Privacy Statement
Rock Choir is committed to protecting your privacy. This Statement of Privacy applies to the Rock Choir website, the Rock Choir Members website and any agreement entered into with Rock Choir and governs data collection and usage. By using the Rock Choir websites, you consent to the data practices described in this statement.
Our Privacy Promise
- To keep your personal data safe
- To not sell your personal data to any other party or group
- To give you choices in how you wish to hear from us
Data Protection Laws Are Changing
This notice sets out some of your rights under the new laws which come into effect on May 25th 2018. We will continue to review and update it as and when changes come into effect.
Collection of your Personal Information
This notice sets out some of your rights under the new laws which come into effect on May 25th 2018. We will continue to review and update it as and when changes come into effect.
Collection of your Personal Information
If you choose to enter into an agreement with Rock Choir we will ask you to provide information about you for security, identification and verification purposes. This is personally identifiable information, such as your e-mail address, name, home or work address or telephone number. When entering into an agreement online we will tell you how the information will be used. When providing information about others you must ensure you have their consent or are otherwise entitled to do so. Rock Choir also collects anonymous demographic information, which is not unique to you, such as your post code, age, gender, preferences, interests and favourites. Rock Choir will retain information collected about you for as long as permitted for legitimate business purposes and to meet any legal obligations.
This is what we use your personal information for:
- To operate the Rock Choir members website and deliver the services you have requested.
- To manage our relationship with you or your business.
- To develop new ways to meet our members’ needs and to help us grow our business.
- To inform you of local and national events, shows and opportunities and information about Rock Choir benefits.
- To develop and carry out various marketing activities.
- To organise shows or events in specific areas or regions.
- To understand how our members are using our services.
- To provide additional support or guidance about the use of our services.
- To develop and manage our brand, merchandise and services.
- To test new service offerings.
- To manage how we work with other companies that provide services to us and our members.
- To make and manage financial payments.
- To collect and recover money that is due to us.
- To obey laws and regulations that may apply to us.
- To enable us to respond to complaints and seek to resolve them.
- To run our business in an efficient and proper manner.
- To enable us to exercise our rights as set out in agreements or contracts.
We collect personal information about you:
We may collect information about you or your business from some or all of these sources:
- Data that you provide to us:
- When you register for a taster session – retained for 90 days if you don’t become a member.
- First name
- Last name
- Email address
- Contact number
- When you join Rock Choir as a member – retained for the duration of your membership and/or as required by law.
- First name
- Last name
- Email address
- Contact number
- Date of birth
- Proof of age
- Postal address
- How you heard about us
- Harmony part
- When you undertake the activities of a Prefect – copies of originals retained only until DBS verified.
- First name
- Last name
- Previous names
- Addresses for 5 years
- 2 forms of identification
- Utility bill
- When you call us on the phone – only retained if required to meet Rock Choir obligations and as required by law.
- Information dependent on call
- When you email us or write us a letter – only retained if required to meet Rock Choir obligations and as required by law.
- Information dependent on content of letter
- When you speak with a choir leader directly or their approved deputy – only retained if required to meet Rock Choir obligations and as required by law.
- Information dependent on conversation.
- When you use our website.
- Cookies as described in this document
- When you enter one of our competitions – retained only until the competition is completed.
- Information dependent on competition
- If you take part in a survey – retained only until the data has been compiled and summary results collated.
- Information dependent on survey
- Information provided to our choir leader or their approved deputy – only retained if required to meet Rock Choir obligations and as required by law.
- Information dependent on situation
- Information provided when entering into a business agreement – information dependent on agreement so includes but is not limited to:
- Contact name
- Business address
- Contact email
- Contact telephone number
- Company registration
- VAT registration
- Bank information
- When you register for a taster session – retained for 90 days if you don’t become a member.
Data we collect when you are using the services we provide:
- Profile and usage data. This includes the profile you create on our members website when you register for a taster session or when you join as a member. It also includes data we collect from our systems about how you are using the services we provide. This is collected from the devices you use to access these online services.
- Login success/failure
- Resource download statistics
- There is also information about your computer hardware and software that is automatically collected by Rock Choir. This information can include:
- Your IP address
- Browser type
- Domain names
- Access times and referring website addresses.
This information is used by Rock Choir for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Rock Choir website.
Data from third parties we may work with from time to time:
- Financial service providers who manage fee collection on our behalf.
- Sources of public information such as Companies House.
- Government and law enforcement agencies as applicable.
- Agents that may work on our behalf.
- Social networks – please keep in mind that if you directly disclose personally identifiable information or personally sensitive data through Rock Choir public message boards, this information may be collected and used by others. Note: Rock Choir does not read any of your private online communications.
- Market researchers.
Rock Choir does not collect, use or disclose sensitive personal information, such as race, religion, or political affiliations, without your explicit consent.
Rock Choir encourages you to review the privacy statements of websites you choose to link to from Rock Choir so that you can understand how those websites collect, use and share your information. Rock Choir is not responsible for the privacy statements or other content on websites outside of the Rock Choir and Rock Choir family of websites.
Who we will share your personal information with:
- We may share your personal information with the following organisations:
- Choir leaders or their approved deputies who may run our rehearsals from time to time.
- Any party that may be linked to you or the business product or service you provide.
- Any organisation you ask us to share your personal data with.
- Any mailing or printing agents, contractors and advisors that provide a service to us or act as our agents on the understanding that they keep the information confidential.
- Anyone to whom we may transfer our rights and duties under any agreement we have with you i.e. for payment processing.
- We may need to share your personal information from time to time with other organisations to assist us in providing you with your membership services:
- If you pay for your membership by direct debit we may share your data with the direct debit scheme provider.
- If you pay for your membership by card we may share your data with the credit card scheme provider.
- Our online Customer Record Management provider.
- We may also share your personal information if Rock Choir changes in the future:
- Rock Choir may choose to sell, transfer or merge any part of its business or its assets or we may seek to merge or acquire another business.
- During any such process we may share your data with other parties however this is only if the other party agrees to keep your data safe, private and secure.
- If such an event occurs then the other party may use your data in the same way as has been set out within this notice.
Sending Data Outside of the European Economic Area (EEA)
We do currently send your data outside of the EEA to follow your instructions, to comply with legal duty or to work with our agents, advisers and suppliers who Rock Choir uses to help run our business and membership services. If in future we do transfer information outside of the EEA we will ensure that the receiver agrees to only use your personal data in accordance with our instructions and that it is protected in the same manner as if it was being used within the EEA. To do this we will adopt the following safeguards:
- Rock Choir will put in place a contract with the recipient that obligates them to protect it to the same standards as the EEA requires. You can find more information on the European Commission Justice website.
- We will transfer it to a non-EEA country with privacy laws that provide the same protection as the EEA. You can find more information on the European Commission Justice website.
- Transfer it to organisations that are part of Privacy Shield. Privacy Shield is a framework that sets the privacy standards for data that may be sent between the US and EU countries. This framework ensures those standards are similar to those within the EU. You can find more information on the European Commission Justice website.
How long do we keep this Information about you?
We keep information in line with our retention policy. These retention periods are in line with the length of time we need to keep your personal information in order to manage and administer your membership. They also take into account our need to meet any legal, statutory and regulatory obligations. These reasons can vary from one piece of information to the next. In all cases our need to use your personal information will be reassessed on a regular basis and information which is no longer required will be disposed of securely.
If you don’t wish to give us personal information
Under the contracted terms of Rock Choir membership, we may need to collect personal information about you. If you choose not to give us this personal information it will prevent Rock Choir from being able to meet its obligations. It may also mean that we are unable to perform services required to run your membership and may result in Rock Choir having to cancel your membership. Any data collection that is optional will be made clear at the time of collection.
Marketing
Rock Choir also uses your personal data to inform you of other products or services available from Rock Choir and its affiliates. Rock Choir may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.
Rock Choir does not sell, rent or lease its customer lists to third parties. Rock Choir may, from time to time, contact you about a particular offering, event, opportunity that may be of interest to you. In addition, Rock Choir may share data with trusted partners to help us perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to Rock Choir, and they are required to maintain the confidentiality of your information.
Rock Choir keeps track of the websites and pages our customers visit within Rock Choir, in order to determine what Rock Choir services are the most popular. This data is used to deliver customized content and advertising within Rock Choir to customers whose behaviour indicates that they are interested in a particular subject area.
Rock Choir websites will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Rock Choir or the site; (b) protect and defend the rights or property of Rock Choir; and, (c) act under exigent circumstances to protect the personal safety of users of Rock Choir, or the public.
Accuracy of information
In order to provide the highest level of customer service possible, we need to keep accurate personal data about you. We take reasonable steps to ensure the accuracy of any personal data or sensitive information we obtain. We ensure that the source of any personal data or sensitive information is clear and we carefully consider any challenges to the accuracy of the information. We also consider when it is necessary to update the information, such as name or address changes and you can help us by informing us of these changes when they occur.
Data subject rights
- Subject access requestsThe General Data Protection Regulation (GDPR) grants you the “data subject” the right to access particular personal data that we hold about you. This is referred to as a subject access request. We shall respond promptly, and certainly within one calendar month from the point of receiving the request and all necessary information from you. Our formal response shall include details of the personal data we hold about you, including the following:
- sources from which we acquired the information;
- the purposes for processing the information;
- persons or entities with whom we are sharing the information.
- Right to rectificationYou shall have the right to obtain from us, without undue delay, the rectification of inaccurate personal data we hold concerning you. Taking into account the purposes of the processing, you the data subject, shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to erasureYou, the data subject, shall have the right to obtain from us the erasure of personal data concerning you without undue delay where not required to be maintained by us by law. If you do not wish us to hold the minimum personal data required for us to manage your membership of Rock Choir we will terminate your membership. In these circumstances Rock Choir will retain the information required by law for the relevant period.
- Right to restriction of processingSubject to exemptions, you, the data subject, shall have the right to obtain from us restriction of processing where one of the following applies:
- the accuracy of the personal data is contested by you, the data subject, and is restricted until the accuracy of the data has been verified;
- the processing is unlawful and you, the data subject, oppose the erasure of the personal data and instead request the restriction in its use;
- we no longer need the personal data for the purposes of processing, but it is required by you, the data subject, for the establishment, exercise or defence of legal claims;
- you, the data subject, have objected to processing of your personal data pending the verification of whether there are legitimate grounds for us to override these objections.
- Notification obligation regarding rectification or erasure of personal data or restriction of processingWe shall communicate any rectification or erasure of personal data or restriction of processing as described above to each recipient to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. We shall provide you, the data subject, with information about those recipients if you request it.
- Right to data portabilityYou, the data subject, shall have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller, without hindrance from us.
- Right to objectYou, the data subject, shall have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you, including any personal profiling; unless this relates to processing that is necessary for the performance of a task carried out in the public interest or an exercise of official authority vested in us. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of you, the data subject, or for the establishment, exercise or defence of legal claims.
- Right to not be subject to decisions based solely on automated processingWe do not carry out any automated processing, which may lead to an automated decision based on your personal data.
Invoking your rights
If you would like to invoke any of the above data subject rights with us, please write to us at Unit 7 Hurlands Business Centre, Hurlands Close, Farnham, Surrey, GU9 9JE addressing your letter for the attention of our Data Protection Administrator or email the same to office@rockchoir.com
Use of Cookies
The Rock Choir websites use “cookies” to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the web server that you have returned to a specific page. For example, if you personalize Rock Choir pages, or register with Rock Choir site or services, a cookie helps Rock Choir to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same Rock Choir website, the information you previously provided can be retrieved, so you can easily use the Rock Choir features that you customized.
You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Rock Choir services or websites you visit.
You can find more information on Rock Choirs’ Cookies Policy at www.rockchoir.com.
Security of your Personal Information
Rock Choir undertakes to protect your personal information from unauthorized access, use or disclosure. Rock Choir secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure
Changes to this Statement
Rock Choir will occasionally update this Statement of Privacy to reflect company and customer feedback and to meet the requirements as set out in law. Rock Choir encourages you to periodically review this Statement to be informed of how Rock Choir is protecting your information.
Contact Information
Rock Choir welcomes your comments regarding this Statement of Privacy. If you believe that Rock Choir has not adhered to this Statement, please contact us at office@rockchoir.com. We will use commercially reasonable efforts to promptly determine and remedy the problem.