Privacy policy.
Purpose of Policy
We want to be transparent and make it clear what we do with your personal information, and what information we have. We don’t think there’s anything in here you’ll find surprising, but it’s written out as clearly as we can. If you have any questions at all, you can always drop us a line at theglitch@vaultcreativearts.org
Using personal information allows us to develop a better understanding of our patrons and in turn to provide you with relevant and timely information about the artists we support and the events they produce.
The purpose of this policy is to give you a clear explanation about how we collect and use the information we collect from you directly and from third parties.
We use your information in accordance with all applicable laws concerning the protection of personal information, such as the GDPR regulations of 2018 which you have likely heard a lot about.
This policy explains:
• What information we may collect about you
• How we may use that information
• In what situations we may disclose your details to third parties
• Our use of cookies to improve your use of our website
• Information about how we keep your personal information secure, how long we maintain it for and your rights to be able to access it
If you have any queries about this policy, please contact us at theglitch@vaultcreativearts.org
Who We Are
The Glitch is run by VAULT Creative Arts Ltd, registered as a company in England and Wales under registration number 10814212. VAULT Creative Arts is registered as a charity in England and Wales under charity number 1198114.
Information Collection
We collect various types of information and in two ways:
1) Information you give us. For example when you register on our website, buy tickets or make a donation, we’ll store personal information you give us such as your name, email address, postal address, telephone number and card details via our Box Office system Eventotron. We will also store a record of your purchases and donations. Eventotron are committed to ensuring that your information is secure. All data passed between the user’s web browser and our servers is encrypted to SHA 256-bit levels You can read more about Eventotron’s Privacy Policy here.
2) Information about your interactions with us. For example, when we send you an email we keep a record of which ones you have opened and which links you have clicked on. We collect general information about how many people are visiting what webpage at what time, which events are most popular, and so on.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Sensitive Personal Data
Data Protection law recognises that certain categories of personal information are more sensitive such as health information, race, religious beliefs and political opinions. We do not usually collect this type of information about our patrons unless there is a clear reason for doing so, and if we do it will be entirely optional and clearly labelled.
Legal Basis
There are three bases under which we may process your data:
Contract purposes
When you make a purchase from us or make a donation to us, you are entering into a contract with us. In order to perform this contract we need to process and store your data. For example we may need to contact you by email or telephone in the case of cancellation of a show, or in the case of problems with your payment.
Legitimate business interests
In certain situations we collect and process your information for purposes that are in our legitimate organisational interests – generally this means sending you information we think you might be interested in based on your previous show choices at VAULT Festival. However we only do this if there is no overriding prejudice to you by using your personal information in this way.
With your explicit consent
For any situations where the two bases above are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation.
Marketing Communications
We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as what events you have booked for in the past, as well as any preferences you may have told us about.
We use our legitimate organisational interest as the legal basis for communications by email. We will give you an opportunity to opt out of receiving them during your first purchase with us. If you do not opt out, we will provide you with an option to unsubscribe in every email that we subsequently send you, or you can alternatively use the contact details at the end of this policy.
Other Processing Activities
In addition to marketing communications, we also process personal information in the following ways that are within our legitimate organisational interests:
We may analyse data we hold about you to ensure that the content and timing of communications that we send you are as relevant to you as possible.
We may analyse data we hold about you in order to identify and prevent fraud.
In order to improve our website we may analyse information about how users interact with it.
In all of the above cases we will always keep your rights and interests, fundamental rights and freedoms at the forefront. You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the end of this policy. Please bear in mind that if you object this may affect our ability to carry out tasks above that are for your benefit.
Third Parties
There are certain circumstances under which we may disclose your personal information to third parties. These are as follows:
To our own service providers who process data on our behalf and on our instructions (for example Spektrix, our ticketing system software provider). In these cases we require that these third parties comply strictly with our instructions and with data protection laws, for example around security of personal data.
Where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies).
To specific named Visiting Companies whose performances you have attended. In these cases we will always ask for your explicit consent before doing so.
That’s the whole policy. If there’s anything unclear or hard to understand, please let us know by emailing theglitch@vaultcreativearts.org, as we can answer your questions and also revise the policy to make it clearer for other people. Thanks for taking the time to read it.