Data Protection Statement
The Three Choirs Festival Association Ltd maintains an electronic database of contact details and ticket and donation history, stored with the consent of its patrons, for the duration of their relationship with the organisation. At the point of joining this database all customers will be asked for contact preferences which will be stored on their box office record. Patrons will only be contacted by the festival if it is their preference, information will not be shared with third party organisations without explicit consent, and all patrons can unsubscribe from communications at any point. An individual can request to see any or all of the information the festival holds about them at any time. These practices are in accordance with the guidelines of the General Data Protection Regulations ((EU) (2016/679)) and the Data Protection Act 2018. To see a full copy of our Data Protection Policy, please email firstname.lastname@example.org.
Brexit and Conducting Business with Customers in the EEA
From January 2021 onwards, following the end of Britain’s transition period for leaving the European Union, the Three Choirs Festival Association Ltd will commit to retaining its full compliance with GDPR (2018) regulations. TCFA will, in line with the following guidance from the ICO about organisations who are low risk, not be appointing a business representative in the EEA:
You do not need to appoint a representative if either:
• you are a public authority; or
• your processing is only occasional, of low risk to the data protection rights of individuals and does not involve the large-scale use of special category or criminal offence data.
Full details regarding the necessity to appoint EEA business representatives can be found at https://ico.org.uk/for-organisations/data-protection-at-the-end-of-the-transition-period/data-protection-at-the-end-of-the-transition-period/the-gdpr/european-representatives/.