PRIVACY NOTICE

Sheffield Oratorio Chorus (SOC) is committed to protecting the personal data collected from you in line with Data Protection law and the General Data Protection Regulations (GDPR) 

The data we collect:
SOC collects personal data to help us plan, organise and run day-to-day operations and to keep you informed about SOC activities. We collect data from: SOC members, employees, volunteers, sessional musicians performing on behalf of SOC. We also hold data gathered via online ticket sales and interested parties for example mail group members and patrons.

When joining SOC and during your membership, we will ask you to provide the following information:

  • Name

  • Email address

  • Phone number

  • Address

  • Emergency contact details

  • Gift Aid Declarations

  • Bank details 

Sessional musicians and volunteers may be asked to provide some or all of this information to manage the work provided for us, e.g. arranging concert and rehearsal schedules or paying expenses or invoices. 

We will occasionally take photographs of members and musicians for publicity purposes but will only do so with explicit consent. Photographs are subject to the same laws and protection as all other personal data. 

Mailing List Subscribers, Senior Members Group, Patrons

We will contact you if you have expressed an interest in our activities and to share information about the events and activities we organise. In these circumstances we will use your name and email address to send you information about our events and activities, for example forthcoming concerts, social events, fundraising activities.

We will only send you information that is related to Sheffield Oratorio Chorus and will not use your data to send you messages from third parties.

Anything we send you will include a clear option to withdraw your consent (e.g. to ‘unsubscribe’ or ‘opt out’ of future emails) and you can also do so at any time by contacting  admin@sheffieldoratorio.org.uk 

Data sharing

We will never share your personal data with third parties for purposes unrelated to SOC activities and objectives. 

We do use third party services to provide ticketing services and to support management of our mailing list and website but only with countries who are compliant with requirements of the GDPR for the service they provide to SOC.

Sensitive Personal Data (Special Category Data)

We may rarely need to collect more sensitive data (eg relevant medical or DBS information) for administration or for legal/regulatory reasons, for example during employment processes. Where this is the case, we will explain what this is for at the point of collection.

We will never share sensitive data without your consent except for example in a medical emergency.

How long will we keep your data?

We will retain your data as long as we have legitimate reason to keep it, ie as long as your relationship with SOC continues. Our policy is to review all information held on individuals for administrative purposes every three years and remove it where we no longer have a legitimate reason to keep it.

In keeping with good accounting practice, data relating to finance will be kept securely on the SOC finance system for seven years after your final transaction, or after your relationship with SOC ends, after which it will normally be deleted.

Your Rights

Under the current data protection law and regulations, you have the following rights relating to your data and its use:

·         The right to be informed about what data we are collecting and how we will use it

·         The right of access – you can ask to see the data we hold about you

·         The right to rectification – you can ask that we update or correct your data

·         The right to object – you can ask that we stop using your data

·         The right to erasure – you can ask us to delete the data we hold about you

·         The right to restrict processing – you can ask that we temporarily stop using your data while the reasons for its use or its accuracy are investigated  

You can contact us to update or correct the data we hold, or if you wish to submit a query, complaint or concern relating to the handling of your data:
By email:  admin@sheffieldoratorio.org.uk  

We will acknowledge your message in no more than 30 days and respond fully without undue delay.  

If you submit a request for the information we hold about you, ie a Subject Access Request, we will respond within one month and in accordance with GDPR requirements. 

If you are not satisfied with our response you have the right to submit a complaint to the ICO via their website or helpline: 0303 12231113 

Use of Cookies

‘Cookies’ are small anonymous text files that are stored by the browser (for example, Internet Explorer, Google Chrome, Safari or Firefox) on your computer or electronic device. They allow websites to ‘remember’ you for a period of time so that they can store things like user preferences and make the website quicker and easier for you to use. 

SOC uses cookies on the website to allow tracking of how many individual users we have, and how often they visit the site. We use them to gather statistics, for example, the number of visits to a page, to help us identify if visitors would benefit from more information on a particular area. Please note that any data collected are fully anonymous, e.g. number of visits to a particular page. 

We will ask for your agreement to our use of cookies when you access our website.

It is normally possible for you to switch off cookies but be aware this may prevent some aspects of our website from working fully for you.

You can find out more about cookies and their use from www.allaboutcookies.org

 Legal basis for how we process your data

In accordance with data protection law, the legal basis for the data processing we carry out has been assessed by the SOC Committee (our board of trustees) to be ‘legitimate interest’. In a small number of occasions ‘consent’ will be the legitimate basis, eg when processing more sensitive data.