Privacy Statement 

Privacy Policy

We are committed to protecting your personal information and being transparent about what details we hold about you and how we use them.

Information is used in accordance with all applicable laws concerning the protection of personal data and this policy is regularly updated. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.

The last update to this policy was 25 May 2021.

This policy explains:

  • Who we are 

  • What information do we collect

  • How and why we use the information

  • Where we store your personal information

  • Who else can access your data

  • Your rights to the information we hold

If you have any questions relating to this policy, please email info@ginificent.com

Who we are

Tiny Giants Productions LTD is the organization responsible for running GINIFICENT Productions.

For the purpose of the General Data Protection Regulation (the “Regulation”) the data controller is  TGP,  a company limited by guarantee, registered in England and Wales with company number 03766517 whose registered address is at 111 Mount Pleasant, Liverpool,  L3 5TF.

 

What information we collect

We may collect and store a variety of data from you, depending on how you use our services:

Ticketing & Fundraising
When you buy tickets, online services, participate in one of our projects, become a regular giver or make a donation to support us, we’ll store the personal information you give us such as your name, email address, postal address, telephone number, encrypted bank and/or card details. We will store a record of your purchases, donations and your Gift Aid status, where applicable and as required by HMRC. We will also keep records of communications sent to you or received from you.

Debit and credit card information
We do not hold any credit or debit card information on our site.  All payments are taken either through Eventbrite or Vimeo and we do not have access to this information. 

 

Website & social media
We record the way you use our website and social media channels, using this data to learn, for example, how many people visit our pages, and what they are trying to find. User traffic is also aggregated to help us improve and develop our site for the benefit of all users. 

Recordings of visitors to our venues
We, or a Service Provider, may carry out photography, film and/or sound recording during, before or after a performance and/or from time to time. Whilst we take reasonable steps to make sure that visitors are notified of such activities when they enter our venues and are given an opportunity to avoid them, by attending our venues you consent to you and any persons (including any children) who may accompany you, being included in such recordings and such recordings subsequently being used by us for any reasonable commercial purposes, including without limitation, for marketing and promotional purposes. We will not make any payment to you in respect of your inclusion in such photography or recordings.

Other Information
We occasionally receive information about you from third parties. For example, we may use third-party research companies to provide general information about you, compiled using publicly available data, or may receive recommendations from friends or business colleagues.

Sensitive Personal Data
Data Protection law recognises that certain categories of personal information are more sensitive such as health information, race, religious beliefs and political opinions. We do not usually collect this type of information unless there is a clear reason for doing so.

How and why we use the information

There are three legal bases under which we may use your data:

1.    Contract Purposes
When you make a purchase or a donation to us, you are entering into a contract. In order to fulfil this contract we need to process and store your data. For example, we may need to contact you by email or telephone in the case of cancellation of a show, or in the case of problems with your payment.

2.    Legitimate Business Interest
In most situations, we collect and process your personal data for purposes that are in our legitimate organisational interests. However, we only do this if there is no overriding prejudice to you by using your personal information in this way. We describe below all situations where we may use this basis for using your information.

3.    Explicit Consent
For any situations where the above two reasons are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation.

 

Marketing Communications
We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as what events you have booked for in the past, as well as any preferences you may have told us about.
From 1 July 2021 we will be using ‘legitimate business interest’ as the legal basis for communicating with our audiences by post and email. 

PLEASE NOTE: if you have previously ‘opted out’ of receiving such communications methods, this continues to take precedent.

You can manage how we keep in touch with you at any time by logging into your account and changing your preferences directly or by email to info@ginificent.com

You can click ‘unsubscribe’ from any email we send to you. We will only contact you by telephone if you have given us your explicit consent unless it relates to the fulfilment of your purchase or donation (as detailed above)

PLEASE NOTE: this does not apply to emails, postal communications or telephone calls that we may need to make to you related to your purchase. For example, if you make a donation we will contact you to express thanks and ask for Gift Aid if applicable.

We will cease to use your data for marketing and communications purposes after 7 years of inactivity on your account except in very particular circumstances; for example, a special event or return visit. Your records will be retained as active for up to 10 years for analytical purposes. This is reviewed on an annual basis in line with our financial year (1 April to 31 March). 

 

Recruitment

We retain candidates’ application forms for six months after the job closing date. This is to contact applicants regarding other suitable vacancies and indemnify ourselves from potential claims. You may request this information be removed at any time - see also the paragraph entitled ‘Your Rights to your Data’.

 

Where we store your personal information

The data that we collect from you may be transferred to and stored at, a destination outside the European Economic Area (EEA) such as Eventbrite or vimeo. It may also be processed by staff operating outside the EEA who work for us or for one of our Service Providers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

 

All information you provide to us is stored on our secure servers or those associated with our Tessitura database (see ‘Who Else Can Access Your Data’ section below). All payment transactions are encrypted and comply to PCI-DSS. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the internet and the transmission of information via the internet are not fully secure. Although we will use reasonable endeavours to protect your personal data and prevent unauthorised access to it by storing it on a secure server that is password protected and hidden behind a firewall from the outside world, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.

 

Who Else Can Access Your Data

Service Providers
In order to provide you with our services, we employ other organisations who process your data on our behalf. We call these organisations ‘Service Provider’, and they help us with things like ticketing services, payment processing, website hosting and development, data analysis, research, email distribution and postal mailings. All Service Providers sign relevant data agreements and/or contracts to ensure that your data is stored securely and used only for the purposes contracted.


We don’t allow our Service Providers to use your data for any purposes other than those described in this policy. We do not sell or rent information about you to other parties.

Our main Service Provider is Wix. 

 

Your rights to the information we hold

You have the right to be informed about how we use your data and the right to access the information we hold about you. To exercise this right simply contact us in writing by email to info@ginificent.com or by post addressed to the Data Protection Officer, Tiny Giants Productions LTD 25 Duke Street, Southport. PR8 1JA and we will respond to you within 30 days of receipt of your request.

If you have any concerns about our use of your data and how that complies with the Regulation, or if you wish to initiate your ‘Right to be Forgotten’, please contact us in writing by email to info@ginificent.com or by post addressed to the Data Protection Committee, Tiny Giants Productions LTD, 25 Duke Street, Southport. PR8 1JA and we will respond to you within 30 days of receipt of your request.