General

- We are committed to protecting your personal information, being transparent about what data we hold and giving you control over how we use it.

- This policy sets out how we will collect and use data relating to individuals.

- George IV Venues Ltd T/A Paradise Green is registered with the ICO as a data controller.

Website and Cookies

- When you visit our website we may automatically log your public IP address, time and date of your visit, the pages that were requested, the referring website (if provided) and your internet browser version.

- By using our website you acknowledge that we may request that your browser stores cookies on your computer. These are necessary for certain functionality of our website to operate. You may configure your browser to block the use of cookies, though this may prevent certain functionality from working.

All individuals

How we collect your personal information

- We collect your information when you interact with us, for example, as an audience member, industry professional, performer or volunteer.

- The extent and purpose to which we collect and use your personal information will vary depending on your relationship with us, therefore we have separated this policy into individual subsections below.

- We receive information from third party organisations as outlined in the specific individuals sections below.

- Emails, both received and sent, may fall into a number of different categories of data and may be retained indefinitely.

Why we collect information and what we do with it

- The specific reasons we collect information are outlined in the separate sections below.

- We will use your information for those reasons detailed below either on the basis of:

- - performance of your contract with us and the provision of our services to you;

- - your consent (where we request it);

- - where we need to comply with a legal or regulatory obligation; or

- - our legitimate interests (see details below).

Feedback and Complaints

- If you contact us with feedback or complaints online, by email, by phone or in person, we keep a record of the correspondence on our database to help us improve customer service.

Ensuring security and protecting our business interests

- In certain circumstances, we use your information to ensure the security of our services, buildings, and people, including to protect against, investigate and deter fraud, unauthorised or illegal activities, systems testing, maintenance and development (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).

- Should an individual require access to the private areas of our venues we will collect their name and a photograph in order to print an access control photocard. This information is retained for up to 24 months after last use of the card.

- We use CCTV recording equipment in and around our premises for monitoring and security purposes. CCTV cameras operate in 'front of house' public areas including foyers as well as in performance spaces. They do not operate in private areas such as bathrooms or dressing rooms.

Complying with legal obligations

- In certain circumstances, we will need to use your information to comply with our legal obligations, for example, to comply with a court order.

Incidents in our venues

- In case of a incident taking place in our venues, such as a first aid incident, we may retain the contact information of persons involved as necessary to discuss the incident with them and/or take further action as necessary. For first aid incidents medical data may be recorded as well. Such information would be kept until our review of the incident reports, taking place within 60 days of the end of the festival, after which any sensitive data would be deleted.

Individuals under 18

- We do not accept Volunteers and Members under the age of 18.

- For Audience Members and Performers under the age of 18, please ensure that you obtain your parent/guardian's consent beforehand whenever you provide personal information to us.

- If you don’t have that consent, you must not provide personal information to us.

Specific groups of individuals

Audience Members

How we collect your personal information

- We collect your personal information directly when you book tickets or buy items by phone or in person at our box office.

- We receive your personal information from third parties when you book through them. This includes the Fringe Society and other venues with whom we cross sell. When we sell tickets on behalf of other venues, your personal information will be shared with them.

What information do we collect

- We collect the following information in the booking process:

- - Prefix and name

- - Organisation (if relevant)

- - Email address

- - Contact phone number(s)

- - Financial information

- - Billing address

- We also receive this information from third parties when you book through them.

- We may also receive certain information, either directly or from third parties, regarding accessibility requirements for audience members with a disability.

Why we collect information and what we do with it

- We use the following information to administer your booking and fulfill our contract with you:

- - Financial information including any card details will be used only for the purposes of processing the payment and/or any refund, and will not be passed to any third party except for these purposes.

- - Other personal data will be only used for the purposes of administering your booking(s) with us and will not be passed to third parties except as reasonably required for these purposes.

- - To provide good customer service at the theatre or by phone (on the basis of performing our contract with you or on the basis of our legitimate interests to provide you with customer service)

- - We may use your personal data to provide you with special assistance, if required (on the basis of our legitimate interests to provide you with assistance or where you have provided your consent when you have provided sensitive information about your health).

- We may share the name and organisation of people receiving complimentary tickets with the performing company (on the basis of detecting and preventing fraud through misuse of complimentary tickets issued on their behalf). We will never share contact or financial information with our performing companies.

- We use contact information of members of the press and industry professionals on the basis of our legitimate interest to discuss their experience of the performance and solicit reviews.

- Where we sell tickets on behalf of other venues, we will pass on your personal information to them on the basis that they require the information to fulfill the contract with you.

- We use personal information, provided by the individual, to administer our VIP scheme. This includes name and contact information.

- We may use customer data to facilitate future ticket sales.

How long we keep your data

- We store financial transaction data, including signatures for card verification, for as long as is reasonably required for us to process the transaction, including any refunds which may become necessary. Data will also be retained by us or our card processing partners for reasonable audit or fraud prevention purposes. This data will be deleted once these requirements are completed.

- We retain transaction records and customer data that may be used for future sales indefinitely.

Companies who use our venues

How we collect your personal information

- The majority of information is provided directly by the performing company, either during the application process or in preparation for their lease.

- We use information available from external sources to assist in reviewing applications to perform in our venues. This is on the basis of our legitimate interest to understand the nature of the performance and to improve our overall artistic programme. This will only be done when you give permission to the relevant third party organisations to share with us the data they hold on you, or if the data is already publicly available.

- In some cases, we will rely on legitimate interest for processing data of potential performing companies. This means we may carry out initial research on prospective performers. We will only use publicly available information, such as Social Media profiles for performing companies, previous reviews and show listings.

- We receive information from third party organisations, for whom we provide specific services at the Edinburgh Festival Fringe.

- We receive information from the Edinburgh Festival Fringe Society, for example [https://www.edfringe.com/information/privacy#registration related to your show registration]

- We generate personal information internally, such as taking photographs of performers for ID passes where these are not provided to us directly.

- Our staff will generate personal information related to a performance on each day that the show performs in our venue.

What information do we collect

- We collect the following information in the booking process:

- - Name and contact details of person completing the application or booking form

- - Information regarding the show

- We collect the following information during the preparation for the festival:

- - Financial information (based on our requirement to make box office payouts)

- - Copies of insurance documentation

- - Personal information (including name, country of origin and photo) of all performers within a performing company

- - Contact details for key individuals within a company

- - Consent for performances and performers to be photographed, and for that image to be used as part of our marketing efforts

Why we collect information and what we do with it

- Information is used for the purposes of fulfilling the contract with the company, this includes sharing information with third parties as follows:

- - Contact details of the person named as primary contact may be passed to:

- - - other Companies performing at one of our venues

- - - the Fringe Office

- - - other third party organisations with which we have formed a partnership

- - Contact details of the person named as press contact may be passed on to any party requesting contact information for the Performing Company

- - Transferring all information required to complete the Edinburgh Fringe Society registration form to the Fringe Society via Edfringeware.com

- Information may be used by us to directly market our own services, but will not be shared with any third party for this purpose.

- To conduct research on Performing Companies experiences of performing in our venues. Participation in such research is entirely voluntary, so you can choose whether or not to disclose any information requested. We will make it clear whether your response to surveys is anonymous or not and, should you provide any further information, we will inform you how it will be used.

How long we keep your data

- We retain information in line with our contract with performing companies.

Volunteers, Members and Directors

Information we collect

- Personal data, such as contact details and work experience, is provided by our volunteers as part of our recruitment process.

- Sensitive information (such as medical information) is provided by the individual concerned with specific consent detailed at the time of the request. This information may be removed at any time by the individual concerned.

- We collect information on the roles you take on with us and the years you work with us as well as the training you attend to prepare you for these roles.

Why we collect information and what we do with it

- We use the information held on our volunteers for the purposes of assessing their suitability for roles, to provide suitable accommodation and food.

- To conduct research on experiences of working with us. Participation in such research is entirely voluntary, so you can choose whether or not to disclose any information requested. We will make it clear whether your response to surveys is anonymous or not and, should you provide any further information, we will inform you how it will be used.

- Should you decide to become a member of the company following your time volunteering with us, your contact information will be retained so that we can contact you with information about company activities and meetings.

- To respond to requests for references and confirmation of experience with us where you have requested this.

How long we keep your data

- Some information (name, email address, years of employment with us, roles undertaken, training completed) will be retained indefinitely as this is necessary to assess future applications. This does not affect your right to have this data deleted.

- Sensitive data such as medical information, dietary requirements and next-of-kin contact details will be deleted within one year after your period of volunteering with us ends.

- All other personal information will be deleted within two years after our last interaction.

- Names and contact details relating to company members and directors will be retained indefinitely to enable us to fulfil our company legal obligations.

- Meeting minutes, including the name of anyone attending a company meeting and comments they make, will be retained indefinitely and published in accordance with our legal obligations regarding company meetings.

- Any surveys you complete or feedback you give the company will be retained for the purpose of improvement. You can decide whether you would like this to be stored anonymously when submitting your response.

- Surveys where the information is only relevant to that Fringe (i.e. registering for training) will be deleted once the period of volunteering has ended.

Legitimate Interests

- Where we refer to using your information on the basis of our ‘legitimate interests’, we mean our legitimate business interests in conducting and managing our business and our relationship with you, including the legitimate interest we have in:

- - personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you;

- - detecting and preventing fraud and operating a safe and lawful business;

- - improving security and optimisation of our network, sites and services; and

- - providing you with customer service.

- Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you.

- Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).

Sharing personal information with third parties

- We will never share, sell, rent or trade your personal information to any third parties for marketing purposes without your prior consent.

- Some of our service providers may have access to your data in order to perform services on our behalf (box office and payment processing is a good example of this) or to advise us (such as legal advisors).

- We make sure anyone who provides a service for us enters into an agreement with us and meets our standards for data security. They will not use your data for anything other than the clearly defined purpose relating to the service or advice/service that they are providing.

- We may also disclose personal information to appropriate third parties to assist in anti-fraud checks and investigations.

Third party websites

- Our website may, from time to time, contain links to other websites. If you follow a link to any of these websites, please note that these websites and any services accessible through them are not governed by this Privacy Policy, and may be subject to a different privacy policy run by that third party website provider.

- We do not accept any responsibility or liability for these policies or any personal data that may be collected through these websites or services, such as contact and location data.

- Please check their policies before you submit any personal data to these websites or use these services.

How to manage your personal information

Keeping information up to date

- It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your information as outlined below.

- You can contact us or update this information online depending on what your relationship is with us:

- - Audiences: Via phone +44 (0) 131 510 0022 or email to info@paradise-green.co.uk

- - Performers: Via the Performers Dashboard or email to info@paradise-green.co.uk

- - Volunteers: Via the Staff System or email to staff@paradise-green.co.uk

Your rights

- You have certain rights in respect of the information that we hold about you, including:

- - the right to access and amend the personal information that we hold for you, or request that we stop contacting you at any time;

- - the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Policy;

- - the right to ask us not to process your personal data for marketing purposes;

- - the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;

- - in addition to your right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/), you can lodge a complaint with the relevant authority in your country of work or residence;

- - the right to withdraw your consent for our use of your information in reliance of your consent (refer to “Why do we collect this information, and what do we do with it?” above to see when we are relying on your consent), which you can do by contacting us using any of the information at the top of this Privacy Policy;

- - the right to object to our using your information on the basis of our legitimate interests (refer to [[#Legitimate Interests|Legitimate Interests]] to see when we are relying on our legitimate interests) (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;

- - the right to receive a copy of any information we hold about you in connection with the performance of our contract with you or on the basis of your consent (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances; and

- - the right to ask us to limit or cease processing or erase information we hold about you in certain circumstances.

- You may exercise your rights above by contacting us and we will comply with your requests unless we have a lawful reason not to do so.

What we need from you to process your requests

- We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

- You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

- We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Changes to this Privacy Policy

- We may make changes to this Privacy Policy from time to time.

- This policy was last updated on 24th May 2018.