Privacy Policy
Privacy Policy
INTRODUCTION
The Unicorn Theatre is committed to protecting the privacy of those who use our services and to being transparent about what data we hold about you and giving you control on how we use it.
The purpose of this policy is to give you a clear understanding of how we collect your personal information from you directly and from third parties, how we use it, and how we keep it secure. We are the data controller for your personal information, and we will ensure that it is used and stored in accordance with the Data Protection Act (1998) and Electronic Communications Regulations (2003) and, as of 25th May 2018, the EU General Data protection Regulation (EU 2016/679).
WHO WE ARE
The Unicorn Theatre is a producing theatre based in London. We want to maintain the trust and confidence of every one of our audience members, participants and supporters, as well as each visitor who uses our website.
The Unicorn Theatre is a charity registered as Unicorn Theatre London Ltd (a charitable company limited by guarantee) trading as 'the Unicorn Theatre'. The company is registered in England and Wales at 147 Tooley Street, SE1 2HZ, company no. 480920, registered charity no. 225751.
Any information you provide us helps us to deliver an improved, personalised and smoother ticket buying process and visitor experience. If you have an account with the Unicorn and would like to make any changes to your contact information, or how you’d like to hear from us, you can amend your account at any time by logging in here. Or you can contact us at:
By email: boxoffice@unicorntheatre.com
By post: Unicorn Theatre, 147 Tooley Street, London, SE1 2HZ
By phone: 020 7645 0560
HOW WE PROTECT YOUR DATA
We’re committed to protecting your personal information. We adopt robust and appropriate technologies and policies to protect it from unauthorised access and improper use.
As part of the services offered to you through the Unicorn Theatre's website, the personal information you provide may be transferred to countries outside the European Economic Area (EEA). By way of example, this may happen if any of the computer servers used to host the website are located in a country outside of the EEA. If the Unicorn transfers your personal information outside of the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this privacy notice.
The Unicorn may transfer your data to the USA to organisations such as Facebook, Google or Dotmailer. The USA has weaker data protection laws than that of the EEA and therefore we will ensure that only organisations who are a part of the EU privacy shield initiative will handle your personal information. More details on this certification can be found at the Privacy Shield website.
How long we keep your data
We will keep your information only for as long as is reasonably necessary for the purposes set out in this privacy notice and to fulfil our legal obligations. We will not keep more information than we need. The retention period will vary according to the purpose, for example if purchasing a ticket only, we will typically keep your data for up to ten years from the date of your last point of engagement whereas if you have become a supporter or are a past or current member, we will hold your details indefinitely.
If you ask us to stop sending direct marketing communications to you, we will retain the information required (e.g. name, address or email address) to ensure we adhere with such requests.
YOUR RIGHTS
At any time you have the right to ask the Unicorn Theatre to amend or to stop how it uses your personal information including for marketing purposes.
If you have an online account with us, you can amend your personal details and email contact preferences at any time by signing into your account.
Or, if you prefer, you can contact us by phoning, emailing, or writing using our contact details set out at the top of this Privacy Policy.
Every email we send to you will include details on how to change your communications preferences or unsubscribe from future communications.
You can request full details of personal information we hold about you under the Data Protection Act 1998, or after 25 May 2018, The General Data Protection Regulation, by contacting us. Please send a description of the information you would like to see, together with proof of your identity to admin@unicorntheatre.com
You also have the right to get information held about you by us corrected. If you have any concern about the accuracy of your personal data or if you would like us to remove the personal information we hold about you, please contact us using the contact details set out at the top of this Privacy Policy.
You have the right to lodge a complaint with the supervisory authority, The Information Commissioner’s Office.
If you are under 18, please ensure that you obtain your parent/guardian's consent beforehand whenever you provide personal information to the website. If you don’t have that consent, you must not provide personal information to us.
WHAT INFORMATION WE COLLECT FROM YOU AND WHERE FROM
We collect your information when you interact with us. This could be when you sign up for e-newsletters, set up an account, book tickets, buy a membership, make a donation, or order an item from our online shop, or if you take part in a workshop, event or project. These interactions may occur online, in person or over the phone. We also monitor how audiences use the website to help improve the user experience.
We may also collect information from publicly available sources as part of our fundraising practice. This may include obtaining information from individuals working on our behalf such as our development board and from organisations that book fundraising events or have memberships with us for their hospitality packages or corporate workshop events.
We collect personal information when you:
1. Create an account at unicorntheatre.com which allows you to:
• Purchase tickets or gift vouchers
• Sign up to our e-mailing list
• Update your communication preferences
• Buy a membership
• Make a donation
• Book to take part in a project or workshop
• Give us your access requirements
• Purchase merchandise or packages online
2. Contact us by phone to:
• Purchase tickets or gift vouchers
• Sign up to our mailing list
• Buy a membership
• Make a donation
• Book a fundraising event, birthday package or workshop
• Book to take part in a project or workshop
• Give us your access requirements
• Give us your dietary requirements for workshops, projects or fundraising events
• Purchase merchandise or packages sold through our Box Office system
• Give feedback
3. Visit us in person:
• Purchase tickets or gift vouchers
• Sign up to our mailing list
• Buy a membership
• Make a donation
• Book a fundraising event, birthday package or workshop
• Attend a fundraising event or workshop
• Give us your access requirements
• Purchase merchandise or packages sold through our Box ffice system
• Give feedback
4. Contact us by post to:
• Join as a member
• Join as a supporter
• Attend a fundraising event or workshop
• Take part in a project
• Submit an application
• Share feedback
• Make a donation
5. When you email us with any information relevant to your booking, including to:
• Give general feedback
• Share access requirements
• Share dietary requirements for workshops, projects or fundraising events
6. When you visit our website
• Through your IP address given to us by your browser
• Through cookies – view our cookie policy
7. Purchase tickets to our productions through a third party such as another theatre or ticket agent
8. Via Social Media
We also collect some personal data (name, address, phone number, booking details) when you enter competitions or give us booking details for customer support through social media. We also collect and track anonymised data on our social media audiences to better understand the ‘groups’ of people who engage with us online. We use this to ensure we engage with audiences and groups of people who are new to us.
9. Via publically available information
We occasionally research publicly available information to estimate their potential interest in different membership levels or in supporting us further. We therefore use a small number of basic sources to aid us, such as:
• Official company websites
• Companies House
• Charities Commission
• Donor Boards
• Information is published articles
In some cases, we will rely on legitimate interest, being that of our charitable purposes and fundraising needs, for processing data of potential supporters and when making initial contact. We may collect any of this information from a person working on your behalf, such as a personal assistant, but only with your consent.
10. Via CCTV footage when you visit our venue
We use CCTV recording equipment in and around our premises for monitoring and security purposes in line with CCTV guidelines.
THE TYPES OF INFORMATION WE COLLECT
We only collect the information that’s necessary to carry out our business or to deliver our charitable objectives, provide the particular service you’ve requested and to keep you informed. The more ways that you engage with us as an organisation, the more data we will require in order to provide the necessary services required.
There are occasions where you can choose to not provide us with the information we require, but this may then impact the service we are able to provide.
When you create an account with us, register on our website, purchase tickets online, by post or phone, book into a workshop, we need to collect information from you in order to provide the service you are requesting. There are occasions where you can choose to not provide us with the information we require, but this will then impact the service we are able to provide.
If you are purchasing tickets:
- Prefix and full name
- Gender
- Email address
- Date of Birth
- Contact phone number(s)
- Payment card details (we never store your payment card data)
- Bank details for direct debit instructions
- Access requirements
- Dietry requirements for fundraising events, workshops and projects
- Delivery address(s)
- Billing address
- Contact preferences
- Emergency contact details for projects and workshops
- Borough (for schools and project participants)
- Job information
- Access requirements – we only have this information if you chose to give it to us. It is used so we can best support your visits - for example: a preference for seats on an aisle, or with a clear view of captioning units.
If you are a member or supporter, or you're attending an event, workshop, taking part in a workshop or booking a birthday party, we may require additional information such as:
- Emergency contact name, phone number and address
- Photo permission
- Access needs
- Dietary needs
- Borough
- Details of any prior experience relates to the event, project or workshop
- Equal opportunities forms
- Job title
- Contact address
- Name of institution
- Location of institution
- Type of institution
- Publicly available information about you
This is not an exhaustive list and we may retain different types of information for different individuals based on what is necessary to deliver the service we are providing to a high standard.
We keep a record of your relationship with us
We also keep a record of your interactions with us in our database, such as what shows you have purchased tickets to, when you have had an active membership, any projects you may have participated in or supported and whether you have received, opened or clicked through any emails we may have sent. This helps us to improve our services to you.
Keep a record of your interactions with our website
We also may collect an automatically populated IP address when you use our website or email service. This public IP address is a unique number which allows a computer, group of computers or other internet connected device to browse the internet. The log file records the time and date of your visit, the pages that were requested, the referring website (if provided) and your internet browser version. This information is collected to help diagnose and manage the website, to audit the geographical make-up of users, and to establish how they have arrived at the website.
We do use cookies which retain information about your online behaviour, preferences and settings. For more information, please refer to our cookie policy
Third Parties we work with
We may also obtain your data from third parties, such as organisations with which we enter into a co-production. These organisations should not pass on your data to us without your knowledge and only if it is required in the performance of a contract. The third party will require your permission in order to share your data with us for marketing purposes and we will always notify you within 30 days of receipt of your data. You should check their Privacy Policy when you provide your information to understand fully how they will process and safeguard your data.
Social Media
Depending on your settings or the privacy policies for social media services like Facebook, Instagram or Twitter, you may give us permission to access information from those accounts or services, such as your behaviour on these services and across our site. The majority of this behaviour is anonymised. For more information on how to control your privacy settings for these services, go to the following links:
WHY WE COLLECT INFORMATION AND HOW WE USE IT
The main reason we collect information is to provide the service(s) you requested from us.
We also use personal information to contact you about our organisation based on your contact preferences, or to ensure that we are providing the best possible service. We will only contact you by email about non-contactual information where we have your consent to do so.
We collect personal information in order to:
- Carry out our business and to provide a service or carry out a contract with you:
- To fulfil ticket, merchandise, donation and membership requests
- To process payments
- Contact you with important information relating to your booking or purchase
- To invite you to events or workshops as per your membership or sponsorship benefits
- Provide the best possible customer service such as: confirming your order, reminding you of an upcoming booking, or letting you know about any show or venue changes that affect your visit
Where we have your specific consent to:
- Send you updates via email about what’s on, ticket or membership offers, and news about our organisation
- Email you about our fundraising activities and ways that you can support us
- Share your details with other arts organisations we have made work with (these organisations should contact you to let you know how they collected your data and to check that you’re happy to hear from them. You will always be able to opt out of their communications by contacting them directly)
Where we have a legal obligation to:
- Use CCTV recording equipment in and around our premises for monitoring and security purposes
- Detect and reduce fraud and credit risk
Where we have legitimate interest to:
- Learn about your interests and preferences so that we can contact you with information that is relevant to you
- Help us target our marketing and development communications and adverts so that they’re more relevant to you
- Send relevant invitations to events, press night or other fundraising opportunities via post or phone if we believe this would be of interest
- Use your pseudonymised details to show you advertising on such Social Media platforms as Facebook and Instagram or via other third party advertising that may appear on other websites you use (the information shared with these platforms is pseudonymised to protect your personal data)
- Classify our audience into groups or segments, using booking and publicly available information (these segments help us to understand our audience better and ensure we’re sending relevant messages to each group
- Measure and understand how our audiences respond to a variety of marketing activity so we can ensure our activity is well targeted, relevant and effective
- Analyse and continually improve the services we offer including our artistic output, our website and our other products
- Ensure we are maximising our ticket sales wherever possible
- Enable us to fundraise effectively because we are a charity
How, why and what information we collect to support our fundraising goals as a registered charity:
We are a registered charity and we rely on charitable support. We collect information in order to seek out new supporters and to maintain our current relationships. We are committed to fundraising best practice and abide by the Fundraising Regulator’s key principles and behaviours of a fundraising organisation: to be legal, open, honest and respectful. We undertake to comply with relevant law and regulations, including the Proceeds of Crime Act, Data Protection, Tax and Gift Aid legislation and Charity Commission guidance.
We undertake research on our data and through publicly available information in order to ensure that we can present customers with appropriate information and opportunities to learn more, and potentially support the Unicorn, in a number of ways:
Current donors
We will ask all individual donors for their consent for us to email them specific fundraising email communications, or email members invitations as per the benefits of their engagement with us. We will always endeavour to tell members about the aspects of our work that we think are most relevant to their interests.
For higher level benefits we ask for permission or preference for accreditation. We respect the rights to anonymity if the donor so requests.
Our aim is to always to ensure our communications to our supporters are personal, relevant and timely, and designed to provide the most rewarding engagement with our work.
Prospect research
We will use research from a number of different publicly available sources to identify potential supporters and their interests in addition to those of our current supporters, aiding us in our fundraising activities. This may include newspaper websites and archives, housing market websites and the electoral roll as well as official websites of companies, charities and other arts organisations. In addition to this research we also make use of company, director and shareholder information from publicly available, officially registered information providers, such trustfundraising.org, LinkedIn and 192.com.
If we have identified a specific company or trust and foundation through this research that we believe may be interested in supporting our work, we may contact the people specifically connected to these bodies via publicly available contact information, such as a relevant work email address. If we identify an individual, we may contact them via phone or by post. As a charity, we believe that this in the legitimate interest of our fundraising needs.We will always ensure we conduct an appropriate legitimate interest assessment to ensure that we are not infringing on your rights.
The Development Department monitors potential donations and corporate partnerships for compliance and risk. Final decisions may be escalated to the Board of Trustees. It is our Board’s responsibility to act in the best long-term interest of the Unicorn and to act prudently when deciding to accept or refuse voluntary contributions. The Board will refuse a gift if it can reasonably conclude that its acceptance would be more likely to be detrimental to the organisation than its refusal.
WHO WE SHARE INFORMATION WITH
The Unicorn Theatre will never share, sell, rent or trade your personal information to any third parties for marketing purposes without your prior consent.
We will ask for your consent to share personal information with organisations we have co-produced work with that you may have seen in our theatre or in collaboration with us at another venue. These requests will be specific to the individual organisation and the show you are booking for so that your consent decision is informed. We make sure anyone who provides a service for the Unicorn enters into an agreement with us and meets our standards for data security.
We share name and address information with suppliers fulfilling mailings for the Unicorn Theatre. We ensure that we work only with suppliers who comply with data protection practices and standards.
We use a number of data processors in order to help us provide the services you request. These organisations are obligated to act on our instruction in relation to their use of your personal data and do not have any control over your data in their own right. We make sure anyone who provides a service for the Unicorn Theatre enters into an agreement with us and meets our standards for data security. They will not use your data for anything other than the clearly defined purpose relating to the service that they are providing.
Examples:
Name on card, credit card number, billing address, CVV amount of transaction and order number with our payment provider in order to process credit card transactions
Name on bank account, bank account number, sort code, amount of direct debit, frequency and customer number with our payment handler in order to process direct debit transactions
Sort code and account number with our merchant in order to complete modulus and know your customer checks
Name and email address with Dotmailer in order to produce e-marketing campaigns, pre- & post-show emails
Service providers who aggregate data in order for us to do benchmark reporting across the industry, specifically The Audience Agency for the purposes of the Audience Finder initiative. For more information on the data they collect, please refer to Data Collection In Audience Finder and Data Control in Audience Finder.
Spektrix (our Box Office provider) and Purple Seven in order to benchmark our organisation against other subsidised and commercial venues. This allows us to gain a further understanding of our audience’s behaviour and gives us insight into potential new audiences. Data is anonymised and only built for statistical purposes
List of major donors to funding bodies (we always respect anonymity where requested)
Named third party organisations if you ticked the relevant opt-in box when you purchased tickets. In these instances, we may supply your personal information to that specific organisation only. We will only supply full name and email address in these data shares and only with your consent
Other organisations such as competition organisers if you choose to take part in such activities that need administration by third parties and you choose to opt in for contact from those organisations
We will only supply full name and email address in these data shares and only with your consent
Third party advertisers (such as Facebook or Google) to help us identify customers similar to our audience or to serve adverts they deem relevant to you on third party websites. The information shared with these advertisers is pseudonymised to protect your personal data.
Our ticketing system provider Spektrix who provide support should our ticketing system require maintenance
Where required to do so (for example, if required to do so by the ‘know your donor’ principles under charity law or a court order), or when requested by the police or a regulatory or government authority investigating illegal activities
The Unicorn is not responsible for the privacy notices and practices of other websites even if accessed using links from our website and recommends that you check the policy of each website you visit and contact its owner or the Data team if you have any concerns or questions. While we take all possible precautions, no data transmission over the internet is 100% secure and we cannot guarantee the security of any information you disclose to us and so wish to draw your attention to the fact that you do so at your own risk.
AND FINALLY...
This policy was last updated on 13 May 2018.
This policy may be updated to take into account changes we have made, or to reflect changes to regulation or legislation. Updates to this policy will be posted on this page – please check back from time to time. We may also inform you of any changes where we hold an appropriate email address for you.
Further information on data protection regulations and laws can be found here:
Data Protection information by the Information Commissioner's Office (ICO)