The Mariinsky Theatre Trust is grateful to BP for its ten-year support of the Mariinsky UK touring programme. This partnership builds on the strong relationship already established between BP Russia and the Mariinsky Theatre in St Petersburg and forms part of BP's cultural programme in the UK.

Privacy Policy

INTRODUCTION

This policy is designed to inform you about our privacy policy – how the Mariinsky Theatre Trust (“the Trust”) collects, stores and uses your personal information.

The privacy policy applies to all personal data collected and used by the Trust and its subsidiary company, both online and offline. The Trust reserves the right to modify this policy at any time.

On 25th May 2018 new legislation on Data Protection enters into force (The General Data Protection Regulation – “GDPR”). GDPR replaces previous legislation and contains of obligations which the Mariinsky Theatre Trust (“the Trust”) must fulfil.

Many of the Rules are the same as under previous legislation. GDPR is an EU Directive directly applicable in all member states without the need for local legislation and with effect from 25 th May 2018. However, the UK has decided that it wants the content of GDPR to apply after the UK leaves the EU.

GDPR already allows the Trust (“Controller” in GDPR-speak) to introduce operational rules and policies compliant with the new Directive. If you spot an error please let us know by email.

GDPR changes the relationship between the Trust and its members and those for which it holds data in relation to the information (data) which the Trust collects and then processes and stores.

Some data is necessarily provided to or accessed by a third party such as the accountant appointed by the Trust. Most of the law is mandatory but where there are options this notice will identify and explain the option the Trust is using. Many of the terms are rather technical but we need to use specific terms in order to say exactly what GDPR stipulates. The Trust’s first task is to be a lawful processor of your data.

LAWFUL PROCESSING – WHAT DO WE USE YOUR INFORMATION FOR?

The legal basis for processing your personal information is that it is necessary for the purposes of our legitimate interests in carrying out our work. We will not process any personal data about you that we do not need in order to carry out this purpose.

All information supplied and retained is used solely for publicising of Trust events or membership related communications.

Membership of the Trust involves a subscription in return for which members receive information about the Mariinsky Theatre and Trust activities related to the Mariinsky Theatre. The Trust also may send information to those that the Trust believes have legitimate interests in the work of the Trust.

The Trust asserts that it is a lawful processor by virtue of these relationships and does not need to obtain specific consent to process data. The Trust also considers it is exempted from any obligation to appoint a Data Protection Officer but it does accept the obligation to carry out processing in ways which are lawful, fair and transparent.

HOW DO WE COLLECT INFORMATION? TYPES OF DATA COLLECTED AND STORED

We collect data of our members, but we also retain data of patrons who have supported and/or attended our events in the past and those the Trust feels have a legitimate interest. We also gather data from donors and individuals who have contacted us for information about the work of the Trust and the Mariinsky Theatre in St Petersburg, Russia.

Information collected includes but is not restricted to:

– data of our members that we retain, being names and addresses and category of membership.

– the names and addresses of our supporters, including the event supported and the amount of the support. We retain the names and addresses of attendees of our events and which event they attended.

– The Trust retains the names of artists the Trust has supported along with the amount of the support and the reason for the support, along with the names of the artists that the Trust has presented in Trust projects and core activities.

The Trust is committed to recording accurate personal data which primarily consists of the information on the membership, event application form or those with a legitimate interest (name, address, telephone numbers, email addresses). The Trust may also record whether an individual or individuals have attended an event in the form of application forms for events. Any documents recording a date of birth to establish eligibility for a concessionary rate will be destroyed once the eligibility has been established.

The Trust does not collect sensitive personal data such as genetic, biometric or health data nor information on race, ethnicity, religion, political persuasion, or sexual orientation. Such sensitive data is known in GDPR as special category data. The Trust may use your data to enhance your experience of Trust events with reference to your any personal preferences, interests and geographical location.

Information security is a major national and international concern. The way the Trust has set up password access and protocols is believed to be at an appropriate level but the Trust does not claim it is hacker-proof. The Trust also uses the latest versions of anti-virus and firewall software. This aspect of processing is being reviewed at least annually as well as whenever there is a high-profile report of data breach. In the event of there being a data breach the Trust undertakes to inform you (as well as any relevant authority) not later than one month of the Trust becoming aware of the breach. The Trust does not believe that the data it holds give rise to any need to report a breach to the Information Commissioner’s Office within 72 hours but it is conscious of the possible need to do so. Paper records are also held securely.

TRANSFER AND SHARING YOUR DATA

Your personal information will not be shared or sold or any other organisation.

Our website sometimes contains links to other websites that are not owned or controlled by the Trust. The Trust is not responsible for the content or the privacy policies of these sites.

The Executive of the Trust (employees of the Trust) is the principal processor of your data. Book-keeping is done by an independent sub-contractor on whom required legal obligations have been imposed in relation to processing data. The Trust’s IT consultant also needs to access data from time to time but always under supervision. The Trust’s Trustees may also wish to look at data from time to time.

The Trust will not be able to release personal data about data records held to another party, not even a telephone number or email address.

When you attend functions or events organised by the Trust the venue will normally, for security and practical reasons, want a list of names.

The Trust does not knowingly transfer your data outside the EU and requires all its suppliers not to make such transfers. The ultimate location of computer servers or information stored on ‘cloud servers’ can make this apparently simple commitment difficult to enforce.

HOW LONG DO WE RETAIN DATA?

The Trust intends to hold your data throughout the period of your membership. In the case of resignation, for up to 6 years for archival purposes. Information held on paper is kept for six years.

HOW DO WE STORE AND PROTECT YOUR INFORMATION?

Your information is stored and processed electronically and in manual filing systems. We protect all personal data to the best of our abilities and we employ robust computer security measures and office premise security to ensure that your data remains safe.

YOUR CHOICES ABOUT YOUR INFORMATION – WHAT ARE YOUR RIGHTS?

The Trust will be what is known as the ‘Controller’ of the personal data you provide to us and hence responsible to you for the processing of that data. We can be contacted at mail@mariinskytrust.org.uk

If at any point you believe the information we process on you is incorrect or you object to our processing of that information, you can request to see this information and have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact us by email at mail@mariinskytrust.org.uk or by post at the Trust’s registered address (as given on the contact page of our website) to have the matter investigated.

If you are not satisfied with our response, or believe we are processing your personal data not in accordance with the law, you can complain to the Information Commissioner’s Office by email at https://ico.org.uk Complaints can also be made via the helpline +44 (0)303 123 1113 or in writing to the Customer Contact, ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

UPDATES
Whenever this policy is updated an updated version will posted on the Trust website and a notification sent to members. This policy will be reviewed annually.