The Heart of Devon promises to respect any personal data you share with us and keep it safe. We feel that the right thing to do when we collect your data is to be clear what we are going to do with it and not do anything with it that you wouldn’t reasonably expect.
Where we collect information about you
We collect information in the following way:
- When you sign up to our news-letter/mailing list through our website, we collect your email address. This is the minimum set of credentials that will enable us to send you information on our up-coming events.
- Paper based mailing list at our events. When you sign up to our news-letter/mailing list via our paper forms, we also only collect your email address. The forms will be collected at the end of the event and will be securely shredded within one week.
Both collections will register you with a Mailchimp subscription which will allow us to send emails to you about our music events. We promise to never send you emails with content other than what you have shown a legitimate interest in.
You can opt out of receiving our newsletter by clicking the unsubscribe option at the bottom of each newsletter email. You can also contact us directly at firstname.lastname@example.org
If you wish to see more about Mail chimp’s security and policies, please follow this link https://mailchimp.com/legal/privacy/
Our promise to keep your interaction with the Heart of Devon safe and secure
We will never store your personal data on our website. However, if you email a member of the Heart of Devon who has an email address ending in @theheartofdevon.co.uk then that email will be processed on our own mail server. We therefor feel it is only right to provide you with details on how we keep our web server as secure and safe as possible.
Our website is hosted on a server provided by a company called Leaseweb. They are located in Amsterdam and as such have to comply with the same strict General Data Protection Regulations as we do. If you wish to read more about Leaseweb’s dedication to security the level of GDPR compliance, please follow this link https://www.leaseweb.com/legal
What is the General Data Protection Regulation?
The General Data Protection Regulation aims to ensure personal privacy, through giving individuals rights with regards to information about themselves and putting responsibilities on organisations who process this information. When processing personal data organisations must comply with the following principles:
- Personal data shall be processed fairly and lawfully.
- Personal data shall be obtained only for one or more specified purposes and shall not be further processed in any manner incompatible with that purpose or those purposes.
- Personal data shall be adequate, relevant and not excessive.
- Personal data shall be accurate and where necessary, kept up to date.
- Personal data processed for any purpose or purposes shall not be kept for longer than is necessary.
- Personal data shall be processed in accordance with the rights of data subjects under the Act.
- Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
Personal data shall not be transferred to a country outside the European Economic Area unless that country ensures an adequate level of protection.
If you require more information about the GDPR, or are unhappy with the way the Heart of Devon has dealt with your request please contact:
The Information Commissioner