This privacy notice provides you with information about us, why we collect information from you, what we do with the information we collect from you, who we share your information with and your rights under the UK General Data Protection Regulation (“GDPR”) and the Data Protection Act (2018) in relation to that information. We may update this notice from time to time.
When you visit the Gardyne Theatre website at https://gardynetheatre.org.uk, we may collect internet log information, such as your IP address and details of visitor behaviour patterns. We do this to identify things like the number of people using our site or accessing the various pages on the site, or for information security reasons. This information is only processed in a way in which you cannot be identified. We do not make any attempt to find out the identity of users of our website. If we do need to collect personal data from you on any part of our website, for example, if you subscribe to our mailing list, we will be clear about this by offering you the opportunity to read the appropriate privacy notice. This will explain what we intend to do with it and how we will process it. We process (this means to do anything with the information such as to collect, store, use, access, destroy or share) information which relates to you, in accordance with UK GDPR and the Data Protection Act (2018).
“Personal data” means recorded information we hold about you from which you can be identified or may be identifiable. It may include contact details, your IP address or other personal information for example photographs, expressions of opinion about you or indications as to our intentions about you.
The Gardyne Theatre website may contain links to websites belonging to other organisations. By using those links, including when you purchase a ticket or tickets, you are choosing to browse to these sites. We are not responsible for privacy policies or the conduct of third party websites or their owners.
If you have any questions about this notice you can contact our Data Protection Officer on the contact details noted below.
Why do we collect data about you?
Data Protection Principles
We will comply with the six data protection principles in the GDPR, which say that personal data must be:
We shall ensure we can show that we have complied with the data protection principles.
Sharing your Data
Gardyne Theatre may share your data with organisations in the following categories:
Any sharing of your data is done in Gardyne Theatre’s legitimate interests in ensuring that the website works properly for users.
How long will we keep your Data for?
The data detailed in this notice will be kept in line with our Data Retention schedule which details how long we keep the data detailed above. The retention period is currently no more than 2 years.
Your Data Rights
You may have the following rights over your data, which are set out in the UK GDPR and the Data Protection Act (2018). These rights are not automatic and are dependent on their provisions. If you are unsure of your rights or wish to exercise any of your rights, you may contact the college’s Data Protection Officer at: firstname.lastname@example.org.
You may have rights to:
Data Protection & Security
We will only process your personal data for the specific purpose or purposes notified to you in this document. Your personal data will only be processed to the extent that it is necessary for the specific purposes notified to you. We will keep the personal data we store about you accurate and up to date. Data that is inaccurate or out of date will be destroyed or updated. Please notify us if your personal details change or you become aware of inaccuracies in the personal data we hold about you. Gardyne Theatre will process your data only in accordance with the UK GDPR and the Data Protection Act (2018) and this Privacy Notice. Gardyne Theatre will take appropriate technical and organisational measures to protect the rights of Data Subjects. In the event of a data breach which results in high risk to your rights and freedoms, we shall communicate the nature of that breach to you including our contact details, the likely consequences of the data breach and details of the measures taken or which we plan to take to address the data breach and to mitigate its consequences.
Data Protection Officer
If you have any questions relating to your personal data, its processing or your rights as a Data Subject, you should contact the college’s Data Protection Officer in the first instance:
Data Protection Officer, Dundee and Angus College, Old Glamis Road, Dundee DD3 8LE
Should you be unsatisfied or you believe that your data is not being processed in accordance with the Data Protection Act (2018) and the GDPR, you may complain to the Information Commissioner’s Office (ICO). Further information, including contact details can be found on the ICO’s website at https://ico.org.uk/for-the-public/