Privacy/Data Protection Policy – Bretforton Silver Band
For the purpose of this policy ‘Bretforton Silver Band’ shall be interpreted as references to ‘we’, ‘our’ or ‘us’. Website users, service enquirers and band members shall be interpreted as references to ‘users’, ‘you’, or ‘your’.
Bretforton Silver Band has drawn up this privacy/data protection policy which tells you what to expect us to do with your personal data/information when you make contact with us, use one of our services or website, or take part in band operations, activities and communications.
Personal data implies to any information that can be used to identify a living individual.
Date completed/updated: 2nd May 2023
Our contact details
Contact Name: Bretforton Silver Band
Email: firstname.lastname@example.org (Band Secretary)
Personal information we collect
We collect and process the following information:
• Information you enter on our website or provide us through our website’s contact page, contact form, online shop, or via email, or via a messenger system such as Facebook messenger, Instagram direct message. This covers provided personal identifiable information (including name, contact details, enquiry details) and provided payment details.
• Information that you have provided within an engagement booking and contract form for one of our services, including personal identifiable information (name, contact details, commission details) and provided payment details.
• Information relating to the device and web browser that you use to access and use our website (including the Internet protocol (IP) address; computer and connection information; cookie identifiers; and online identifiers (username, account handles)).
Only necessary personal data will be collected.
How we collect the information and why we have it
Most of the personal information we collect and process is provided to us directly by you for one of the following reasons and via one of the methods:
You have made an enquiry to us. This may be through our website contact form, contacting us by telephone, or via email, or via a messenger system such as Facebook messenger, Instagram direct message.
You have booked a service/engagement. This may be through our website contact form, contacting us by telephone, or via email, or via a messenger system such as Facebook messenger, Instagram direct message.
You have completed a digital or physical engagement booking form and contract.
You have purchased a product/service. This may be through our online shop, or by telephone, or via email, or via a messenger system such as Facebook messenger, Instagram direct message.
You have been enrolled as a band member and require information regarding band operations, activities, and communications.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:
Your consent (you have given clear consent for us to process your personal data for a specific purpose. You are able to remove your consent at any time. You can do this by contacting band secretary, Laura Hunt – Email: email@example.com.
We have a contractual obligation (the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract).
We have a legal obligation (the processing is necessary for us to comply with the law).
What we do with the information we have
We will process personal information lawfully, fairly, and transparently.
We use the information that you have given us in order to carry out our obligation in relation to an engagement or service.
We will keep personal information confidential and will not disclose to any third parties or share, make use of material or information communicated for the purposes of the engagement/service, save as may be reasonably necessary to enable us to carry out our obligation in relation to the engagement or service (for example confirming client name when communicating to a venue).
When you access our website for the first time, we ask your consent to store cookies on your browser/device, via a cookie banner. At this time, you can manage individual cookie preferences by clicking the Settings option.
How we store your information
In relation to musical services and band operations, Laura Hunt (band secretary) is the person that manages, stores, and processes personal data for Bretforton Silver Band. When you booked a musical service you were asked to supply engagement information. The information collected is only stored in its original paper or digital form, and is stored either in a physical file, computer, external hard drive/s in a locked location at Laura Hunt’s residence. This information is only accessed by Laura Hunt and transported when attending the commission or pre or prior engagement meetings.
Information is not stored longer than necessary for the purpose of its use. In the case of personal details, information will be destroyed within one month of engagement completion (receipt of images/goods) and balance competed. Set personal data will be kept for longer periods for legal tax requirements/reasons (for example client name, payment details). We will then dispose your information by deleting data and/or shredding original paper/forms.
In relation to our website visitors' personal information, our website is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
Wix can store site-visitors' data in a number of locations, including data centers located in the United States of America, Ireland, South Korea, Taiwan and Israel. Wix may use other jurisdictions as necessary for the proper delivery of their services and/or as may be required by law. The processing of the User Customer Data may take place within the territory of the European Union, Israel or a third country, territory, or one or more specified sectors within that third country, of which, the European Commission has decided that it ensures an adequate level of protection (transfer on the basis of an adequacy decision).
All direct payment gateways offered by Wix.com and used by us adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
If you send us a private or direct message via social media or through a messenger system (such as Facebook messenger, Instagram direct message) each social media platform/messenger system will collect and store personal information that you have sent to us via the platform/messenger system. We see all this information and decide how we manage it. For example, if you send a message via social media that needs a response from us, we will process it as an enquiry/communication. We use each platform for the purpose of managing and responding to an enquiry or ongoing communication. When contacting us through a social media platform/ messenger system, we suggest you also familiarise yourself with the privacy information of that platform/ messenger system.
Our email mailbox (the band secretary’s email address) is hosted by Hotmail/Outlook (www.outlook.com). If you send us an email, Hotmail/Outlook will collect, process and store personal information. We see emails that you have sent to our email address and decide how we manage them. For example, if you send an email that needs a response from us, we will process it as an enquiry/communication. We use Hotmail/Outlook as a service provider for emailing, for the purpose of managing and responding to an enquiry or ongoing communication. We encourage you to view and read their privacy notices regarding how they collect, process and store personal information (www.outlook.com). We’ll also monitor any emails sent to us, including file attachments, for viruses or malicious software. You must ensure that any email you send is within the bounds of the law.
An email, message via social media platform/messenger system will not be stored longer than necessary for the purpose of its use. In the case of personal details, information will be destroyed within one month of engagement completion (receipt of images/goods) and balance competed. Set personal data will be kept for longer periods for legal tax requirements/reasons (for example payment confirmation details, invoice). We will dispose of your information by deleting data.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact band secretary, Laura Hunt (Email: firstname.lastname@example.org) if you wish to make a request.
How to complain
We work to high standards when it comes to processing your personal information. If you have any concerns about our use of your personal information, you can make a complaint to us via email or using the address below:
Laura Hunt (Band secretary)
Bretforton Silver Band
School Lane, Bretforton,
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk