You matter to us.

The privacy and security of your personal data is very important to us. We take the responsibility seriously and want you to be confident in how we process your information.

This Privacy Policy explains how and why we, Stoke Beer Festival, use your personal data, your rights and our obligations to you.

 This Privacy Policy applies if you’re a member, volunteer, customer, employee or supporter or use any of our services, visit our online facilities such as websites or apps, email, call or write to us. We may, in certain circumstances, provide specific privacy notices related to individual items but they will always refer to this privacy policy.

We will never sell your data and will only share it with companies when it is necessary, there is a legitimate interest, or where explicit consent has been given and the privacy and security of the data is assured.

What data we collect and how we use it

Our three key reasons for collecting data to then be processed are listed below.

Personal Data – Personal data is information that can be used to identify a living individual or as part of a set of information that, used together, can identify an individual. This will normally include name, address and contact details which includes email and postal address.

We will also process payment details in accordance with the relevant regulations.

Sensitive Personal Data – This includes, but is not limited to, racial or ethnic origin, political belief, sexual orientation. We do not request or hold this type of data.

 We may hold some medical information relevant to a role being undertaken e.g. the festival staffing officer may request any medical information you feel is relevant before working at a beer festival.

 Volunteers

We may request data from you specifically related to volunteer activities you undertake (e.g. references, criminal records, details of emergency contacts, medical conditions etc.). The data requested will be related to the activity undertaken. The information will be retained for legal or contractual reasons and are in place to safeguard both us and you.

Legal basis for processing your data

 In order to process your information we must have a lawful reason for doing so. The four most common reasons why we process your data are as follows;

Contractual
Legitimate interest
Consent
Legal Obligation

 We will only process (use) your personal information if we have;

a contract with you to provide a service or product. We will use your personal data accordingly e.g. an item you have purchased.

a legal obligation e.g. to process payments and store data in accordance with financial regulations.

Profiling

In order for us to provide the most relevant information to you we do profile our data to best suit the audience.

 We use specific tools to profile how you interact with us online e.g. we use Google Analytics to collect aggregated data to enable us to optimise the user experience.

 All profiling is undertaken to enhance the user experience. 

Your Rights

 You have a number of rights under GDPR and this section briefly highlights them. For more information visit www.ico.org.uk

 Keeping your information

We will only use and or store your information for as long as it is required for the purpose it was collected. The purpose will determine how long it will be kept. This can sometimes be to meet a statutory or legal requirement. If we have explicitly informed you of the length of time we will securely destroy the data in question.

Cookies, Tracking and Websites

For information on how you can manage cookies, please see cookiechoices.org. 

This websites use cookies from third party vendors, including Google, to profile traffic and for ecommerce.

 Payment card security

SBF has an active compliance programme in place. This is the international standard for safe card payment processes. As part of our compliance to this very stringent standard, we ensure that our IT systems do not directly collect or store payment card information; for example the full 16 digit number on the front of the card or the security code on the back. 

Our online payment solutions are carried out using a ‘payment gateway’ (e.g. Stripe) which is a direct connection to a payment service provided by a bank. This means that when you input card data into the payment page, you are communicating directly with the bank and the bank passes your payment to us, this means that your payment card information is handled by the bank and not processed or held by us

What to do if you are not happy

If you are unhappy with anything related to your personal information please contact the festival organiser directly so that we can resolve any problem or query.

You also have the right to contact the Information Commissioners Office (ICO) if you have any questions about Data Protection. They are contactable via the phone on 0303 123 113 or visit their website www.ico.org.uk.

Changes to this Privacy Policy
We will amend this Privacy Policy from time to time to ensure that it remains up to date and reflects clearly how we use your personal data. Please visit our website to keep up to date with any changes. We will not amend anything that will affect your rights. The current version will always be posted on our website.

 This Privacy Policy was last updated on the 30 September 2019.