Aldworth Philharmonic Orchestra (APO) is committed to protecting your personal information and being transparent about what information we hold about you.
The purpose of this policy is to give you a clear explanation about how APO collects and uses the personal information you provide to us and that we collect, whether online, via telephone, email, in letters or in any other correspondence.
We ensure that we use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:
- What information APO may collect about you
- How we will use that information
- Your choices regarding the information you provide to us; and
Who we are
APO is an amateur orchestra based in Reading, Berkshire.
APO is a registered charity. Our charity number is 1105542. Our registered address is 8 South Drive, Reading, Berkshire, RG4 6GB.
How we collect information from you
APO may collect information in the following ways:
When you give us information directly
You may provide your details to us when you book concert tickets online, email us on any of the addresses included on our website, take part in our Concert Virgin scheme, sign up as a patron, enquire about becoming a member, or fill in a concert fixing form.
Depending on your settings or the privacy policies for social media and messaging services like Facebook, Twitter and Instagram, you may give us permission to access information from those accounts or services.
When we collect information when you are using our website
When you visit our website, information about your visit is recorded and stored. Like most websites, we use ‘cookies’ to help us make our site – and the way you use it – better. Cookies mean that a website will remember you. They are small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text boxes on forms.
In addition, the type of device you are using to access our website or apps and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you are using and what your device settings are. Your device manufacturer or operating system provider will have more details about what information your device makes available to us.
Data protection law recognises that certain categories of personal information are more sensitive. This is known as sensitive personal data and covers health information, race, religious beliefs and political opinions.
We do not store any sensitive personal data about you.
What personal information we collect
The type and quantity of information we collect and how we use it depends on why you are providing it.
We may collect some or all of the following information:
- Your name
- Your contact details (postal address, email address, phone number, mobile number)
- Your date of birth
- Your bank or credit card details (only if you are making a purchase or paying a patron donation)
- The instrument you play
When we are reviewing and monitoring our website, wherever possible we use aggregated or anonymous information which does not identify individual visitors to our websites.
How we use your personal information
We use your personal information for purposes including:
- For administrative purposes, including the processing of ticket purchases, player voluntary contributions, and Gift Aid
- To record your availability for rehearsals and concerts
- To respond to your query or complaint
- To maintain our organisational records and to ensure that we have your most up-to-date contact details
- To allow us to fulfil any contractual obligation entered into between you and us (for example, when you purchase concert tickets or merchandise)
- To help us improve our services or information provision
- To analyse and improve the operation of our website
- To analyse the way that you use our website and to improve the way it operates
Who we share your personal data with
We never sell or share personal details to third parties for the purposes of their own marketing.
We may be legally required to disclose your details if required to by the police or for regulatory reasons.
We will only ever share your data in other circumstances if we have your consent to do so.
Your debit and credit card information
If you use your credit or debit card to donate to us, buy something or pay for a registration online or over the phone, we will ensure this is done securely and in accordance with the Payment Card Industry Data Security Standard. Find out more information about PCI DSS.
We do not store your credit or debit card details after your transaction is completed. All card details and validation codes are securely destroyed once the payment or donation has been processed. Only people authorised and trained to process payments will be able to see your card details.
When we send you marketing, we include information on how to opt out.
Although in many cases we will seek consent to process your personal data, in some instances we may process your information without consent when we are legally allowed to do so. This will only be where it is in our legitimate interests to do so and where we are confident that such processing is not likely to prejudice your legitimate interests or rights or freedoms.
Where we are processing your personal data on the basis of consent that you have given us, you are entitled to withdraw that consent at any time so that we can no longer rely on it as a basis for continuing to process your personal information.
If you do not want to hear from us, that’s fine. Just let us know when you provide your data, or contact us at any time on email@example.com. You can also opt out of our email communication at any time by clicking the ‘unsubscribe’ link at the end of our marketing emails.
We will not use your personal information for marketing purposes if you have indicated that you do not wish to be contacted by us for such purposes. However, we will retain your details on a suppression list to help ensure that we do not contact you in the future.
If you actively provide your consent to us along with your email address and/or mobile phone numbers, we may contact you for marketing purposes by email. By subscribing to APO emails, or opting into email communication from APO, you grant us the right to use your email address for email marketing purposes.
If you have provided us with your postal address we may send you information by post unless you have told us that you would prefer not to receive information in this way.
Protecting your data
Data security and protection of your personal information is very important to us. We take care in the selection and implementation of appropriate security.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
APO will retain your data for a reasonable period.
Keeping your information up to date
We’d really appreciate it if you let us know if your contact details change. To do so, please contact firstname.lastname@example.org.
How long we keep your information for
We will hold your personal information on our systems for as long as it is reasonably necessary for the relevant activity. For example, we will keep a record of any donations you have made for at least six years, because HMRC may ask us to produce this information for tax purposes.
If you ask us to stop sending you marketing materials, we will keep a record of your contact details and appropriate information to enable us to comply with your request to not be contacted by us.
Your rights to your personal information
Under the General Data Protection Regulation, which becomes law in the UK in May 2018, you are also granted a number of rights. These include:
- The right to rectification
- The right to erasure
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
For more information on these rights, please read the relevant guidance issued by the Information Commissioner’s Office (ICO).
If you would like to make a complaint about how we process your personal data, please contact Katie Hepworth, our data protection officer, via email@example.com.
If you are not happy with how your complaint is dealt with you should contact the ICO. Alternatively, you are entitled to make a complaint to the ICO without first referring your complaint to us.