You matter to us.
The privacy and security of your personal data is very important to us. We take the responsibility seriously and want you to be confident in how we process your information.
We will never sell your data and will only share it with companies when it is necessary, there is a legitimate interest, or where explicit consent has been given and the privacy and security of the data is assured.
What data we collect and how we use it
Our three key reasons for collecting data to then be processed are listed below.
Personal Data – Personal data is information that can be used to identify a living individual or as part of a set of information that, used together, can identify an individual. This will normally include name, address and contact details which includes email and postal address.
We will also process payment details in accordance with the relevant regulations.
Sensitive Personal Data – This includes, but is not limited to, racial or ethnic origin, political belief, sexual orientation. We do not request or hold this type of data.
We may hold some medical information relevant to a role being undertaken e.g. the festival staffing officer may request any medical information you feel is relevant before working at a beer festival.
We may request data from you specifically related to volunteer activities you undertake (e.g. references, criminal records, details of emergency contacts, medical conditions etc.). The data requested will be related to the activity undertaken. The information will be retained for legal or contractual reasons and are in place to safeguard both us and you.
Legal basis for processing your data
In order to process your information we must have a lawful reason for doing so. The four most common reasons why we process your data are as follows;
We will only process (use) your personal information if we have;
a contract with you to provide a service or product. We will use your personal data accordingly e.g. an item you have purchased.
a legal obligation e.g. to process payments and store data in accordance with financial regulations.
In order for us to provide the most relevant information to you we do profile our data to best suit the audience.
We use specific tools to profile how you interact with us online e.g. we use Google Analytics to collect aggregated data to enable us to optimise the user experience.
All profiling is undertaken to enhance the user experience.
You have a number of rights under GDPR and this section briefly highlights them. For more information visit www.ico.org.uk
Keeping your information
We will only use and or store your information for as long as it is required for the purpose it was collected. The purpose will determine how long it will be kept. This can sometimes be to meet a statutory or legal requirement. If we have explicitly informed you of the length of time we will securely destroy the data in question.
Cookies, Tracking and Websites
For information on how you can manage cookies, please see cookiechoices.org.
Payment card security
SBF has an active compliance programme in place. This is the international standard for safe card payment processes. As part of our compliance to this very stringent standard, we ensure that our IT systems do not directly collect or store payment card information; for example the full 16 digit number on the front of the card or the security code on the back.
Our online payment solutions are carried out using a ‘payment gateway’ (e.g. Stripe) which is a direct connection to a payment service provided by a bank. This means that when you input card data into the payment page, you are communicating directly with the bank and the bank passes your payment to us, this means that your payment card information is handled by the bank and not processed or held by us
What to do if you are not happy
If you are unhappy with anything related to your personal information please contact the festival organiser directly so that we can resolve any problem or query.
You also have the right to contact the Information Commissioners Office (ICO) if you have any questions about Data Protection. They are contactable via the phone on 0303 123 113 or visit their website www.ico.org.uk.