Mayfield Festival Choir Society (MFCS) Privacy Notice

What is this guide for?

Whenever we need to collect any of your data, we will let you know at that point why we need to do so and what it will be used for, but this guide provides a useful overview of all of those situations and provides more detail on how we keep your data secure and up to date, how long we might hold it for, and what your rights are in relation to it.

MFCS is committed to protecting your personal data and will use any personal or sensitive data we collect from you in line with the General Data Protection Regulations (GDPR). 

Who is responsible for data that MFCS collects?

MFCS is a Data Controller under the GDPR. Our Data Protection Officer is identified on the MFCS website at www.mayfieldfestivalchoir.org and can be contacted at dataprotection@mayfieldfestivalchoir.org

What data do we collect and what do we use it for?

MFCS collects data from individuals to help us plan, organise and run the day-to-day operations of the group (e.g. co-ordinating rehearsals or collecting subscription payments) and to promote the group’s activities (e.g. marketing mailing lists and photography/video capture).

Members: for administering membership

When you join MFCS as a member, or during your membership with us, we may need to collect some of the following information on you:

 

  • Name
  • Email address
  • Phone number
  • Address

 

  • Gift Aid Declarations
  • Bank details
  • Photos/video footage
  • Voice Test notes

This data will be used by Committee members to manage your membership with MFCS and to organise and run our activities. By being a member you consent to having your name and voice part published in concert programmes unless you specifically notify us otherwise. We may also use photographs taken at rehearsals, concerts and other social events to publicise or promote the choir and its activities. If you would prefer your image not to be used, please let us know.

If you give us your consent to do so, we may also use your contact details to send you promotional communications.

Any promotional communication we send you will include a clear option to withdraw your consent (e.g. to ‘unsubscribe’ from future emails) and you can also withdraw consent at any point by contacting the Data Protection Officer

Patrons: for administering patronage

When you become a patron of MFCS, or during the period of your patronage with us, we may need to collect some of the following information on you:

 

  • Name
  • Phone number
  • Address                       

 

  • Email address
  • Gift Aid Declarations
  • Bank details

 

This data will be used by Committee members to manage your patronage with MFCS and to organise and run our activities. By being a patron you consent to having your name and level of patronage published in concert programmes unless you specifically notify us otherwise.

If you give us your consent to do so, we may also use your contact details to send you promotional communications.

Any promotional communication we send you will include a clear option to withdraw your consent (e.g. to ‘unsubscribe’ from future emails) and you can also withdraw consent at any point by contacting the Data Protection Officer

Event attendees: for processing and managing tickets for events

Where our events are ticketed, we need to collect data on the person booking (name and email) in order to allow you access to the event and to send you a confirmation of your purchase. This process is currently managed both in-house and online by TicketSource and your data will reside on their servers which are hosted within the UK.

This data will only be used for administering your access to the event(s) for which you have booked and will not be used to send you marketing/promotional messages from the group unless you have also provided your consent to receive these (see below).

Soloists, Musicians and other Performers: for fulfilment of contract & event management

We will collect certain information that is appropriate to arranging your participation in our event(s) and payment of any fees or expenses that are due.

Unless you specifically instruct us otherwise in writing, where we are provided with your biography and photograph(s) these will be used for publication in the event programme and may also be used, in full or in part, on our website, in promotional material and as part of the ticket purchasing process.

We may also take photographs either during the performance or rehearsals which may include your identifiable image. These may be used on our website or to promote future events unless you specifically instruct us otherwise in writing.

Volunteers, Employees and contractors: for administration and legal/regulatory purposes

We may need (for administration or for legal/regulatory reasons) to collect personal or sensitive data on employees or contractors of the group. Where this is the case, we will explain what this is for at the point of collection.

Mailing list subscribers: for marketing and promotion

We offer everybody the opportunity to sign up (consent) to receive marketing and promotional information on the group’s activities (e.g. emails about forthcoming events).

When you sign-up to our marketing mailing list on our website we will ask for your name and email address and will use this data to send you information about our events and activities (e.g. forthcoming performances, social events and fundraising events). We may also ask, by follow up communication, for your preferred topics and communication methods and for your consent to send information related to other organisations with which we have a close relationship (see below). These allow us to tailor the information we provide to suit your preferences (e.g. email vs post).

Anything we send you will include a clear option to withdraw your consent (e.g. to ‘unsubscribe’ from future emails) and you can also do so at any time by contacting the Data Protection Officer.

Website visitors: for running and improving our website

Our website does not currently collect any information about visitor access to our website other than that which is provided through the contact forms provided.

Do we share your data with anyone else?

We may request your permission to send you information related to other organisations with which we have a close association such as the Mayfield Festival of Music and the Arts. Such communications will come from MFCS. Unless you give us your specific written consent to do so, we will not share your data with any other organisation for any purpose.

As part of our internal procedures we will store your data using one or more third party services. We will always make sure any third parties we use are reputable, secure, and process your data in accordance with your rights under GDPR.

Are there special measures for children’s data?

We do not knowingly collect or store any personal data about children under the age of 16.

How can you update your data?

You can contact us at any time at dataprotection@mayfieldchoir.org to update or correct the data we hold on you.

How long we will hold your data?

The MFCS data retention policy is to review all data held on individuals at least every two years and remove data where we no longer have a legitimate reason to keep it.

Where you have withdrawn your consent for us to use your data for a particular purpose (e.g. unsubscribed from a mailing list) we may retain some of your data for up to two years in order to preserve a record of your consent having been withdrawn.

What rights do you have?

Under the GDPR, you have the following rights over your data and its use:

  • The right to be informed about what data we are collecting on you and how we will use it
  • The right of access - you can ask to see the data we hold on you
  • The right to rectification - you can ask that we update or correct your data
  • The right to object - you can ask that we stop using your data for a particular purpose
  • The right to erasure - you can ask us to delete the data we hold on you
  • The right to restrict processing - you can ask that we temporarily stop using your data while the reason for its use or its accuracy are investigated
  • The right to receive your data in a portable format for transfer to another data controller.

Though unlikely to apply to the data we hold and process on you, you also have rights related to portability and automated decision making(including profiling)

All requests related to your rights should be made to the Data Protection Officer. We will respond within one month.

You can find out more about your rights on the Information Commission’s Office website

What will we do if anything changes?

If we make changes to our privacy statements or processes we will post the changes on our website. Where the changes are significant, we may also choose to email individuals affected with the new details. Where required by law, we will ask for your consent to continue processing your data after these changes are made.

Use of Cookies

What are 'cookies'?

'Cookies' are small text files that are stored by the browser (for example, Internet Explorer) on your computer or electronic device. They allow websites to 'remember' you for a period of time so that they can store things like user preferences and make the website quicker and easier for you to use.

Without cookies, some things on websites would not be able to work: for example, without cookies it might not be possible to know whether or not you are logged in on a website, which would prevent you from being able to see content restricted to logged-in users.

How does the MFCS website use cookies?

A visit to a page on the MFCS website may create the following types of cookie:

  • Registration and preferences cookies
  • Anonymous analytics and website performance cookies

Registration and preferences cookies

We currently do not offer the option for visitors to log in to our website.

Anonymous analytics and website performance cookies

This website also uses Google Analytics Advertising Reporting Features, which allows us to report on the demographics and interests of visitors to our site when they have the Google advertising cookie.  We may use this information to create profiles of customers for marketing purposes. The specific cookies used are:

  • Gstatic (Used by Google for loading web content)

  • Cloudflare (Provides protection for our site against denial of service attacks)

  • Google Analytics (Anonymously tracks and reports on website traffic)

If you want to opt out of Google Analytics, you can do so here: https://tools.google.com/dlpage/gaoptout/

How do I turn cookies off?

It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website.

All modern browsers allow you to change your cookie settings. You can usually find these settings in the 'options' or 'preferences' menu of your browser. To understand these settings, the following links may be helpful, or you can use the 'Help' option in your browser for more details.

Useful links
You can find out more about cookies and their use on the internet from www.allaboutcookies.org

Last Updated 27-5-2018