Who we are
Tenebrae is the working name of The Tenebrae Choir, a professional choir based in the UK. We are a registered charity (No. 1142138) and a company limited by guarantee (registered in England and Wales, No. 7549890). Our registered office is c/o Lakin Rose Limited, Pioneer House Vision Park Histon, Cambridge, Cambridgeshire CB24 9NL, United Kingdom. Our correspondence address is Tenebrae, c/o Lyric Hammersmith Theatre, King Street, London W6 0QL, United Kingdom.
Purpose of data protection
The purpose of data protection law is to protect your rights and privacy with respect to the processing of personal data, being any information relating to an identified or identifiable natural person. A person is ‘identifiable’ if able to be identified, directly or indirectly, not only by things such as a name or an identification number, but also by things such as location data or some factor specific to (for example) the physical, physiological or social identity of that person. More common examples of personal data include names, identification numbers, contact information, identity documents, medical records and photographic images and it may be contained in a written document or in a recording or voicemail, for example. ‘Processing’ covers any activity involving personal data and includes such things as the collection, recording, storage, adaptation, use, disclosure and destruction of personal data.
What information do we collect?
If you make a purchase, sign up for an event or give a donation then we usually collect the following information:
- Name and title
- Contact details including postal address, email and phone numbers
- Your bank or credit card information (if making a transaction)
Where we have a specific reason to do so, we may also store and process information about you which is classed as sensitive personal information. This might include information about your race or ethnic origin, political opinions, religious or philosophical beliefs, or health and access requirements. We might also collect other personal information you provide to us – for example when you apply for a job, or tell us why you have chosen to make a donation.
How do we collect your information?
We or our third party providers may collect and store data from you when you visit our website, make online purchases, support us through donations or membership schemes, sign up to our mailing list, contact us about our activities or otherwise provide us with personal information.
We may also obtain personal information about you from other sources, such as if a family member or friend contacts us on your behalf. We may combine information you provide to us with information available from external sources in order to gain a better understanding of our audience, customers and donors. These sources can include third party organisations (when you have given permission for your data to be shared with us), social media and publicly available information.
We keep a record of the emails we send you, and we may track whether you receive or open them so we can make sure we are sending you the most relevant information. We may then track any subsequent actions you make online, such as clicking on a link in the email.
Like most websites, we and our suppliers receive and store certain details (including your IP address) whenever you use the Tenebrae website. We use ‘cookies’ to help us make our site better. Cookies mean that a website will remember you and optimise your user experience based on your previous interactions. They also help us understand how you use our website and where we can make improvements.
We may also receive information from external sources which enable us to gain a better understanding of our audiences and supporters, and to improve our fundraising and marketing methods. These sources include:
- Social media – We use social media to share information about our events, recordings, Learning & Connection projects and fundraising campaigns. On occasion we may reply to comments or questions you make to us on social media platforms. You may also see adverts from us on social media that are tailored to your interests. Depending on your settings and the privacy policies used by social media and streaming platforms, we may receive non-personally identifying demographic or analytical information from these services that enables us to better understand the effectiveness of our digital content.
- Publicly available information – This may include information found in places such as Companies House, your biography on your company website, or information that has been published online or in print.
How do we hold your data?
Your personal data will be held and processed on our own systems or systems managed by suppliers on behalf of Tenebrae. Your data is held securely and access to customer data is strictly controlled so only staff members who have a reason to work with your data have access to it.
When you purchase physical materials or downloaded content from Tenebrae, payment is handled by our third party payment platform provider, Global Payments, in line with their own policies. Payments made through our website are submitted directly to Global Payments in such a way that none of our staff members are able to see your full card number. We never store your 3- or 4-digit security code.
We strongly discourage you from sharing your credit or debit card details in any written form, including by e-mail. Please note that should you choose to share your card details with us in this way, we cannot accept liability for its interception and misuse (whether fraudulent or otherwise) by third parties.
Some of our suppliers run their operations outside the European Economic Area (EEA). Although they may not be subject to same data protection laws as companies based in the UK, we have taken steps to make sure they provide an adequate level of protection in accordance with UK data protection law. By submitting your personal information to us you agree to this transfer, storing or processing at a location outside the EEA (including in the United States).
Our basis for processing your personal information, and what we use it for
We use your information in the following ways. By using the Tenebrae website or otherwise sharing your information with us, you agree to our use of the data we receive from you for these purposes.
- To fulfil a contractual obligation – If you have made a purchase through our website then we use the information you have provided to fulfil our obligations to you. For example, we might send you practical information about an event for which you have bought a ticket, or we might post you physical products which you have ordered from us.
- Marketing – When you register on the website or make a purchase, there is an option to sign up to our mailing list to receive information about future events, recordings and projects. You may also actively opt in to our mailing list via our website. We will not contact you unless you have signed up to our mailing list in one of these ways.You may unsubscribe from our mailing list at any time by clicking ‘Unsubscribe’ at the bottom of any email, by emailing [email protected] or by calling +44 (0)20 3384 0368. You can also update your preferences to tailor what information you receive from us.
- Fundraising – When you register on our website, make a purchase, or sign up to our mailing list we will ask you whether you would also like to hear about opportunities to support Tenebrae’s work. If you agree, then we will send you occasional updates about our fundraising campaigns. As described above, you can unsubscribe or update your preferences at any time.
- Other uses – We may also use your information in the following ways:
- To keep our records up-to-date;
- To understand how we can improve our communications or events;
- To administer your donation or to process Gift Aid;
- To improve, prevent or detect fraud or abuses of our website;
- To comply with the law – for example, on rare occasions we may be obliged to disclose your personal information to government bodies or law enforcement agencies.
Research, profiling and ‘wealth screening’
As a registered charity, Tenebrae is reliant on donations in order to deliver its work. When identifying potential donors, we want to ensure that we only approach individuals who we reasonably believe might have an interest in our work, and whose financial position means that they might be able to make a donation. Before we make an approach, we might use additional information such as geographical information and measures of affluence where available from external sources to assist us. This will be a combination of publicly available information, for example drawn from company resources and news media, with information you have provided to us, such as past donations and career information. We may use the services of external screening/profiling companies, and publicly available data from social media sites like LinkedIn, Facebook and Twitter, depending on your privacy settings and/or interaction with us.
If you do not wish Tenebrae to undertake this activity, please email [email protected].
We only share your personal information with third parties where it is necessary in order to carry out our legitimate business activities. Examples of this might include (but are not limited to):
- Global Payments, our payment platform provider;
- Marketing automation platforms which we use to manage our mailing lists;
- When you have purchased a physical product from our website, our record labels so that they can post your items to you;
- HMRC when we claim Gift Aid.
On rare occasions it might also be necessary for us to share your details with third parties in order to comply with the law.
We will never sell your personal data, nor share it with any third party who is not one of our agreed service providers.
How long do we keep your information?
We will store your personal information for as long as is reasonably necessary for the purposes set out in this policy and to comply with legal obligations. In line with our legitimate business interests, if you purchase a ticket or other product from us we will typically keep your data for up to ten years unless you request us not to do so. If you have made a philanthropic financial transaction (i.e. when you purchase a membership or make a donation), we may keep a record of your name and donation indefinitely, as it is important to be able to verify where our voluntary income has come from. We also feel that it is important to be able to acknowledge your prior support should you choose to come back to us in the future.
If you would like to object to our storing and processing your data, you can do so at any point by contacting us using the details given at the end of this policy. Please be aware, though, that we are legally obliged to keep a record of any financial transactions for 6 years from the end of the financial year in which the transaction was made.
Any objections you make to any processing of your data will be stored against your record on our system so that we can comply with your requests. For example, if you ask that we stop sending you direct marketing communications, we will need to keep a record of your postal or email address to ensure that we do not contact the same address in the future.
You have a right to request a copy of the personal information that we hold about you and to have any inaccuracies in this data corrected. You may also request that we delete the personal information we are holding, provided that we are able to do so while remaining legally compliant. Please note that we are legally obliged to keep records of any financial transactions for 6 years after the end of the financial year in which they took place. If you would like to request a copy of the information we hold about you, or to request an amendment or deletion, please contact us using the details given below.
If you would like to make a complaint to the relevant supervisory authority, you can do so by contacting The Information Commissioner’s Office: www.ico.org.uk
To request a copy of the personal information we hold about you, or if you have any questions about this policy, please email [email protected] or call +44 (0)20 3384 0368. Please note it can take up to 28 days for us to comply with a data access request.
We aim to keep your personal information up-to-date and correct. If any of your details change, please notify us by contacting us using the details provided above. On occasion we may also update the information we hold about you using publicly available data.