Information we may collect from you
We may collect and process the following data about you: information that you provide by filling in forms on our site www.theatrestrust.org.uk. This includes:
- Information or material that you post or contribute to our site, including questions, queries or feedback you leave.
- Information provided at the time of subscribing to our Friends, Corporate Supporter and Membership services, posting material or requesting further services – eg. an email address (you’ll always be told when this information is being collected, and it will only be used for the purpose you provide it for).
- If you contact us, we may keep a record of that correspondence, including your email address if you send an email to theatrestrust.org.uk.
- Details of transactions you carry out through our site and of the fulfilment of your orders.
- Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
IP addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
- To estimate our audience size and usage pattern.
- To store information about your preferences, and so allow us to customise our site according to your individual interests.
- To speed up your searches.
- To recognise you when you return to our site.
Please note that we use Google Analytics on our site to find out about the volume of traffic to our site and our users' browsing actions and patterns. Find out how Google uses data here.
Where we store your personal data
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Uses made of the information
We use information held about you in the following ways:
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services concerning the voluntary sector and our services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To maintain our organisational records.
- To notify you about changes to our service.
- To supply to third parties as outlined below.
We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by post or telephone.
We will communicate with you by telephone, letter, email or other reasonable means with updates and information about goods and services similar to those which were the subject of a sale to you or enquiry from you.
Disclosure of your information
You have the right to ask us not to process your personal data for marketing purposes. If you do not want to receive information from third parties contact us by email at email@example.com with the word "unsubscribe" in the subject field. If you also do not wish to be contacted by us, please specify this in the email (otherwise you will continue to be contacted by us).
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Theatres Trust, or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to payment of a fee which covers our costs in providing you with details of the information we hold about you.
Data Protection Breach Management Policy
It is the policy of Theatres Trust that Information Security incidents will be handled properly, effectively and in a manner that minimises the adverse impact to the Trust and the risk of data loss to members of staff and the public.
Theatres Trust will ensure that: incidents are reported in a timely manner and can be properly investigated; incidents are handled by appropriately authorised and skilled personnel; appropriate levels of Theatres Trust management are involved in the determination of response actions; incidents are recorded and documented; the impact of the incidents are understood and action is taken to prevent further damage; evidence is gathered, recorded and maintained in a form that will withstand internal and external scrutiny; external bodies or data subjects are informed as required; the incidents are dealt with in a timely manner and normal operations restored; the incidents are reviewed to identify improvements in policies and procedures.
Theatres Trust will provide information on its website, and through other communications channels, which explains how information security incidents should be reported and will encourage the reporting of all incidents whether they are actual, suspected, threatened or potential.
The General Manager will monitor and review information security incidents to identify recurring incidents and areas of risk. The review process will be used to identify requirements for new or changed policies, to update the Trust risk register and to identify any other relevant controls.
If an information security incident occurs which requires a response across the Trust the Director will be informed to ensure that appropriate action is taken.
Theatres Trust will conduct periodic testing of the information security handling procedures to maintain and improve staff awareness of the procedures and the actions required.
This policy applies to all of Theatres Trust’s information and to all methods of accessing that information.
The Records Officer and General Manager will monitor the effectiveness of this policy and carry out regular reviews – suggested changes will be passed on to trustees as part of the annual policy review.
Theatres Trust staff who have specific responsibility for receiving information security incident reports and for initiating investigations are: the Records Officer; the Communications Co-ordinator; the Finance Officer; the General Manager and the Director.
All information users are responsible for reporting actual, suspected, threatened and potential information security incidents and for assisting with investigations as required, particularly if urgent action must be taken to prevent further damage.
The General Manager is responsible for ensuring that all staff act in compliance with this policy and for assisting with investigations as required.
Staff, contractors, consultants, volunteers, visitors and guests who act in breach of this policy, or who do not act to implement it, may be subject to disciplinary procedures or other appropriate sanctions.
Any breach of information security or violation of this policy must be reported to the General Manager who will take appropriate action and, if necessary, inform the relevant authorities.
If you wish to contact us about a data protection breach please contact the Records Officer Stephanie Rolt.
If you have any concerns, questions or comments about material which appears on our site, please email firstname.lastname@example.org, or contact us by post at Theatres Trust, 22 Charing Cross Road, London WC2H 0QL.
Thank you for visiting our site.