Privacy policy.

Privacy Policy

Last Updated: 2nd November 2024

This Privacy Policy explains how Highpoints Youth Ballet ("we," "our," or "us") collects, uses, and protects your personal data in compliance with the General Data Protection Regulation (GDPR) and other applicable UK laws. By using https://www.highpointsballet.org.uk (the “Site”), you agree to the practices described in this policy.

Our Site was built using Squarespace. How Squarespace processes and stores data is subject to their privacy policy which can be found here: https://www.squarespace.com/privacy. By using our Site, you agree not only to be bound to Squarespace’s privacy policy.

1. Information We Collect

We may collect and process the following types of personal data:

  • Personal Data You Provide: When you contact us, submit forms, make a purchase, or engage with us in other ways, we may collect personal data such as your name, email address, phone number, and postal address.

  • Automatically Collected Data: When you visit our Site, we may automatically collect information such as your IP address, browser type, and interactions on the site. We use cookies and similar technologies to improve your experience and analyze usage.

  • Data from Third Parties: If you connect with us on social media (e.g., Facebook, Instagram), we may receive information based on the platform’s policies and your privacy settings.

2. How We Use Your Data

We process your data for the following purposes, based on legal grounds defined under GDPR:

  • To Fulfill Contracts and Provide Services: Processing orders, responding to inquiries, and providing support for purchases or services you request.

  • Legitimate Interests: Improving our Site, tailoring content, maintaining security, and marketing to our users (with appropriate consent).

  • Compliance with Legal Obligations: Complying with regulatory and legal obligations, including record-keeping requirements.

  • Consent: For marketing communications, tracking, or other uses for which we obtain your consent.

3. Legal Basis for Processing Personal Data

Under GDPR, we process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing necessary to perform a contract with you or to take steps at your request before entering into a contract.

  • Legitimate Interests: Processing based on our legitimate interest in running and promoting our business, where these interests do not override your rights.

  • Consent: When you’ve provided consent for specific purposes, such as marketing.

  • Legal Obligation: When processing is necessary for compliance with legal obligations.

4. How We Share Your Data

We do not sell your data. However, we may share it as follows:

  • Service Providers: With trusted third-party vendors (e.g., payment processors, analytics providers) who perform services on our behalf, following GDPR requirements.

  • Legal Compliance: If required by law or in response to legal proceedings, we may disclose personal data.

5. International Data Transfers

If we transfer your data outside the UK or European Economic Area (EEA), we will ensure that it is protected in a manner consistent with how it would be protected under GDPR. This may include using standard contractual clauses or other safeguards approved under GDPR.

6. Your Rights Under GDPR

You have the following rights concerning your personal data:

  • Access: You can request a copy of your personal data.

  • Correction: You can ask us to correct or update any inaccurate information.

  • Erasure (Right to Be Forgotten): You can request deletion of your data, subject to certain exceptions.

  • Restriction of Processing: You can request that we limit how we use your data.

  • Data Portability: You can request your data in a machine-readable format for transfer to another service provider.

  • Objection: You can object to our processing of your data, including for direct marketing purposes.

  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at [Your Contact Email]. We will respond to your request within one month.

7. Data Retention

We retain personal data only as long as necessary for the purposes stated in this policy or as required by law. When no longer needed, your data will be securely deleted.

8. Security

We implement appropriate technical and organizational measures to protect your data from unauthorized access, loss, or misuse. However, no system is completely secure, and we cannot guarantee absolute security.

9. Cookies and Tracking Technologies

Our Site uses cookies to improve user experience and gather analytics data. You can adjust your browser settings to refuse cookies, but this may affect your ability to use certain features.

For more details on our cookie usage, please review our Cookie Policy [Link to Cookie Policy].

10. Third-Party Links

Our Site may contain links to third-party sites. We are not responsible for their privacy practices, and we encourage you to review their privacy policies.

11. Children’s Privacy

Our Site is not directed to children under 13. We do not knowingly collect data from children under 13. If we become aware of such data, we will delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. The “Last Updated” date at the top of this page indicates the most recent revision. We encourage you to review this policy regularly.

13. Contact Us

For questions or to exercise your rights under GDPR, please contact us at:

Highpoints Youth Ballet CIC
Email: highpointsballet@gmail.com
Address: 3 Carnmoney Court, BT36 6UZ