Purpose of Policy
We are committed to protecting your personal information and being transparent about what information we hold about you. Using personal information allows us to develop a better understanding of our patrons and in turn to provide you with relevant and timely information about the work that we do.
The purpose of this policy is to give you a clear explanation of how we collect and use the information we collect from you directly and from third parties.
We use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:
- What information we may collect about you
- How we may use that information
- In what situations we may disclose your details to third parties
- Information about how we keep your personal information secure, how we maintain it for and your rights to be able to access it
Who we are
www.theroseartslondon.com is a registered company in England and Wales, company number 10113644. http://theroseartslondon.com.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
With Explicit consent, media, may be captured by members of The Rose Arts London team to publicise the school activities on social media website and/or other outlets.
The Rose Arts London use the following plugins in order to obtain contact details for communicational purposes. All our contact forms will require you as the user to submit your own details. we will only hold these details for 1 year unless stated otherwise we will ensure to delete. https://contactform7.com/privacy-policy/. https://wpforms.com/privacy-policy/. https://www.membermeister.com/privacy https://www.ids.co.uk/privacy-policy/. https://gocardless.com/legal/privacy/. https://www.spotlight.com/the-small-print/privacy-policy/.
What are Cookies
Cookies are small text files that are automatically placed onto your device by some websites that you visit. They are widely used to allow a website to function as well to provide website operators with information on how the site is being used.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
(a) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
(d) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
(e) https://support.apple.com/kb/PH21411 (Safari); and
If you do choose to block cookies, you may not be able to use all the features on our website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
The Rose Arts London team with administrative roles have access to your personal information.
Only viable members will access your personal information and/or share it with third parties only for the following purposes: (i) as needed for the business; (ii) if required to do so by law or to comply with legal process; or (iii) to protect the rights, property, or personal safety of the public for example, our Teachers/Chaperones need access to emergency contact information whilst your child is our responsibility.
There are certain circumstances under which we may disclose your personal information to third parties. These are as follows:
- To our own service providers who process data on our behalf and on our instructions (for example our uniform items). In these cases, we require that these third parties comply strictly with our instructions and with data protection laws, for example around security of personal data.
- Where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies).
- If you use your credit or debit card to purchase from us or to make a donation, we will ensure that this is carried out securely through our third party partners GoCardless and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). You can find more information about this standard here.GoCardless will optionally allow you to store your bank and or card details for use in a future transaction. This is carried out in compliance with PCI-DSS and in a way where none of our staff members are able to see your full card number. We never store your 3 or 4 digit security code. Please see GoCardless https://gocardless.com/guides/posts/secure-payments/
What rights you have over your data
You can request to see any personal information about yourself by contacting info@theroseartlondon and stating personal information. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Updating your details
The Rose arts London requests that any changes in contact information are communicated with us immediately. Please contact us via email if you would like to update your details personally. All emails containing personal data will be deleted after use.
Your contact information
We store your personal information indefinitely such that for any subsequent purchases you make we are able to link them back to a single unique record that we hold for you on our system.
If there are aspects of your record that are inaccurate or that you would like to remove, you can usually do this by logging in to your account through our website. Alternatively please use the contact details at the end of this policy.
Any objections you make to any processing of your data will be stored against your record on our system so that we can comply with your requests.
We may send out reminders of upcoming events such as watching weeks, exam classes, show rehearsals and camps.
The Rose Arts London uses your information to create invoices to send to you via email, post or instant message and for the following reasons;
- Birthday cards.
- Spotlight applicants and third parties
- Exam applicants on application to the ABD exam board.
- To share relevant information collected from the show form with Lambeth council on the application for the BOPA license required for the event.
- With consent, we will include full names printed in show programmes.
- During exam processes, The Rose Arts London shares using digital and printed format official ABD exam timetable’s including as full names, ages and of candidates.
- We also keep a record of attendance of all of our active students.
Security of your personal information
We will put in place appropriate safeguards (both in terms of our procedures and the technology we use) to keep your personal information as secure as possible. We will ensure that any third parties we use for processing your personal information do the same.
We will not transfer, process or store your data anywhere that is outside of the European Economic Area.
Your rights to your personal information
You have a right to request a copy of the personal information that we hold about you and to have any inaccuracies in this data corrected. Please use the contact details at the end of this policy if you would like to exercise this right.
How long we retain your data
The right to remove your data
You have the right to remove your data at any time. If you request to be removed, we will remove all personal information and data given to us from all platforms.
Please know that you must provide contact details by at least one adult, for your child to be registered with us. As a matter of safeguarding, precaution and business, we cannot deliver our classes to a customer without emergency contact details and appropriate contact details for invoicing.
We are within our right to hold your data until all invoices outstanding have been paid. We are within our right to hold data of a safeguarding and first aid nature until deemed suitably out of date.
How we protect your data
In partnership with our third-party companies, we have technical measures such as encryption; security measures such as two-factor authentication; and measures such as staff training in data protection.
What data breach procedures we have in place
The data controller must notify the supervisory authority without undue delay (and certainly within 72 hours of becoming aware of a breach), “unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons”.
Notifying the data subjects
The GDPR compels a data controller to inform a data subject when a breach is likely to affect the protection of the personal data or privacy of that data subject. That notification must occur without undue delay. However, if required to proceed further contact made to the Information Commissioner’s Office (ICO)