Wooburn Festival Society Limited (hereinafter “Wooburn Festival”, “We”, “Us”, “Our”) is a not for profit company limited by guarantee. It is a registered charity and is engaged in advancing the education of the public in the arts.
Registered office: Castle View Cottage, Malders Lane, MAIDENHEAD, SL6 6NH
Registered in England: 01555038
Charity Registration: 282538
We are committed to protecting and respecting your privacy. This Privacy Notice (together with any other documents referred to herein) sets out the basis on which the personal data collected from you, or that you provide to Us, will be processed by Us in connection with the promotion and sale of tickets to events managed or promoted by Us. Please read the following carefully to understand Our views and practices regarding your personal data and how We will treat it.
For the purpose of the General Data Protection Regulation (“GDPR”) the Data Controller is Brian Johnson (Chairman).
We manage our own ticket sales. We process personal information as a data processor.
When you use our platform, you may be asked to fill out an online form with personal information such as your name, address, telephone number and email address. This information is collected to enable Us to sell you the tickets only, and will not be passed to any other organisations.
Some of the information We collect through forms is marked as mandatory (i.e. the information needed to complete the ticket sale and subsequently to contact you if the event is cancelled or has to be changed for any reason). Other information is provided voluntarily. If you fail to provide Us with information that is marked as mandatory We will not be able to process your form or carry out the intended function (e.g. sell you a ticket).
Payment is handled separately, and securely, through Stripe (“Payment Processor”). Your payment card details are never collected by Us and We never have access to them. You should refer to the Payment Processor’s own privacy notice for information about how they process your personal data (https://stripe.com/gb/privacy).
We rely on “performance of a contract with the data subject” as the lawful basis of processing your information where we do this so that we can provide you with our tickets and services.
We rely on legitimate interest as the lawful basis on which We collect and use your personal data for the purposes of direct marketing.
We require these personal details for the following reasons:
We routinely pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf, including the Payment Processor, Stripe.
We may also disclose your personal data to third parties:
Other than as set out above and save insofar as is necessary in order for Us to carry out our obligations arising from any contracts entered into between you and Us, We will not share your data with third parties unless We have procured your express consent to do so.
We take appropriate measures to ensure that any personal data are kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need
to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where We are legally required to do so.
Our Payment Processor, Stripe, use their own security measures to keep your personal banking details safe, including safeguards such as firewalls and data encryption. Please see the Payment Processor’s own privacy notice for more information about how they protect your personal data.
Unfortunately, the transmission of information via the internet is not completely secure. Although We will do our best to protect your personal data, We cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.
We welcome any amendments you may suggest, as it is also Our obligation to keep any data We collect as accurate as reasonably possible.
If you have an account you will be able to amend this information via your account profile.
If you do not have an account, please note that we will have only collected the information in relation to the order you have made, we are unable to update any of those details but we can update our own internal records so the data we collect about you is accurate.
All information We hold about you is stored on our servers and the secure servers of our Payment Processor, Stripe, which may be at a destination outside of the United Kingdom.
Countries outside the United Kingdom do not have the same data protection laws as the United Kingdom.
We will not otherwise transfer your personal data outside of the United Kingdom OR EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
We hope that We can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
We may collect information about your mobile phone, computer or other device from which you access the website, including where available your IP address, operating system and browser type, for systems administration and to report aggregate information. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. We may, however, use such information in conjunction with the data We have about you in order to track your usage of our services.
A cookie is a small file of letters and numbers that We store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
The cookies We use include:
All questions, comments and requests regarding this Policy should be addressed to firstname.lastname@example.org