Join our mailing list to receive regular updates from Headlong.
Headlong is a charity and is funded by Arts Council England as well as various trusts, foundations and individual donors and supporters. Our registered charity number in England and Wales is 267965 and we are also registered as a company in England and Wales under registration number 1171757.
Headlong treats the handling of personal data seriously. As such we have created a Privacy & Data Protection Policy, to ensure everyone in our workplace knows how to handle the personal data we receive from individuals and details how Headlong will treat personal data after it has been collected by us.
Information about individuals is held by Headlong with the right of subject access, allowing any individual access to the information held about them.
Please get in touch with us if you have any questions about any aspect of this privacy policy, and in particular if you wish to exercise any of the rights detailed in section 7.
Contact us at:
Headlong Theatre
17 Risborough Street
London
SE1 0HG
info@headlong.co.uk
You will be asked for personal information when you register, make an enquiry, make a donation or order products and services from us, apply for or accept a job or opportunity or participate in an outreach programme or workshop.
We will retain your name, date of birth, contact details and contact preferences when you make a purchase from our box office or otherwise buy products from us. We will keep a record of your bank or credit card details used to make the purchase, but only temporarily and solely to process your transaction.
We will record details when you sign up to our mailing list or make a donation. Where you make a donation, we will keep a record of the details of the gift (amount, date, purpose) and your Gift Aid status. We may also ask you to provide details about your current interests and activities, and the details of your family and spouse/partner details where appropriate.
We are committed to fundraising best practice and abide by the Fundraising Regulator’s key principles and behaviours of a fundraising organisation: to be legal, open, honest and respectful. We undertake to comply with relevant law and regulations, including the Proceeds of Crime Act, Data Protection, Tax and Gift Aid legislation and Charity Commission guidance.
We log your Internet Protocol (IP) address, in order to receive and send information from and to you over the internet. Our website also uses cookies to enable online transactions, understand how people use our website and inform our digital advertising. For more information on cookies, please see section 6.
We occasionally receive information about you from third parties. As we sell tickets through the venues that we tour to, who may be based both inside or outside of the EU, we may receive third party information from them about you, including your name, email address, postal address and booking information. We will only ever receive information about you with your consent or in the performance of a contract, with your knowledge, and we ensure that a data agreement is in place. If you book tickets through a partner venue you should check their Privacy Policy when you provide your information to understand fully how they will process and safeguard your data. If you wish to withdraw your consent for us to contact you, you can contact us using the information in section 1.
We may also receive personal data from our website developer, IT support provider and payment service provider who are based inside the EU.
If you are a job applicant we may contact your recruiter, current and former employers and/or referees, who may be based inside or outside the EU, to provide information about you and your application.
Depending on your settings or the privacy policies for social media services like Facebook, Instagram or Twitter, you may give us permission to access information from those accounts or services, such as your behaviour on these services and across our site. The majority of this behaviour is anonymised. For more information on how to control your privacy settings for these services, go to the following links:
Facebook - Privacy Policy
Twitter - Privacy Policy
YouTube - Privacy Policy
Vimeo – Privacy Policy
Special categories data is personal data that is more sensitive and therefore needs more protection, such as information about health and biometric data, race, religious or philiosophical beliefs, sex life, sexual orientation, trade union membership and political opinions. We will only process this type of data:
If you are an applicant or an employee, we will collect special categories of information about your race, ethnicity, religious or philosophical beliefs and sexual orientation for the purpose of our diversity and equal opportunities records (on the basis that it is needed for reasons of substantial public interest, for equal opportunities monitoring).
Through surveys, with your explicit consent, we may collect special categories of information such as your race, ethnicity, religious or philiosophical beliefs, and sexual orientation. This allows us to understand how our audience in a local and national context and helps us to identify new audience opportunities.
When you provide us information in relation to an event that you are attending with us, we may ask you about your access requirements and dietary preferences.
Depending on the preferences you have indicated and your relationship with Headlong Theatre we will use the personal information you have provided in the following instances:
To carry out our business and to provide a service or carry out a contract with you:
Where we have your consent to:
Where we have a legal obligation to:
Where we have legitimate interest to:
We use various techniques including market research and audience profiling techniques to help us understand our audiences, customers, donors and potential supporters. This includes gathering information from you as well as publicly available resources to give an insight into your interests and inclination to attend Headlong events or support Headlong.
We do this because it allows us to understand our audience members and the people who support us, and helps us to send appropriate communications and make appropriate requests to those who may be able and interested in attending or giving more than they already do.
When building a profile we may analyse geographic, demographic and other information relating to you in order to better understand your interests and preferences in order to contact you with the most relevant communications.
With your consent, we will contact you to let you know about upcoming events, updates on our plans and progress we are making, and to ask you to make a donation or give other types of support. Occasionally, we may include information from our partner organisations or organisations who support us in these communications.
We make it easy for you to tell us how you want us to communicate, in a way that suits you. Our forms have clear marketing and we include information on how to opt out when we send you marketing. If you don’t want to hear from us, that’s fine. Just let us know when you provide us with your information or change your preferences at any time by contacting info@headlong.co.uk.
Your personal information might be passed to a third party if they need it to fulfil your order(s) for our services, to execute the communications we send to you, to process a donation, or where you have otherwise consented to being contacted by selected third parties, such as artistic partners and associates. We do comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal information they have collected or have access to.
Examples of the data we share and who we share it with include:
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:
(a) We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries;
(b) Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, European Commission: Model contracts for the transfer of personal data to third countries; and
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
We ensure that there are appropriate technical controls in place to protect your personal details. The personal information that you provide will be held securely and will not be used for any other purpose than as provided for in this policy. We ensure that there are appropriate technical controls in place to protect your personal information; for example, any information which we transfer is encrypted and password protected, and all of our staff receive data protection and security training. We also ensure that any physical copies of personal data are protected, and our premises are kept safe with multi-lock security. We archive our email and paper correspondence regularly and destroy information older than 7 years.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We endeavour to keep your personal information accurate and up to date. If you become aware of errors or inaccuracies, please email info@headlong.co.uk or update the information we hold about you by using the "My Account" section of our website.
We use publicly available sources to keep your records up to date; for example information provided to us by other organisations as described in this policy.
We would really appreciate it if you could let us know if your contact details change.
If you use your credit or debit card to purchase from us or to make a donation, we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).
We optionally allow you to store your card details for use in a future transaction. This is carried out in compliance with PCI-DSS and in a way where none of our staff members are able to see your full card number. We never store your 3 or 4 digit security code.
Cookies are small text files that are automatically placed onto your device by some websites that you visit. They are widely used to allow a website to function (for example to keep track of your basket) as well to provide website operators with information on how the site is being used.
We use cookies to keep track of your basket as well as to identify how the website is being used and what improvements we can make.
Find out more information on what cookies we use here.
Our website contains links to other third party websites. We are not responsible for the privacy practices of these websites and you should read their own privacy policies for more information.
You can request full details of personal information we hold about you under the Data Protection Act 1998, or after 25 May 2018, The General Data Protection Regulation, by contacting the Data Team. Please send a description of the information you would like to see, together with proof of your identity to info@headlong.co.uk
At any time you have the right to ask the Headlong to amend or to stop how it uses your personal information including for marketing purposes. You can do this by signing in to the website and accessing your account details or if you don’t have an account or if you prefer to, you can contact us by phoning, emailing or writing using our contact details in section 1. You have the right to get information held about you by us corrected. If you have any concern about the accuracy of your personal data, please let us know using the above contact details.
You have the right to lodge a complaint with the supervisory authority, The Information Commissioner’s Office – www.ico.org.uk
More information about Data Subject Rights can be found here.
Our privacy policy may change at any time, so you may wish to check it each time you visit our website. Any changes will apply from the time that they are posted to this page. If we make any significant changes in the way we treat your personal information we will make this clear on our website or by contacting you directly.