Privacy

Introduction

The Heart of Devon promises to respect any personal data you share with us and keep it safe.  We feel that the right thing to do when we collect your data is to be clear what we are going to do with it and not do anything with it that you wouldn’t reasonably expect.

Where we collect information about you

We collect information in the following way:

  1. When you sign up to our news-letter/mailing list through our website, we collect your email address. This is the minimum set of credentials that will enable us to send you information on our up-coming events.
  2. Paper based mailing list at our events. When you sign up to our news-letter/mailing list via our paper forms, we also only collect your email address. The forms will be collected at the end of the event and will be securely shredded within one week.

Both collections will register you with a Mailchimp subscription which will allow us to send emails to you about our music events. We promise to never send you emails with content other than what you have shown a legitimate interest in.

You can opt out of receiving our newsletter by clicking the unsubscribe option at the bottom of each newsletter email. You can also contact us directly at dataprotection@theheartofdevon.co.uk

If you wish to see more about Mail chimp’s security and policies, please follow this link https://mailchimp.com/legal/privacy/

  1. Our website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.  Further information about Google’s privacy policy may be obtained from http://www.google.com/privacy.html
  2. We use WeGotTickets to provide our events ticketing solution. Whenever you see a link to tickets sales via our website, it will take you directly to the WeGotTicket website. WeGotTicket provide us with your contact details only. This is to enable is to process your entry to the event at the door. You can read WeGotTicket’s privacy policy here: https://www.wegottickets.com/ppl

 

Our promise to keep your interaction with the Heart of Devon safe and secure

We will never store your personal data on our website. However, if you email a member of the Heart of Devon who has an email address ending in @theheartofdevon.co.uk then that email will be processed on our own mail server. We therefor feel it is only right to provide you with details on how we keep our web server as secure and safe as possible.

Our website is hosted on a server provided by a company called Leaseweb. They are located in Amsterdam and as such have to comply with the same strict General Data Protection Regulations as we do. If you wish to read more about Leaseweb’s dedication to security the level of GDPR compliance, please follow this link https://www.leaseweb.com/legal

 

What is the General Data Protection Regulation?

The General Data Protection Regulation aims to ensure personal privacy, through giving individuals rights with regards to information about themselves and putting responsibilities on organisations who process this information. When processing personal data organisations must comply with the following principles:

  • Personal data shall be processed fairly and lawfully.
  • Personal data shall be obtained only for one or more specified purposes and shall not be further processed in any manner incompatible with that purpose or those purposes.
  • Personal data shall be adequate, relevant and not excessive.
  • Personal data shall be accurate and where necessary, kept up to date.
  • Personal data processed for any purpose or purposes shall not be kept for longer than is necessary.
  • Personal data shall be processed in accordance with the rights of data subjects under the Act.
  • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

Personal data shall not be transferred to a country outside the European Economic Area unless that country ensures an adequate level of protection.

 

If you require more information about the GDPR, or are unhappy with the way the Heart of Devon has dealt with your request please contact:

The Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF