NYCGB is committed to protecting your data and upholding your privacy. This information outlines what we information we collect and how we store and process it, in accordance with the General Data Protection Regulation 2018 and the Privacy and Electronic Communications Regulations 2003.


Who we are

The National Youth Choirs of Great Britain (NYCGB) is an independent charity registered in England and Wales (number 515660), and a company limited by guarantee registered in England and Wales (number 0180803). Our Data Protection Officer is our Chief Executive. Our ICO registration number is: ZA206721

How to contact us

If you would like to make an enquiry about data protection, update the information we hold about you, request or opt out of receiving marketing communications from us, or change the way we process your information, you can contact us in the following ways:

  • Write to us: Data Protection, NYCGB, Rivergreen Centre, Aykley Heads, Durham, DH1 5TS
  • Email us: [email protected]
  • Call us: 0191 383 7355

If you would like to make a request to access the information we hold about you, (see Your Rights at the end of this document), or to make a complaint about how your personal information has been used, please write to us at the postal or email addresses above.

Alternatively, you are entitled to raise a concern to the Information Commissioner’s Office (ICO) without first referring your complaint to us.


Information we collect

We collect and process the following data:

  • Information that you provide us in order to register membership of or book an audition with NYCGB, buy a concert ticket, or sign up to an event, whether that is done online, by phone, email or post, which we need in order to effectively provide our products and services to you;
  • Information about your engagement with NYCGB, including membership records, event attendance, purchase and donation history;
  • Information that you provide us with in order to sign up to receive information from us about our activities, via the ‘Sign Up’ page on our website or in person at events, this includes information about your communication preferences;
  • Records of communication, whether in electronic or hard copy format, which may include general correspondence, purchase history, contact notes about your involvement with NYCGB and responses to any surveys or questions we ask you;
  • Digital information such as photographic and video recordings of events, and media consent records where relevant;
  • Credit or debit card details. Whenever you make a one-off purchase from our website, including purchases from our shop and one-off donations and fundraising activity, your transaction is processed by Stripe. Whenever you make a payment for a course or audition, your transaction is processed by Barclays. Our staff can access the transaction information, for example to provide you with a refund, but do not have access to your full credit card details, which are held securely by Stripe. You can review Stripe’s privacy policy here and Barclays privacy policy here;
  • Bank account details. Whenever you make a donation to us by Direct Debit via our website, your transaction is processed by GoCardless. Our staff can access the transaction, for example to cancel your Direct Debit, but do not have access to your full bank account details, which are held securely by GoCardless. You can review GoCardless’s privacy policy here;
  • Information from third parties through data-sharing agreements, where you have given consent for your information to be passed to us from a partner organisation;
  • Information about you that is available from other sources including information in the public domain. More detail on this is included in the ‘How we might use your information’ section below.

How much of this information we collect depends on the type of relationship you have and what we record in the course of your relationship with us.


How we might use your information

  1. If you are a participant in any of our activities, a parent of a participant, or a former member of our choirs

A. We will use your information to provide you with services that you have requested

Booking an audition, course or other activity

When you book a place to take part in an NYCGB activity, we will take information about the participant including name, contact information, date of birth, educational and musical background, to process the booking. We will also take contact and payment information for the person managing the booking, which may be the participant if they are over 18 or the parent or guardian for children.

We process this data to plan and deliver the activity you have booked and to undertake any follow up action required (e.g. confirming a place, issuing receipts etc).

For bookings on courses or activities we may need to process other information, such as medical information (see Sensitive Information below), dietary requirements, or other information to ensure the smooth running of the activity.

Managing Membership

We maintain records of current choir members and their participation in NYCGB activities. As well as personal information such as name, contact details and date of birth, we also collect other information to ensure we can plan and deliver activities effectively and provide appropriate services to our membership. This may include information about an individual’s education, musical history, voice part and choir allocation, as well as feedback from staff on their musical performance on NYCGB courses, and any pastoral issues.

Full member records are kept for the duration of membership and are updated as a member progresses through the organisation. When a member leaves NYCGB and becomes an Alumnus, a basic record of their contact details and choir participation is kept (see Managing NYCGB Alumni records, below). Funding requirements and financial regulations require that we keep information about participation and payments for seven years.

Managing financial assistance applications

When an individual makes an application for financial assistance to support the cost of taking part in an NYCGB activity, we ask applicants to supply information about both the member and their parents’ financial circumstances. This is used to assess whether an award will be made and the value of any award. Applications are kept while an assessment is made, and destroyed once they are no longer needed, normally by the end of the membership year that they relate to.

Managing NYCGB Alumni records and keeping in contact

When a member leaves NYCGB they become an Alumnus, and we retain basic information about their historic membership and their contact details. Alumni often wish to keep in touch with the organisation, and we wish to secure their ongoing support. When you become an Alumnus, we will seek your consent to continue to keep in touch about Alumni activities and events, and to share relevant marketing and fundraising communications with you.

Children’s information and Safeguarding

We process information about participants who are under the age of 18 in order to conduct or supply the services for which you have registered. We only process this information with the consent of a parent or guardian, and require them to be the primary contact for provision of services to their child.

We take our safeguarding responsibilities seriously. In the course of discharging these responsibilities we may collect and store personal information about children who are participants in our activities, where a child protection concern has been raised. In certain circumstances, we may be required to share this information with the relevant safeguarding authorities without the consent of the individual child or responsible adult. In accordance with our safeguarding policy, we will keep securely records of any child protection issues for twenty five years. 

Sensitive information

As part of our activity planning processes, we may ask you for sensitive information about any medical needs you may have. This information is required to ensure that we can provide access to our activities, and to make sure that participants are safeguarded while in our care. By supplying us with this information you are giving your consent for us to process it for this purpose.

As with all personal information we hold, sensitive information is held securely and restricted to those who need to use it. We will delete sensitive information when we no longer need it.

B. We may use your information to contact you about things we think may interest you

Sharing marketing materials with you

As a customer, member or former member (alumnus/alumna) of NYCGB, we may wish to tell you about changes in our services, or new services, events, offers and opportunities to support us that we think you will find of interest. If you wish to opt-out of receiving such communications you may do so at any time by contacting us using the details in the ‘Contact Us’ section above.

C. We will use your information to understand and report on how we are performing against our objectives

Collecting feedback

We undertake research to help us understand the impact of our work as an arts charity, and how we can improve our services or information. We may use third party services as a tool to collect and analyse this information.

Reporting to funding bodies

We use the data collected to create reports on our performance to Trustees, stakeholders and funders. Information used in such reports is anonymised, and if we wish to attribute feedback, we will contact you to obtain your permission to do this. 

  1. If you book to attend an event or make a purchase from us

 A. We will use your information to provide you with the goods or services you have requested from us.

Processing your booking or purchase

When you make a ticket booking with, or any other purchase from NYCGB, we will collect the information we need, including contact and payment information and details of the purchase. This enables us to process the transaction and provide you with tickets or other merchandise.

If you are making a purchase via our website, you will create a user profile, which will enable us to process any future transactions more easily.

We may contact you to provide you with further information about your event or if there have been important changes to your booking.

B. We may use your information to contact you about things we think may interest you

Sharing marketing materials with you

As a customer of NYCGB, we may wish to tell you about changes in our services, or new services, events, offers and opportunities to support us that we think you will find of interest. If you wish to opt-out of receiving such communications you may do so at any time by contacting us using the details in the ‘Contact Us’ section above.

Data Sharing

As part of our funding agreement with Arts Council England, we are required to offer partner cultural organisations the opportunity to enter into a data sharing agreement with us. If you have booked a ticket for a performance or event through us, and if you have given your consent to do so during the booking process, we may pass on your contact information to the host venue for that performance or event if we have a data sharing agreement in place with them. Data will be shared so that the partner organisation can contact you as a one-off to ask you if you would like to consent to receive further communications from them in the future. 

  1. If you are a supporter who receives marketing materials or makes donations, or someone we think might be a potential supporter

A. We may use your information for administration purposes

Processing your donation

When you make a donation to NYCGB, we will use your payment and contact details, payment amount, date and time of payment, to process that payment and take any follow-up administrative action needed (for example sending a receipt or acknowledgement).

We will also ask you for your address and UK taxpayer status as if you choose to include Gift Aid with a donation to us, this information is required by law. This information is needed for us to fulfil our obligations under tax and charity law (sections 413 to 430 Income Tax Act 2007). Information associated with Gift Aid declarations must be retained for 7 years. This information will be shared with HMRC for tax regulation purposes and may also be shared with the Fundraising Regulator and the Charity Commission in the event of an enquiry or investigation.

Requesting information if you are attending our events

If you participate in an event that we have organised, we may ask you to provide information to make sure we can manage the event safely and efficiently. We may also ask you for details of any accessibility need which you may have, so that we ensure our event is inclusive, in line with the provisions of the Equality Act 2010.

If you participate in an event organised by an external party or make a donation through a processor like JustGiving, then your information may be passed on to us by the processor. We would only use is for marketing purposes if you have given your consent for this.

B. We may use your information to invite you to become involved with us in new ways, raise funds and grow our supporter base.

Sharing marketing and fundraising materials with you

Marketing and fundraising materials that we might share with you include information about our activities and their impact, our news, events and fundraising appeals, and other ways you can become involved with us.

Where you have provided your postal address or telephone number, we may send this information to you by post or by calling your telephone unless you have asked us not to. We may also email you this information or send by SMS or other electronic means if you have agreed for us to do so.

You can let us know at any time if you would prefer to change how we share this information with you, or stop it altogether. Simply use the details we have provided in the ‘Contacting us’ section to let us know your preferences. If you received our e-newsletters or other email marketing communications, you can also use the unsubscribe link in the emails we send.

We will keep your personal information for no longer than is necessary for the purposes for which it is processed (in accordance with our internal policies / retention policy). If you ask us not to contact you, we will keep some basic information about you on our CRM system in order to avoid sending you unwanted communications in the future.

Targeting our communications and researching our supporters

We have a duty to make sure that we are using our resources effectively, and doing research and analysis helps inform our decisions. We want to send the most effective messages that we can, in the most efficient way possible. In order to work out who to contact, what to say and when to get in touch, we carry out the following activities:

  • Analysing our parent, alumni and supporter information to send different communications to people who might choose to become supporters or give higher donations – we undertake in-house research and may engage other specialist organisations to help us identify people who may be able to support us with a larger gift, using information you have given us and publicly available records such as the electoral roll, Companies House records and Who’s Who publications. We may also collect information on your interests, for example board memberships, hobbies or articles about you in newspapers or magazines. We use this information to tailor our communications with you and invite potential supporters to meetings, groups and events which may be of interest to them.
  • Analysing how emails are opened or read – we track emails which we have sent to you to see which messages have the highest response rates and whether there are messages that resonate with particular groups of people. We do this by logging whether emails we send have been opened, deleted, and interacted with (for example, by clicking on links within the emails). Although we only use this information to look for general patterns, it is still personal information because it is linked to your email address.

When might we add information to your record that you may not have given to us directly?

We may also add information or update your record with us, from publicly available sources. This may include your telephone number, address related information, or the information mentioned in the section above. We use this information to tailor our communications with you and send you more appropriate information.

These activities form a vital part of keeping support for our work going. You can request more information on these activities, or change your preferences, by using the information in the How to contact us section at the top of this notice.

It should be noted that none of the activities described in this section are undertaken in relation to people under the age of 18.   

  1. If you have visited our websites

A. We collect and use information about how people are using our websites.  

Using cookies to personalise and improve your experience

When you use our website, our ISP may collect and store information about you, such as your IP address, which internet browser you’re using, geographical location and how you use our website. This information is not linked to any personal details and cannot identify you. Our website does this using cookies, which remember your preferences and help us to personalize our website for you and the browser that you’re using. If you would prefer not to accept cookies, you may wish to change the settings in your internet browser so that they are refused. This should not affect your experience of using our website.

Analysing visitor behaviour

When you use our website, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns, to find out things such as the number of visitors to various parts of the site. This information is never personally identifiable. If this changes in the future, this policy will be updated and you will be informed of that change, and given the option to opt-out of any such collection.

5. Other uses of information

Responding to enquiries

If you contact us with a question, comment, compliment or complaint then we may keep a record of this correspondence and any associated documents so that we have the information available in the event of an enquiry or investigation.

Marketing and Promotion

We may use personal data to help support NYCGB’s marketing and promotional activities, for example using case studies, photographs, or in preparing statistics about participation. We will never use data in this way that enables individuals to be identified without your consent.

Segmentation

We undertake analysis of personal information such as audience and participant postcodes to better understand our reach and impact, and to ensure our communications are relevant and timely. Anonymised information which is not personally identifiable is shared with The Audience Agency as part of our funding agreement with Arts Council England. They collate information from arts organisations nationally to analyse trends in arts engagement and attendance. Their Privacy Policy can be viewed here.

Notifying you of changes to policies

If we make significant changes to our policies which may affect you, we will use your contact details to inform you of the changes.


Third Parties

We will not share any of your personal details with any other third parties without your agreement, unless required in order to fulfil our contract with you, or allowed by law.

In general the third party providers used by us to fulfil our contract with you will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us. Any such providers are acting on our behalf, but we retain full responsibility for your data. These providers currently include, but are not limited to:

  • Customer Relationship Management (CRM) system provider: Access ThankQ
  • Software providers: Office365
  • Cloud storage: Dropbox
  • Email distribution service: MailChimp
  • Online survey service: SurveyMonkey
  • IT support services: TranscendIT
  • HR support services: HR2Day

We are rigorous in our choice of supplier and only work with those that themselves take data protection seriously.  

Sometimes, the information that we send to you may contain links to other websites. Please note that these websites will have their own privacy policies and you should review these before supplying any data.


What we don’t do

We will not use your data for anything other than the purpose for which it was supplied to us, unless the new purpose is considered to be similar, or in the legitimate interests of NYCGB.

We do not trade personal data for commercial purposes. However, we reserve the right to do so in the future, so if you’d prefer that we didn’t do this, please let us know. If you do not let us know at the time of registration, you can later request that we don’t pass on your data to any other companies for marketing purposes by contacting us.

The exceptions to this are:

  • If NYCGB were to be acquired by a third party, who would then be responsible for the information.
  • If we were legally obliged to do so, for example by the police.
  • If it was necessary to do so in order to ensure compliance with any financial agreement into which you have entered with NYCGB.
  • If it was necessary to protect our staff, members or other persons.

How we store your data and keep it safe

NYCGB takes the care of your information seriously, and protects your personal information in a range of ways, including secure servers, virus protection software, firewalls, password protection and encryption. We follow payment card industry (PCI) security compliance requirements when processing credit and debit card payments.

No system is 100% secure. However, we take every care to ensure the security of your data with robust procedures, up to date technology and software, and staff training to prevent security breaches. We operate a policy of restricted, password controlled access to any of your information which is stored on our systems.

We destroy information in a secure way once it is no longer needed.


Transfer of personal information outside of the EEA

Occasionally, when we use third party tools such as those mentioned above, your data may be collected and stored outside the EEA, which, by submitting your data, you agree to. We will ensure that any third-party tools we use comply with the EU-US Privacy Shield framework, which ensures EU-level data protection.

NYCGB may, on occasion, undertake membership activities outside of the UK (for example international tours). In order to manage these activities, we may need to share information about participants with organisations outside of the EEA. This may include providing personal information to secure accommodation or visas, for example. We will secure specific consent for sharing information in this way as part of the booking process for these activities.


Your rights

How to request copies of all of the information we hold about you, otherwise known as a Subject Access request

You have the right to ask for a copy of all of the information related to you that we are processing. You can request this in writing via email or post, using the How to contsct us section at the top of this page.

For members, most of the computerised information that we hold is already accessible to you at any time via the website login you receive when you register with us. You are required to keep your login details confidential.

How to ask us to amend or delete your information

If your information is incorrect, out of date, or if there is no longer justification for us to hold it, you can ask for it to be updated, removed, or withdraw consent for its use. Members may also correct inaccurate information via the member website login, and we ask that you check regularly and keep this information up to date.

Our legal basis for contacting you and using your personal information

When you book to take part in an activity, join NYCGB as a member, or make a purchase from us, our legal basis for processing your data is to fulfil the contract we have with you to provide you with the specified goods or services you have requested for yourself or on behalf of a member.

When you sign up to a newsletter or opt-in to our communications using our forms (e.g. a donation form or an online form) or in person, then you are giving us your consent to send you marketing and fundraising materials by the methods you have chosen (e.g. email or phone call), We will never send you marketing by electronic means without your consent, and you can withdraw your consent at any time.

If you have provided us with your postal or telephone contact details, but haven’t specifically opted in to receive our communications (for example making a donation via post, or requesting a service), then we will carry out an assessment of whether it would be fair and reasonable to use them to send marketing and fundraising information to you without your explicit consent (i.e. it is in the interests of our aims as a charity and will not cause undue prejudice to you). This is called a “Legitimate Interests Assessment”. You can opt out of our marketing and fundraising communications at any time if you don’t want to receive them.

We will ensure that we have a legal basis to use your personal information for the other purposes mentioned in this policy. Usually this will be because:

  • we have an obligation to fulfil a contract;
  • we have your consent to do so;
  • we have undertaken a legitimate interests assessment;
  • it is necessary to comply with a legal obligation.

You can find out more about your data protection rights on the Information Commissioner’s Office (ICO) website, here.


Changes

If we make any changes to this privacy policy, you will be notified by email, and the updated policy will appear on this page of our website.


Queries

If you have any queries regarding this policy, please feel free to contact us. See How to contact us at the top of this page.


Date of this policy

This policy was last updated on 26 June 2018.