What information is collected?
Our website collects different types of data that is non-personally identifiable and may include referral website URL’s, IP addresses of Users, Users website journey, information about the browsers used by the User, etc. Cookies are used to collect most of this information. They are small pieces of data that are sent to your browser stored on your computer’s hard drive when you view our website. These cookies help Music In The Castle identify you as the User. You have the choice to modify your browser and reject the cookies from our website. For more details see our Cookies Policy.
How we use the information that we collect
If you have made an enquiry on our website we only use your details for replying to that enquiry. We do not share those details with any third parties and will not use the information for sending you any marketing materials. When a website enquiry is made an email with your enquiry and details is sent to a member of our team. Once the enquiry is dealt with we will not use your details further. The email will be deleted from our email account within 6 months of your enquiry.
If you sign up to our e-newsletter then you have agreed for us to email you about coming events and news. Our e-newsletter sign-up form is hosted on Mail Chimp which is also GDPR compliant.
Protecting your personal data
We take your data very seriously and do all we can to ensure that it is kept safe and not used for anything other than its original purpose. By choosing to submit an enquiry to Music In The Castle you understand and agree that the security, integrity and privacy of your information cannot be 100% guaranteed.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
1) The right to be informed
Individuals have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under the GDPR.
2) The right to be informed
Individuals have the right to request what personal data we hold on them. You can request this data verbally or in writing and request a ‘subject access’. Within 30 days we will let you know what personal data we have. And if you request for us to delete that data if you feel it necessary.
3) The right to rectification
The GDPR includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete.
An individual can make a request for rectification verbally or in writing.
4) The right to erasure
The GDPR introduces a right for individuals to have personal data erased. The right to erasure is also known as ‘the right to be forgotten’.
Individuals can make a request for erasure verbally or in writing. We then have one month to respond to a request.
The right is not absolute and only applies in certain circumstances. For more details visit https://ico.org.uk/
5) The right to restrict processing
Individuals have the right to request the restriction or suppression of their personal data. This is not an absolute right and only applies in certain circumstances.
When processing is restricted, we are permitted to store your personal data, but not use it.
An individual can make a request for restriction verbally or in writing. We have one calendar month to respond to a request.
6) The right to data portability
The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.
7) The right to object
The GDPR gives individuals the right to object to the processing of their personal data in certain circumstances. Individuals have an absolute right to stop their data being used for direct marketing.
In other cases where the right to object applies we may be able to continue processing if we can show a compelling reason for doing so.
An individual can make an objection verbally or in writing. We have one calendar month to respond to an objection.
Access to your personal information
You are entitled to view, amend, or delete the personal information that we hold. Email your request to our data protection officer Alison Burnett at [email protected]