City of Bradford Metropolitan District Council (CBMDC) is registered with the information Commissioners Office (ICO) under the provisions of the Data Protection Act 2018. The Council takes its responsibilities under the Act very seriously. This notice provides details of how Bradford Theatres collects and uses information about you. For more general information about how CBMDC uses your information, please refer to the general ‘Privacy Notice’ on CBMDC website here.
Bradford Theatres is run and managed by Bradford Council. There are 4 venues which sit under the Bradford Theatres umbrella:
- The Alhambra Theatre
- St George's Hall
- The Studio
- King's Hall and Winter Garden in Ilkley
What is this information?
You give us your information when you buy a ticket over the telephone or online from our website, sign up for one of our events, update your preferences on our website, or book a table in our restaurant. We also keep your details when you sign up to receive emails from us. Bradford Theatres may collect some or all of the following information about you:
- Telephone number(s)
- Email address
- Credit / Debit card details – if purchasing tickets
We use social media to broadcast messages and updates about events and news. On occasion, we may reply to comments or questions you make to us on social media platforms. You may also see adverts from us on social media that are tailored to your interests. Depending on your settings, or the privacy policies of social media and messaging services like Facebook or X (formerly known as Twitter), you might give third parties (like Bradford Theatres) permission to access information from those accounts or services.
This system automatically gathers certain usage information, such as the number and frequency of visitors. This collective data helps us determine how much visitors use specific parts of our site, so that we can improve it and make it as accessible as possible. This is done using Google Analytics.
If you visit our site just to read or download information, we will collect and store only the following information about your visit:
- The name of the domain from which you access the Internet, and the Internet Protocol (IP) address or host name, which does not usually identify a specific computer
- The date and time you access our site
- The pages you visit
- The Internet address of any website from which you linked directly to our site
- This information (web access logs) does not contain any personal data or private information, and we do not make any attempt to link the information in the logs with the individuals who actually visit our site. We collect web access log information for internal monitoring only.
Customer satisfaction survey
We are interested in the continuous improvement of our products and services and therefore survey our customers from time to time on their satisfaction. Participation in the survey is voluntary, and you decide whether, and if so, how often you participate. If you participate, we will use your data from the survey for internal quality assurance and improvement purposes only.
The information generated by the cookies will be transmitted to a Microsoft Clarity server (possibly in the USA) and stored in order to enable session recording and to generate so-called heat maps. We use Microsoft Clarity in the default settings, so that the data transmitted to Microsoft does not contain any sensitive input data such as names or addresses, to rule out any direct personal reference. Microsoft will use this information to evaluate your use of the website, to compile reports on website activities, and provide the website’s operator with further services related to website and internet usage, including profiling for advertising purposes. Microsoft may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Microsoft’s behalf.
You can find further information about Microsoft Clarity here.
The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a GDPR.
Who uses this information?
Bradford Theatres’ officers use this information. It may also be used by other third party organisations who bring visiting productions to our venues. See the section below on “Who are we likely to share this information with?”
What authority does CBMDC have to collect and use this information?
Under the General Data Protection Regulations, Bradford Theatres collects and uses this information under the following categories of lawfulness:
- Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract
- Processing is necessary with the consent of the data subject
- Processing is necessary for compliance with a legal obligation
- Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
In general, any information you provide will only be accessed by authorised employees of Bradford Theatres, part of the City of Bradford Metropolitan District Council. We will never share your personal data or private information outside of the Council without first obtaining your consent, unless we are required by law to disclose it.
What is ‘person identifiable data’?
The term ‘person identifiable data’ relates to any data that could potentially identify a specific individual. The following fields are classified as person identifiable:
- Address, including postcode
- Place and date of birth
- Credit or debit card payment
Any information about an individual that can be used directly, or in connection with other data, to identify, contact or locate that person.
Why do we use this information?
We aim to be clear when we collect your data and not to do anything you wouldn’t reasonably expect.
If you make a purchase or sign up for an event, we usually collect your name, contact details and your bank or credit card information (if making a transaction). Where it is appropriate (and you have the right to decline to give this information) we may also ask for your age, gender or ethnicity.
We use this data to provide you with the events, products, services or information you asked for, to ensure we know how you prefer to be contacted, and to understand how we can improve our communications or events.
When you register on our website, you can visit the ‘My Account’ section to choose whether you would like to receive marketing communications from Bradford Theatres by email or post. Once you have an account, you can manage your preferences at any time. We will not contact you for marketing purposes unless one of these boxes is ticked. We will include opt-out instructions in any marketing communications you receive from us.
Giving you control
With your consent, we will tell you about events, concerts, offers, priority booking and information about our site (e.g. updates on building works on site). Occasionally, we may include information in these communications from partner organisations or organisations who support us. We make it easy for you to tell us how you want to hear from us (by logging onto our website and updating your preferences in the 'My Account' section) or by telling our Box Office team over the phone or in person. You can opt-out from these marketing communications at any time - every email sent to you will tell you how to do this.
We do not sell personal details to third parties for any purpose. We will only share personal details for the purposes of marketing if you have given explicit consent for us to do this.
If you have opted-out of marketing communications, we may still get in touch with you. For example, we may email or phone you to give you important information about the events you’ve booked or to tell you about any changes (e.g. if a performance has been cancelled or postponed).
We will give you the opportunity to opt-out, at any time, from any marketing email and postal communications you receive from us.
Who are we likely to share this information with?
We may share anonymised personal information with other organisations, for example visiting production companies and/or Arts Council England or research agencies, who use this to analyse our audience development programmes and ticket sales to understand the impact of the investment made at Bradford Theatres.
All the events at Bradford Theatres are presented in partnership with other visiting companies, other artistic organisations and promoters. We will let them know about your booking and share your name and contact details with them, but they can’t contact you unless you select either the Email or Post option under ‘I would like to hear about events, news and offers from the artists or companies presenting the events I’ve booked’ as part of your booking online, at the Box Office or over the phone. We will not share sensitive information or your payment details.
If you would like us to stop sending your data to our partners, you can change your preferences in the 'My Account' section of our website. If we have already given your data to another company, we can’t remove you from their mailing list. To opt-in or out of marketing or other communications from another company, please get in touch with them direct. They should always provide instructions for opting-out in any marketing or other communications you receive. If you need help, please contact us via Get In Touch.
We will not otherwise share your personal information with third party organisations.
How do we keep this information secure?
Your information will be held and processed on Bradford Theatres’ systems or systems managed by suppliers on behalf of Bradford Theatres. We maintain a customer relationship management (CRM) system to hold contact details and a record of your interactions with Bradford Theatres such as ticket purchases, memberships, queries, complaints and attendance at special events. Where possible, we aim to keep a single record for each customer.
Your information is stored securely on a database with stringent access and use policies. We also undertake quality checks and monitoring to ensure the information we hold is accurate at the time and being used appropriately. The CRM system can only be accessed by people who need it to do their job. Certain data, for example some sensitive information, is additionally controlled and is only made visible to members of staff who have a reason to work with it. Any debit or credit card details that you might supply us for any payments are not retained by the Council and are not accessible by any Council employee.
We may need to disclose your details where it is necessary, lawful and fair to do so to the police, regulatory bodies or legal advisors. We will only ever share your data in other circumstances if we have your explicit and informed consent.
How long do we keep this information?
We will hold your personal information in line with Bradford Council’s retention schedule. At its expiry date the information will be reviewed, and only retained where there is an on-going requirement to retain for a statutory or legal purpose. Following this, your personal information will be securely destroyed.
Alternatively, a maximum of five years.
What are your rights?
Rights for individuals under UK GDPR
Please contact the Corporate Information Governance Team at email@example.com to exercise any of your rights, or if you have a complaint about why your information has been collected, how it has been used or how long we have kept it for.
You can contact our Data Protection Officer at firstname.lastname@example.org or write to: Data Protection Officer, City Hall, Centenary Square, Bradford, BD1 1HY.
The UK GDPR also gives you the right to lodge a complaint with the Information Commissioners Office who are the supervisory authority responsible to regulate and monitor the legislative obligations within the UK and can be contacted on 03031 231113.