Using personal information allows us to develop a better understanding of our customers, audiences and patrons and in turn to provide you with relevant and timely information about the work that we do. As a charity, it also helps us to engage with potential donors and supporters.
The purpose of this policy is to give you a clear explanation about how we (and all of our subsidiaries) collect and use the information we collect from you directly and from third parties.
We use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:
If you have any queries about this policy, please contact the Privacy Officer using the contact details at the end of this document.
Northern School of Contemporary Dance (NSCD) is an exempt charity and is funded through the Office for Students (OfS) and Arts Council England as well as various trusts, foundations and individual donors and supporters.
We collect various types of information and in a number of ways:
For example when you register on our website, buy tickets or make a donation, we’ll store personal information you give us such as your name, email address, postal address, telephone number and card details. We will also store a record of your purchases and donations.
For example, when you visit our website or social media channels, we collect information about how you interact with our content and ads. When we send you a mailing we store a record of this, and in the case of emails we keep a record of which ones you have opened and which links you have clicked on.
We occasionally receive information about you from third parties. For example, we may use third party research companies to provide general information about you, compiled using publicly available data.
Data Protection law recognises that certain categories of personal information are more sensitive such as health information, race, religious beliefs and political opinions.
We do not usually collect this type of information about our customers, audiences and patrons unless there is a clear reason for doing so. As an example, we collect health information about students on our programme of classes and courses.
There are three bases under which we may process your data:
When you make a purchase from us or make a donation to us, you are entering into a contract with us. In order to perform this contract we need to process and store your data. For example we may need to contact you by email or telephone in the case of a cancellation or a change of details for a show.
In certain situations we collect and process your personal data for purposes that are in our legitimate organisational interests. However we only do this if there is no overriding disadvantage to you by using your personal information in this way. We describe below all situations where we may use this basis for processing.
For any situations where the two bases above are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation.
We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as what events you have booked for in the past, as well as any preferences you may have told us about.
We use our legitimate organisational interest as the legal basis for communications by post and email. In the case of postal mailings, you may object to receiving these at any time using the contact details at the end of this policy. In the case of email, we will give you an opportunity to opt in to receiving them during your first purchase with us. If you opt in, we will provide you with an option to unsubscribe in every email that we subsequently send you, or you can alternatively use the contact details at the end of this policy.
We may also contact you about our work by telephone however we will always get explicit consent from you before doing this. Please bear in mind that this does not apply to telephone calls that we may need to make to you related to your purchases (as above).
In addition to marketing communications, we also process personal information in the following ways that are within our legitimate organisational interests:
We may analyse data we hold about you to ensure that the content and timing of communications that we send you are as relevant to you as possible.
We may analyse data we hold about you in order to identify and prevent fraud.
In order to improve our website we may analyse information about how you use it and the content that you interact with.
We may occasionally undertake data analysis and customer research to help us understand how we can improve our services or information.
We may use profiling techniques or third party wealth screening and insight companies to provide us with information about you that will help us to communicate in a relevant way with you, in particular when we are approaching you about potential philanthropic support. Such information is compiled using publicly available data about you.
In all of the above cases we will always keep your rights and interests at the forefront to ensure they are not overridden by your own interests or fundamental rights and freedoms. You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the end of this policy. Please bear in mind that if you object this may affect our ability to carry out tasks above that are for your benefit.
There are certain circumstances under which we may disclose your personal information to third parties, including external agencies/consultants. These are as follows:
To the subsidiaries described above when it is necessary for them to be able to provide you with products or services that you’ve requested.
To deliver data analysis and research projects.
To our own service providers who process data on our behalf and on our instructions (for example our ticketing system software provider). In these cases we require that these third parties comply strictly with our instructions and with data protection laws, for example around security of personal data.
Where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies).
To specific named visiting companies whose performances you have attended. In these cases we will always ask for your explicit consent before doing so.
Cookies are small text files that are automatically placed onto your device by some websites that you visit. They are widely used to allow a website to function (for example to keep track of your basket) as well to provide website operators with information on how the site is being used.
We use cookies to keep track of your basket as well as to identify how the website is being used and what improvements we can make.
We will publish details of the cookies used, a cookie management banner and information on how you can delete cookies from your devices in due course.
If you use your credit or debit card to purchase from us or to make a donation, we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). You can find more information about this standard here.
We optionally allow you to store your card details for use in a future transaction. This is carried out in compliance with PCI-DSS and in a way where none of our staff members are able to see your full card number. We never store your 3 or 4 digit security code.
We store your personal information indefinitely such that for any subsequent purchases you make we are able to link them back to a single unique record that we hold for you on our system.
If there are aspects of your record that are inaccurate or that you would like to remove, you can usually do this by logging in to your account through our website. Alternatively please use the contact details at the end of this policy.
Any objections you make to any processing of your data will be stored against your record on our system so that we can comply with your requests.
We have appropriate safeguards (both in terms of our procedures and the technology we use) to keep your personal information as secure as possible. We will ensure that any third parties we use for processing your personal information do the same.
We will not transfer, process or store your data anywhere that does not comply with the data protection adequacy arrangements (laws equivalent to the UK GDPR implementation).
Right to be informed
Individuals have the right to be informed about the collection and use of their personal data.
Right of access
Individuals have the right to access and receive a copy of their personal data, and other supplementary information.
Right to rectification
The UK GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete.
Right to erasure
The UK GDPR introduces a right for individuals to have personal data erased.
Right to restrict processing
Individuals have the right to request the restriction or suppression of their personal data.
Right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.
Right to object
The UK GDPR gives individuals the right to object to the processing of their personal data in certain circumstances.
Rights related to automated decision making including profiling
The UK GDPR has provisions on automated individual decision-making (making a decision solely by automated means without any human involvement); and
profiling (automated processing of personal data to evaluate certain things about an individual). Profiling can be part of an automated decision-making process.
We reserve the right to amend and update this privacy notice as current advice on the GDPR changes.
Please get in touch with us if you have any questions about any aspect of this privacy policy, and in particular if you would like to object to any processing of your personal information that we carry out for our legitimate organisational interests.
How to contact our Privacy Officer
Our Privacy Officer advises the School on how to comply with the data protection legislation and manages and coordinates requests made under GDPR.
Email: Dataprotection@nscd.ac.uk
Privacy Officer
Northern School of Contemporary Dance
98 Chapeltown Road
Leeds
LS7 4BH
Complain to Regulator
If you believe we are not applying the law appropriately, you can complain to the Information Commissioners Office at https://ico.org.uk/make-a-complaint/
This notice was last updated 30 October 2024.
