What is this guide for?
Whenever we need to collect any of your data, we will let you at that point why we need to do so and what it will be used for, but this guide provides a useful overview of all of those situations and provides more detail on how we keep your data secure and up to date, how long we might hold it for, and what your rights are in relation to it.
Buzzy Bees Music is committed to protecting your personal data and will use any personal or sensitive data we collect from you in line with the General Data Protection Regulations (GDPR).
Who’s responsible for data the group collects?
Buzzy Bees Music is a Data Controller under the GDPR. Buzzy Bees Music’s Data Protection Officer is the owner, who can be reached via our Contact Us page.
What data do we collect and what do we use it for?
Buzzy Bees Music collects data from individuals to help us plan, organise and run the day-to-day operations of the group (e.g. co-ordinating classes or collecting subscription payments) and to promote and market the group’s activities (e.g. marketing mailing lists and photography/video capture).
Class Attendees: for administering classes
When you join Buzzy Bees Music classes, or during your membership with us, we may need to collect some of the following information on you and the child you care for:
This data will be used by Buzzy Bees Music to manage your membership with us and to organise and run our activities.
If you give us your consent to do so, we may also use your contact details to send you marketing/promotional communications from Buzzy Bees Music.
Any marketing/promotional communication we send you will include a clear option to withdraw your consent (e.g. to ‘opt out’ of future emails) and you can also withdraw consent at any point by contacting the Data Protection Officer using the Contact Us form.
Events: for running events (e.g. children’s party or nursery/playgroup booking)
When you arrange an event with us, we need to collect data on the person booking (name, email, contact telephone number and postal address) in order to successfully arrange the event and ensure we can invoice you. In the case of children’s parties, we will also ask for the name(s) of the children the party is for, as well as their age. This data will only be used for administering the event for which you have booked and will not be used to send you marketing/promotional messages from the group unless you have also provided your consent to receive these (see below).
Employees and contractors: for administration and legal/regulatory purposes
We may need (for administration or for legal/regulatory reasons) to collect personal or sensitive data on employees or contractors of the group. Where this is the case, we will explain what this is for at the point of collection.
Mailing list subscribers: for marketing and promotion
We offer everybody the opportunity to sign up (consent) to receive marketing and promotional information on the group’s activities (e.g. emails about forthcoming events).
When you sign-up to our marketing mailing list we will ask for your name, email and/or address and will use this data to send you information about our events and activities (e.g. forthcoming performances, social events and fundraising events). We may also ask for your preferred topics and communication methods. These allow us to tailor the information we provide to suit your preferences (e.g. email vs post).
We will only send you information that is related to the group (e.g. we will not use your data to send you marketing messages from third-parties).
Anything we send you will include a clear option to withdraw your consent (e.g. to ‘opt out’ of future emails) and you can also do so at any time by contacting the Data Protection Officer using the Contact Us form.
Website visitors: for running and improving our website
We use a pop-up banner to let users know about this on their first visit, and they can at any time disable cookies in their browser if they do not wish their (anonymised) data to be tracked.
You can find out more about cookies at http://www.allaboutcookies.org/
Do we share your data with anyone else?
We will never pass your details on to third parties for marketing purposes.
We sometimes use third party services to process your data (e.g. Google Drive, Dropbox). We will always make sure any third parties we use are reputable, secure, and process your data in accordance with your rights under GDPR.
Are there special measures for children’s data?
We strictly limit the information we collect on children to the minimum required to successfully run Buzzy Bees Music. Unless explicitly stated otherwise at point of collection, we only collect name, date of birth and any relevant allergy/medical information the carer is willing to provide.
We may occasionally take photographs for use for our own publicity. Wherever possible, only photographs where any children are not personally identifiable (e.g. the picture is taken from behind the child) will be used. In cases where the child’s face is visible and identifiable, we will seek explicit permission from the child’s carer before we use that image anywhere.
How can you update your data?
You can contact us at any time using the Contact Us form to update or correct the data we hold on you.
How long we will hold your data?
The Buzzy Bees Music data retention policy is to review all data held on individuals at least every year and remove data where we no longer have a legitimate reason to keep it.
Where you have withdrawn your consent for us to use your data for a particular purpose (e.g. unsubscribed from a mailing list) we may retain some of your data for up to a year in order to preserve a record of your consent having been withdrawn.
What rights do you have?
Under the GDPR, you have the following rights over your data and its use:
- The right to be informed about what data we are collecting on you and how we will use it
- The right of access – you can ask to see the data we hold on you
- The right to rectification – you can ask that we update or correct your data
- The right to object – you can ask that we stop using your data for a particular purpose
- The right to erasure – you can ask us to delete the data we hold on you
- The right to restrict processing – you can ask that we temporarily stop using your data while the reason for its use or its accuracy are investigated
- Though unlikely to apply to the data we hold and process on you, you also have rights related to portability and automated decision making (including profiling)
All requests related to your rights should be made to the Data Protection Officer using the Contact Us form. We will respond within one month.
You can find out more about your rights on the Information Commission’s Office website.
What will we do if anything changes?
If we make changes to our privacy statements or processes we will post the changes here. Where the changes are significant, we may also choose to email individuals affected with the new details. Where required by law, will we ask for your consent to continue processing your data after these changes are made.
What are ‘cookies’?
‘Cookies’ are small text files that are stored by the browser (for example, Internet Explorer) on your computer or electronic device. They allow websites to ‘remember’ you for a period of time so that they can store things like user preferences and make the website quicker and easier for you to use.
Without cookies, some things on websites would not be able to work: for example, without cookies it might not be possible to know whether or not you are logged in on a website, which would prevent you from being able to see content restricted to logged-in users.
A visit to a page on the Buzzy Bees Music website may create the following types of cookie:
- Registration and preferences cookies
- Anonymous analytics cookies
Registration and preferences cookies
We do not currently have a members-only section on the website, but we may do in future. This information is therefore provided to cover that potential future expansion.
When you register with the Buzzy Bees Music website, we generate cookies that let us know whether you are signed in or not. Our servers use these cookies to work out which account you are signed in with, and if you are allowed access to a particular service. It also allows us to associate any comments you post with your username. For your convenience, these cookies last for two weeks before they are deleted automatically.
Anonymous analytics cookies
Every time someone visits our website, software provided by other organisations (Google Analytics, WordPress) generates an ‘anonymous analytics cookie’.
These cookies can tell us whether or not you have visited the site before and what pages you visit. Your browser will tell us if you have these cookies and, if you don’t, we generate new ones. This allows us to track how many individual users we have, and how often they visit the site. We use them to gather statistics, for example, the number of visits to a page, to help us identify if visitors would benefit from more information on a particular area.
How do I turn cookies off?
It is usually possible to stop your browser accepting cookies, or to stop it accepting cookies from a particular website.
All modern browsers allow you to change your cookie settings. You can usually find these settings in the ‘options’ or ‘preferences’ menu of your browser. To understand these settings, the following links may be helpful, or you can use the ‘Help’ option in your browser for more details.
- Cookie settings in Internet Explorer
- Cookie settings in Firefox
- Cookie settings in Chrome
- Cookie settings in Safari
Please note: switching off cookies may prevent some aspects of our website from working fully (e.g. you may not be able to access our members-only section).
You can find out more about cookies and their use on the internet from www.allaboutcookies.org.