protection Regulations you have several rights:

Right of Access

You have the right to obtain a copy of the data that we hold about you, as well the right to obtain from us confirmation if we have personal data about you. If we do have data about you, you have the right to know:

  • The purposes we have used your data for
  • The categories of data concerned
  • Details of any recipients to whom your data has been (or will be) disclosed
  • Details about how long we will store your data (or what criteria we use to determine
  • this)

Right of Rectification

You have the right to correct any inaccurate information we have about you. If you notify us that the data we hold about you is incorrect we will stop using it until we have verified its accuracy (also known as the “right of restriction”)

Right of Erasure (“right to be forgotten”)

You have the right to request that we erase the information that we hold about you, unless we need to retain it for legal reasons (such as details of a Gift Aid declaration) or technical reasons (if you have asked us not to contact you or process your data we will need to store your information on a suppression list to ensure that we comply with your wishes)

Right to Withdraw Consent

If we have asked for your consent to do something with your data you have the right to withdraw this consent at any time, and we will stop using your data for that purpose

Right To Object

Some of the things we do with your data we do not ask for your consent – we do this where we believe that we have a legitimate interest in doing this and we believe that this doesn’t outweigh your rights and freedoms. However you do have the right to object to our use of your data for this purpose

Right to lodge a complaint

If you are unhappy with how we deal with your personal information you do have the right to lodge a complaint with the Information Commissioners Office. In the first instance however we suggest that you contact us directly and we will endeavour to resolve the issue swiftly. If you wish to revoke consent or update your records you can do this in a variety of ways – unsubscribing to an e-flyer or contacting us directly.

We may ask for details to verify your identity, but will comply with requests as best we are able. If we feel that the request is manifestly unfounded or or excessive we reserve the right to refuse to act on the request (as per Article 12 paragraph 5 of GDPR legislation) – if we do refuse your request, we will write to you to let you know.

Automated decision making

Your rights in respect of automated decisions only arise if two requirements are met. First, the decision has to be taken using personal data processed solely by automatic means. The second requirement is that the decision has to have a significant effect on the individual concerned. We do not currently operate any systems that employ automated decision making.

Download full Detail of data collection, storage, use matrix.