Last updated: 18 May 2018
MSO (aka Mind Sports Olympiad) takes the privacy of all of its customers and supporters very seriously and is committed to respecting and protecting your personal information. We aim to be transparent about what information we hold about you, whichever way you are connected with us.
The purpose of this policy is to explain how MSO collects, uses and protects any personal information we collect about you.
Collecting personal data helps us to develop a better understanding of everyone who engages with us – from theatre attendees and website users to our members and supporters. This allows us to work more effectively and helps us provide you with a better, more tailored service that we hope encourages you to get closer to our work and enjoy everything we have to offer.
2. WHO ARE WE?
MSO Limited is a registered company in England and Wales (number 04712990). Our registered office is 19 Cecil Court, London, England, WC2N 4EZ.
MSO currently manages one website – https://www.msoworld.com/
3. HOW TO CONTACT US
4. HOW TO CHANGE OR ACCESS THE INFORMATION WE HOLD ABOUT YOU
The accuracy of your personal information is important to us and you can help keep our records up to date by telling us when your contact details and other personal information changes, and if you change your mind about how we contact you.
Every email we send you will include details on how to change your communications preferences or unsubscribe from future communications.
It is important the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
If you would like to update the details we hold or change your contact preferences please contact us at email@example.com
5. WHAT INFORMATION DO WE COLLECT?
5.1 Depending on the reason for interacting with us, we may collect and hold the following information from you:
- Identity Data: includes your first name, last name, title, date of birth, gender and contact details for your parent or guardian if you are under 16.
- Contact Data: includes billing address, delivery address, email address, telephone numbers.
- Education Data: if you are a student, including name of your college/university/community group and your course details.
- Transaction Data: includes details about payments to and from you and details of tickets or services you have purchased from us.
- Supporter Data: includes information relating to memberships, donations, attendance at events and interests.
- Health Data: if you have a disability, information about your access requirements (for example if you require wheelchair access, an assistance dog, assisted hearing audio descriptions, BSL interpretation or a seat for a personal assistant); information about your allergies or dietary requirements if you are participating or attending an event where thius information might be needed.
- Image Data: includes your image and likeness as captured on our CCTV cameras and in photographs, video and audio recordings if you participate in a workshop or other event.
- Technical Data: includes the technical data we collect when you visit our websites as further detailed in section 6 below.
- Social Media: depending on your settings or the privacy policies for social media and messaging services like Facebook, Twitter and Instagram you may give us permission to access information from those accounts or services.
- Usage Data: includes information about how you use our websites and services.
- Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Data Hygiene: occasionally we may screen our database against recognised data hygiene files such as National Change of Address file and cleanse our files or correct inaccurate data. We may also update inaccurate data if the information is available.
5.2 We will collect and aggregate on an anonymous basis information about you and your use of our services with information about other users of our services, such as statistical or demographic data, for analysis, reporting to stakeholders (such as Arts Council England) and to better understand our customers. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature on one of our websites. However, if we combine or connect any of this type of data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
6. HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
Directly from you: We collect personal information from you at multiple touch points, for example when you book for a performance or an event, participate in a workshop or attend another event, speak to or email a member of our team, register for an account on our websites, make a donation, join as a member, subscribe to an email newsletter, respond to a survey, request marketing or fundraising information to be sent to you, enter a competition, provide feedback to us, fill out a form or provide any other information in any way.
Automatically: As you interact with our websites, we may automatically collect Technical Data from you as further detailed in section 7 below. We collect this personal data by using cookies, server logs and other similar technologies.
From other organisations or publicly available sources: For example, we may receive personal information about you from:
- Ticket agents who transfer personal data to us when you book a ticket for a production or other event at MSO
- Analytics providers such as Google or social media platforms such as Facebook and Twitter based outside the EU
- Publically available sources such as newspapers or online, such as Companies House or the Charity Commission.
We use this information to help us give you the best possible experience of MSO.
7. VISITING OUR WEBSITES
When you visit one of our websites we may automatically collect the following information:
- The IP address used to connect your computer to the Internet – we do not ordinarily link IP addresses to any of your personal information, which means that you remain anonymous even though the IP address is used to produce analytics information.
- Other technical information including your login information, browser type and version, time zone setting, browser plug-in types and versions, your device, operating system and platform.
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including time and date), pages you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and/or website.
8. YOUNG PEOPLE
We are especially committed to protecting the privacy of any young people that engage with or participate in our work. If you are under 16, please ensure that you obtain your parent/guardian’s consent before and whenever you provide personal information.
Personal data relating to young people will be held securely on our CRM and ticketing database. This data will be protected and only accessible to a limited number of staff members.
9. HOW DO WE USE YOUR INFORMATION?
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- to perform a contract with you, such as when you book a ticket for a production or other event or give a donation or when we need to contact you with important information relating to your booking
- To comply with a legal obligation, such as when you exercise your rights under data protection law or when we have to report to or respond to a request from government or law enforcement officials (such as reporting Gift Aid details to HMRC) or to meet national security or law enforcement requirements or prevent illegal activity
- Based on your consent, for example when you have specifically consented for us to use your information. For example this could be to send you updates via email about what’s on, priority booking, MSO news or information about membership or supporting us. This may also include us sharing your details with our partner organisations where you’ve consented to this.
- Based on your explicit consent when you provide us with information about your health or access needs in order for us to provide you with tailored services, such as a wheelchair accessible space or seating for a captioned performance
- As necessary for our legitimate interests in providing our services safely and securely in a suitable way which is tailored to your use and interests for the following purposes:
➢ To provide you with and improve our services➢ To help us provide you with the best possible customer service and experience at MSO
➢ To manage and administer our relationship with you, such as by keeping our database up to date, contacting you about administrative matters, renewing your membership or responding to your complaints or feedback
➢ To fundraise for example by alerting you to opportunities to support MSO through making a donation
➢ To enable you to participate in research, a survey or a competition
➢ To ensure the security of our websites and other technology systems
➢ To learn about your interests and preferences so that we can tailor your experience with MSO and provide you with information that is relevant to you
➢ For the purpose of marketing our services including sending marketing communications
➢ To learn about our audience and classify our audience into groups or segments, using booking, survey and publicly available information and ensure we are sending relevant messages to each group
➢ To use data analytics and research to improve the quality of the services we offer and define our marketing strategy
➢ To verify your identity for security purposes
➢ To help us ensure our customers are genuine and to prevent fraud
➢ For the management of our business, including keeping financial records, to allow us to pay suppliers and to charge, invoice or refund customers
➢ By using CCTV to prevent and detect crime and to keep people who visit and work at MSO safe and secure
➢ To record and investigate health and safety and other incidents which have happened at MSO
➢ For market research and statistical analysis and to analyse the use of our services so that we can improve your experience at MSO
➢ For a small number of our audience and other contacts, for the purpose of better understanding their engagement with MSO and their potential interest in supporting us further (see section 11 below for more details)
Note that we may process your personal information in reliance on more than one of the grounds listed above depending on the specific purpose for which we are using your data
10. SHARING OF YOUR PERSONAL INFORMATION
We may share your personal information with our trusted service providers, sub-contractors and agents that we may appoint to perform functions on our behalf and in accordance with our instructions, including payment providers, event ticketing providers, email communication providers, market research analysts, IT service providers, postal mailing providers, accountants, auditors and lawyers.
We may also share your personal information with other venues or organisations with whom MSO works, but only if you have given your explicit consent to this.
We require all other organisations with whom we share your personal information to respect the security of your information and to treat it in accordance with the law. We do not allow our service providers to use your personal data for their own purposes.
We might also have to share your information if we have to by law or where we need to protect you or other people from harm.
11. OPTING OUT
11.1 You can ask us to stop sending you marketing information at any time by following the opt-out links on any marketing message sent to you or by contacting us any time as set out above in Paragraph 3.
11.2 Where you opt out of receiving marketing information, this will not apply to personal data provided to us when your purchase a ticket or other service from us.
11.3 Please be aware that if you opt out, it may be that we cannot provide you with certain services.
We encourage support from individuals, companies and foundations who want to help us achieve our mission and reach the widest possible audience.
We may do some limited research before contacting certain individuals or organisations to understand if there is a potential connection or shared interest. We also carry out research about our current supporters so we can provide the best experience possible, tailor our communications and suggest relevant opportunities to get closer to our work. We aim to ensure that we are contacting you with the most relevant and timely communications and ultimately provide an improved experience for you. To do this, we use the information that you provide.
We may also:
- Break down the information we hold on our database (for example, we might send information to a specific group of people who live in the same area)
- Analyse donations already made to MSO
- Make use of additional geo-demographic information and measures of affluence
- Record the reasons you have chosen to donate to us, events you have attended and other relevant information about your involvement with MSO
This activity assists us in understanding more about the people who support us. It also enables us to better understand your interests, anticipate your needs, and to provide exceptional customer service. In line with Charity Commission guidance, we may also use your personal information to detect and reduce fraud and credit risk.
Before contacting a small number of individuals we may seek further information including business network information and publicly available information relating to: residential location, wealth and assets, family (excluding information on children unless personally given by the individual concerned), career, donations to other organisations (including political parties where they are made public by the individual) and hobbies and interests to create a profile of their interests and preferences. This helps us understand the background of the people who may choose to support us and helps us to make requests for gifts to those who may be able and willing to give. We may also use publicly sourced images to help identify individuals who attend our special events.
We use a number of different sources to aid us in our fundraising activities, including newspaper websites and archives, housing market websites and the electoral roll as well as official websites of companies, charities and other arts organisations. In addition to general use of the internet we also make use of company, director and shareholder information from publicly available information providers, such as Trustfunding.org.uk This helps us to make appropriate requests to supporters who may have the means and inclination to support at a higher level. You can opt out of your data being used in this way and unsubscribe from future communications about fundraising by contacting firstname.lastname@example.org
13. HOW WE PROTECT YOUR INFORMATION
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
Your personal information is contained behind secured networks and is only accessible by a very limited number of persons who have special access rights to such systems, and who are required to keep the information secure and confidential. All financial transactions are processed through a gateway provider and are not stored or processed on our servers.
Any credit card or payment information we hold is stored securely and encrypted so that only the last four digits of the long card number are identifiable. This allows our customers to complete transactions faster and easier.
We have put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator when we are legally required to do so.
We will do our best to protect your personal information. However, we cannot guarantee the security of your data transmitted to our websites before it reaches us, and any transmission is therefore at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
14. HOW LONG DO WE KEEP YOUR INFORMATION?
We will only keep your personal information in accordance with data protection law for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Where your information is no longer required, we will ensure it is disposed of, deleted or cached in a secure manner.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorised use or disclosure of the information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
15. TRANSFERRING YOUR INFORMATION OUTSIDE EUROPE
As part of the services offered to you by MSO, your personal information may be transferred to countries outside the European Economic Area (EEA). For example, this may happen when the computer servers used to host our websites or our customer databases are located in a country outside the EEA. These countries may not have similar data protection laws to the UK. By submitting your personal information, you are agreeing to this transfer.
- We will only transfer your personal information outside the EEA to countries that have been deemed by the European Commission to provide an adequate level of protection of personal data;
- Where we transfer data to certain of our trusted service providers, we may use specific contracts approved by the European Commission which give personal data the same protection as it has in Europe;
- Where we transfer to data to our trusted service providers in the USA, we may transfer data to them if they are part of what is called the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
16. YOUR LEGAL RIGHTS
You are in control of your personal information. Under certain circumstances you have the right to:
- Request a copy of the personal information we hold about you
- Ask us to correct information that’s wrong, to delete it or to request that we only use it for certain purposes.
- Request that we provide your personal information to you or another organisation in a structured, commonly used and machine-readable format.
- Object to us processing your personal information based on our legitimate interests.
- Change your mind and ask us to stop using your information, for example, unsubscribing from any marketing emails. Please be aware that if you ask us to stop using your information we may not be able to provide certain services to you: we will let you know if this is the case.
If you would like to exercise any of your legal rights in relation to the personal information that we hold about you, please email email@example.com
Your request must include your name, email address and postal address and we may request proof of your identity.
If you have a concern about the way in which we use your personal information, you may also make a complaint to a supervisory authority for data protection matters. In the UK this is the Information Commissioners Office: https://ico.org.uk/concerns/. If you live in another EEA country, you may complain to the supervisory authority in your country.