We are committed to protecting your personal information and being transparent about what information we hold about you. We are committed to protecting your personal information and being transparent about what information we hold about you.
Using personal information allows us to develop a better understanding of those who are interested in our work, and, in turn, to provide you with relevant and timely information about the work that we do – both on and off stage. As a charity, it also helps us to engage with potential donors and supporters.
The purpose of this policy is to give you a clear explanation about how we and our subsidiaries collect and use the information that you give us directly and which we obtain from third parties.
The Orchestra commits to seven key principles of data privacy and security, namely:
- To provide clear, honest and open information to customers about how we use their data
- To give customers the choice about how we use their data
- To use data appropriately and in a way that would be reasonably expected by the customer (including suppressing or deleting records once they are no longer required)
- To maintain data privacy, only ever sharing customer data with other organisations only where the customer has given their consent for us to do so, and to limit those organisations to partners which we are satisfied comply with current data protection legislation
- To be accountable and responsible: to take active steps to protect customer data from ‘data breaches’ andto inform customers and the information commissioner should this occur
- To have separate and enhanced procedures for the use of sensitive data (such as data relating to children or disability)
- To ensure our staff, partners and suppliers understand these principles and their responsibilities in delivering them.
Who we are
London Philharmonic Orchestra Ltd is a charity and is funded by Arts Council England as well as various trusts, foundations, individual donors and corporate supporters. Our registered charity number in England and Wales is 238045 and we are also registered as a company in England and Wales under registration number 357059.
London Philharmonic Orchestra Trading Ltd is a trading subsidiary of London Philharmonic Orchestra Ltd and is registered as a company in England and Wales under registration number 357059.
The London Philharmonic Orchestra is a registered data user under the General Data Protection Regulation ((EU) 2016/679) (GDPR) and the Data Protection Bill (DPB) 2017. The Data Controller is the London Philharmonic Orchestra. The person responsible for data protection is David Burke, General Manager. Our registration number in the Data Protection Public Register is Z3589643.
Why collect data?
We collect personal information from you in order to make your relationship with us as easy and enjoyable as possible. We need it to fulfil your ticket and merchandise orders; administrate our membership, education and community schemes; process your payments; inform you of any delays or problems with your order; and to notify you if an event is cancelled or if the event information advertised has changed.
If you have shown interest in what we do by ordering tickets, merchandise, memberships, making donations, or applying for one of our education and community schemes, we may send you news and updates about our charity, information about future events, fundraising appeals and other products and activities that may be of relevance to you. We may supply this information by post, email or phone, depending on the appropriate channel. To find out how you can opt out of any of these communications please click here
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information and opportunities that have relevance to you. We may also use aggregated anonymised data of our bookers to inform future planning, marketing campaigns and to report to funders. If you use our website, your activity will be tracked so that we can constantly improve our customers’ experience online. You can find out more about this by reading our cookies policy.
We are charity that relies on philanthropic support. If we feel that you may be in a position to make a significant donation to the Orchestra we may make use of additional information about you, including geo-demographic data and measures of affluence where available from external, publicly-available sources including social media and official records. This helps us understand the background of the people who attend our performances and support us and helps us to make appropriate requests for gifts to people who may be able and willing to give more than they already do.
Information you give us
The personal information that we collect from you when you book, order or donate is:
Payment Card details
For some customers with whom we have a deeper relationship we may also collect and store data such as:
• Gift Aid declarations
• Your bank account number, name and sort code (solely for processing direct debit payments)
• Dietary preferences of you and your partner/spouse (where relevant to your attendance at events)
• Your connections to others on the LPO database (e.g. your partner/spouse, other family member, employer, or an organisation of which you are a board member or trustee)
We do this to allow us to:
• Carry out tasks that you have asked us to perform (e.g. take a monthly membership direct debit)
• Provide the highest level of service when we interact with you
Information about your interactions with us
Where you have interacted with us we store a history of those interactions. For example, if we have sent you a mailing we keep a record of this; in the case of email we may keep a record of whether you have opened it or clicked on any of the links. We do this to allow us to better inform the communications that we send to you, ensuring their relevance and appropriateness.
The types of information that we store include:
• The history of our communications with you and your interaction with them
• Your ticketing history
• Your membership and donation history
• Transaction particulars, including the method of payment
Where you are a current or potentially significant financial supporter of the organisation we may also store basic biographical information about you, along with records of spoken and written conversations we have had with you. We may keep a record of your philanthropic interests and gifts to other charities. We may aggregate this information with research carried out on social media and in publicly available records in order to better assess whether it may be appropriate to approach you for support. We will not store this information for longer than is appropriate.
There are three legal bases under which we may process your data:
When you book or purchase you are entering into a contract with us. In order to fulfil this contract we need to process and store your data. For example we may need to contact you by email or telephone in the case of the cancellation of a concert or event, in the case of problems with your payment, or to deliver benefits associated with your payment or membership. When you donate we would like to be able to thank you and may need to contact you with regard to acknowledging your gift.
Legitimate business interests
In certain situations we collect and process your personal information for purposes that are in our legitimate organisational interests. However we only do this if there is no overriding prejudice to you by using your personal information in this way. See below some of the situations in which we would use this basis; they include including marketing and fundraising communications, and other processing activities.
With your explicit consent
For any situation where the two bases above are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation. For example, we would never share your data with another organisation to contact you, unless you had given us explicit consent to do so.
Marketing and Fundraising Activity
We aim to communicate with you about the work that we do in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as which events you have booked for in the past, as well as any preferences you may have told us about.
We use our legitimate organisational interest as the legal basis for communications by post and email. In the case of postal mailings, you may object to receiving these at any time using the contact details at the end of this policy, which will also be provided with every postal mailing you receive.
In the case of email, we will give you an opportunity to opt out of receiving them during your first booking, purchase or donation with us. If you do not opt out, we will provide you with an option to unsubscribe in every email that we subsequently send you. You can update your preferences by logging into your account online or by using the contact details at the end of this policy.
We will stop contacting you after three years, if, during that period you have not interacted with us in a way that re-engages our legitimate interest in contacting you (booking a ticket, or making a donation for example).
You may see personalised adverts from us on social media, that have been tailored to your interests. Depending on your settings on social media and messaging services (such as Facebook, Instagram and Twitter), and their privacy policies, you might give third parties (including the London Philharmonic Orchestra) permission to access information from those accounts and services in order to provide you with the most relevant information and to maximise the effectiveness of our communications.
Other processing activities
In addition to marketing and fundraising communications, we process personal information in the following ways that are within our legitimate organisational interests:
We may analyse data we hold about you to ensure that the content and timing of communications that we send you are as relevant and personalised to you as possible.
We may analyse data we hold about you in order to identify and prevent fraud.
In order to improve our website we may analyse information about how you use it and the content with which you interact.
We may use profiling techniques or third party wealth screening and insight companies to provide us with information about you that will help us to communicate in a relevant way with you, in particular when we are considering approaching you about potential philanthropic support. Such information is compiled using publicly available data about you.
We will always keep your rights and interests at the forefront to ensure they are not overridden by your own interests or fundamental rights and freedoms. You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the end of this policy. Please bear in mind that if you object this may affect our ability to carry out tasks above that are for your benefit.
Education & Community Data
Our Education & Community department collects information about its project participants, applicants and facilitators. The information collected will depend on the project, but may include:
- Any heath considerations
- Special Educational Needs
We will only collect data that is necessary to the project, and will only keep the data for as long is necessary for the delivery of the project. See our policy on sensitive data, including data on children and vulnerable adults for further information on how sensitive data is stored.
We may keep participants, applicants and facilitators’ contact details on record in order to contact them about future relevant opportunities. We will always give you an opportunity to opt out of these communications.
We may store anonymised data about our participants and applicants to future analysis and reporting to funding bodies.
Sensitive data, including data on children and vulnerable adults
In order to adequately prepare for our various education and community projects, we may collect information on participants’ date of birth, medical considerations and any special educational needs. This information will only be collected if necessary for the delivery of the project, and not stored for longer than is absolutely necessary. This information is securely held and accessible only to members of staff who have clear DBS checks.
All information on any participants under the age of 13 will also be available for viewing only by members of staff who have clear DBS checks.
Supplier, staff and player data
If you have a business relationship with the London Philharmonic Orchestra – as a supplier, member of staff or player, please see our separate document on how we maintain your data.
We are a member of a database consortium – what does this mean?
When you book tickets through the London Philharmonic Orchestra or give us information for other reasons such as donating, your personal information will be entered into a database called Tessitura. This is a ticketing and relationship management system that is shared across the Southbank Centre Consortium. The current members of this consortium are Southbank Centre, the London Philharmonic Orchestra, the Philharmonia Orchestra, the Orchestra of the Age of Enlightenment, and the London Sinfonietta. All member organisations are able to view your name and contact details, helping to ensure the best possible customer experience.
When you purchase items through us, or otherwise provide us with personal information (or notify us of changes to your personal information), you consent to your names and contact details, being visible to all member organisations. Other information (e.g. specific ticket purchases, donations, Gift Aid declarations and research profiling) is not shared across the consortium but is specific to the organisation with which you have a direct relationship.
We may share aggregated and anonymised demographic information (e.g. postcodes) with the consortium organisations for analytical purposes. This is not linked to any personal information that can identify any specific individual.
There are some circumstances in which we may disclose your personal information to third parties. These are as follows:
- To our carefully vetted suppliers and service providers who are contracted by us to carry out services related to our communications with you. For example, to a mailing house which sends out large numbers of newsletters on our behalf.
- To profiling agencies whose purpose is to aggregate it with other data to build a picture of whether you might appropriately be approached for a major supporting financial gift to the Orchestra.
Suppliers of the services mentioned above are bound by the same data protection rules as the LPO. Our partners are subject to contractual agreements which ensure compliance with Data Protection legislation and keep your data safe.
- To our subsidiary, London Philharmonic Orchestra Trading Ltd, when it is necessary for them to be able to provide you with products or services you have requested.
- Where we are under a duty to disclose it in order to comply with a legal obligation (e.g. to government bodies and law enforcement agencies).
We will never sell or pass on your details to a third party for marketing purposes without your explicit permission.
Cookies are small text files that are automatically placed onto your device by some websites that you visit. They are widely used to allow a website to function (for example to keep track of your basket) as well as to provide website operators with information on how the site is being used.
Your credit and debit card details
When you book online all payment card details are submitted directly to Sage pay, our payment provider and encrypted. Sage pay is audited annually under the Payment Card Industry Data Security Standards (PCI DSS). The London Philharmonic Orchestra does not at any point see your card details or hold them on file.
When you pay over the phone all payment card details are inputted directly into the Tessitura database, the system that we use to manage ticketing, purchases and donations at the London Philharmonic Orchestra.
We do not save your payment card details on our ticketing system and will ask for them anew each time you book, purchase or donate.
Maintaining your personal information
If you have completed a transaction with us (i.e. buying a ticket or other product, or making a gift to the organisation) we will retain your data for eleven years since your last interaction with us. This allows us to undertake detailed analysis of audience trends over the long term and to cater appropriately for audiences who attend special projects (such as Wagner operas or performances targeted at a specific community) which recur less frequently than our mainstream concert performances.
If you have told us that you have left a gift to the London Philharmonic Orchestra in your will we will consider your relationship with the organisation to be life-long and your data will be kept on file until such time as you inform us that the organisation is no longer named as a beneficiary of your estate. In this instance you can still choose not to hear from us if you prefer not to be contacted.
Security of your personal information
We take all reasonable steps to protect your personal information. All the data collected by us is stored on a secure server. The secure server software encrypts all information you input before it is sent to us.
Server access is via designated user name and password with group policies to restrict access to specific folders. Policies are in place to enforce changing of individuals’ user logon passwords. Prevention measures against unauthorised external access include firewall protection and dedicated remote access hardware. Sophos Antivirus is in place to guard against virus and malware.
Access to the Tessitura database at the LPO is restricted to those members of staff required to maintain a relationship with you and is controlled through electronic password protection and user security profiles. Sensitive data, including data on children and vulnerable adults is only accessible by members of staff with clear DBS checks.
Your rights to your personal information
To request a copy of the information about you that we hold please write to the address below. There is a fee of £10 for requesting this information. The London Philharmonic Orchestra undertakes to respond within 40 days of the receipt of the fee.
London Philharmonic Orchestra
89 Albert Embankment
You can ask us at any time and without fee to correct information about you that we have which is inaccurate.
The EU Directive on Privacy and Electronic Communications demands that member states do more to combat spam. The UK law tries to create a system that allows legitimate businesses to send direct e-mail to users but attempts to stop the scammers and spammers. We send emails only to addresses that have been supplied directly to us by customers, and for the purpose for which these addresses were originally given. We always disable or remove addresses in our database when requested to do so by our customers.
How to opt out
Your Right to be Forgotten
If you choose to exercise your right to be forgotten and specifically tell us that you no longer wish us to hold your details we will anonymise your record, removing all personal data. The Orchestra has a right to keep records for a certain period, as described above, which may mean that even if you ask us to erase details we are legally obliged to keep them until after that period has passed.
How to complain