Privacy Policy
Your privacy is very important to us. Accordingly, we have developed this policy in order for you to understand how we collect, use, communicate and disclose and make use of personal information. The following outlines our privacy policy.
- Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
- We will collect and use personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
- We will only retain personal information as long as necessary for the fulfilment of those purposes.
- We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
- Personal data should be relevant to the purposes for which it is to be used and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
- We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
- We will make readily available to customers information about our policies and practices relating to the management of personal information.
We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained
Who we are
Suggested text: Our website address is: https://beckfordstower.org.uk/
Cookies
Like most websites this website use ‘cookies’. These are small data files which are stored on your device in order to improve the functionality and management of the site.
Below is an explanation of the cookies we use on this site and elsewhere, and how we manage this information. As these cookies are commonly used across the web, we recommend disabling cookies in your browser if you do not wish them to be installed on your device.
Google Analytics
We use Google Analytics to record anonymised data about how this website is used. This enables us to measure how many people use the website, how they reach the site, and what pages they visit.
This information helps us improve the website by understanding how people use it, and also enables us to report to funders about how well the site is performing.
Google Analytics does not allow us to view individual user details; it only enables us to analyse patterns of behaviour across multiple users. It collects users’ IP addresses, but solely for the purpose of analysing where in the world people are using this site.
WordPress
This website is built with WordPress. This relies on cookies for basic management tasks, such as identifying whether a user is logged into the website.
The Cookie Consent plugin uses cookies to identify whether a user has seen the pop-up notification.
WooCommerce
Our shop facility uses WooCommerce
We collect information about you during the checkout process on our store.
What we collect and store
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of basket contents while you’re browsing our site.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for six years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
What we share with others
We share information with third parties who help us provide our orders and store services to you; for example Tickettailor and Square.
Tickettailor
Introduction
This policy sets out how we collect, process and hold your personal data if you visit our event ticket shop or otherwise provide personal data to us. We are Bath Preservation Society of www.bath-preservation-trust.org.uk. We are the data controller of your personal data.
This policy affects your legal rights and obligations so please read it carefully. If you have any questions, please contact us at [email protected].
Personal data we collect
We collect, process, store and use personal data when you book a ticket and buy any of our associated products and services to an event including your name, address and email address together with payment information. We may also collect personal data that you give to us about other people if you register them to attend an event. You agree that you have notified any other person whose personal data that you provide to us of this privacy notice and, where necessary, obtained their consent so that we can lawfully process their personal data in accordance with this policy.
All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraud, we will record this.
You do not need to provide us with any personal data to view our event ticket shop. However, we may still collect the information set under the Data we automatically collect section of this policy, and marketing communications in accordance with the Marketing Communications section of this policy.
When you contact us by email or post, we may keep a record of the correspondence and we may also record any telephone call we have with you.
Data we automatically collect
When you visit our event ticket shop, we, or third parties on our behalf, automatically collect and store information about your device and your activities. This information could include (a) your computer or other device’s unique ID number; (b) technical information about your device such as type of device, web browser or operating system; (c) your preferences and settings such as time zone and language; and (d) statistical data about your browsing actions and patterns. We collect this information using cookies in accordance with the Cookie section of this policy and we use the information we collect on an anonymous basis to improve our event ticket shop, our events and the products and services we provide, and for analytical and research purposes.
Marketing Communications
If you opt in to receive marketing communications from us you consent to the processing of your data to send you such communications, which may include newsletters, blog posts, surveys and information about new events. We retain a record of your consent.
You can choose to no longer receive marketing communications by contacting us at [email protected] or clicking unsubscribe from a marketing email. If you do unsubscribe to marketing communications, it may take up to 5 business days for your new preferences to take effect. We shall therefore retain your personal data in our records for marketing purposes until you notify us that you no longer wish to receive marketing emails from us.
Lawful processing of your personal data
We will use your personal data in order to comply with our contractual obligation to supply to you your tickets to an event and any associated products and services, including to contact you with any information relating to the event or your purchases, to deliver the event and your purchases to you in accordance with any requests you make and that we agree to, and to deal with any questions, comments or complaints you have in relation to the event or your purchases.
We may also use your personal data for our legitimate interests, including dealing with any customer services you require, enforcing the terms of any other agreement between us, for regulatory and legal purposes (for example anti-money laundering), for audit purposes and to contact you about changes to this policy.
Who do we share your data with?
We may share your personal data with any service providers, sub-contractors and agents that we may appoint to perform functions on our behalf and in accordance with our instructions, including payment providers, event ticketing providers, email communication providers, IT service providers, accountants, auditors and lawyers.
Under certain circumstances we may have to disclose your personal data under applicable laws and/or regulations, for example, as part of anti-money laundering processes or protect a third party’s rights, property, or safety.
We may also share your personal data in connection with, or during negotiations of, any merger, sale of assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
Where we hold and process your personal data
Some or all of your personal data may be stored or transferred outside of the UK and the European Union (the EU) for any reason, including for example, if our email server is located in a country outside the UK or EU or if any of our service providers or their servers are based outside of the UK or EU. We shall only transfer your personal data to organisations that have provided adequate safeguards in respect of your personal data.
Cookies
A cookie is a small text file containing a unique identification number that is transferred (through your browser) from a website to the hard drive of your computer. The cookie identifies your browser but will not let a website know your name and/or address. These files are then used by websites to identify when users revisit that website.
Our event ticket shop uses cookies so that we can recognise you when you return and personalise your settings and preferences. Most browsers are initially set up to accept cookies. You can change your browser settings either to notify you when you have received a cookie, or to refuse to accept cookies. Please note that our event ticket shop may not operate efficiently if you refuse to accept cookies.
We also use Google Analytics to monitor how the event ticket shop is used. Google Analytics collects information anonymously and generates reports detailing information such as the number of visits to the event ticket shop, where visitors generally came from, how long they stayed on the event ticket shop, and which pages they visited. Google Analytics places several persistent cookies on your computer’s hard drive. If you do not agree to this you can disable persistent cookies in your browser. This will prevent Google Analytics from logging your visits.
Security
We shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. All information you provide to us is stored on our secure servers. Any payment transactions are encrypted using SSL technology.
Where we have given, or you have chosen a password, you are responsible for keeping this password confidential.
However, you acknowledge that no system can be completely secure. Therefore, although we take these steps to secure your personal data, we do not promise that your personal data will always remain completely secure.
Your rights
You have the right to obtain from us a copy of the personal data that we hold for you, and to require us to correct errors in the personal data if it is inaccurate or incomplete. You also have the right at any time to require that we delete your personal data. To exercise these rights, or any other rights you may have under applicable laws, please contact us at [email protected].
Please note, we reserve the right to charge an administrative fee if your request is manifestly unfounded or excessive.
If you have any complaints in relation to this policy or otherwise in relation to our processing of your personal data, you should contact the UK supervisory authority: the Information Commissioner, see www.ico.org.uk.
Our event ticket shop may contain links to other sites of interest. Once you have used these links to leave our event ticket shop, you should note that we do not have any control over that other site. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this policy. You should exercise caution and look at the privacy policy applicable to the site in question.
Retention
If you register with us, we shall retain your personal data until you close your account.
If you receive marketing communications from us, we shall retain your personal data until you opt out of receiving such communications.
If you have otherwise booked a ticket or associated products and services with us or contacted us with a question or comment, we shall retain your personal data for 6 years following such contact to respond to any further queries you might have.
General
If any provision of this policy is held by a court of competent jurisdiction to be invalid or unenforceable, then such provision shall be construed, as nearly as possible, to reflect the intentions of the parties and all other provisions shall remain in full force and effect.
This policy shall be governed by and construed in accordance with the law of England and Wales, and you agree to submit to the exclusive jurisdiction of the English Courts.
We may change the terms of this policy from time to time. You are responsible for regularly reviewing this policy so that you are aware of any changes to it. If you continue to use our event ticket shop after the time we state the changes will take effect, you will have accepted the changes.
Payments – Square
We use Square payments, please refer to Square’s privacy policy
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Who we share your data with
We use the personal information you provide us to ensure that any services or information you have requested can be fulfilled.
We do not share your personal information with anyone.
If you asked to receive more information about our activities and news, we will use the personal contact information you provided to stay in touch with you.
How long we retain your data
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Data protection laws provide you with the following rights to:
- request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
- request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
- request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; and
- request a copy of your personal information which you have provided to us, in a structured, commonly used and machine-readable format and the right to transfer it, or to require us to transfer it directly, to another controller; and
- You also have the right to object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- You will not have to pay a fee to access your personal information (or to exercise any of the other rights above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
- We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
- Where we rely on your consent to process your personal data, for example if we need your consent to send you any direct marketing, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us using any of the details set out below in the “Contacting Us” section. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
- If you are unhappy about how your personal data has been used please refer to our complaints policy. You also have a right to complain to the supervisory authority, which in the United Kingdom is the Information Commissioner’s Office https://ico.org.uk/, which regulates the processing of personal data.
How we protect your data
Your data is secured by encryption, firewalls and Secure Socket Layer (SSL) technology. This is industry standard encryption technology which manages the security of messages transmitted across the internet. When we receive your data, we store it on secure servers which can only be accessed by the web developer Surface Impression.
What data breach procedures we have in place
Data breaches are rare but in the case of this happening they will pinpoint the exact details of the breach including the time, where it happened on the system, the cause of the breach, and the extent of the damage.
Additional security measures are monitored by the hosting provider.